Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add "auth0_clients" data source for listing multiple clients with filtering #1080

Merged
merged 6 commits into from
Nov 26, 2024

Conversation

devin-brenton
Copy link
Contributor

🔧 Changes

This PR adds a new data source auth0_clients that allows retrieving a list of clients from Auth0 with optional filtering capabilities. This complements the existing auth0_client data source which only returns a single client.

Key features:

  • New data source: auth0_clients
  • Optional filters:
    • name_filter: Filter clients by name (partial matches supported)
    • app_types: Filter by application types
    • is_first_party: Filter for first-party clients
  • Returns a list of clients with a subset of fields from the single client data source
  • Supports pagination to retrieve all matching clients
  • HTTP recordings for acceptance tests are included

Implementation notes:

  • Reuses the schema from auth0_client data source but removes fields that aren't commonly needed in list operations
  • Removed fields include:
    • client_aliases
    • logo_uri
    • oidc_conformant
    • oidc_backchannel_logout_urls
    • organization_usage
    • organization_require_behavior
    • cross_origin_auth
    • cross_origin_loc
    • custom_login_page_on
    • custom_login_page
    • form_template
    • require_pushed_authorization_requests
    • mobile
    • initiate_login_uri
    • native_social_login
    • refresh_token
    • signing_keys
    • encryption_key
    • sso
    • sso_disabled
    • jwt_configuration
    • addons
    • default_organization
    • compliance_level
    • require_proof_of_possession
  • This paring down of fields makes the list response more manageable and focused on the most commonly needed client properties

Example usage:

# Get all SPA clients
data "auth0_clients" "spa_clients" {
  app_types = ["spa"]
}

# Get first-party clients with specific name pattern
data "auth0_clients" "filtered_clients" {
  name_filter = "api-"
  is_first_party = true
}

🔬 Testing

  1. Acceptance tests have been added covering:
    • Filtering by name
    • Filtering by application type
    • Filtering by first-party status
    • Invalid filter validation
    • All tests include HTTP recordings

To run the tests:

# Run all client list tests
make test-acc FILTER="TestAccDataClients"

# Record new HTTP interactions if needed
make test-acc-record FILTER="TestAccDataClients"

📝 Checklist

  • New functionality is covered by acceptance tests
  • Documentation has been added for the new data source
  • HTTP recordings have been added and sensitive data redacted
  • Schema follows existing patterns from auth0_client data source
  • Error handling follows provider patterns
  • Code formatting and structure match existing provider code

Additional Notes:

  • The implementation reuses schemas and patterns from the existing client data source
  • HTTP recordings have been properly sanitized to remove sensitive information
  • The data source uses standard Auth0 API pagination to handle large result sets
  • Filter validation ensures proper input values

@devin-brenton devin-brenton requested a review from a team as a code owner November 19, 2024 06:06
@brianhyder
Copy link

This fixes #784

@duedares-rvj
Copy link
Contributor

@devin-brenton Thank you so much for this PR. This is great!
Could you please add something under examples/data-sources/auth0_clients and then run make docs?

That should be all of this PR. :)

@acwest
Copy link
Contributor

acwest commented Nov 22, 2024

There are a couple of minor linting issues (make lint will fix most of them, and tell you about the ones it doesn't fix), and there is a test failure where TestAccDataClientsIsFirstPartyFilter results in a dirty plan.
In general, we have been putting similar data_sources into the same directory and package as the one-to-one version, so that the two can re-use common code, but it isn't always necessary. I am just looking over the code more in-depth now, so hopefully will have something more useful to say soon :-)

@acwest
Copy link
Contributor

acwest commented Nov 22, 2024

@devin-brenton what do you think of moving this to the client directory? An example of how we usually do it is in organization. The files would probably be named data_source_clients.go and data_source_clients_test.go. The docs and examples would be fine where they are...

@devin-brenton
Copy link
Contributor Author

@devin-brenton what do you think of moving this to the client directory? An example of how we usually do it is in organization. The files would probably be named data_source_clients.go and data_source_clients_test.go. The docs and examples would be fine where they are...

I like that idea. Could help clean things up a bit by keeping it all in one package.

@devin-brenton
Copy link
Contributor Author

@acwest I've moved the files into the client package and tests look good on my end. I'm having trouble understanding why the test is failing in the pipeline. I'm running the acc tests against a test tenant I spun up.

@acwest
Copy link
Contributor

acwest commented Nov 25, 2024

I will try it on mine, I haven't looked at it the error in detail yet. The pipeline can be odd, I have occasionally found that it fails when the terraform version is sufficiently different. I updated the test output a little while ago to include the terraform version the pipeline is using.
Never mind, the issue seems resolved now.

@duedares-rvj
Copy link
Contributor

@devin-brenton Hey Devin!
Your PR is good to merge.
But we need one last bit, please sign your commits. Once done, we'd quickly reapprove this and it shall be good to merge.
If you're having trouble let us know.

Thank you again for the contribution here!

@acwest
Copy link
Contributor

acwest commented Nov 25, 2024

Looks good now. The last annoyance is to get you set up to sign your commits... Here is Github's documentation on setting it up: https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits
And here is some information on signing older commits...
https://stackoverflow.com/questions/41882919/is-there-a-way-to-gpg-sign-all-previous-commits

@devin-brenton devin-brenton force-pushed the clients-list-data-source branch from e7ba0d1 to 3596e40 Compare November 25, 2024 16:22
@devin-brenton devin-brenton force-pushed the clients-list-data-source branch from 3596e40 to 2ef7b11 Compare November 25, 2024 16:30
@devin-brenton
Copy link
Contributor Author

@acwest Huge thanks for the helpful links. Looks like the commits are now signed appropriately. Let me know if there's anything else needed.

@duedares-rvj
Copy link
Contributor

Good to merge!

@acwest acwest merged commit e158550 into auth0:main Nov 26, 2024
4 checks passed
This was referenced Nov 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants