Class: Sailpoint::Scim

Inherits:

Object

• Object
• Sailpoint::Scim

Defined in:

lib/sailpoint/scim.rb

Overview

Used for created SCIM API calls to the organizations IdentityIQ source

Constant Summary

EMPTY_RESPONSE =

'{}'

Class Method Summary

• .accounts ⇒ Hash

  Returns a massive list of all account entries in the IdeneityIQ sources.

• .applications ⇒ Hash

  Used to fetch a list of all Applications and their associated attributes.

• .get_user(identity) ⇒ Hash

  Used to fetch the specified users associated data.

• .resource_types ⇒ Hash

  Fetch all resource types associated with the IdentityIQ API.

• .schemas ⇒ Hash

  Fetch the schemas for all resources types assocaited with the API’s returning data.

• .service_providers ⇒ Hash

  Fetch a list of all ServiceProviders associated with the data being served by the API.

• .user_resource_types ⇒ Hash

  Returns a list of data attributes for the ResourceType -> Users.

• .users ⇒ Hash

  Returns a list of all users from the associated organizations.

Class Method Details

.accounts ⇒ Hash

Returns a massive list of all account entries in the IdeneityIQ sources

Returns:

• (Hash) —

  • A hashed list of all IdenityIQ accounts [Service and User accounts]

# File 'lib/sailpoint/scim.rb', line 14

def self.accounts
  set_scim_interface
  response = HTTParty.get([Sailpoint.config.url, 'v2/Accounts'].join('/'),
                          headers: Sailpoint.config.auth_header,
                          output: 'json', timeout: 10)
  JSON.parse(response&.body || EMPTY_RESPONSE)
end

.applications ⇒ Hash

Used to fetch a list of all Applications and their associated attributes

Returns:

• (Hash) —

  • A hash of all avaialble applications and their associated MetaData attributes

# File 'lib/sailpoint/scim.rb', line 24

def self.applications
  set_scim_interface
  response = HTTParty.get([Sailpoint.config.url, 'v2/Applications'].join('/'),
                          headers: Sailpoint.config.auth_header,
                          output: 'json', timeout: 10)
  JSON.parse(response&.body || EMPTY_RESPONSE)
end

.get_user(identity) ⇒ Hash

Used to fetch the specified users associated data

Returns:

• (Hash) —

  • The users hashed data attributes

Raises:

• (Sailpoint::Helpers::AuthenticationException)

# File 'lib/sailpoint/scim.rb', line 34

def self.get_user(identity)
  set_scim_interface
  response = HTTParty.get([Sailpoint.config.url, 'v2/Users', identity].join('/'),
                          headers: Sailpoint.config.auth_header,
                          output: 'json', timeout: 10)
  # NOTE: If invalid credentials are supplied or the user could not be found response bodies contain a status code.
  # => But if a a user if found, a status code isn't returned, but all of their data attributes are returned instead.
  raise Sailpoint::Helpers::AuthenticationException, 'Invalid credentials, please try again.' if response.body['status'] && response.body['status'] == '401'
  return [].freeze if response.body && response.body['status'] && response.body['status'] == '404'

  JSON.parse(response&.body || EMPTY_RESPONSE)
end

.resource_types ⇒ Hash

Fetch all resource types associated with the IdentityIQ API

Returns:

• (Hash) —

  • A hash of all resources types [Users, Applications, Accounts, Roles, etc.]

# File 'lib/sailpoint/scim.rb', line 49

def self.resource_types
  set_scim_interface
  response = HTTParty.get([Sailpoint.config.url, 'v2/ResourceTypes'].join('/'),
                          headers: Sailpoint.config.auth_header,
                          output: 'json', timeout: 10)
  JSON.parse(response&.body || EMPTY_RESPONSE)
end

.schemas ⇒ Hash

Fetch the schemas for all resources types assocaited with the API’s returning data

Returns:

• (Hash) —

  • A hash of all all ResourceType Schemas

# File 'lib/sailpoint/scim.rb', line 59

def self.schemas
  set_scim_interface
  response = HTTParty.get([Sailpoint.config.url, 'v2/Schemas'].join('/'),
                          headers: Sailpoint.config.auth_header,
                          output: 'json', timeout: 10)
  JSON.parse(response&.body || EMPTY_RESPONSE)
end

.service_providers ⇒ Hash

Fetch a list of all ServiceProviders associated with the data being served by the API

Returns:

• (Hash) —

  • A hashed list of SailPoint service providers associated with the IdentityIQ Instance

# File 'lib/sailpoint/scim.rb', line 69

def self.service_providers
  set_scim_interface
  response = HTTParty.get([Sailpoint.config.url, 'v2/ServiceProviderConfig'].join('/'),
                          headers: Sailpoint.config.auth_header,
                          output: 'json', timeout: 10)
  JSON.parse(response&.body || EMPTY_RESPONSE)
end

.user_resource_types ⇒ Hash

Returns a list of data attributes for the ResourceType -> Users

Returns:

• (Hash) —

  • A hash to describe the user schema attributes

# File 'lib/sailpoint/scim.rb', line 89

def self.user_resource_types
  set_scim_interface
  response = HTTParty.get([Sailpoint.config.url, 'v2/ResourceTypes/User'].join('/'),
                          headers: Sailpoint.config.auth_header,
                          output: 'json', timeout: 10)
  JSON.parse(response&.body || EMPTY_RESPONSE)
end

.users ⇒ Hash

Returns a list of all users from the associated organizations

Returns:

• (Hash) —

  • All users entries from the organizations sources

# File 'lib/sailpoint/scim.rb', line 79

def self.users
  set_scim_interface
  response = HTTParty.get([Sailpoint.config.url, 'v2/Users'].join('/'),
                          headers: Sailpoint.config.auth_header,
                          output: 'json', timeout: 10)
  JSON.parse(response&.body || EMPTY_RESPONSE)
end