Project description

scim2-server

This is an example WSGI-SCIM server using scim2-models. It utilizes werkzeug and scim2-filter-parser and keeps all resources in-memory, they are lost once the process exits.

Features

Discovery endpoints (/v2/ServiceProviderConfig, /v2/ResourceTypes, /v2/Schemas)
Create/Read/Update/Delete resources (POST, GET, PUT, DELETE)
Searching & Filtering
Support for ETags
Unique Constraints
HTTP PATCH (Add/Remove/Replace)
Sorting

The only optional feature currently missing is support for Bulk operations (RFC 7644, Section 3.7).

Usage

$ scim2-server [-h] [--schema SCHEMA] [--resource-type RESOURCE_TYPE] [--bearer-token BEARER_TOKEN] [--hostname HOSTNAME] [--port PORT] [--reverse-proxy] [--dump-resources DUMP_RESOURCES]

-h/--help: Show help message
--reverse-proxy: Allow using the provider behind a Reverse Proxy (required for URL rewriting).
--schema: Register schemas from specified JSON file. If not provided, loads the default schemas from RFC 7643.
--resource-type: Register resource types from specified JSON file. If not provided, loads the default resource types from RFC 7643.
--bearer-token: Registers a bearer token that can be used for accessing the service. If no tokens are provided, anonymous access without authentication is allowed.
--hostname: The hostname to listen on. Defaults to 127.0.0.1.
--port: The port to listen on. Defaults to 8080.
--dump-resources: Dump a JSON document containing all resources when the provider exits normally.

Notes

This provider can be used as a starting point if you want to implement a SCIM provider. You should probably change the following things, if you want to use it in production:

Use a proper production WSGI server instead of the one provided by Werkzeug
Implement your own Backend as a subclass of scim2_server.backend.Backend
Implement proper authorization with OAuth instead of public access or static bearer tokens
Support the /Me endpoint, if it applies in your use case
Add support for using either a static URL prefix or improve the support for usage behind a reverse proxy

The provider in its current state has been tested successfully against a live Microsoft Entra system as well as a live Okta system.

Project details

These details have been verified by PyPI

Maintainers

azmeuk ccoors emillumine LoanR sblondon

These details have not been verified by PyPI

Release history Release notifications | RSS feed

0.1.2

Nov 7, 2024

0.1.1

Sep 22, 2024

This version

0.1.0

Aug 30, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

scim2_server-0.1.0.tar.gz (27.3 kB view details)

Uploaded Aug 30, 2024 Source

Built Distribution

scim2_server-0.1.0-py3-none-any.whl (29.0 kB view details)

Uploaded Aug 30, 2024 Python 3

File details

Details for the file scim2_server-0.1.0.tar.gz.

File metadata

Download URL: scim2_server-0.1.0.tar.gz
Upload date: Aug 30, 2024
Size: 27.3 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: poetry/1.8.3 CPython/3.12.5 Linux/6.10.6-arch1-1

File hashes

Hashes for scim2_server-0.1.0.tar.gz
Algorithm	Hash digest
SHA256	`979a47fe55ad74ad596852159186f7dd4ec57297d2e9dac3bf5058217447193b`
MD5	`83d015a56aaae698303d660538e6c45b`
BLAKE2b-256	`135222e23010222009dd028b7b2f08e484d72058c3b770d3f8043baad49709c3`

See more details on using hashes here.

Provenance

File details

Details for the file scim2_server-0.1.0-py3-none-any.whl.

File metadata

Download URL: scim2_server-0.1.0-py3-none-any.whl
Upload date: Aug 30, 2024
Size: 29.0 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: poetry/1.8.3 CPython/3.12.5 Linux/6.10.6-arch1-1

File hashes

Hashes for scim2_server-0.1.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`e256b584773a0bb0f29b9dd5224bedbd680e4fd9e11349f7225c3bcc938a78a1`
MD5	`facf900267bb6a6daa2dee80596a5d58`
BLAKE2b-256	`ff5c8d32704b62bdff47700f4b02a511a42b08be641fe4e60bf60bdc28adb9dd`