Add support for setting user password via SCIM

system/scim/routes.go

@@ -43,11 +43,11 @@ func Guard(opt options.SCIMOpt) func(next http.Handler) http.Handler {
 }
 
 func Routes(r chi.Router) {
-
 	r.Route("/Users", func(r chi.Router) {
 		uh := &usersHandler{
-			svc: service.DefaultUser,
-			sec: getSecurityContext,
+			svc:     service.DefaultUser,
+			passSvc: service.DefaultAuth,
+			sec:     getSecurityContext,
 		}
 
 		r.Get("/{id}", uh.get)

system/scim/user_handler.go

@@ -13,10 +13,15 @@ import (
 )
 
 type (
+	passwordSetter interface {
+		SetPassword(context.Context, uint64, string) error
+	}
+
 	usersHandler struct {
-		svc    service.UserService
-		rleSvc service.RoleService
-		sec    getSecurityContextFn
+		svc     service.UserService
+		rleSvc  service.RoleService
+		passSvc passwordSetter
+		sec     getSecurityContextFn
 	}
 )
 
@@ -108,6 +113,13 @@ func (h usersHandler) createFromJSON(ctx context.Context, j io.Reader) (u *types
 		// @todo
 	}
 
+	if payload.Password != nil && *payload.Password != "" {
+		err = h.passSvc.SetPassword(ctx, u.ID, *payload.Password)
+		if err != nil {
+			return
+		}
+	}
+
 	return u, nil
 }
 
@@ -146,6 +158,13 @@ func (h usersHandler) updateFromJSON(ctx context.Context, id uint64, j io.Reader
 
 	payload.applyTo(u)
 
+	if payload.Password != nil && *payload.Password != "" {
+		err = h.passSvc.SetPassword(ctx, u.ID, *payload.Password)
+		if err != nil {
+			return
+		}
+	}
+
 	return h.svc.With(ctx).Update(u)
 }