From 13ddc6cc5736e7046794272a2246cc02c072faee Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Fri, 12 May 2023 14:14:22 -0400 Subject: [PATCH 1/7] Initial commit for backchannel logout --- go.mod | 10 ++- go.sum | 14 ++-- internal/auth0/client/expand.go | 15 ++++ internal/auth0/client/resource.go | 9 +++ internal/auth0/client/resource_test.go | 5 ++ test/data/recordings/TestAccClient.yaml | 100 ++++++++++++------------ 6 files changed, 91 insertions(+), 62 deletions(-) diff --git a/go.mod b/go.mod index ca323a30d..4082a67d4 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.20 require ( github.com/auth0/go-auth0 v0.17.0 + github.com/google/go-cmp v0.5.9 github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 github.com/hashicorp/go-multierror v1.1.1 github.com/hashicorp/terraform-plugin-docs v0.14.1 @@ -25,7 +26,6 @@ require ( github.com/davecgh/go-spew v1.1.1 // indirect github.com/fatih/color v1.13.0 // indirect github.com/golang/protobuf v1.5.2 // indirect - github.com/google/go-cmp v0.5.9 // indirect github.com/google/uuid v1.3.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-checkpoint v0.5.0 // indirect @@ -66,9 +66,9 @@ require ( github.com/zclconf/go-cty v1.13.1 // indirect golang.org/x/crypto v0.7.0 // indirect golang.org/x/mod v0.8.0 // indirect - golang.org/x/net v0.9.0 // indirect - golang.org/x/oauth2 v0.7.0 // indirect - golang.org/x/sys v0.7.0 // indirect + golang.org/x/net v0.10.0 // indirect + golang.org/x/oauth2 v0.8.0 // indirect + golang.org/x/sys v0.8.0 // indirect golang.org/x/text v0.9.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20220523171625-347a074981d8 // indirect @@ -76,3 +76,5 @@ require ( google.golang.org/protobuf v1.28.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) + +replace github.com/auth0/go-auth0 => ../go-auth0 // TODO: replace with eventual v0.18.0 release diff --git a/go.sum b/go.sum index 56ae28319..40e4e46b7 100644 --- a/go.sum +++ b/go.sum @@ -29,8 +29,6 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= -github.com/auth0/go-auth0 v0.17.0 h1:nlDkW6Qc3xpeuv5iVUBRMeg4RDZ7d7oeBBPQbZ708us= -github.com/auth0/go-auth0 v0.17.0/go.mod h1:KiuxR7q2pTm9a1snjFi7y3KmPS+Bt1kgiJ8oSBvVkXo= github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48= github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= @@ -301,13 +299,13 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= -golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= +golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g= -golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= +golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= +golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -340,8 +338,8 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= diff --git a/internal/auth0/client/expand.go b/internal/auth0/client/expand.go index f370cb912..425c94a11 100644 --- a/internal/auth0/client/expand.go +++ b/internal/auth0/client/expand.go @@ -40,6 +40,7 @@ func expandClient(d *schema.ResourceData) *management.Client { TokenEndpointAuthMethod: value.String(config.GetAttr("token_endpoint_auth_method")), InitiateLoginURI: value.String(config.GetAttr("initiate_login_uri")), EncryptionKey: value.MapOfStrings(config.GetAttr("encryption_key")), + OIDCBackchannelLogout: expandOIDCBackchannelLogout(d), ClientMetadata: expandClientMetadata(d), RefreshToken: expandClientRefreshToken(d), JWTConfiguration: expandClientJWTConfiguration(d), @@ -51,6 +52,20 @@ func expandClient(d *schema.ResourceData) *management.Client { return client } +func expandOIDCBackchannelLogout(d *schema.ResourceData) *management.OIDCBackchannelLogout { + raw := d.GetRawConfig().GetAttr("oidc_backchannel_logout_urls") + + logoutUrls := value.Strings(raw) + + if logoutUrls == nil { + return nil + } + + return &management.OIDCBackchannelLogout{ + BackChannelLogoutURLs: logoutUrls, + } +} + func expandClientRefreshToken(d *schema.ResourceData) *management.ClientRefreshToken { refreshTokenConfig := d.GetRawConfig().GetAttr("refresh_token") if refreshTokenConfig.IsNull() { diff --git a/internal/auth0/client/resource.go b/internal/auth0/client/resource.go index 29276181c..00b19a7a2 100644 --- a/internal/auth0/client/resource.go +++ b/internal/auth0/client/resource.go @@ -120,6 +120,14 @@ func NewResource() *schema.Resource { Optional: true, Description: "URLs that Auth0 may redirect to after logout.", }, + "oidc_backchannel_logout_urls": { + Type: schema.TypeList, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + Optional: true, + Description: "Set of URLs enabled for OIDC back-channel logout", + }, "grant_types": { Type: schema.TypeList, Elem: &schema.Schema{Type: schema.TypeString}, @@ -795,6 +803,7 @@ func readClient(_ context.Context, d *schema.ResourceData, m interface{}) diag.D d.Set("initiate_login_uri", client.GetInitiateLoginURI()), d.Set("signing_keys", client.SigningKeys), d.Set("client_metadata", client.ClientMetadata), + d.Set("oidc_backchannel_logout_urls", client.OIDCBackchannelLogout.GetBackChannelLogoutURLs()), ) return diag.FromErr(result.ErrorOrNil()) diff --git a/internal/auth0/client/resource_test.go b/internal/auth0/client/resource_test.go index eb1780b63..44e403dc5 100644 --- a/internal/auth0/client/resource_test.go +++ b/internal/auth0/client/resource_test.go @@ -511,6 +511,7 @@ resource "auth0_client" "my_client" { allowed_clients = [ "https://allowed.example.com" ] grant_types = [ "authorization_code", "http://auth0.com/oauth/grant-type/password-realm", "implicit", "password", "refresh_token" ] allowed_logout_urls = [ "https://example.com" ] + oidc_backchannel_logout_urls = [ "https://example.com/oidc-logout" ] web_origins = [ "https://example.com" ] client_metadata = { foo = "zoo" @@ -545,6 +546,7 @@ resource "auth0_client" "my_client" { allowed_logout_urls = [ ] web_origins = [ ] client_metadata = {} + oidc_backchannel_logout_urls = [] } ` @@ -607,6 +609,7 @@ func TestAccClient(t *testing.T) { resource.TestCheckResourceAttr("auth0_client.my_client", "web_origins.#", "0"), resource.TestCheckResourceAttr("auth0_client.my_client", "encryption_key.%", "0"), resource.TestCheckResourceAttr("auth0_client.my_client", "client_metadata.%", "0"), + resource.TestCheckNoResourceAttr("auth0_client.my_client", "oidc_backchannel_logout_urls"), ), }, { @@ -673,6 +676,7 @@ func TestAccClient(t *testing.T) { resource.TestCheckResourceAttr("auth0_client.my_client", "client_metadata.%", "1"), resource.TestCheckResourceAttr("auth0_client.my_client", "client_metadata.foo", "zoo"), resource.TestCheckResourceAttr("auth0_client.my_client", "encryption_key.%", "0"), + resource.TestCheckResourceAttr("auth0_client.my_client", "oidc_backchannel_logout_urls.#", "1"), ), }, { @@ -727,6 +731,7 @@ func TestAccClient(t *testing.T) { resource.TestCheckResourceAttr("auth0_client.my_client", "web_origins.#", "0"), resource.TestCheckResourceAttr("auth0_client.my_client", "client_metadata.%", "0"), resource.TestCheckResourceAttr("auth0_client.my_client", "encryption_key.%", "0"), + resource.TestCheckResourceAttr("auth0_client.my_client", "oidc_backchannel_logout_urls.#", "0"), ), }, }, diff --git a/test/data/recordings/TestAccClient.yaml b/test/data/recordings/TestAccClient.yaml index 8e97d500e..2e4c82b25 100644 --- a/test/data/recordings/TestAccClient.yaml +++ b/test/data/recordings/TestAccClient.yaml @@ -19,7 +19,7 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 + - Go-Auth0-SDK/latest url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients method: POST response: @@ -30,13 +30,13 @@ interactions: trailer: {} content_length: -1 uncompressed: false - body: '{"name":"Acceptance Test - TestAccClient","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' + body: '{"name":"Acceptance Test - TestAccClient","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' headers: Content-Type: - application/json; charset=utf-8 status: 201 Created code: 201 - duration: 222.618334ms + duration: 359.600292ms - id: 1 request: proto: HTTP/1.1 @@ -55,8 +55,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: GET response: proto: HTTP/2.0 @@ -66,13 +66,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' + body: '{"name":"Acceptance Test - TestAccClient","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 287.773834ms + duration: 154.947292ms - id: 2 request: proto: HTTP/1.1 @@ -91,8 +91,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: GET response: proto: HTTP/2.0 @@ -102,13 +102,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' + body: '{"name":"Acceptance Test - TestAccClient","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 120.586375ms + duration: 168.732417ms - id: 3 request: proto: HTTP/1.1 @@ -127,8 +127,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: GET response: proto: HTTP/2.0 @@ -138,33 +138,33 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' + body: '{"name":"Acceptance Test - TestAccClient","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 135.483959ms + duration: 141.256709ms - id: 4 request: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 1020 + content_length: 1110 transfer_encoding: [] trailer: {} host: terraform-provider-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" body: | - {"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","organization_usage":"deny","organization_require_behavior":"no_prompt"} + {"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}} form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: PATCH response: proto: HTTP/2.0 @@ -174,13 +174,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt"}' + body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 118.310083ms + duration: 367.979209ms - id: 5 request: proto: HTTP/1.1 @@ -199,8 +199,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: GET response: proto: HTTP/2.0 @@ -210,13 +210,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt"}' + body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 104.178416ms + duration: 142.103375ms - id: 6 request: proto: HTTP/1.1 @@ -235,8 +235,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: GET response: proto: HTTP/2.0 @@ -246,13 +246,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt"}' + body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 104.833875ms + duration: 147.528ms - id: 7 request: proto: HTTP/1.1 @@ -271,8 +271,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: GET response: proto: HTTP/2.0 @@ -282,33 +282,33 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt"}' + body: '{"name":"Acceptance Test - TestAccClient","description":"Test Application Long Description","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":["https://example.com/callback"],"allowed_origins":["https://example.com"],"web_origins":["https://example.com"],"client_aliases":["https://example.com/audience"],"allowed_clients":["https://allowed.example.com"],"allowed_logout_urls":["https://example.com"],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":false,"sso_disabled":false,"grant_types":["authorization_code","http://auth0.com/oauth/grant-type/password-realm","implicit","password","refresh_token"],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"test","form_template":"test","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":"zoo"},"initiate_login_uri":"https://example.com/login","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":["https://example.com/oidc-logout"]}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 112.045167ms + duration: 139.544458ms - id: 8 request: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 698 + content_length: 755 transfer_encoding: [] trailer: {} host: terraform-provider-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" body: | - {"name":"Acceptance Test - TestAccClient","description":"","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":null},"initiate_login_uri":"","organization_usage":"deny","organization_require_behavior":"no_prompt"} + {"name":"Acceptance Test - TestAccClient","description":"","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","token_endpoint_auth_method":"client_secret_post","client_metadata":{"foo":null},"initiate_login_uri":"","organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":[]}} form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: PATCH response: proto: HTTP/2.0 @@ -318,13 +318,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","token_endpoint_auth_method":"client_secret_post","client_metadata":{},"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt"}' + body: '{"name":"Acceptance Test - TestAccClient","description":"","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","token_endpoint_auth_method":"client_secret_post","client_metadata":{},"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":[]}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 208.620667ms + duration: 149.808334ms - id: 9 request: proto: HTTP/1.1 @@ -343,8 +343,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: GET response: proto: HTTP/2.0 @@ -354,13 +354,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","token_endpoint_auth_method":"client_secret_post","client_metadata":{},"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt"}' + body: '{"name":"Acceptance Test - TestAccClient","description":"","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","token_endpoint_auth_method":"client_secret_post","client_metadata":{},"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":[]}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 98.736083ms + duration: 150.953083ms - id: 10 request: proto: HTTP/1.1 @@ -379,8 +379,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: GET response: proto: HTTP/2.0 @@ -390,13 +390,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"name":"Acceptance Test - TestAccClient","description":"","client_id":"io1iDkiRs5K73nsu84tgxYFQ47Levsmc","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","token_endpoint_auth_method":"client_secret_post","client_metadata":{},"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt"}' + body: '{"name":"Acceptance Test - TestAccClient","description":"","client_id":"gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4","client_secret":"[REDACTED]","app_type":"non_interactive","logo_uri":"https://another-example.com/logoUri","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":true,"callbacks":[],"allowed_origins":[],"web_origins":[],"client_aliases":[],"allowed_clients":[],"allowed_logout_urls":[],"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso":true,"sso_disabled":true,"grant_types":[],"cross_origin_loc":"https://example.com/cross-origin-loc","custom_login_page_on":true,"custom_login_page":"","form_template":"","token_endpoint_auth_method":"client_secret_post","client_metadata":{},"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000},"organization_usage":"deny","organization_require_behavior":"no_prompt","oidc_backchannel_logout":{"backchannel_logout_urls":[]}}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 133.125833ms + duration: 136.659458ms - id: 11 request: proto: HTTP/1.1 @@ -414,8 +414,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/0.15.1 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/io1iDkiRs5K73nsu84tgxYFQ47Levsmc + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/gD7ZzMChXHlgg6mNLLd7KAk4hRCvCvo4 method: DELETE response: proto: HTTP/2.0 @@ -431,4 +431,4 @@ interactions: - application/json; charset=utf-8 status: 204 No Content code: 204 - duration: 202.993292ms + duration: 256.861ms From 8740efb900d4a7961ffa11514550ff3c2e3ed3e2 Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Fri, 12 May 2023 14:27:06 -0400 Subject: [PATCH 2/7] Changing from list to set, regenerating docs --- docs/data-sources/client.md | 1 + docs/data-sources/global_client.md | 1 + docs/resources/client.md | 1 + docs/resources/global_client.md | 1 + internal/auth0/client/resource.go | 2 +- 5 files changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/data-sources/client.md b/docs/data-sources/client.md index 4895bb901..fb20ab8a2 100644 --- a/docs/data-sources/client.md +++ b/docs/data-sources/client.md @@ -57,6 +57,7 @@ data "auth0_client" "some-client-by-id" { - `logo_uri` (String) URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown. - `mobile` (List of Object) Additional configuration for native mobile apps. (see [below for nested schema](#nestedatt--mobile)) - `native_social_login` (List of Object) Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to `false` in order to change the `app_type`. (see [below for nested schema](#nestedatt--native_social_login)) +- `oidc_backchannel_logout_urls` (Set of String) Set of URLs enabled for OIDC back-channel logout - `oidc_conformant` (Boolean) Indicates whether this client will conform to strict OIDC specifications. - `organization_require_behavior` (String) Defines how to proceed during an authentication transaction when `organization_usage = "require"`. Can be `no_prompt` (default) or `pre_login_prompt`. - `organization_usage` (String) Defines how to proceed during an authentication transaction with regards to an organization. Can be `deny` (default), `allow` or `require`. diff --git a/docs/data-sources/global_client.md b/docs/data-sources/global_client.md index 3e654d78c..b5e05704c 100644 --- a/docs/data-sources/global_client.md +++ b/docs/data-sources/global_client.md @@ -46,6 +46,7 @@ data "auth0_global_client" "global" {} - `mobile` (List of Object) Additional configuration for native mobile apps. (see [below for nested schema](#nestedatt--mobile)) - `name` (String) Name of the client. - `native_social_login` (List of Object) Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to `false` in order to change the `app_type`. (see [below for nested schema](#nestedatt--native_social_login)) +- `oidc_backchannel_logout_urls` (Set