Skip to content

scim2/test-suite

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
cmd/website
cmd/website
 
 
compliance
compliance
 
 
fuzz
fuzz
 
 
scim
scim
 
 
spec
spec
 
 
testserver
testserver
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
website.png
website.png
 
 

Repository files navigation

SCIM 2.0 Compliance Test Suite

Status: Initial Draft - One pass through the SCIM RFCs has been completed. Coverage is limited and many requirements are still untested. Expect significant changes as additional iterations are done.

Compliance report

Black-box compliance tests for SCIM 2.0 servers based on RFC 7642 (Definitions, Overview, Concepts, and Requirements), RFC 7643 (Core Schema), and RFC 7644 (Protocol).

Each testable requirement is extracted from the RFC text with its RFC 2119 keyword (MUST, SHOULD, MAY, etc.) and mapped to one or more Go test functions. After a run a compliance report is generated showing pass/fail/warn per requirement and overall coverage.

Project layout

Package Purpose
spec/ Parsed RFC requirements with IDs, compliance levels, and source locations
compliance/ Go test files that exercise a SCIM server against the requirements
scim/ Minimal SCIM HTTP client used by the tests
testserver/ In-memory SCIM server for running the suite without an external target
cmd/website/ Generates the interactive HTML compliance report

Running the tests

Against the built-in test server

nix develop --command go test ./compliance/ -v -count=1

Against an external SCIM server

nix develop --command go test ./compliance/ -v -count=1 \
  -scim.url=https://scim.example.com \
  -scim.token=YOUR_BEARER_TOKEN

Basic auth is also supported:

nix develop --command go test ./compliance/ -v -count=1 \
  -scim.url=https://scim.example.com \
  -scim.user=admin -scim.pass=secret

Flags

Flag Default Description
-scim.url (empty, uses built-in server) SCIM base URL to test against
-scim.token Bearer token for authentication
-scim.user Basic auth username
-scim.pass Basic auth password
-scim.force Comma-separated features to force-enable (e.g. filter,patch)
-scim.report compliance-report.txt Path for the compliance report

Features

The suite discovers supported features via /ServiceProviderConfig and /ResourceTypes. Tests for optional features (filter, patch, bulk, sort, etag, changePassword) are run in soft mode when the feature is not advertised: failures are recorded as warnings rather than errors. Use -scim.force to treat a feature as required.

Compliance report

After each run a plain-text report is written (default: compliance-report.txt) and a JSON report is generated alongside it. The JSON report can be used to produce an interactive HTML report that displays RFC spec text side-by-side with requirement outcomes.

Reports contain:

  • Summary counts per RFC 2119 level (MUST, SHOULD, MAY, etc.)
  • List of failures, warnings, passed, and untested requirements
  • Coverage percentage of testable requirements

License

Apache License 2.0

About

General Purpose SCIM 2.0 Compliance Test Suite

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Contributors

Languages