Add support for model validation

[jaggaer-c-adepasca]

I'm trying scim-server-spring-boot example and everything is working fine. But i noticed that SCIMple library doesn't do any kind of validation on JSON request provided.
For example If i create user using below JSON request naming userName__ field instead of userName (by standard User standard Schema the correct name to be userName) i get 201 created instead of 400 bad request. The same result if i remove userName field although it is mandatory. Why? Is there something I'm not configuring well or that needs to be implemented by me?
Please let me know.

Thanks

{
    "schemas": [
        "urn:ietf:params:scim:schemas:core:2.0:User",
        "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
    ],
    "externalId": "extId",
    "userName__": "username_1",
    "name": {
        "familyName": "XXX",
        "givenName": "YYY"
    },
    "active": true,
    "emails": [
        {
            "value": "[email protected]"
        }
    ],
    "addresses": [
        {
            "country": "US"
        }
    ],
    "phoneNumbers": [
        {
            "value": "+390833186005",
            "type": "work"
        },
        {
            "value": "+32802213916",
            "type": "mobile",
            "primary": false
        }
    ],
    "timezone": "Europe/London",
    //"preferredLanguage": "ita",
    "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
        "organization": "Buyer_guru",
        "division": "Division",
        "department": ""
    }
}

[bdemers]

Sorry for the delay here,
These are good points, IIRC there were some earlier non-compliant SCIM servers (from a large player or two) that were not fully spec compliant, I could be miss remembering that though.

Either way, this is something that should be handled in SCIMple

[bdemers]

I've been kicking a few things around in the back of my head related to this for a while.
The big one was validation via Jakarta Validation.

There are a few annotations present on some of the resources, but it's minimal.
My thought was we should be able to process validations based on the @ScimAttribute annotation.

This is possible, but it's probably overkill... There were a few options:

1. Mix concerns/implementations, and turn @ScimAttribute into a valid Jakarta validation annotation.

   This added additional fields to the annotation, which I didn't think belonged there, it increased the complexity of that annotation, and I think it makes it more difficult for a user.

2. Define Validation in XML

   I created an Annotation processor that created a constraints XML file that configures the basic @NotNull and @Size(min=1) annotations.
   Usage wise, this is probably the cleanest, we could make it just work.

   The downside is, this would a bunch of code for probably little value. ~1000 loc (with my poorly tested prototype)
   All that to save us (and any custom extensions) from needing to add a couple of extra annotations

3. Add more Jakarta Validation Annotations

   We could add the few missing Jakarta Validation annotations, e.g. anywhere @ScimAttribute(required = true, ...)

The real question I should ask... Does anyone truly need support for Jakarta Validation?
If so how complex, does your support need to be?

• Basic field checking (not-null, empty, etc)
• Support to verify uniqueness (within a server)
• Something else?