Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add strategy_version support to all connections that use it #1024

Merged
merged 3 commits into from
Sep 20, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 11 additions & 6 deletions docs/resources/connection.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ resource "auth0_connection" "my_connection" {
options {
password_policy = "excellent"
brute_force_protection = true
strategy_version = 2
enabled_database_customization = true
import_mode = false
requires_username = true
Expand Down Expand Up @@ -253,6 +254,7 @@ resource "auth0_connection" "oauth2" {
options {
client_id = "<client-id>"
client_secret = "<client-secret>"
strategy_version = 2
scopes = ["basic_profile", "profile", "email"]
token_endpoint = "https://auth.example.com/oauth2/token"
authorization_endpoint = "https://auth.example.com/oauth2/authorize"
Expand Down Expand Up @@ -284,6 +286,7 @@ resource "auth0_connection" "ad" {
disable_self_service_change_password = true
brute_force_protection = true
tenant_domain = "example.com"
strategy_version = 2
icon_url = "https://example.com/assets/logo.png"
domain_aliases = [
"example.com",
Expand Down Expand Up @@ -312,12 +315,13 @@ resource "auth0_connection" "azure_ad" {
strategy = "waad"
show_as_button = true
options {
identity_api = "azure-active-directory-v1.0"
client_id = "123456"
client_secret = "123456"
app_id = "app-id-123"
tenant_domain = "example.onmicrosoft.com"
domain = "example.onmicrosoft.com"
identity_api = "azure-active-directory-v1.0"
client_id = "123456"
client_secret = "123456"
strategy_version = 2
app_id = "app-id-123"
tenant_domain = "example.onmicrosoft.com"
domain = "example.onmicrosoft.com"
domain_aliases = [
"example.com",
"api.example.com"
Expand Down Expand Up @@ -468,6 +472,7 @@ resource "auth0_connection" "samlp" {
sign_in_endpoint = "https://saml.provider/sign_in"
sign_out_endpoint = "https://saml.provider/sign_out"
disable_sign_out = true
strategy_version = 2
tenant_domain = "example.com"
domain_aliases = ["example.com", "alias.example.com"]
protocol_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Expand Down
1 change: 1 addition & 0 deletions examples/resources/auth0_connection/resource.tf
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ resource "auth0_connection" "my_connection" {
options {
password_policy = "excellent"
brute_force_protection = true
strategy_version = 2
enabled_database_customization = true
import_mode = false
requires_username = true
Expand Down
1 change: 1 addition & 0 deletions examples/resources/auth0_connection/resource_with_ad.tf
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ resource "auth0_connection" "ad" {
disable_self_service_change_password = true
brute_force_protection = true
tenant_domain = "example.com"
strategy_version = 2
icon_url = "https://example.com/assets/logo.png"
domain_aliases = [
"example.com",
Expand Down
13 changes: 7 additions & 6 deletions examples/resources/auth0_connection/resource_with_azure_ad.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,13 @@ resource "auth0_connection" "azure_ad" {
strategy = "waad"
show_as_button = true
options {
identity_api = "azure-active-directory-v1.0"
client_id = "123456"
client_secret = "123456"
app_id = "app-id-123"
tenant_domain = "example.onmicrosoft.com"
domain = "example.onmicrosoft.com"
identity_api = "azure-active-directory-v1.0"
client_id = "123456"
client_secret = "123456"
strategy_version = 2
app_id = "app-id-123"
tenant_domain = "example.onmicrosoft.com"
domain = "example.onmicrosoft.com"
domain_aliases = [
"example.com",
"api.example.com"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ resource "auth0_connection" "oauth2" {
options {
client_id = "<client-id>"
client_secret = "<client-secret>"
strategy_version = 2
scopes = ["basic_profile", "profile", "email"]
token_endpoint = "https://auth.example.com/oauth2/token"
authorization_endpoint = "https://auth.example.com/oauth2/authorize"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ resource "auth0_connection" "samlp" {
sign_in_endpoint = "https://saml.provider/sign_in"
sign_out_endpoint = "https://saml.provider/sign_out"
disable_sign_out = true
strategy_version = 2
tenant_domain = "example.com"
domain_aliases = ["example.com", "alias.example.com"]
protocol_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Expand Down
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ go 1.22

