Fix: SCIM error handling for group display name (fixes #20344)

wso2-extensions · Jun 28, 2024 · 8388c51 · 8388c51
1 parent 34e8405
commit 8388c51
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/...m2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMRoleManagerV2.java b/...m2.common/src/main/java/org/wso2/carbon/identity/scim2/common/impl/SCIMRoleManagerV2.java
@@ -1125,7 +1125,12 @@ private void doUpdateGroups(String roleId, Set<String> newGroupIDList, Set<Strin
                         new ArrayList<>(deleteGroupIDList), tenantDomain);
             } catch (IdentityRoleManagementException e) {
                 if (RoleConstants.Error.INVALID_REQUEST.getCode().equals(e.getErrorCode())) {
-                    throw new BadRequestException(e.getMessage());
+                    // Custom error message and SCIM type
+                    String customMessage = "Invalid request: Group display name is not supported. Please use the group ID instead.";
+                    String scimType = "invalidSyntax"; // From RFC 7644 Table 9
+
+                    // Throw BadRequestException with custom message and scimType
+                    throw new BadRequestException(customMessage, scimType);
                 }
                 throw new CharonException(
                         String.format("Error occurred while updating groups in the role with ID: %s", roleId), e);