Comments (4)
Well, current handlers won't work, but the change should be minimum, just change the return value to error
.
from scim.
How would the server handle these custom error
s? Should they be logged? Should they be returned to the client? Which status code should they produce (given that the custom error does not implement the StatusCoder
interface)? I like the strictness of the current implementation, as it forces the user to return errors as specified by the SCIM RFC.
from scim.
A ScimError
would be returned to the client in the same way scimError
is, with the status code selected by the user. The errors already available, will still be available, and will be transformed into ScimErrors, as they currently are. And a user will be also to return 'constant errors', for example, the private one scimErrorUniqueness
, ... The logging of errors would be managed by a middleware on top of the server, and the scim package should not worry about it.
On custom errors, for example, if the handler returns something like fmt.Errorf("my error")
, I'll probably be transformed to ScimError{Detail: "my error", Status: 500}
, If you return an error that implements StatusCoder then ScimError{Detail: err.Error(), Status: err.StatusCode()}
The requirement of extra errors is because there are many kinds of errors that can't be managed with the current ones available, especially when there are different systems involved. For example, typical HTTP authorizations errors, conflicts, bad requests on extra validations on custom extensions, validations that cannot be performed just in the schema, especially when you're trying to support different tenants, different IdPs each one of them with its own SCIM implementation with its own problems. The section https://tools.ietf.org/html/rfc7644#section-3.12 shows many cases that are currently not possible to return an appropriate error. It's also important to show in the details what was wrong for debugging purposes.
To point to a specific example, the errors possible in the GetAll method are currently only 501 or 500, for example, if a filter is used and the user does not exist, it's not possible to return a 404, and there are probably more examples like that.
I really believe it will improve the usability of the package.
from scim.
I understand that there are still some errors missing from the errors
package, and I have no problem at all with defining more constants for each of the status codes specified by the RFC. I also like the idea of mapping error
s that do not correspond with an existing constant to a 500
with the error
s message. However, I do not like the idea of the StatusCoder
interface because it might cause the server to break the RFC compliance by returning an unlisted status code.
In general, I would like to maintain the guarantee that the server will not return a non-compliant error code. Maybe we could add a NewInternalServerGetError(detail string)
function for each HTTP method to allow a custom detail message?
from scim.
Related Issues (20)
- `null` is returned by List calls returning no items when an empty array is required HOT 5
- Request Body is empty when POST method
- Double URL unescaping on SCIM filters
- Missing docs on filtering HOT 2
- resourcePutHandler doesn't set any status code on response header HOT 3
- PATCH operation "remove" does not parse value HOT 1
- Potential wrong invalidation of filters with sub-attributes after value paths
- Feature to parse schema json into a schema.Schema object?
- The "itemsPerPage" number might be incorrect for partial paginated results HOT 1
- It's not possible to place a placeholder in SCIM endpoints. can we somehow provision the same? HOT 1
- how to filter for patch HOT 6
- Filter functionality not available for use behind internal package HOT 1
- Azure's noncompliance of standard HOT 3
- No attributes given to PUT/Replace function HOT 4
- Allow setting status code HOT 1
- Proposal: add custom logger support HOT 2
- Question: is implementing a patch application function reasonable? HOT 2
- Proposal: make the meta.Location field modifiable HOT 5
- Schema ID is not validated on resource creation HOT 2
- Question: ETag support
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from scim.