We're not at a commercial point in our programme of work yet, it's still very much a proof of concept, and checking the suitability of the platform (for our needs). The support options which you've pointed me to are out of reach for us.
We're a small (and talented bunch) of programmers, but not in python, so this is a little beyond our reach without an initial working example.
I've spent most of my day today learning Python syntax and trying to get a working SCIM interception script to push values through into LDAP using the oxTrust LDAP PersonService: org.gluu.oxtrust.ldap.service import IPersonService, PersonService
the top of my SCIM intercept script looks like this:
```
from org.xdi.model.custom.script.type.scim import ScimType
from org.xdi.util import StringHelper, ArrayHelper
from java.util import Arrays, ArrayList
from org.gluu.oxtrust.ldap.service import IPersonService, PersonService
from org.gluu.oxtrust.model import GluuCustomPerson
from org.gluu.oxtrust.model import GluuCustomAttribute
```
The updateUser section looks like this:
```
def updateUser(self, user, configurationAttributes):
personService = PersonService.instance()
oldUser = personService.getPersonByUid(user.getUid())
listToNullify = []
print "ScimEventHandler (updateUser): interceptor code looking for 'nullValue's to replace"
print user.getCustomAttributes()
print "Mandatory Attributes:"
for thisAttribute in personService.getMandatoryAtributes():
print thisAttribute.toString()
print "Looking for items which need to be nullified..."
for thisAttribute in user.getCustomAttributes():
if thisAttribute.getDisplayValue() == "nullValue":
print thisAttribute.toString()
print "SCIM - 'nullValue' string detected within attribute: " + thisAttribute.getName() + " for user: " + user.getDisplayName()
print "SCIM - adding it to the list to make truely null "
listToNullify.append(thisAttribute.getName())
for itemToNullify in listToNullify:
print "Setting to null: [" + itemToNullify + "]"
#user.setAttribute(itemToNullify,None)
user.removeAttribute(itemToNullify)
if user.getAttribute(itemToNullify) == None:
print "Done - apparently"
else:
print "Not done - apparently: " + user.getAttribute(itemToNullify)
print "SCIM - Checking through user attributes again..."
for thisAttribute in user.getCustomAttributes():
if thisAttribute.getDisplayValue() == "nullValue":
print "SCIM - !!!! 'nullValue' string still detected within attribute: " + thisAttribute.getName() + " for user: " + user.getDisplayName()
return True
```
This works to a point, I get a status 200 response, with a modified User JSON object returned, with those elements set to null. - It would appear from SCIM that it had all worked, however these changes are not committed through into LDAP.
When I do a fresh Get on the User through SCIM, it continues to show the previous field values.
I had even tried the commented version which setAttribute to python's None. - This too appeared to modify the user object within the Python script - as shown by the log outputs. - I've attached the segment of the oxTrust_script log which relates to the captured debug output from my script.
```
2017-09-14 06:09:16,106 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - ScimEventHandler (updateUser): interceptor code looking for 'nullValue's to replace
... Whole Attribute Collection Dump removed ...
2017-09-14 06:09:16,107 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Mandatory Attributes:
2017-09-14 06:09:16,107 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Attribute [name=uid, values=[], metadata=null]
2017-09-14 06:09:16,108 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Attribute [name=givenName, values=[], metadata=null]
2017-09-14 06:09:16,108 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Attribute [name=displayName, values=[], metadata=null]
2017-09-14 06:09:16,108 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Attribute [name=sn, values=[], metadata=null]
2017-09-14 06:09:16,108 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Attribute [name=mail, values=[], metadata=null]
2017-09-14 06:09:16,109 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Attribute [name=userPassword, values=[], metadata=null]
2017-09-14 06:09:16,109 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Attribute [name=gluuStatus, values=[], metadata=null]
2017-09-14 06:09:16,109 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Looking for items which need to be nullified...
2017-09-14 06:09:16,110 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Attribute [name=oxTrustUserType, values=[nullValue], metadata=null]
2017-09-14 06:09:16,110 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - SCIM - 'nullValue' string detected within attribute: oxTrustUserType for user: Chris Wiltshire
2017-09-14 06:09:16,110 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - SCIM - adding it to the list to make truely null
2017-09-14 06:09:16,111 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Attribute [name=oxExternalUid, values=[nullValue], metadata=null]
2017-09-14 06:09:16,111 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - SCIM - 'nullValue' string detected within attribute: oxExternalUid for user: Chris Wiltshire
2017-09-14 06:09:16,112 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - SCIM - adding it to the list to make truely null
2017-09-14 06:09:16,112 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Setting to null: [oxTrustUserType]
2017-09-14 06:09:16,112 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Done - apparently
2017-09-14 06:09:16,113 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Setting to null: [oxExternalUid]
2017-09-14 06:09:16,113 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - Done - apparently
2017-09-14 06:09:16,113 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - SCIM - Checking through user attributes again...
2017-09-14 06:09:16,114 INFO [qtp274064559-19] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:219) - SCIM - Specifically checking those which were supposed to be nullified...
```
In your post, three above this one, it appeared that you had offered to help a little more and provide some form of sample script? Is it still possible to request this assistance from you under the CE model? - I'm also happy to post our final working script example into this thread for the community once done. Your very initial response to me appeared to be aligned with community participation and sharing of insights, I'm still happy to do that. :)
Thank you in advance for any further assistance you can lend.