of String) Set of URLs enabled for OIDC back-channel logout - `oidc_conformant` (Boolean) Indicates whether this client will conform to strict OIDC specifications. - `organization_require_behavior` (String) Defines how to proceed during an authentication transaction when `organization_usage = "require"`. Can be `no_prompt` (default) or `pre_login_prompt`. - `organization_usage` (String) Defines how to proceed during an authentication transaction with regards to an organization. Can be `deny` (default), `allow` or `require`. diff --git a/docs/resources/client.md b/docs/resources/client.md index 8f572dffd..dbf2befe3 100644 --- a/docs/resources/client.md +++ b/docs/resources/client.md @@ -118,6 +118,7 @@ resource "auth0_client" "my_client" { - `logo_uri` (String) URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown. - `mobile` (Block List, Max: 1) Additional configuration for native mobile apps. (see [below for nested schema](#nestedblock--mobile)) - `native_social_login` (Block List, Max: 1) Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to `false` in order to change the `app_type`. (see [below for nested schema](#nestedblock--native_social_login)) +- `oidc_backchannel_logout_urls` (Set of String) Set of URLs enabled for OIDC back-channel logout - `oidc_conformant` (Boolean) Indicates whether this client will conform to strict OIDC specifications. - `organization_require_behavior` (String) Defines how to proceed during an authentication transaction when `organization_usage = "require"`. Can be `no_prompt` (default) or `pre_login_prompt`. - `organization_usage` (String) Defines how to proceed during an authentication transaction with regards to an organization. Can be `deny` (default), `allow` or `require`. diff --git a/docs/resources/global_client.md b/docs/resources/global_client.md index 976089147..4dc043daf 100644 --- a/docs/resources/global_client.md +++ b/docs/resources/global_client.md @@ -58,6 +58,7 @@ PAGE - `mobile` (Block List, Max: 1) Additional configuration for native mobile apps. (see [below for nested schema](#nestedblock--mobile)) - `name` (String) Name of the client. - `native_social_login` (Block List, Max: 1) Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to `false` in order to change the `app_type`. (see [below for nested schema](#nestedblock--native_social_login)) +- `oidc_backchannel_logout_urls` (Set of String) Set of URLs enabled for OIDC back-channel logout - `oidc_conformant` (Boolean) Indicates whether this client will conform to strict OIDC specifications. - `organization_require_behavior` (String) Defines how to proceed during an authentication transaction when `organization_usage = "require"`. Can be `no_prompt` (default) or `pre_login_prompt`. - `organization_usage` (String) Defines how to proceed during an authentication transaction with regards to an organization. Can be `deny` (default), `allow` or `require`. diff --git a/internal/auth0/client/resource.go b/internal/auth0/client/resource.go index 00b19a7a2..634228022 100644 --- a/internal/auth0/client/resource.go +++ b/internal/auth0/client/resource.go @@ -121,7 +121,7 @@ func NewResource() *schema.Resource { Description: "URLs that Auth0 may redirect to after logout.", }, "oidc_backchannel_logout_urls": { - Type: schema.TypeList, + Type: schema.TypeSet, Elem: &schema.Schema{ Type: schema.TypeString, }, From ee7981973e72b69a1bd7025190ab3df44361851f Mon Sep 17 00:00:00 2001 From: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com> Date: Mon, 15 May 2023 10:21:34 +0200 Subject: [PATCH 3/7] Bump go-auth0 to latest master --- go.mod | 4 +--- go.sum | 2 ++ 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 4082a67d4..1e0ef65b6 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/auth0/terraform-provider-auth0 go 1.20 require ( - github.com/auth0/go-auth0 v0.17.0 + github.com/auth0/go-auth0 v0.0.0-20230511144613-965c83f9cd67 // TODO: replace with eventual v0.18.0 release github.com/google/go-cmp v0.5.9 github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 github.com/hashicorp/go-multierror v1.1.1 @@ -76,5 +76,3 @@ require ( google.golang.org/protobuf v1.28.