Re: [scim] User resource's lastModified attribute behavior on Group resource update

Phillip Hunt <phil.hunt@independentid.com> Sun, 06 December 2020 15:56 UTC

Return-Path: <phil.hunt@independentid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D2AD3A0EB5 for <scim@ietfa.amsl.com>; Sun, 6 Dec 2020 07:56:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=independentid-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PoUdK4hTdKaA for <scim@ietfa.amsl.com>; Sun, 6 Dec 2020 07:56:24 -0800 (PST)
Received: from mail-pg1-x530.google.com (mail-pg1-x530.google.com [IPv6:2607:f8b0:4864:20::530]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B1263A0EB2 for <scim@ietf.org>; Sun, 6 Dec 2020 07:56:24 -0800 (PST)
Received: by mail-pg1-x530.google.com with SMTP id e23so6733789pgk.12 for <scim@ietf.org>; Sun, 06 Dec 2020 07:56:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=independentid-com.20150623.gappssmtp.com; s=20150623; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=BYUdM+07SEowI6b54gPtkNdw22Zr09Q+fSTI01gISeY=; b=0mjBFFW3nVnLxyQug5ZU7XyzVkBe5lTppzf4vJf0XRh4QNVzsIAC4kp6kv+KO+t0XA lZDaU88aYrk6YrWlt++iAJE/venpTTMk5SDiuvaaPBpK4L9xIbE6HMrqhuktZ8tL/+XR uwzNivKuhporuni+DiIclpQpn1BW9gt6ct/7NCvvELEuAW/nTwKOoOOk5ZZlU9M6w59Z aKXW6U2zr99LZ5sLvjbLvJJFiOcjRpaOFy25fKIWMMsTVT/7DH8VJXCGh2sIn4FlDHNC YZk3L0fNSGjCXzJ5P6y8ZhAWeZIl13mieZ40Kb9YWq4th1YUg+QiEjIu5xjaF38xOdyP m/mA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=BYUdM+07SEowI6b54gPtkNdw22Zr09Q+fSTI01gISeY=; b=XQOzgoBs2zb7/x8KLHtGGS/h/Pb/vDgbuJO7qWFogLCsCu24+w/tpwXOknzAriyWbn I4rPqf1Yv0Bpo8o6ZsVQexlXMqVhQhC0zlkXC0wFSwLsQcplhDK8/SyxWTmfDmFGPfUt 6CDtkyytg2yFTtc+e3qAidHWW5LcEznj2+4qONq6VeV+9usldHbWo4TepXq7PvDrA7lB sh0yfChxhSi2R5mSAcCZ6B4qte1oazRPiPZzZhPGsr6zKiEWyd5km54MF1jYF5jzHQJh hH/WYRdH8iuJjOcW9XbeqZlsaOwiG86Aweh56pqZsmCWr1IpK6TVgrztPnCuc3vOzzrh ccPQ==
X-Gm-Message-State: AOAM532YqLP71J0S5ZgaAajtBneAzEPDFfUYqZvjU4QcJtiE73wsBChD UORMPrYwyP0680jh9ofZqlpqxbK7ra2DWQ==
X-Google-Smtp-Source: ABdhPJyDNBZOj9UyIcUi4KSZAfz0NB7AKvBt8pT1RUygUSH/RXxcC+BuBRfHD7s7RTOEw9ZvUSd4OA==
X-Received: by 2002:a62:8247:0:b029:19d:b276:96fb with SMTP id w68-20020a6282470000b029019db27696fbmr12532951pfd.8.1607270183579; Sun, 06 Dec 2020 07:56:23 -0800 (PST)
Received: from ?IPv6:2001:569:7a71:1d00:9c9c:d249:3434:4e98? (node-1w7jr9qrfoxx9wmlbm43vtoyg.ipv6.telus.net. [2001:569:7a71:1d00:9c9c:d249:3434:4e98]) by smtp.gmail.com with ESMTPSA id h7sm11472827pfr.210.2020.12.06.07.56.22 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 06 Dec 2020 07:56:23 -0800 (PST)
Content-Type: multipart/alternative; boundary=Apple-Mail-8CC9F23E-2314-4543-B324-D51A04E37C45
Content-Transfer-Encoding: 7bit
From: Phillip Hunt <phil.hunt@independentid.com>
Mime-Version: 1.0 (1.0)
Date: Sun, 6 Dec 2020 07:56:22 -0800
Message-Id: <D2768428-20B9-4572-9F8C-0D53550D60A2@independentid.com>
References: <CA+OkT=9R1JW1EV8z9iP-2J1-+7Lv9YaKW070m2x3ZTqXaNNskg@mail.gmail.com>
Cc: scim@ietf.org
In-Reply-To: <CA+OkT=9R1JW1EV8z9iP-2J1-+7Lv9YaKW070m2x3ZTqXaNNskg@mail.gmail.com>
To: Anuradha Karunarathna <anuradha199528@gmail.com>
X-Mailer: iPhone Mail (18B92)
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/Yqlf5aqvCNQy-3jKITR48fbRnfQ>
Subject: Re: [scim] User resource's lastModified attribute behavior on Group resource update
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Dec 2020 15:56:29 -0000

I believe the spec is silent on this matter. 

The issue is that indirect or dynamic (eg groups attribute) memberships are by their nature subject to change until calculated at query time. 

Thus I would not necessarily count on implementations updating lastModified for dynamic/calculated values. 

Phil

> On Dec 5, 2020, at 11:59 PM, Anuradha Karunarathna <anuradha199528@gmail.com> wrote:
> 
> 
> Hi all,
> 
> According to the lastModified attribute definition in RFC 7643 section 3.1 [1], a particular resource's lastModified attribute should be updated if the resource is updated. According to the definition, it is obvious to have an update on a user's lastModified attribute based on PATCH operation on /Users/{user-id} or PUT operation on  /Users/{user-id}.
> Also, I feel that the lastModified attribute of user resource should be updated even the user updates indirectly.
> 
> eg: Adding a member to a group should cause to update the relevant group and user resources' lastModified attribute.
> 
> PATCH /Groups/acbf3ae7-8463-...-9b4da3f908ce
>    Host: example.com
>    Accept: application/scim+json
>    Content-Type: application/scim+json
>    Authorization: Bearer h480djs93hd8
>    If-Match: W/"a330bc54f0671c9"
> 
>    { "schemas":
>       ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
>      "Operations":[
>        {
>         "op":"add",
>         "path":"members",
>         "value":[
>          {
>            "display": "Babs Jensen",
>            "$ref":
>    "https://example.com/v2/Users/2819c223...413861904646",
>            "value": "2819c223-7f76-453a-919d-413861904646"
>          }
>         ]
>        }
>      ]
>    }
> 
> If we take the above request as a succeded PATCH request, lastModified attribute of 
> the group identified by id acbf3ae7-8463-...-9b4da3f908ce and,
> the user Babs Jensen (SCIM id- 2819c223-7f76-453a-919d-413861904646)
> should be updated.
> 
> I want to clarify whether my understanding is correct?
> 
> [1] https://tools.ietf.org/html/rfc7643#section-3.1
> 
> Thanks,
> Anuradha 
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim