Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DXCDT-518: Stop requiring read:client_keys permission for reading the auth0_client_credentials resource #795

Merged
merged 2 commits into from
Aug 30, 2023

Conversation

sergiught
Copy link
Contributor

@sergiught sergiught commented Aug 25, 2023

🔧 Changes

This PR stops requiring the read:client_keys permission for reading the auth0_client_credentials resource by removing the include fields query param for client_secret. This will be set to a specific value if the permissions is available, otherwise it will be an empty string.

📚 References

🔬 Testing

Tested manually, as our automated tests rely on the full set of permissions to run.

📝 Checklist

  • All new/changed/fixed functionality is covered by tests (or N/A)
  • I have added documentation for all new/changed functionality (or N/A)

@sergiught sergiught requested a review from a team as a code owner August 25, 2023 15:27
data.Id(),
management.IncludeFields(
"client_id",
"client_secret",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By explicitly requiring the client_secret to be within the response, we were implying a requirement on the read:client_keys permission.

Copy link

@tadhglewis tadhglewis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙇‍♂️

@sergiught sergiught force-pushed the DXCDT-518-client-secret branch from 89e50ac to bbc0dd9 Compare August 26, 2023 10:11
@codecov-commenter
Copy link

codecov-commenter commented Aug 26, 2023

Codecov Report

Merging #795 (4bc3172) into v1 (bb277ab) will increase coverage by 0.03%.
The diff coverage is 100.00%.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##               v1     #795      +/-   ##
==========================================
+ Coverage   90.50%   90.54%   +0.03%     
==========================================
  Files          99       99              
  Lines       13265    13256       -9     
==========================================
- Hits        12005    12002       -3     
+ Misses        893      889       -4     
+ Partials      367      365       -2     
Files Changed Coverage Δ
internal/auth0/client/resource_credentials.go 80.04% <100.00%> (-0.42%) ⬇️

... and 1 file with indirect coverage changes

@sergiught sergiught force-pushed the DXCDT-518-client-secret branch from bbc0dd9 to f4fe114 Compare August 30, 2023 08:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants