Zabbix

<?php

/*

** Copyright (C) 2001-2025 Zabbix SIA

**

** This program is free software: you can redistribute it and/or modify it under the terms of

** the GNU Affero General Public License as published by the Free Software Foundation, version 3.

**

** This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;

** without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

** See the GNU Affero General Public License for more details.

**

** You should have received a copy of the GNU Affero General Public License along with this program.

** If not, see <https://www.gnu.org/licenses/>.

**/

​

​

require_once dirname(__FILE__) . '/common/CAPIScimTest.php';

​

/**

 * @onBefore prepareUserData

 *

 * @onAfter clearData

 */

class testScimServiceProviderConfig extends CAPIScimTest {

​

    private static $data = [

        'userdirectoryid' => [

            'saml' => null

        ],

        'tokenids' => [

            'superadmin' => null

        ],

        'tokens' => [

            'superadmin' => null

        ],

        'mediatypeid' => '3'

    ];

​

    public function prepareUserData(): void {

        // Create userdirectory for SAML.

        $userdirectory_saml = CDataHelper::call('userdirectory.create', [

            'idp_type' => IDP_TYPE_SAML,

            'group_name' => 'groups',

            'idp_entityid' => 'http://www.okta.com/abcdef',

            'sso_url' => 'https://www.okta.com/ghijkl',

            'username_attribute' => 'usrEmail',

            'user_username' => 'user_name',

            'user_lastname' => 'user_lastname',

            'provision_status' => JIT_PROVISIONING_ENABLED,

            'sp_entityid' => '',

            'provision_media' => [

                [

                    'name' => 'SMS',

                    'mediatypeid' => self::$data['mediatypeid'],

                    'attribute' => 'user_mobile'

                ]

            ],

            'provision_groups' => [

                [

                    'name' => 'group_w_members',

                    'roleid' => 1,

                    'user_groups' => [

                        ['usrgrpid' => 7]

                    ]

                ]

            ],

            'scim_status' => 1

        ]);

        $this->assertArrayHasKey('userdirectoryids', $userdirectory_saml);

        self::$data['userdirectoryid']['saml'] = $userdirectory_saml['userdirectoryids'][0];

​

        CDataHelper::call('authentication.update', [

            'saml_auth_enabled' => ZBX_AUTH_SAML_ENABLED,

            'disabled_usrgrpid' => '9'

        ]);

​

        // Create authorization token to execute requests.

        $tokenid = CDataHelper::call('token.create', [

            [

                'name' => 'Token for Users SCIM requests',

                'userid' => '1'

            ]

        ]);

        $this->assertArrayHasKey('tokenids', $tokenid);

        self::$data['tokenids']['superadmin'] = $tokenid['tokenids'][0];

​

        $token = CDataHelper::call('token.generate', [self::$data['tokenids']['superadmin']]);

​

        $this->assertArrayHasKey('token', $token[0]);

​

        self::$data['tokens']['superadmin'] = $token[0]['token'];