From 1c04dc098643f620920aed16b4ef3b9c2a34c607 Mon Sep 17 00:00:00 2001
From: Jens L <jens@goauthentik.io>
Date: Wed, 10 May 2023 12:29:39 +0200
Subject: [PATCH] providers/SCIM: patch group name (#5564)

* providers/scim: patch name when group put fails

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* re-raise ResourceMissing in group update to trigger recreation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 authentik/providers/scim/clients/group.py | 33 ++++++++++++++++-------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/authentik/providers/scim/clients/group.py b/authentik/providers/scim/clients/group.py
index 716e89985..b0222590d 100644
--- a/authentik/providers/scim/clients/group.py
+++ b/authentik/providers/scim/clients/group.py
@@ -117,20 +117,25 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroupSchema]):
                     exclude_unset=True,
                 ),
             )
+        except ResourceMissing:
+            # Resource missing is handled by self.write, which will re-create the group
+            raise
         except SCIMRequestException:
             # Some providers don't support PUT on groups, so this is mainly a fix for the initial
             # sync, send patch add requests for all the users the group currently has
-            # TODO: send patch request for group name
             users = list(group.users.order_by("id").values_list("id", flat=True))
-            return self._patch_add_users(group, users)
-
-    def _patch(
-        self,
-        group_id: str,
-        *ops: PatchOperation,
-    ):
-        req = PatchRequest(Operations=ops)
-        self._request("PATCH", f"/Groups/{group_id}", data=req.json())
+            self._patch_add_users(group, users)
+            # Also update the group name
+            return self._patch(
+                scim_group.id,
+                PatchOperation(
+                    op=PatchOp.replace,
+                    value={
+                        "id": connection.id,
+                        "displayName": group.name,
+                    },
+                ),
+            )
 
     def update_group(self, group: Group, action: PatchOp, users_set: set[int]):
         """Update a group, either using PUT to replace it or PATCH if supported"""
@@ -151,6 +156,14 @@ class SCIMGroupClient(SCIMClient[Group, SCIMGroupSchema]):
                     return self._patch_remove_users(group, users_set)
             raise exc
 
+    def _patch(
+        self,
+        group_id: str,
+        *ops: PatchOperation,
+    ):
+        req = PatchRequest(Operations=ops)
+        self._request("PATCH", f"/Groups/{group_id}", data=req.json())
+
     def _patch_add_users(self, group: Group, users_set: set[int]):
         """Add users in users_set to group"""
         if len(users_set) < 1: