Add validation on identity_api for waad connections

auth0 · Oct 18, 2022 · 1a96b7c · 1a96b7c
1 parent 9606ddd
commit 1a96b7c
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 20 deletions.
diff --git a/docs/resources/connection.md b/docs/resources/connection.md
@@ -432,7 +432,7 @@ Optional:
 - `gateway_authentication` (Block List, Max: 1) Defines the parameters used to generate the auth token for the custom gateway. (see [below for nested schema](#nestedblock--options--gateway_authentication))
 - `gateway_url` (String) Defines a custom sms gateway to use instead of Twilio.
 - `icon_url` (String) Icon URL.
-- `identity_api` (String) Identity API.
+- `identity_api` (String) Azure AD Identity API. Available options are: `microsoft-identity-platform-v2.0` or `azure-active-directory-v1.0`.
 - `idp_initiated` (Block List, Max: 1) Configuration options for IDP Initiated Authentication. This is an object with the properties: `client_id`, `client_protocol`, and `client_authorize_query`. (see [below for nested schema](#nestedblock--options--idp_initiated))
 - `import_mode` (Boolean) Indicates whether you have a legacy user store and want to gradually migrate those users to the Auth0 user store.
 - `ips` (Set of String) A list of IPs.

diff --git a/internal/provider/resource_auth0_connection.go b/internal/provider/resource_auth0_connection.go
@@ -315,9 +315,14 @@ var connectionSchema = map[string]*schema.Schema{
 					Description: "Icon URL.",
 				},
 				"identity_api": {
-					Type:        schema.TypeString,
-					Optional:    true,
-					Description: "Identity API.",
+					Type:     schema.TypeString,
+					Optional: true,
+					ValidateFunc: validation.StringInSlice([]string{
+						"microsoft-identity-platform-v2.0",
+						"azure-active-directory-v1.0",
+					}, false),
+					Description: "Azure AD Identity API. Available options are: " +
+						"`microsoft-identity-platform-v2.0` or `azure-active-directory-v1.0`.",
 				},
 				"ips": {
 					Type:        schema.TypeSet,

diff --git a/internal/provider/resource_auth0_connection_test.go b/internal/provider/resource_auth0_connection_test.go
@@ -269,6 +269,7 @@ func TestAccConnectionAzureAD(t *testing.T) {
 					resource.TestCheckResourceAttr("auth0_connection.azure_ad", "name", fmt.Sprintf("Acceptance-Test-Azure-AD-%s", t.Name())),
 					resource.TestCheckResourceAttr("auth0_connection.azure_ad", "strategy", "waad"),
 					resource.TestCheckResourceAttr("auth0_connection.azure_ad", "show_as_button", "true"),
+					resource.TestCheckResourceAttr("auth0_connection.azure_ad", "options.0.identity_api", "azure-active-directory-v1.0"),
 					resource.TestCheckResourceAttr("auth0_connection.azure_ad", "options.0.client_id", "123456"),
 					resource.TestCheckResourceAttr("auth0_connection.azure_ad", "options.0.client_secret", "123456"),
 					resource.TestCheckResourceAttr("auth0_connection.azure_ad", "options.0.tenant_domain", "example.onmicrosoft.com"),
@@ -295,6 +296,7 @@ resource "auth0_connection" "azure_ad" {
 	strategy = "waad"
 	show_as_button = true
 	options {
+		identity_api  = "azure-active-directory-v1.0"
 		client_id     = "123456"
 		client_secret = "123456"
 		tenant_domain = "example.onmicrosoft.com"

diff --git a/test/data/recordings/TestAccConnectionAzureAD.yaml b/test/data/recordings/TestAccConnectionAzureAD.yaml
@@ -6,20 +6,20 @@ interactions:
       proto: HTTP/1.1
       proto_major: 1
       proto_minor: 1
-      content_length: 666
+      content_length: 663
       transfer_encoding: [ ]
       trailer: { }
       host: terraform-provider-auth0-dev.eu.auth0.com
       remote_addr: ""
       request_uri: ""
       body: |
-        {"name":"Acceptance-Test-Azure-AD-TestAccConnectionAzureAD","strategy":"waad","show_as_button":true,"options":{"client_id":"123456","client_secret":"123456","tenant_domain":"example.onmicrosoft.com","domain":"example.onmicrosoft.com","domain_aliases":["api.example.com","example.com"],"identity_api":null,"waad_protocol":"openid-connect","use_wsfed":false,"useCommonEndpoint":false,"api_enable_users":true,"basic_profile":true,"ext_profile":true,"ext_groups":true,"set_user_root_attributes":"on_each_login","should_trust_email_verified_connection":"never_set_emails_as_verified","non_persistent_attrs":null,"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
