Added possibility of setting AuthenticationScheme in SCIMClient

canea-asb · canea-asb · commit 218d70f48017 · 2025-07-01T12:38:18.000+02:00
diff --git a/src/Scim/SimpleIdServer.Scim.Client/SCIMClient.cs b/src/Scim/SimpleIdServer.Scim.Client/SCIMClient.cs
@@ -16,11 +16,15 @@ namespace SimpleIdServer.Scim.Client
 {
     public class SCIMClient : IDisposable
     {
+        private const string DefaultAuthenticationScheme = "Bearer";
+        
         private readonly HttpClientHandler _handler = null;
         private readonly string _baseUrl;
         private HttpClient _httpClient;
         private SearchResult<ResourceTypeResult> _resourceTypes;
 
+        public string AuthenticationScheme { get; set; } = DefaultAuthenticationScheme;
+
         public SCIMClient(string baseUrl)
         {
             _baseUrl = baseUrl;
@@ -76,7 +80,7 @@ public async Task<SearchResult<ResourceTypeResult>> GetResourceTypes(Cancellatio
                 Method = HttpMethod.Get,
                 RequestUri = new Uri($"{GetPath(userEdp)}?{queryString}")
             };
-            if (!string.IsNullOrWhiteSpace(accessToken)) request.Headers.Add("Authorization", accessToken);
+            if (!string.IsNullOrWhiteSpace(accessToken)) AddAccessTokenToAuthorizationHeader(request, accessToken);
             var httpClient = GetHttpClient();
             var httpResult = await httpClient.SendAsync(request, cancellationToken);
             httpResult.EnsureSuccessStatusCode();
@@ -95,7 +99,7 @@ public async Task<SearchResult<ResourceTypeResult>> GetResourceTypes(Cancellatio
                 Method = HttpMethod.Get,
                 RequestUri = new Uri($"{GetPath(groupEdp)}?{queryString}")
             };
-            if (!string.IsNullOrWhiteSpace(accessToken)) request.Headers.Add("Authorization", accessToken);
+            if (!string.IsNullOrWhiteSpace(accessToken)) AddAccessTokenToAuthorizationHeader(request, accessToken);
             var httpClient = GetHttpClient();
             var httpResult = await httpClient.SendAsync(request, cancellationToken);
             httpResult.EnsureSuccessStatusCode();
@@ -113,7 +117,7 @@ public async Task<RepresentationResult> GetGroup(string id, string accessToken,
                 Method = HttpMethod.Get,
                 RequestUri = new Uri($"{GetPath(groupEdp)}/{id}")
             };
-            if (!string.IsNullOrWhiteSpace(accessToken)) request.Headers.Add("Authorization", accessToken);
+            if (!string.IsNullOrWhiteSpace(accessToken)) AddAccessTokenToAuthorizationHeader(request, accessToken);
             var httpClient = GetHttpClient();
             var httpResult = await httpClient.SendAsync(request, cancellationToken);
             httpResult.EnsureSuccessStatusCode();
@@ -131,7 +135,7 @@ public async Task<JsonObject> GetUser(string id, string accessToken, Cancellatio
                 Method = HttpMethod.Get,
                 RequestUri = new Uri($"{GetPath(groupEdp)}/{id}")
             };
-            if (!string.IsNullOrWhiteSpace(accessToken)) request.Headers.Add("Authorization", $"Bearer {accessToken}");
+            if (!string.IsNullOrWhiteSpace(accessToken)) AddAccessTokenToAuthorizationHeader(request, accessToken);
             var httpClient = GetHttpClient();
             var httpResult = await httpClient.SendAsync(request, cancellationToken);
             httpResult.EnsureSuccessStatusCode();
@@ -150,14 +154,23 @@ public async Task<SCIMErrorRepresentation> AddUser(JsonObject jsonObject, string
                 RequestUri = new Uri(GetPath(userEdp)),
                 Content = new StringContent(jsonObject.ToJsonString(), Encoding.UTF8, "application/json")
             };
-            if (!string.IsNullOrWhiteSpace(accessToken)) request.Headers.Add("Authorization", $"Bearer {accessToken}");
+            if (!string.IsNullOrWhiteSpace(accessToken)) AddAccessTokenToAuthorizationHeader(request, accessToken);
             var httpClient = GetHttpClient();
             var httpResult = await httpClient.SendAsync(request, cancellationToken);
             if (httpResult.IsSuccessStatusCode) return null;
             var content = await httpResult.Content.ReadAsStringAsync();
             return JsonSerializer.Deserialize<SCIMErrorRepresentation>(content);
         }
 
+        private void AddAccessTokenToAuthorizationHeader(HttpRequestMessage request, string accessToken)
+        {
+            var headerValue = string.IsNullOrEmpty(AuthenticationScheme) 
+                ? accessToken 
+                : string.Join(" ", AuthenticationScheme, accessToken);
+
+            request.Headers.Add("Authorization", headerValue);
+        }
+
         private HttpClient GetHttpClient()
         {
             if (_httpClient != null) return _httpClient;
