Skip to content

Commit 900e2cd

Browse files
EmyrkEmyrk
authored
chore: implement better 404 for unimplemented scim endpoints (coder#15232)
Prior to this, html was returned.
1 parent 487b37b commit 900e2cd

File tree

3 files changed

+10
-14
lines changed

3 files changed

+10
-14
lines changed

enterprise/coderd/coderd.go

+8-1
Original file line numberDiff line numberDiff line change
@@ -455,7 +455,7 @@ func New(ctx context.Context, options *Options) (_ *API, err error) {
455455
if len(options.SCIMAPIKey) != 0 {
456456
api.AGPL.RootHandler.Route("/scim/v2", func(r chi.Router) {
457457
r.Use(
458-
api.scimEnabledMW,
458+
api.RequireFeatureMW(codersdk.FeatureSCIM),
459459
)
460460
r.Post("/Users", api.scimPostUser)
461461
r.Route("/Users", func(r chi.Router) {
@@ -464,6 +464,13 @@ func New(ctx context.Context, options *Options) (_ *API, err error) {
464464
r.Get("/{id}", api.scimGetUser)
465465
r.Patch("/{id}", api.scimPatchUser)
466466
})
467+
r.NotFound(func(w http.ResponseWriter, r *http.Request) {
468+
u := r.URL.String()
469+
httpapi.Write(r.Context(), w, http.StatusNotFound, codersdk.Response{
470+
Message: fmt.Sprintf("SCIM endpoint %s not found", u),
471+
Detail: "This endpoint is not implemented. If it is correct and required, please contact support.",
472+
})
473+
})
467474
})
468475
} else {
469476
// Show a helpful 404 error. Because this is not under the /api/v2 routes,

enterprise/coderd/scim.go

-11
Original file line numberDiff line numberDiff line change
@@ -23,17 +23,6 @@ import (
2323
"github.com/coder/coder/v2/codersdk"
2424
)
2525

26-
func (api *API) scimEnabledMW(next http.Handler) http.Handler {
27-
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
28-
if !api.Entitlements.Enabled(codersdk.FeatureSCIM) {
29-
httpapi.RouteNotFound(rw)
30-
return
31-
}
32-
33-
next.ServeHTTP(rw, r)
34-
})
35-
}
36-
3726
func (api *API) scimVerifyAuthHeader(r *http.Request) bool {
3827
bearer := []byte("Bearer ")
3928
hdr := []byte(r.Header.Get("Authorization"))

enterprise/coderd/scim_test.go

+2-2
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ func TestScim(t *testing.T) {
8888
res, err := client.Request(ctx, "POST", "/scim/v2/Users", struct{}{})
8989
require.NoError(t, err)
9090
defer res.Body.Close()
91-
assert.Equal(t, http.StatusNotFound, res.StatusCode)
91+
assert.Equal(t, http.StatusForbidden, res.StatusCode)
9292
})
9393

9494
t.Run("noAuth", func(t *testing.T) {
@@ -424,7 +424,7 @@ func TestScim(t *testing.T) {
424424
require.NoError(t, err)
425425
_, _ = io.Copy(io.Discard, res.Body)
426426
_ = res.Body.Close()
427-
assert.Equal(t, http.StatusNotFound, res.StatusCode)
427+
assert.Equal(t, http.StatusForbidden, res.StatusCode)
428428
})
429429

430430
t.Run("noAuth", func(t *testing.T) {

0 commit comments

Comments
 (0)