+        {"name":"Acceptance-Test-Azure-AD-TestAccConnectionAzureAD","strategy":"waad","show_as_button":true,"options":{"client_id":"123456","client_secret":"123456","tenant_domain":"example.onmicrosoft.com","domain":"example.onmicrosoft.com","domain_aliases":["api.example.com","example.com"],"identity_api":"azure-active-directory-v1.0","waad_protocol":"openid-connect","use_wsfed":false,"useCommonEndpoint":false,"api_enable_users":true,"basic_profile":true,"ext_profile":true,"ext_groups":true,"set_user_root_attributes":"on_each_login","should_trust_email_verified_connection":"never_set_emails_as_verified","upstream_params":{"screen_name":{"alias":"login_hint"}}}}
       form: { }
       headers:
         Content-Type:
           - application/json
         User-Agent:
-          - Go-Auth0-SDK/0.10.0
+          - Go-Auth0-SDK/latest
       url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/connections
       method: POST
     response:
@@ -30,7 +30,7 @@ interactions:
       trailer: { }
       content_length: -1
       uncompressed: false
-      body: '{"id":"con_DH7G4JZGW8Feh9Pj","options":{"client_id":"123456","client_secret":"123456","tenant_domain":"example.onmicrosoft.com","domain":"example.onmicrosoft.com","domain_aliases":["api.example.com","example.com"],"identity_api":null,"waad_protocol":"openid-connect","use_wsfed":false,"useCommonEndpoint":false,"api_enable_users":true,"basic_profile":true,"ext_profile":true,"ext_groups":true,"set_user_root_attributes":"on_each_login","should_trust_email_verified_connection":"never_set_emails_as_verified","non_persistent_attrs":null,"upstream_params":{"screen_name":{"alias":"login_hint"}},"app_domain":"terraform-provider-auth0-dev.eu.auth0.com","thumbprints":["9cea37643ace0d710ad63296857b251d1fca5c48","977b10fb9d1c087e3105564b1d31b09d247bebcd","32be7e01489b7c18a2ecd7758c179b6b16e85d6d","8d2d57a353960e3ff9daf6f018d82f40ed95ccc7","d994292775296e30185d819a5c4265f255744ce2","0ea52ef207fe9c081cca33f7f92ba994d0170277","3b36790db99cb28f50cedd8ca1d1a68a1837d01a"]},"strategy":"waad","name":"Acceptance-Test-Azure-AD-TestAccConnectionAzureAD","provisioning_ticket_url":"https://terraform-provider-auth0-dev.eu.auth0.com/terraform-provider-auth0-dev/p/waad/wBbdOe1L","is_domain_connection":false,"show_as_button":true,"enabled_clients":[],"realms":["Acceptance-Test-Azure-AD-TestAccConnectionAzureAD"]}'
+      body: '{"id":"con_OdJxP53hwTmqQ1xc","options":{"client_id":"123456","client_secret":"123456","tenant_domain":"example.onmicrosoft.com","domain":"example.onmicrosoft.com","domain_aliases":["api.example.com","example.com"],"identity_api":"azure-active-directory-v1.0","waad_protocol":"openid-connect","use_wsfed":false,"useCommonEndpoint":false,"api_enable_users":true,"basic_profile":true,"ext_profile":true,"ext_groups":true,"set_user_root_attributes":"on_each_login","should_trust_email_verified_connection":"never_set_emails_as_verified","upstream_params":{"screen_name":{"alias":"login_hint"}},"app_domain":"terraform-provider-auth0-dev.eu.auth0.com","thumbprints":["9cea37643ace0d710ad63296857b251d1fca5c48","977b10fb9d1c087e3105564b1d31b09d247bebcd","32be7e01489b7c18a2ecd7758c179b6b16e85d6d","8d2d57a353960e3ff9daf6f018d82f40ed95ccc7","d994292775296e30185d819a5c4265f255744ce2","0ea52ef207fe9c081cca33f7f92ba994d0170277","3b36790db99cb28f50cedd8ca1d1a68a1837d01a"]},"strategy":"waad","name":"Acceptance-Test-Azure-AD-TestAccConnectionAzureAD","provisioning_ticket_url":"https://terraform-provider-auth0-dev.eu.auth0.com/terraform-provider-auth0-dev/p/waad/8e2UHo2N","is_domain_connection":false,"show_as_button":true,"enabled_clients":[],"realms":["Acceptance-Test-Azure-AD-TestAccConnectionAzureAD"]}'
       headers:
         Content-Type:
           - application/json; charset=utf-8
@@ -55,8 +55,8 @@ interactions:
         Content-Type:
           - application/json
         User-Agent:
-          - Go-Auth0-SDK/0.10.0
-      url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/connections/con_DH7G4JZGW8Feh9Pj
+          - Go-Auth0-SDK/latest