require (
github.com/PuerkitoBio/rehttp v1.4.0
github.com/auth0/go-auth0 v1.10.0
github.com/auth0/go-auth0 v1.10.1-0.20240919142940-86c7e2f07e06
github.com/google/go-cmp v0.6.0
github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
github.com/hashicorp/go-multierror v1.1.1
Expand Down Expand Up @@ -78,7 +78,7 @@ require (
golang.org/x/exp v0.0.0-20240525044651-4c93da0ed11d // indirect
golang.org/x/mod v0.19.0 // indirect
golang.org/x/net v0.26.0 // indirect
golang.org/x/oauth2 v0.22.0 // indirect
golang.org/x/oauth2 v0.23.0 // indirect
golang.org/x/sync v0.8.0 // indirect
golang.org/x/sys v0.23.0 // indirect
golang.org/x/text v0.17.0 // indirect
Expand Down
8 changes: 4 additions & 4 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,8 @@ github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew
github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4=
github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
github.com/auth0/go-auth0 v1.10.0 h1:7fjcuVjtTET5NEg8RPl3uYadGto7WZnBl31LcnXANWc=
github.com/auth0/go-auth0 v1.10.0/go.mod h1:VMTiemb4rn2TUPiH9obD2FoHS2FoTALTsnKU0NUXLxk=
github.com/auth0/go-auth0 v1.10.1-0.20240919142940-86c7e2f07e06 h1:KhdyIAvazLFhgG1xHDNY8YdWK5C8s6TU4izA3DPhfoI=
github.com/auth0/go-auth0 v1.10.1-0.20240919142940-86c7e2f07e06/go.mod h1:VyYseHsdB4s9jmfBqoxnzJTvZr0w17ZJ5kjNdA+ag9Y=
github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
Expand Down Expand Up @@ -238,8 +238,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA=
golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs=
golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
Expand Down
6 changes: 6 additions & 0 deletions internal/auth0/connection/expand.go
Original file line number Diff line number Diff line change
Expand Up @@ -329,6 +329,7 @@ func expandConnectionOptionsAuth0(_ *schema.ResourceData, config cty.Value) (int
Configuration: value.MapOfStrings(config.GetAttr("configuration")),
Precedence: value.Strings(config.GetAttr("precedence")),
Attributes: expandConnectionOptionsAttributes(config.GetAttr("attributes")),
StrategyVersion: value.Int(config.GetAttr("strategy_version")),
}

config.GetAttr("validation").ForEachElement(
Expand Down Expand Up @@ -507,6 +508,7 @@ func expandConnectionOptionsOAuth2(data *schema.ResourceData, config cty.Value)
LogoURL: value.String(config.GetAttr("icon_url")),
PKCEEnabled: value.Bool(config.GetAttr("pkce_enabled")),
Scripts: value.MapOfStrings(config.GetAttr("scripts")),
StrategyVersion: value.Int(config.GetAttr("strategy_version")),
}

expandConnectionOptionsScopes(data, options)
Expand Down Expand Up @@ -691,6 +693,7 @@ func expandConnectionOptionsAD(_ *schema.ResourceData, config cty.Value) (interf
NonPersistentAttrs: value.Strings(config.GetAttr("non_persistent_attrs")),
BruteForceProtection: value.Bool(config.GetAttr("brute_force_protection")),
DisableSelfServiceChangePassword: value.Bool(config.GetAttr("disable_self_service_change_password")),
StrategyVersion: value.Int(config.GetAttr("strategy_version")),
}

options.SetUserAttributes = value.String(config.GetAttr("set_user_root_attributes"))
Expand Down Expand Up @@ -721,6 +724,7 @@ func expandConnectionOptionsAzureAD(data *schema.ResourceData, config cty.Value)
IdentityAPI: value.String(config.GetAttr("identity_api")),
NonPersistentAttrs: value.Strings(config.GetAttr("non_persistent_attrs")),
TrustEmailVerified: value.String(config.GetAttr("should_trust_email_verified_connection")),
StrategyVersion: value.Int(config.GetAttr("strategy_version")),
}

options.SetUserAttributes = value.String(config.GetAttr("set_user_root_attributes"))
Expand Down Expand Up @@ -850,6 +854,7 @@ func expandConnectionOptionsSAML(_ *schema.ResourceData, config cty.Value) (inte
EntityID: value.String(config.GetAttr("entity_id")),
MetadataXML: value.String(config.GetAttr("metadata_xml")),
MetadataURL: value.String(config.GetAttr("metadata_url")),
StrategyVersion: value.Int(config.GetAttr("strategy_version")),
}

options.SetUserAttributes = value.String(config.GetAttr("set_user_root_attributes"))
Expand Down Expand Up @@ -907,6 +912,7 @@ func expandConnectionOptionsADFS(_ *schema.ResourceData, config cty.Value) (inte
EnableUsersAPI: value.Bool(config.GetAttr("api_enable_users")),
TrustEmailVerified: value.String(config.GetAttr("should_trust_email_verified_connection")),
NonPersistentAttrs: value.Strings(config.GetAttr("non_persistent_attrs")),
StrategyVersion: value.Int(config.GetAttr("strategy_version")),
}

