mmalone/scim-adduser.sh Secret

## scim-adduser.sh
#!/bin/sh

set -e
set -x

RAND=$(dd if=/dev/urandom count=1 bs=4 2>/dev/null | xxd -p)
UUID=$(uuidgen | tr '[:upper:]' '[:lower:]' | tr -d '\n')

USERNAME="mmalone"
EMAIL="mike@smallsteplabs.onmicrosoft.com"
GIVENNAME="Mike"
FAMILYNAME="Malone"

DIRECTORY="64742c96-2bd5-4115-b1a2-d3ae53422684"
TOKEN="<scim-token>"

curl -s -v -L -H "Authorization: Bearer $TOKEN" -H 'Content-Type: application/scim+json; application/scim+json; charset=utf-8' -X POST -d '{
    "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
    "externalId": "'$UUID'",
    "userName": "'$USERNAME'",
    "displayName": "'$GIVENNAME' '$FAMILYNAME'",
    "name": {
        "givenName": "'$GIVENNAME'",
        "familyName": "'$FAMILYNAME'"
    },
    "emails": [{
        "primary": true,
        "value": "'$EMAIL'",
        "type": "work",
        "display": "'$EMAIL'"
    }],
    "active": true,
    "groups": [],
    "meta": {
        "resourceType": "User"
    }
}' "https://scim.api.smallstep.com/$DIRECTORY/v2/Users" | tee response.json | jq

read

ID=$(jq -r .id response.json)

#curl -s -H "Authorization: Bearer $TOKEN" -H 'Content-Type: application/scim+json; application/scim+json; charset=utf-8' -X DELETE \
#"https://localhost:8443/$DIRECTORY/v2/Users/$ID" | tee response.json | jq

## scim-delete-user.sh
#!/bin/sh

# Need to delete by ID. Use `./scim-lookup-user.sh` to find ID from email address address.

DIRECTORY="64742c96-2bd5-4115-b1a2-d3ae53422684"
TOKEN="<scim-token>"
ID="$1"

curl -s -H "Authorization: Bearer $TOKEN" -H 'Content-Type: application/scim+json; application/scim+json; charset=utf-8' -X DELETE \
         "https://scim.api.smallstep.com/$DIRECTORY/v2/Users/$ID" | tee response.json | jq

## scim-lookup-user.sh
#!/bin/sh

DIRECTORY="64742c96-2bd5-4115-b1a2-d3ae53422684"
TOKEN="<scim-token>"
EMAIL="$1"

curl -s -H "Authorization: Bearer $TOKEN" -H 'Content-Type: application/scim+json; application/scim+json; charset=utf-8' \
    "https://scim.api.smallstep.com/$DIRECTORY/v2/Users" | jq -r '.Resources | map(select(.emails[0].value == "'$EMAIL'")) | .[0].id'
	#!/bin/sh

	set -e
	set -x

	RAND=$(dd if=/dev/urandom count=1 bs=4 2>/dev/null \| xxd -p)
	UUID=$(uuidgen \| tr '[:upper:]' '[:lower:]' \| tr -d '\n')

	USERNAME="mmalone"
	EMAIL="mike@smallsteplabs.onmicrosoft.com"
	GIVENNAME="Mike"
	FAMILYNAME="Malone"

	DIRECTORY="64742c96-2bd5-4115-b1a2-d3ae53422684"
	TOKEN="<scim-token>"

	curl -s -v -L -H "Authorization: Bearer $TOKEN" -H 'Content-Type: application/scim+json; application/scim+json; charset=utf-8' -X POST -d '{
	"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
	"externalId": "'$UUID'",
	"userName": "'$USERNAME'",
	"displayName": "'$GIVENNAME' '$FAMILYNAME'",
	"name": {
	"givenName": "'$GIVENNAME'",
	"familyName": "'$FAMILYNAME'"
	},
	"emails": [{
	"primary": true,
	"value": "'$EMAIL'",
	"type": "work",
	"display": "'$EMAIL'"
	}],
	"active": true,
	"groups": [],
	"meta": {
	"resourceType": "User"
	}
	}' "https://scim.api.smallstep.com/$DIRECTORY/v2/Users" \| tee response.json \| jq

	read

	ID=$(jq -r .id response.json)

	#curl -s -H "Authorization: Bearer $TOKEN" -H 'Content-Type: application/scim+json; application/scim+json; charset=utf-8' -X DELETE \
	#"https://localhost:8443/$DIRECTORY/v2/Users/$ID" \| tee response.json \| jq