Crate cream

Crate cream 

Source
Expand description

cream

An implementation of SCIM (System for Cross-domain Identity Management).

§SCIM Overview

SCIM is a standard for automating the exchange of user identity information between identity domains.

When an organization purchases a SaaS product, it needs a way to provision, de-provision, and generally manage user accounts within the new product. SCIM allows this management to occur via their existing identity provider, by allowing the identity provider to push user-management changes directly to the SaaS product.

SCIM takes the form of a REST API exposed by the service provider, which the identity provider (client) can use to manage users and groups within the SaaS product.

§Cream

Cream is a Rust implementation of SCIM, designed to be easy to use and flexible.

Users of cream define their supported resource types via standard SCIM schemas. Cream then generates Rust code for these types, and exposes an axum::Router which can be mounted directly into any axum or tower-http-based application.

SCIM is a complex and underspecified standard, and Cream aims to hide some of this complexity from the user:

  • Many parts of SCIM are case-insensitive, but some are case-sensitive. Cream uses your schema to normalize the casing on attributes, schema IDs and filters, so that your application can expect a consistent casing.

  • SCIM provides many ways to do the same thing. For example, you can search for resources of a particular type via a GET request with query parameters, via a POST request with a filter in the body, or by a POST to the SCIM base URL with a filter on the core “resourceType” attribute. Cream ensures you only have to implement a single search method.

  • SCIM filters are complicated to parse, and may be arbitrarily complicated. Cream handles the parsing and translates them into Rust-native types which can be directly pattern-matched. This allows you to abstract away subtle differences in the way different SCIM clients may filter for resources.

  • SCIM clients can request that some fields be excluded whilst other fields are included. Cream hides this complexity by giving you a single list of “optional” fields that are to be included along with the required fields which are always present.

Cream supports all aspects of the SCIM v2 standard, with the exception of these optional endpoints:

  • /Me

    This endpoint only makes sense when the SCIM client authenticates as a specific user, which is not part of the typical SCIM use-case.

  • /Bulk

    This endpoint is not yet implemented, but may be added in future.

Re-exports§

pub use filter::AttrPathRef;

Modules§

filter
Functionality relating to SCIM filters.

Macros§

declare_resource
Generate support code for a resource type.
declare_resource_type
Declare a resource type with a given name and id.
declare_schema
Declare a schema with a given name and id.
load_static_json
Load a JSON file from the include_str! macro.

Structs§

Attribute
A single attribute of a SCIM schema.
Cream
The main entry point for the cream library.
CreamBuilder
Builder for constructing a Cream instance.
DateTime
Wrapper around time::OffsetDateTime which serializes according to RFC3339.
Error
SCIM error response.
GetResourceArgs
Arguments for getting a resource by ID.
ListResourceArgs
Arguments for listing resources.
ListResourceResult
Result of listing resources.
Meta
Metadata about a resource.
Reference
A reference to a resource or external URL.
ResourceType
A resource type.
Schema
A SCIM schema
SchemaExtension
An extension schema for a resource type.
UpdateResourceArgs
Arguments for updating a resource.
UpdateResourceItem
An update to apply to a resource.

Enums§

ErrorType
SCIM error type.
Mutability
The mutability of an attribute.
Returned
When an attribute is returned.
SortOrder
Sort order for listing resources.
Type
The data type of an attribute.
Uniqueness
The uniqueness of an attribute.
UpdateOp
The type of update to apply to an attribute.

Constants§

META_CREATED
Common meta.created attribute path.
META_LAST_MODIFIED
Common meta.lastModified attribute path.
META_RESOURCE_TYPE
Common meta.resourceType attribute path.
META_VERSION
Common meta.version attribute path.

Traits§

GenericResourceManager
A trait for managing a generic resource. Implemented automatically by the define_resource macro.