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) - -replace github.com/auth0/go-auth0 => ../go-auth0 // TODO: replace with eventual v0.18.0 release diff --git a/go.sum b/go.sum index 40e4e46b7..1346d6a70 100644 --- a/go.sum +++ b/go.sum @@ -29,6 +29,8 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/auth0/go-auth0 v0.0.0-20230511144613-965c83f9cd67 h1:YqVvrABIHIyH201WH9zpWOJYmn9wt3EqCZBKJzVz5zc= +github.com/auth0/go-auth0 v0.0.0-20230511144613-965c83f9cd67/go.mod h1:CMHBK8TF30dmqCItdcDHVyXg0UbYxT0laf4MGDMseN0= github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48= github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= From a71dee2dea6a0b1365383016c8a2a527501e5801 Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Mon, 15 May 2023 07:44:25 -0400 Subject: [PATCH 4/7] Update internal/auth0/client/resource.go Co-authored-by: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com> --- internal/auth0/client/resource.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/auth0/client/resource.go b/internal/auth0/client/resource.go index 634228022..e38c806e7 100644 --- a/internal/auth0/client/resource.go +++ b/internal/auth0/client/resource.go @@ -126,7 +126,7 @@ func NewResource() *schema.Resource { Type: schema.TypeString, }, Optional: true, - Description: "Set of URLs enabled for OIDC back-channel logout", + Description: "Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed.", }, "grant_types": { Type: schema.TypeList, From 62ebf3058214a97a2c8203f3dd25a7cc99ae3eb7 Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Mon, 15 May 2023 10:48:58 -0400 Subject: [PATCH 5/7] Updating to use Go SDK v0.17.1 --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 1e0ef65b6..f375329e4 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/auth0/terraform-provider-auth0 go 1.20 require ( - github.com/auth0/go-auth0 v0.0.0-20230511144613-965c83f9cd67 // TODO: replace with eventual v0.18.0 release + github.com/auth0/go-auth0 v0.17.1 // TODO: replace with eventual v0.18.0 release github.com/google/go-cmp v0.5.9 github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 github.com/hashicorp/go-multierror v1.1.1 diff --git a/go.sum b/go.sum index 1346d6a70..78d3b6cf7 100644 --- a/go.sum +++ b/go.sum @@ -31,6 +31,8 @@ github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgI github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/auth0/go-auth0 v0.0.0-20230511144613-965c83f9cd67 h1:YqVvrABIHIyH201WH9zpWOJYmn9wt3EqCZBKJzVz5zc= github.com/auth0/go-auth0 v0.0.0-20230511144613-965c83f9cd67/go.mod h1:CMHBK8TF30dmqCItdcDHVyXg0UbYxT0laf4MGDMseN0= +github.com/auth0/go-auth0 v0.17.1 h1:xfk6Zuit4Tigg985RPZ6tpue5VHako8KfVkjjC+6X5g= +github.com/auth0/go-auth0 v0.17.1/go.mod h1:CMHBK8TF30dmqCItdcDHVyXg0UbYxT0laf4MGDMseN0= github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48= github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= From 3661bfe5d03b422221f891f4ce9ce12e47f537ed Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Mon, 15 May 2023 10:50:41 -0400 Subject: [PATCH 6/7] Regenerating docs --- docs/data-sources/client.md | 2 +- docs/data-sources/global_client.md | 2 +- docs/resources/client.md | 2 +- docs/resources/global_client.md | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/data-sources/client.md b/docs/data-sources/client.md index fb20ab8a2..bb5243117 100644 --- a/docs/data-sources/client.md +++ b/docs/data-sources/client.md @@ -57,7 +57,7 @@ data "auth0_client" "some-client-by-id" { - `logo_uri` (String) URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown. - `mobile` (List of Object) Additional configuration for native mobile apps. (see [below for nested schema](#nestedatt--mobile)) - `native_social_login` (List of Object) Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to `false` in order to change the `app_type`. (see [below for nested schema](#nestedatt--native_social_login)) -- `oidc_backchannel_logout_urls` (Set of String) Set of URLs enabled for OIDC back-channel logout +- `oidc_backchannel_logout_urls` (Set of String) Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed. - `oidc_conformant` (Boolean) Indicates whether this client will conform to strict OIDC specifications. - `organization_require_behavior` (String) Defines how to proceed during an authentication transaction when `organization_usage = "require"`. Can be `no_prompt` (default) or `pre_login_prompt`. - `organization_usage` (String) Defines how to proceed during an authentication transaction with regards to an organization. Can be `deny` (default), `allow` or `require`. diff --git a/docs/data-sources/global_client.md b/docs/data-sources/global_client.md index b5e05704c..f3bc748f7 100644 --- a/docs/data-sources/global_client.md +++ b/docs/data-sources/global_client.md @@ -46,7 +46,7 @@ data "auth0_global_client" "global" {} - `mobile` (List of Object) Additional configuration for native mobile apps. (see [below for nested schema](#nestedatt--mobile)) - `name` (String) Name of the client. - `native_social_login` (List of Object) Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to `false` in order to change the `app_type`. (see [below for nested schema](#nestedatt--native_social_login)) -- `oidc_backchannel_logout_urls` (Set of String) Set of URLs enabled for OIDC back-channel logout +- `oidc_backchannel_logout_urls` (Set of String) Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed. - `oidc_conformant` (Boolean) Indicates whether this client will conform to strict OIDC specifications. - `organization_require_behavior` (String) Defines how to proceed during an authentication transaction when `organization_usage = "require"`. Can be `no_prompt` (default) or `pre_login_prompt`. - `organization_usage` (String) Defines how to proceed during an authentication transaction with regards to an organization. Can be `deny` (default), `allow` or `require`. diff --git a/docs/resources/client.md b/docs/resources/client.md index dbf2befe3..b53562519 100644 --- a/docs/resources/client.md +++ b/docs/resources/client.md @@ -118,7 +118,7 @@ resource "auth0_client" "my_client" { - `logo_uri` (String) URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown. - `mobile` (Block List, Max: 1) Additional configuration for native mobile apps. (see [below for nested schema](#nestedblock--mobile)) - `native_social_login` (Block List, Max: 1) Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to `false` in order to change the `app_type`. (see [below for nested schema](#nestedblock--native_social_login)) -- `oidc_backchannel_logout_urls` (Set of String) Set of URLs enabled for OIDC back-channel logout +- `oidc_backchannel_logout_urls` (Set of String) Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed. - `oidc_conformant` (Boolean) Indicates whether this client will conform to strict OIDC specifications. - `organization_require_behavior` (String) Defines how to proceed during an authentication transaction when `organization_usage = "require"`. Can be `no_prompt` (default) or `pre_login_prompt`. - `organization_usage` (String) Defines how to proceed during an authentication transaction with regards to an organization. Can be `deny` (default), `allow` or `require`. diff --git a/docs/resources/global_client.md b/docs/resources/global_client.md index 4dc043daf..f2396a35a 100644 --- a/docs/resources/global_client.md +++ b/docs/resources/global_client.md @@ -58,7 +58,7 @@ PAGE - `mobile` (Block List, Max: 1) Additional configuration for native mobile apps. (see [below for nested schema](#nestedblock--mobile)) - `name` (String) Name of the client. - `native_social_login` (Block List, Max: 1) Configuration settings to toggle native social login for mobile native applications. Once this is set it must stay set, with both resources set to `false` in order to change the `app_type`. (see [below for nested schema](#nestedblock--native_social_login)) -- `oidc_backchannel_logout_urls` (Set of String) Set of URLs enabled for OIDC back-channel logout +- `oidc_backchannel_logout_urls` (Set of String) Set of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed. - `oidc_conformant` (Boolean) Indicates whether this client will conform to strict OIDC specifications. - `organization_require_behavior` (String) Defines how to proceed during an authentication transaction when `organization_usage = "require"`. Can be `no_prompt` (default) or `pre_login_prompt`. - `organization_usage` (String) Defines how to proceed during an authentication transaction with regards to an organization. Can be `deny` (default), `allow` or `require`. From 9d17a80206885a6aea9a229ed1dc2c3403c11bbb Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Mon, 15 May 2023 11:33:50 -0400 Subject: [PATCH 7/7] Removing todo --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index f375329e4..58a5f3761 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/auth0/terraform-provider-auth0 go 1.20 require ( - github.com/auth0/go-auth0 v0.17.1 // TODO: replace with eventual v0.18.0 release + github.com/auth0/go-auth0 v0.17.1 github.com/google/go-cmp v0.5.9 github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 github.com/hashicorp/go-multierror v1.1.1