Commit Graph

3 Commits

Author SHA1 Message Date
Mateusz Mandera f5a65846a8 scim: Override django-scim2 logic of exception handling in views.
As detailed in the comments, the default behavior is undesirable for us
because we can't really predict all possibilities of exceptions that may
be raised - and thus putting str(e) in the http response is potentially
insecure as it may leak some unexpected sensitive information that was
in the exception.

As a hypothetical example - KeyError resulting from some buggy
some_dict[secret_string] call would leak information. Though of course
we aim to never write code like that.
2021-10-17 21:33:03 -07:00
Mateusz Mandera 9b5a27813a scim: Test the /scim/v2/Users/.search endpoint.
This endpoint has some basic support in our and django-scim2
implementation and we should be testing it.

https://datatracker.ietf.org/doc/html/rfc7644#section-3.4.3
for details on what this endpoint is.
2021-10-17 21:33:03 -07:00
Mateusz Mandera 73a6f2a1a7 auth: Add support for using SCIM for account management. 2021-10-14 12:29:10 -07:00