options.SetUserAttributes = value.String(config.GetAttr("set_user_root_attributes"))
Expand Down
6 changes: 6 additions & 0 deletions internal/auth0/connection/flatten.go
Original file line number Diff line number Diff line change
Expand Up @@ -323,6 +323,7 @@ func flattenConnectionOptionsAuth0(
"set_user_root_attributes": options.GetSetUserAttributes(),
"upstream_params": upstreamParams,
"precedence": options.GetPrecedence(),
"strategy_version": options.GetStrategyVersion(),
}

if options.Attributes != nil {
Expand Down Expand Up @@ -450,6 +451,7 @@ func flattenConnectionOptionsOAuth2(
"non_persistent_attrs": options.GetNonPersistentAttrs(),
"icon_url": options.GetLogoURL(),
"pkce_enabled": options.GetPKCEEnabled(),
"strategy_version": options.GetStrategyVersion(),
"upstream_params": upstreamParams,
}

Expand Down Expand Up @@ -813,6 +815,7 @@ func flattenConnectionOptionsAD(
"non_persistent_attrs": options.GetNonPersistentAttrs(),
"set_user_root_attributes": options.GetSetUserAttributes(),
"disable_self_service_change_password": options.GetDisableSelfServiceChangePassword(),
"strategy_version": options.GetStrategyVersion(),
"upstream_params": upstreamParams,
}

Expand Down Expand Up @@ -855,6 +858,7 @@ func flattenConnectionOptionsAzureAD(
"non_persistent_attrs": options.GetNonPersistentAttrs(),
"should_trust_email_verified_connection": options.GetTrustEmailVerified(),
"set_user_root_attributes": options.GetSetUserAttributes(),
"strategy_version": options.GetStrategyVersion(),
"upstream_params": upstreamParams,
}

Expand Down Expand Up @@ -890,6 +894,7 @@ func flattenConnectionOptionsADFS(
"should_trust_email_verified_connection": options.GetTrustEmailVerified(),
"non_persistent_attrs": options.GetNonPersistentAttrs(),
"set_user_root_attributes": options.GetSetUserAttributes(),
"strategy_version": options.GetStrategyVersion(),
"upstream_params": upstreamParams,
}

Expand Down Expand Up @@ -939,6 +944,7 @@ func flattenConnectionOptionsSAML(
"metadata_url": options.GetMetadataURL(),
"metadata_xml": data.Get("options.0.metadata_xml").(string), // Does not get read back.
"set_user_root_attributes": options.GetSetUserAttributes(),
"strategy_version": options.GetStrategyVersion(),
"fields_map": fieldsMap,
"upstream_params": upstreamParams,
}
Expand Down
9 changes: 6 additions & 3 deletions internal/auth0/connection/resource_clients_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,9 @@ resource "auth0_connection_clients" "my_conn_client_assoc" {
func TestAccConnectionClientsImport(t *testing.T) {
if os.Getenv("AUTH0_DOMAIN") != acctest.RecordingsDomain {
// The test runs only with recordings as it requires an initial setup.
// If you need to re-record it, comment out the t.Skip, create the
// resources defined above and fix the IDs in the test before running
// make record.
t.Skip()
}

Expand All @@ -172,21 +175,21 @@ func TestAccConnectionClientsImport(t *testing.T) {
Config: acctest.ParseTestName(testAccConnectionClientsImport, t.Name()),
ResourceName: "auth0_connection.my_conn",
ImportState: true,
ImportStateId: "con_ouKiPbGv6eONERfA",
ImportStateId: "con_QfclIwGFilDZfig3",
ImportStatePersist: true,
},
{
Config: acctest.ParseTestName(testAccConnectionClientsImport, t.Name()),
ResourceName: "auth0_client.my_client-1",
ImportState: true,
ImportStateId: "TGIXl1IBOpFmwBpxuCLsoXwl5OQBa1Z7",
ImportStateId: "iUytqzFf4KueZRmFL7DRFNqn8RrQGu5Q",
ImportStatePersist: true,
},
{
Config: acctest.ParseTestName(testAccConnectionClientsImport, t.Name()),
ResourceName: "auth0_connection_clients.my_conn_client_assoc",
ImportState: true,
ImportStateId: "con_ouKiPbGv6eONERfA",
ImportStateId: "con_QfclIwGFilDZfig3",
ImportStatePersist: true,
},
{
Expand Down
Loading
Loading