Skip to content

Commit

Permalink
Add support for mfa_show_factor_list_on_enrollment flag on tenant
Browse files Browse the repository at this point in the history
  • Loading branch information
sergiught committed Apr 25, 2023
1 parent f08e9d8 commit eab900d
Show file tree
Hide file tree
Showing 7 changed files with 67 additions and 53 deletions.
1 change: 1 addition & 0 deletions docs/data-sources/tenant.md
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ Read-Only:
- `enable_legacy_profile` (Boolean)
- `enable_pipeline2` (Boolean)
- `enable_public_signup_user_exists_error` (Boolean)
- `mfa_show_factor_list_on_enrollment` (Boolean)
- `no_disclose_enterprise_connections` (Boolean)
- `revoke_refresh_token_grant` (Boolean)
- `universal_login` (Boolean)
Expand Down
1 change: 1 addition & 0 deletions docs/resources/tenant.md
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,7 @@ Optional:
- `enable_legacy_profile` (Boolean) Whether ID tokens and the userinfo endpoint includes a complete user profile (true) or only OpenID Connect claims (false).
- `enable_pipeline2` (Boolean) Indicates whether advanced API Authorization scenarios are enabled.
- `enable_public_signup_user_exists_error` (Boolean) Indicates whether the public sign up process shows a `user_exists` error if the user already exists.
- `mfa_show_factor_list_on_enrollment` (Boolean) Used to allow users to pick what factor to enroll with from the list of available MFA factors.
- `no_disclose_enterprise_connections` (Boolean) Do not Publish Enterprise Connections Information with IdP domains on the lock configuration file.
- `revoke_refresh_token_grant` (Boolean) Delete underlying grant when a refresh token is revoked via the Authentication API.
- `universal_login` (Boolean, Deprecated) Indicates whether the New Universal Login Experience is enabled.
Expand Down
1 change: 1 addition & 0 deletions internal/auth0/tenant/expand.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,7 @@ func expandTenantFlags(config cty.Value) *management.TenantFlags {
DashboardLogStreams: value.Bool(flags.GetAttr("dashboard_log_streams_next")),
DashboardInsightsView: value.Bool(flags.GetAttr("dashboard_insights_view")),
DisableFieldsMapFix: value.Bool(flags.GetAttr("disable_fields_map_fix")),
MFAShowFactorListOnEnrollment: value.Bool(flags.GetAttr("mfa_show_factor_list_on_enrollment")),
}

return stop
Expand Down
1 change: 1 addition & 0 deletions internal/auth0/tenant/flatten.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ func flattenTenantFlags(flags *management.TenantFlags) []interface{} {
m["dashboard_log_streams_next"] = flags.DashboardLogStreams
m["dashboard_insights_view"] = flags.DashboardInsightsView
m["disable_fields_map_fix"] = flags.DisableFieldsMapFix
m["mfa_show_factor_list_on_enrollment"] = flags.MFAShowFactorListOnEnrollment

return []interface{}{m}
}
Expand Down
6 changes: 6 additions & 0 deletions internal/auth0/tenant/resource.go
Original file line number Diff line number Diff line change
Expand Up @@ -316,6 +316,12 @@ func NewResource() *schema.Resource {
Computed: true,
Description: "Disables SAML fields map fix for bad mappings with repeated attributes.",
},
"mfa_show_factor_list_on_enrollment": {
Type: schema.TypeBool,
Optional: true,
Computed: true,
Description: "Used to allow users to pick what factor to enroll with from the list of available MFA factors.",
},
},
},
},
Expand Down
4 changes: 4 additions & 0 deletions internal/auth0/tenant/resource_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ func TestAccTenant(t *testing.T) {
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.disable_clickjack_protection_headers", "true"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.enable_public_signup_user_exists_error", "true"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.use_scope_descriptions_for_consent", "true"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.mfa_show_factor_list_on_enrollment", "false"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "universal_login.0.colors.0.primary", "#0059d6"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "universal_login.0.colors.0.page_background", "#000000"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "default_redirection_uri", "https://example.com/login"),
Expand All @@ -59,6 +60,7 @@ func TestAccTenant(t *testing.T) {
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.disable_clickjack_protection_headers", "false"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.enable_public_signup_user_exists_error", "true"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.use_scope_descriptions_for_consent", "false"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.mfa_show_factor_list_on_enrollment", "true"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "allowed_logout_urls.#", "0"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "session_cookie.0.mode", "persistent"),
resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "default_redirection_uri", ""),
Expand Down Expand Up @@ -109,6 +111,7 @@ resource "auth0_tenant" "my_tenant" {
no_disclose_enterprise_connections = false
disable_management_api_sms_obfuscation = false
disable_fields_map_fix = false
mfa_show_factor_list_on_enrollment = false
}
universal_login {
colors {
Expand Down Expand Up @@ -156,6 +159,7 @@ resource "auth0_tenant" "my_tenant" {
no_disclose_enterprise_connections = false
disable_management_api_sms_obfuscation = true
disable_fields_map_fix = true
mfa_show_factor_list_on_enrollment = true
}
universal_login {
colors {
Expand Down
Loading

0 comments on commit eab900d

Please sign in to comment.