Skip to content

Commit

Permalink
Add support for attributes and precedence to ConnectionOp…
Browse files Browse the repository at this point in the history
…tions & ```phone_number``` to SignupRequest. (#991)

* Added schema updates on connection module, along with correspondning expand changes

Signed-off-by: Rajat Bajaj <rajat.bajaj@okta.com>

* Added code for flattening

* Removed the multi-return value

* Added linitng

* Updated schema and expand

* Fixed Expand

* Fix flatten

* Fixed Flattening

* Added relevant testcases

* Updated required docs

* Updated indentation

* Fix issue with making test recordings

* Extended test cases, added further validation

* Fix issue with making test recordings

* Modified a test recording

* Remove debugging log statement

* Rebuild broken recording with current version of terraform

* Fix typo, and update to released go-aut0 package

---------

Signed-off-by: Rajat Bajaj <rajat.bajaj@okta.com>
Co-authored-by: Kunal Dawar <kunal.dawar@okta.com>
Co-authored-by: A. Craig West <craig.west@okta.com>
  • Loading branch information
3 people authored Aug 20, 2024
1 parent 3616a04 commit 1d8a8e8
Show file tree
Hide file tree
Showing 18 changed files with 2,896 additions and 724 deletions.
2 changes: 2 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,7 @@ test-acc: ## Run acceptance tests with http recordings. To run a specific test,
-v \
-run "$(FILTER)" \
-timeout 120m \
-parallel 1 \
-coverprofile="${GO_TEST_COVERAGE_FILE}" \
${GO_PACKAGES}

Expand All @@ -138,6 +139,7 @@ test-acc-record: ## Run acceptance tests and record http interactions. To run a
-v \
-run "$(FILTER)" \
-timeout 120m \
-parallel 1 \
${GO_PACKAGES}

test-acc-e2e: ## Run acceptance tests without http recordings. To run a specific test, pass the FILTER var. Usage `make test-acc-e2e FILTER="TestAccResourceServer`
Expand Down
128 changes: 128 additions & 0 deletions docs/data-sources/connection.md
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ Read-Only:
- `api_enable_users` (Boolean)
- `app_id` (String)
- `attribute_map` (List of Object) (see [below for nested schema](#nestedobjatt--options--attribute_map))
- `attributes` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes))
- `auth_params` (Map of String)
- `authorization_endpoint` (String)
- `brute_force_protection` (Boolean)
Expand Down Expand Up @@ -103,6 +104,7 @@ Read-Only:
- `password_policy` (String)
- `ping_federate_base_url` (String)
- `pkce_enabled` (Boolean)
- `precedence` (List of String)
- `protocol_binding` (String)
- `provider` (String)
- `request_template` (String)
Expand Down Expand Up @@ -148,6 +150,132 @@ Read-Only:
- `userinfo_scope` (String)


<a id="nestedobjatt--options--attributes"></a>
### Nested Schema for `options.attributes`

Read-Only:

- `email` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--email))
- `phone_number` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--phone_number))
- `username` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--username))

<a id="nestedobjatt--options--attributes--email"></a>
### Nested Schema for `options.attributes.email`

Read-Only:

- `identifier` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--email--identifier))
- `profile_required` (Boolean)
- `signup` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--email--signup))

<a id="nestedobjatt--options--attributes--email--identifier"></a>
### Nested Schema for `options.attributes.email.identifier`

Read-Only:

- `active` (Boolean)


<a id="nestedobjatt--options--attributes--email--signup"></a>
### Nested Schema for `options.attributes.email.signup`

Read-Only:

- `status` (String)
- `verification` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--email--signup--verification))

<a id="nestedobjatt--options--attributes--email--signup--verification"></a>
### Nested Schema for `options.attributes.email.signup.verification`

Read-Only:

- `active` (Boolean)




<a id="nestedobjatt--options--attributes--phone_number"></a>
### Nested Schema for `options.attributes.phone_number`

Read-Only:

- `identifier` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--phone_number--identifier))
- `profile_required` (Boolean)
- `signup` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--phone_number--signup))

<a id="nestedobjatt--options--attributes--phone_number--identifier"></a>
### Nested Schema for `options.attributes.phone_number.identifier`

Read-Only:

- `active` (Boolean)


<a id="nestedobjatt--options--attributes--phone_number--signup"></a>
### Nested Schema for `options.attributes.phone_number.signup`

Read-Only:

- `status` (String)
- `verification` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--phone_number--signup--verification))

<a id="nestedobjatt--options--attributes--phone_number--signup--verification"></a>
### Nested Schema for `options.attributes.phone_number.signup.verification`

Read-Only:

- `active` (Boolean)




<a id="nestedobjatt--options--attributes--username"></a>
### Nested Schema for `options.attributes.username`

Read-Only:

- `identifier` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--username--identifier))
- `profile_required` (Boolean)
- `signup` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--username--signup))
- `validation` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--username--validation))

<a id="nestedobjatt--options--attributes--username--identifier"></a>
### Nested Schema for `options.attributes.username.identifier`

Read-Only:

- `active` (Boolean)


