From 4e4d82087791fd9b630d1bae0fd8e106ee3b6eea Mon Sep 17 00:00:00 2001
From: Adrian Hoelzl <adrian.hoelzl@sap.com>
Date: Fri, 23 Aug 2024 09:37:02 +0200
Subject: [PATCH] Add handling of alias users in ScimUserBootstrap

---
 .../uaa/scim/bootstrap/ScimUserBootstrap.java       | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/scim/bootstrap/ScimUserBootstrap.java b/server/src/main/java/org/cloudfoundry/identity/uaa/scim/bootstrap/ScimUserBootstrap.java
index 648c4a60216..71bb4f82390 100644
--- a/server/src/main/java/org/cloudfoundry/identity/uaa/scim/bootstrap/ScimUserBootstrap.java
+++ b/server/src/main/java/org/cloudfoundry/identity/uaa/scim/bootstrap/ScimUserBootstrap.java
@@ -164,7 +164,18 @@ private void updateUser(ScimUser existingUser, UaaUser updatedUser, boolean upda
 
         final ScimUser newScimUser = convertToScimUser(updatedUser);
         newScimUser.setVersion(existingUser.getVersion());
-        scimUserProvisioning.update(id, newScimUser, IdentityZoneHolder.get().getId());
+        newScimUser.setZoneId(existingUser.getZoneId());
+
+        /* the user in the event won't have the alias properties set, we must therefore propagate them from the existing
+         * user, if present */
+        if (hasText(existingUser.getAliasId()) && hasText(existingUser.getAliasZid())) {
+            newScimUser.setAliasId(existingUser.getAliasId());
+            newScimUser.setAliasZid(existingUser.getAliasZid());
+        }
+
+        // this will also handle the update of the alias user, if necessary
+        scimUserService.updateUser(id, newScimUser);
+
         if (OriginKeys.UAA.equals(newScimUser.getOrigin()) && hasText(updatedUser.getPassword())) { //password is not relevant for non UAA users
             scimUserProvisioning.changePassword(id, null, updatedUser.getPassword(), IdentityZoneHolder.get().getId());
         }