Skip to content
This repository was archived by the owner on Mar 8, 2022. It is now read-only.

Add support for google-apps connection strategy options #422

Merged
merged 1 commit into from
Jan 28, 2022
Merged

Add support for google-apps connection strategy options #422

merged 1 commit into from
Jan 28, 2022

Conversation

mattoddie
Copy link
Contributor

Proposed Changes

  • Add support for google-apps connection strategy options

Acceptance Test Output

$ make testacc TESTS=TestAccConnectionGoogleApps
==> Checking that code complies with gofmt requirements...
?   	github.com/alexkappa/terraform-provider-auth0	[no test files]
=== RUN   TestAccConnectionGoogleApps
--- PASS: TestAccConnectionGoogleApps (2.15s)
PASS
coverage: 9.1% of statements
ok  	github.com/alexkappa/terraform-provider-auth0/auth0	2.394s	coverage: 9.1% of statements
?   	github.com/alexkappa/terraform-provider-auth0/auth0/internal/debug	[no test files]
testing: warning: no tests to run
PASS
coverage: 0.0% of statements
ok  	github.com/alexkappa/terraform-provider-auth0/auth0/internal/random	0.171s	coverage: 0.0% of statements [no tests to run]
testing: warning: no tests to run
PASS
coverage: 0.0% of statements
ok  	github.com/alexkappa/terraform-provider-auth0/auth0/internal/validation	0.131s	coverage: 0.0% of statements [no tests to run]
?   	github.com/alexkappa/terraform-provider-auth0/version	[no test files]

...

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

@mattoddie mattoddie force-pushed the feature/google-apps-connection-strategy branch from 626608f to f0f0fd1 Compare July 29, 2021 13:06
@mattoddie mattoddie changed the title Add support for google-apps connection strategy Add support for google-apps connection strategy options Jul 30, 2021
@jackton1
Copy link
Contributor

@alexkappa Any chance this could be deployed soon ??

@alekc
Copy link

alekc commented Sep 19, 2021

Looks like some options are still missing

		BasicProfile:       nil,
		ExtendedProfile:    nil,
		Groups:             nil,
		Admin:              nil,
		IsSuspended:        nil,
		AgreedTerms:        nil,

@mattoddie
Copy link
Contributor Author

Looks like some options are still missing

		BasicProfile:       nil,
		ExtendedProfile:    nil,
		Groups:             nil,
		Admin:              nil,
		IsSuspended:        nil,
		AgreedTerms:        nil,

The should be getting set by the scopes field e.g.

resource "auth0_connection" "google_apps" {
	...
	options {
		...
		scopes = [ "ext_profile", "ext_groups" ]
	}
}

@SharpEdgeMarshall
Copy link

Why this is not still merged

@sergiught
Copy link
Collaborator

Hey folks, we're gonna take a look ASAP at this PR. Apologies for the delay and thanks for 🐻 ing with us!

@mattoddie
Copy link
Contributor Author

Hey folks, we're gonna take a look ASAP at this PR. Apologies for the delay and thanks for 🐻 ing with us!

FYI It was a follow-on from this PR in the auth0 go library go-auth0/auth0#221 that was needed to allow this.

@sergiught
Copy link
Collaborator

Thanks a lot for that reference @mattoddie and for the contribution. I reviewed the PR and the way to implement this seems correct however there's a big mismatch between the google-apps options presented in this PR and the ones on the actual management API:

// actual payload used to manage a google apps conn strategy
{
  "options": {
    	"api_enable_users": true,
    	"client_id": "someClientID",
    	"client_secret": "someClientSecret",
    	"domain": "someDomain",
    	"email": true,
    	"ext_agreed_terms": true,
    	"ext_groups": true,
    	"ext_is_admin": false,
    	"ext_is_suspended": true,
    	"handle_login_from_social": true,
    	"profile": true,
    	"scope": [
      		"email",
      		"profile"
    	],
    	"tenant_domain": "someTenantDomain",
    	"set_user_root_attributes": "on_first_login",
    	"domain_aliases": ["test.com"],
    	"icon_url": "the-icon-url.com"
  }
}

How did we end up with these instead?

	options {
		client_id = ""
		client_secret = ""
		domain = "example.com"
		tenant_domain = "example.com"
		domain_aliases = [ "example.com", "api.example.com" ]
		api_enable_users = true
		scopes = [ "ext_profile", "ext_groups" ]
	}

@mattoddie
Copy link
Contributor Author

@sergiughf it was a while ago so trying to remember all this, however I think the fields I was trying to work with were based on the previous PR in the library go-auth0/auth0#212. The fields such as ext_groups get mapped from fields into scopes by the library (https://github.com/go-auth0/auth0/blob/833d7336062d6cd01f60415787f95e7bae7889ba/management/connection.go#L737-L742), which was logic copied from other connections that have a similar setup.

@sergiught
Copy link
Collaborator

Hey @mattoddie, I really appreciate the patience with this one. I had a lengthy testing session for this PR and found one small issue with the scopes, that actually originates within the go-auth0 SDK, so I ended up fixing that go-auth0/auth0#258. As we're not yet cutting a release and we're not referencing explicitly ext_is_admin in this PR we can merge and do another PR to update the go-auth0 SDK dependency version to include the fix for that option.

Awesome effort on this one. We really appreciate the contribution! 🏆

@sergiught sergiught merged commit 07b1412 into alexkappa:master Jan 28, 2022
@mattoddie mattoddie deleted the feature/google-apps-connection-strategy branch January 28, 2022 14:31
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
resource/auth0_connection
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@mattoddie @jackton1 @alekc @SharpEdgeMarshall @sergiught