<a id="nestedobjatt--options--attributes--username--signup"></a>
### Nested Schema for `options.attributes.username.signup`

Read-Only:

- `status` (String)


<a id="nestedobjatt--options--attributes--username--validation"></a>
### Nested Schema for `options.attributes.username.validation`

Read-Only:

- `allowed_types` (List of Object) (see [below for nested schema](#nestedobjatt--options--attributes--username--validation--allowed_types))
- `max_length` (Number)
- `min_length` (Number)

<a id="nestedobjatt--options--attributes--username--validation--allowed_types"></a>
### Nested Schema for `options.attributes.username.validation.allowed_types`

Read-Only:

- `email` (Boolean)
- `phone_number` (Boolean)





<a id="nestedobjatt--options--connection_settings"></a>
### Nested Schema for `options.connection_settings`

Expand Down
128 changes: 128 additions & 0 deletions docs/resources/connection.md
Original file line number Diff line number Diff line change
Expand Up @@ -664,6 +664,7 @@ Optional:
- `api_enable_users` (Boolean) Enable API Access to users.
- `app_id` (String) App ID.
- `attribute_map` (Block List, Max: 1) OpenID Connect and Okta Workforce connections can automatically map claims received from the identity provider (IdP). You can configure this mapping through a library template provided by Auth0 or by entering your own template directly. Click [here](https://auth0.com/docs/authenticate/identity-providers/enterprise-identity-providers/configure-pkce-claim-mapping-for-oidc#map-claims-for-oidc-connections) for more info. (see [below for nested schema](#nestedblock--options--attribute_map))
- `attributes` (Block List) Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order (see [below for nested schema](#nestedblock--options--attributes))
- `auth_params` (Map of String) Query string parameters to be included as part of the generated passwordless email link.
- `authorization_endpoint` (String) Authorization endpoint.
- `brute_force_protection` (Boolean) Indicates whether to enable brute force protection, which will limit the number of signups and failed logins from a suspicious IP address.
Expand Down Expand Up @@ -715,6 +716,7 @@ Optional:
- `password_policy` (String) Indicates level of password strength to enforce during authentication. A strong password policy will make it difficult, if not improbable, for someone to guess a password through either manual or automated means. Options include `none`, `low`, `fair`, `good`, `excellent`.
- `ping_federate_base_url` (String) Ping Federate Server URL.
- `pkce_enabled` (Boolean) Enables Proof Key for Code Exchange (PKCE) functionality for OAuth2 connections.
- `precedence` (List of String) Order of attributes for precedence in identification.Valid values: email, phone_number, username. If Precedence is set, it must contain all values (email, phone_number, username) in specific order
- `protocol_binding` (String) The SAML Response Binding: how the SAML token is received by Auth0 from the IdP.
- `provider` (String) Defines the custom `sms_gateway` provider.
- `request_template` (String) Template that formats the SAML request.
Expand Down Expand Up @@ -763,6 +765,132 @@ Optional:
- `userinfo_scope` (String) This property defines the scopes that Auth0 sends to the IdP’s UserInfo endpoint when requested.


<a id="nestedblock--options--attributes"></a>
### Nested Schema for `options.attributes`

Optional:

- `email` (Block List) Connection Options for Email Attribute (see [below for nested schema](#nestedblock--options--attributes--email))
- `phone_number` (Block List) Connection Options for Phone Number Attribute (see [below for nested schema](#nestedblock--options--attributes--phone_number))
- `username` (Block List) Connection Options for User Name Attribute (see [below for nested schema](#nestedblock--options--attributes--username))

<a id="nestedblock--options--attributes--email"></a>
### Nested Schema for `options.attributes.email`

Optional:

- `identifier` (Block List) Connection Options Email Attribute Identifier (see [below for nested schema](#nestedblock--options--attributes--email--identifier))
- `profile_required` (Boolean) Defines whether Profile is required
- `signup` (Block List) Defines signup settings for Email attribute (see [below for nested schema](#nestedblock--options--attributes--email--signup))

<a id="nestedblock--options--attributes--email--identifier"></a>
### Nested Schema for `options.attributes.email.identifier`

Optional:

- `active` (Boolean) Defines whether email attribute is active as an identifier


<a id="nestedblock--options--attributes--email--signup"></a>
### Nested Schema for `options.attributes.email.signup`

Optional:

- `status` (String) Defines signup status for Email Attribute
- `verification` (Block List) Defines settings for Verification under Email attribute (see [below for nested schema](#nestedblock--options--attributes--email--signup--verification))

<a id="nestedblock--options--attributes--email--signup--verification"></a>
### Nested Schema for `options.attributes.email.signup.verification`

Optional:

- `active` (Boolean) Defines verification settings for signup attribute




<a id="nestedblock--options--attributes--phone_number"></a>
### Nested Schema for `options.attributes.phone_number`

Optional:

- `identifier` (Block List) Connection Options Phone Number Attribute Identifier (see [below for nested schema](#nestedblock--options--attributes--phone_number--identifier))
- `profile_required` (Boolean) Defines whether Profile is required
- `signup` (Block List) Defines signup settings for Phone Number attribute (see [below for nested schema](#nestedblock--options--attributes--phone_number--signup))

