Migrate to scim2-sdk-common

[duanemay]

com.unboundid.product.scim:scim-sdk (version 2.0.0) is deprecated — the repo is archived, last meaningful work was ~2015, and Ping Identity recommends com.unboundid:scim2-sdk-common as the replacement. The SDK is used only for SCIM filter string parsing in 2 production files and 2 test files — not for SCIM resource representation.

The SCIM 2.0 SDK parses the same basic filter grammar (eq, co, sw, pr, gt, ge, lt, le, and, or) used in UAA, so existing clients sending filter strings are unaffected.

SCIM 1.1 SDK is used directly in server/build.gradle.kts:64 with several exclusions hinting at its age.

[Copilot]

Pull request overview

Migrates UAA’s SCIM filter parsing from the deprecated com.unboundid.product.scim:scim-sdk to com.unboundid.product.scim2:scim2-sdk-common, updating production parsing/conversion code paths and adjusting/expanding tests to match the SCIM2 parser’s behavior and stricter syntax validation.

Changes:

• Replace the UnboundID SCIM 1.1 SDK dependency with scim2-sdk-common in Gradle version catalog and module build files.
• Update SCIM filter parsing/conversion in SimpleSearchQueryConverter and UserIdConversionEndpoints to use com.unboundid.scim2.common.filters.Filter, including max filter-depth enforcement.
• Update and expand tests to reflect SCIM2 parsing behavior and add additional malformed/injection-oriented filter cases.

Reviewed changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
uaa/src/test/java/org/cloudfoundry/identity/uaa/scim/endpoints/ScimUserEndpointsTests.java	Removes SCIM SDK filter builder usage and updates AssertJ exception assertions.
uaa/build.gradle.kts	Swaps test dependency from legacy SCIM SDK to scim2-sdk-common.
server/src/test/java/org/cloudfoundry/identity/uaa/scim/jdbc/ScimSearchQueryConverterTests.java	Adds parameterized tests for malformed/injection-like filters and updates assertions.
server/src/test/java/org/cloudfoundry/identity/uaa/resources/jdbc/SimpleSearchQueryConverterTests.java	Updates expectations for SCIM2 parser errors and adds depth-limit tests.
server/src/test/java/org/cloudfoundry/identity/uaa/oauth/approval/ApprovalsAdminEndpointsTests.java	Removes legacy SCIM SDK filter construction and simplifies TypeReference; adjusts filter helper.
server/src/main/java/org/cloudfoundry/identity/uaa/scim/endpoints/UserIdConversionEndpoints.java	Switches parsing to SCIM2 Filter, adds depth limiting, and updates operator/type handling.
server/src/main/java/org/cloudfoundry/identity/uaa/resources/jdbc/SimpleSearchQueryConverter.java	Replaces SCIM SDK parsing with SCIM2 Filter, updates SQL generation/value extraction, and enforces max depth.
server/build.gradle.kts	Swaps runtime dependency from legacy SCIM SDK to scim2-sdk-common.
gradle/libs.versions.toml	Adds scim2Sdk/scim2SdkCommon entries and removes the legacy SCIM SDK entry.