Re: [scim] Attributes Request Parameter and Sub-Attributes
Shelley <randomshelley@gmail.com> Sat, 12 September 2020 01:33 UTC
Return-Path: <randomshelley@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8FDD3A0A02 for <scim@ietfa.amsl.com>; Fri, 11 Sep 2020 18:33:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1OFoazXnnM2i for <scim@ietfa.amsl.com>; Fri, 11 Sep 2020 18:33:40 -0700 (PDT)
Received: from mail-ua1-x930.google.com (mail-ua1-x930.google.com [IPv6:2607:f8b0:4864:20::930]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E3C03A09FD for <scim@ietf.org>; Fri, 11 Sep 2020 18:33:40 -0700 (PDT)
Received: by mail-ua1-x930.google.com with SMTP id z46so3666527uac.13 for <scim@ietf.org>; Fri, 11 Sep 2020 18:33:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=ZGDVzcpzVqm9eteQIfVyxzp9kk8E+6gzdOb9xSqkPp0=; b=S8L4IF2KMOz9YOMD+Q2wjJvYLRB3eUD07AP7ZvQolh0AviqzKj8GBQaRIVB83Wq5/E /CDrQI5tOAt9AidCzPZT+0rky2RllXKo4ZV3pYo80rdcppvm5QJp6x9wVFXsJD10zhem UlNiZy6dzOP0mIuetiEy8WMk5WEgceIFfduSirdY0d17PZzHFz514HuJ1TR2Ht6Wmeck efQcr0s7xiRMH/1iCART2Ub4oQSE3DC+huyzEeGeunAO/6ejm2rN+H9/XmE0CTtpKQeG 62ySI4wLr2aILybEExQJ5fD6X30NtuPG5kMunoskzBlFoo3mGrl4E9IaKV1TWNsFPE+y nnsQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=ZGDVzcpzVqm9eteQIfVyxzp9kk8E+6gzdOb9xSqkPp0=; b=ovAKV5AxUW5CQJTf4laurVatEA/qZdxPv+R2d/kjBDO/bokUI09NkzHVjmoCI3hROF 0c9uKeKBmytqpyWne2APqO7JcLWrlVb6BKQkwBJetVmr+jwKDT4N4Gl+EEAPWSXPhHCI utdFZaQZAgRqoOV+hLmyNzp4SeUlFeN1ObjBDk8INC76fQ8rKZX7f1EsxSScd2zsTLTL sbHxIOKtFGjcsKr0Cz7AnEGyaYnLOdBqfuQZGvxM3MwxrU0l6A3kSLTp0ixC9nismKmw KiWZeB/+4uEDjj934yfu12UWPeaaO9fuedWNBj/XJQ8o6TmpvdrWp2zQBXZ9WEpU9BBB WwkQ==
X-Gm-Message-State: AOAM5307CFRtYayI+N6Jvfu1a6zvQpy+hrIgHzPskCD1kF4eUtFf1suS AsHSP0+3nAz3paPzggL/3M6nuABIhTrkKLlFKzH9rXs+Q/NYHQ==
X-Google-Smtp-Source: ABdhPJzsvLPGKwtvVsvO6tQebloiuz0TahzdPCiNxpl2/jZen1u1FWDcF6pw+1NiwYTZ/IvWUgaijBkTBfoBxVl492U=
X-Received: by 2002:a9f:36ca:: with SMTP id p68mr2563151uap.96.1599874418977; Fri, 11 Sep 2020 18:33:38 -0700 (PDT)
MIME-Version: 1.0
References: <CAGUsYPxeyMYqMuZcfhvdE7Sdnf3F2iFPVYYtrXAW06ZT2JTt_A@mail.gmail.com>
In-Reply-To: <CAGUsYPxeyMYqMuZcfhvdE7Sdnf3F2iFPVYYtrXAW06ZT2JTt_A@mail.gmail.com>
From: Shelley <randomshelley@gmail.com>
Date: Fri, 11 Sep 2020 20:33:28 -0500
Message-ID: <CAGUsYPxXNYyv3hCqajbg0pGAr1v5W+Veu7+_yThVTPy-prYHpA@mail.gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary="0000000000006db02105af13cab3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/dF70gehGNnBDHW4afSIw60k1acs>
Subject: Re: [scim] Attributes Request Parameter and Sub-Attributes
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Sep 2020 01:33:42 -0000
To clarify, there was a mistake in my original post. The second example
which returned the empty "emails" attributes should have read as follows,
such that the requested "attributes" value was "emails" not "emails.value":
GET /Users/2819c223-7f76-453a-919d-413861904646?attributes=emails
{
"id": "2819c223-7f76-453a-919d-413861904646",
"emails": [{},{}]
}
Also, to clarify, I don't think this behavior is desirable; this is just
how I have interpreted the specification since it does not call out any
special behavior for sub-attributes in partial resource representation
requests.
On Fri, Sep 11, 2020 at 9:48 AM Shelley <randomshelley@gmail.com> wrote:
> I just wanted to get some clarification regarding the "attributes" request
> parameter when specifying sub-attributes.
>
> When a consumer requests a default-scoped sub-attribute using the
> "attributes" parameter but does *not* specify the corresponding
> default-scoped parent attribute, or vise-versa (such that they specify the
> attribute, but not the desired sub-attributes), I'm assuming the
> sub-attribute should *NOT* be returned?
>
> For instance, given the following attribute, sub-attributes, and
> "returned" characteristics (other characteristics omitted for brevity):
>
> {
> "name": "emails",
> "returned": "default"
> "type": "complex",
> "multiValued": true,
> "subAttributes": [
> {
> "name": "primary",
> "returned": "default",
> ...
> },
> {
> "name": "type",
> "returned": "default",
> ...
> },
> {
> "name": "value",
> "returned": "default",
> ...
> }
> ],
> ...
> }
>
> If a caller requests just the "emails.value" attribute, but does not
> specify "emails" in the attribute list, the "emails.value" will *not *be
> returned?
>
> GET /Users/2819c223-7f76-453a-919d-413861904646?attributes=emails.value
> {
> "id": "2819c223-7f76-453a-919d-413861904646"
> }
>
> Likewise, if a caller requests just the "emails" attribute, but does not
> specify any sub-attributes in the attributes list, the sub-attributes will
> not be returned?
>
> GET /Users/2819c223-7f76-453a-919d-413861904646?attributes=emails.value
> {
> "id": "2819c223-7f76-453a-919d-413861904646",
> "emails": [{},{}]
> }
>
> Instead, based on my interpretation of the RFC, it seems that the caller
> must specify *both* the "emails" attribute and the "emails.value"
> sub-attribute in order to return the sub-attributes?
>
> GET
> /Users/2819c223-7f76-453a-919d-413861904646?attributes=emails,emails.value
> {
> "id": "2819c223-7f76-453a-919d-413861904646",
> "emails": [
> {
> "value": "bjensen@example.com"
> },
> {
> "value": "babs@jensen.org"
> }
> ]
> }
>
> Please let me know if this understanding is correct, or if I'm overlooking
> some kind of special treatment defined in the spec that includes transitive
> retrieval for parent/sub-attributes. Thank you!
>