<a id="nestedblock--options--attributes--phone_number--identifier"></a>
### Nested Schema for `options.attributes.phone_number.identifier`

Optional:

- `active` (Boolean) Defines whether Phone Number attribute is active as an identifier


<a id="nestedblock--options--attributes--phone_number--signup"></a>
### Nested Schema for `options.attributes.phone_number.signup`

Optional:

- `status` (String) Defines status of signup for Phone Number attribute
- `verification` (Block List) Defines verification settings for Phone Number attribute (see [below for nested schema](#nestedblock--options--attributes--phone_number--signup--verification))

<a id="nestedblock--options--attributes--phone_number--signup--verification"></a>
### Nested Schema for `options.attributes.phone_number.signup.verification`

Optional:

- `active` (Boolean) Defines verification settings for Phone Number attribute




<a id="nestedblock--options--attributes--username"></a>
### Nested Schema for `options.attributes.username`

Optional:

- `identifier` (Block List) Connection options for User Name Attribute Identifier (see [below for nested schema](#nestedblock--options--attributes--username--identifier))
- `profile_required` (Boolean) Defines whether Profile is required
- `signup` (Block List) Defines signup settings for User Name attribute (see [below for nested schema](#nestedblock--options--attributes--username--signup))
- `validation` (Block List) Defines validation settings for User Name attribute (see [below for nested schema](#nestedblock--options--attributes--username--validation))

<a id="nestedblock--options--attributes--username--identifier"></a>
### Nested Schema for `options.attributes.username.identifier`

Optional:

- `active` (Boolean) Defines whether UserName attribute is active as an identifier


<a id="nestedblock--options--attributes--username--signup"></a>
### Nested Schema for `options.attributes.username.signup`

Optional:

- `status` (String) Defines whether User Name attribute is active as an identifier


<a id="nestedblock--options--attributes--username--validation"></a>
### Nested Schema for `options.attributes.username.validation`

Optional:

- `allowed_types` (Block List) Defines allowed types for for UserName attribute (see [below for nested schema](#nestedblock--options--attributes--username--validation--allowed_types))
- `max_length` (Number) Defines Max Length for User Name attribute
- `min_length` (Number) Defines Min Length for User Name attribute

<a id="nestedblock--options--attributes--username--validation--allowed_types"></a>
### Nested Schema for `options.attributes.username.validation.allowed_types`

Optional:

- `email` (Boolean) One of the allowed types for UserName signup attribute
- `phone_number` (Boolean) One of the allowed types for UserName signup attribute





<a id="nestedblock--options--connection_settings"></a>
### Nested Schema for `options.connection_settings`

Expand Down
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ go 1.22

require (
github.com/PuerkitoBio/rehttp v1.4.0
github.com/auth0/go-auth0 v1.8.0
github.com/auth0/go-auth0 v1.9.0
github.com/google/go-cmp v0.6.0
github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
github.com/hashicorp/go-multierror v1.1.1
Expand Down Expand Up @@ -77,7 +77,7 @@ require (
golang.org/x/exp v0.0.0-20240525044651-4c93da0ed11d // indirect
golang.org/x/mod v0.17.0 // indirect
golang.org/x/net v0.26.0 // indirect
golang.org/x/oauth2 v0.21.0 // indirect
golang.org/x/oauth2 v0.22.0 // indirect
golang.org/x/sync v0.7.0 // indirect
golang.org/x/sys v0.22.0 // indirect
golang.org/x/text v0.16.0 // indirect
Expand Down
8 changes: 4 additions & 4 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,8 @@ github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew
github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4=
github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
github.com/auth0/go-auth0 v1.8.0 h1:3aawDXl446+ok8HVmrH4FBTG+ZzgS8qHaJaOGoQdg4k=
github.com/auth0/go-auth0 v1.8.0/go.mod h1:J/t2M/i8XraHTRi9hX6VcMX2wiyWzKnUD04nigFwtfk=
github.com/auth0/go-auth0 v1.9.0 h1:IRCMQ9zLmFn8aAKkd+lopFo6IAdpARYSRf8i9ZACG48=
github.com/auth0/go-auth0 v1.9.0/go.mod h1:p9KEEkCehO7tcDf32r1r06Ji63mqZa1QZ6IfQ172bys=
github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
Expand Down Expand Up @@ -236,8 +236,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs=
golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA=
golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
Expand Down
15 changes: 15 additions & 0 deletions internal/acctest/template.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,3 +19,18 @@ func ParseTestName(rawTemplate, testName string) string {

return buf.String()
}

// ParseParametersInTemplate renders templates defined with placeholders present in paramDictionary as input.
func ParseParametersInTemplate(rawTemplate string, paramDictionary map[string]interface{}) string {
t, err := template.New("tpl").Parse(rawTemplate)
if err != nil {
return ""
}

var buf bytes.Buffer
if err := t.Execute(&buf, paramDictionary); err != nil {
return ""
}

return buf.String()
}
Loading

0 comments on commit 1d8a8e8

Please sign in to comment.