+      url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/connections/con_OdJxP53hwTmqQ1xc
       method: GET
     response:
       proto: HTTP/2.0
@@ -66,7 +66,7 @@ interactions:
       trailer: { }
       content_length: -1
       uncompressed: true
-      body: '{"id":"con_DH7G4JZGW8Feh9Pj","options":{"domain":"example.onmicrosoft.com","client_id":"123456","use_wsfed":false,"app_domain":"terraform-provider-auth0-dev.eu.auth0.com","ext_groups":true,"ext_profile":true,"thumbprints":["9cea37643ace0d710ad63296857b251d1fca5c48","977b10fb9d1c087e3105564b1d31b09d247bebcd","32be7e01489b7c18a2ecd7758c179b6b16e85d6d","8d2d57a353960e3ff9daf6f018d82f40ed95ccc7","d994292775296e30185d819a5c4265f255744ce2","0ea52ef207fe9c081cca33f7f92ba994d0170277","3b36790db99cb28f50cedd8ca1d1a68a1837d01a"],"identity_api":null,"basic_profile":true,"client_secret":"123456","tenant_domain":"example.onmicrosoft.com","waad_protocol":"openid-connect","domain_aliases":["api.example.com","example.com"],"upstream_params":{"screen_name":{"alias":"login_hint"}},"api_enable_users":true,"useCommonEndpoint":false,"non_persistent_attrs":null,"set_user_root_attributes":"on_each_login","should_trust_email_verified_connection":"never_set_emails_as_verified"},"strategy":"waad","name":"Acceptance-Test-Azure-AD-TestAccConnectionAzureAD","provisioning_ticket_url":"https://terraform-provider-auth0-dev.eu.auth0.com/terraform-provider-auth0-dev/p/waad/wBbdOe1L","is_domain_connection":false,"show_as_button":true,"enabled_clients":[],"realms":["Acceptance-Test-Azure-AD-TestAccConnectionAzureAD"]}'
+      body: '{"id":"con_OdJxP53hwTmqQ1xc","options":{"domain":"example.onmicrosoft.com","client_id":"123456","use_wsfed":false,"app_domain":"terraform-provider-auth0-dev.eu.auth0.com","ext_groups":true,"ext_profile":true,"thumbprints":["9cea37643ace0d710ad63296857b251d1fca5c48","977b10fb9d1c087e3105564b1d31b09d247bebcd","32be7e01489b7c18a2ecd7758c179b6b16e85d6d","8d2d57a353960e3ff9daf6f018d82f40ed95ccc7","d994292775296e30185d819a5c4265f255744ce2","0ea52ef207fe9c081cca33f7f92ba994d0170277","3b36790db99cb28f50cedd8ca1d1a68a1837d01a"],"identity_api":"azure-active-directory-v1.0","basic_profile":true,"client_secret":"123456","tenant_domain":"example.onmicrosoft.com","waad_protocol":"openid-connect","domain_aliases":["api.example.com","example.com"],"upstream_params":{"screen_name":{"alias":"login_hint"}},"api_enable_users":true,"useCommonEndpoint":false,"set_user_root_attributes":"on_each_login","should_trust_email_verified_connection":"never_set_emails_as_verified"},"strategy":"waad","name":"Acceptance-Test-Azure-AD-TestAccConnectionAzureAD","provisioning_ticket_url":"https://terraform-provider-auth0-dev.eu.auth0.com/terraform-provider-auth0-dev/p/waad/8e2UHo2N","is_domain_connection":false,"show_as_button":true,"enabled_clients":[],"realms":["Acceptance-Test-Azure-AD-TestAccConnectionAzureAD"]}'
       headers:
         Content-Type:
           - application/json; charset=utf-8
@@ -91,8 +91,8 @@ interactions:
         Content-Type:
           - application/json
         User-Agent:
-          - Go-Auth0-SDK/0.10.0
-      url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/connections/con_DH7G4JZGW8Feh9Pj
+          - Go-Auth0-SDK/latest
+      url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/connections/con_OdJxP53hwTmqQ1xc
       method: GET
     response:
       proto: HTTP/2.0
@@ -102,7 +102,7 @@ interactions:
       trailer: { }
       content_length: -1
       uncompressed: true
-      body: '{"id":"con_DH7G4JZGW8Feh9Pj","options":{"domain":"example.onmicrosoft.com","client_id":"123456","use_wsfed":false,"app_domain":"terraform-provider-auth0-dev.eu.auth0.com","ext_groups":true,"ext_profile":true,"thumbprints":["9cea37643ace0d710ad63296857b251d1fca5c48","977b10fb9d1c087e3105564b1d31b09d247bebcd","32be7e01489b7c18a2ecd7758c179b6b16e85d6d","8d2d57a353960e3ff9daf6f018d82f40ed95ccc7","d994292775296e30185d819a5c4265f255744ce2","0ea52ef207fe9c081cca33f7f92ba994d0170277","3b36790db99cb28f50cedd8ca1d1a68a1837d01a"],"identity_api":null,"basic_profile":true,"client_secret":"123456","tenant_domain":"example.onmicrosoft.com","waad_protocol":"openid-connect","domain_aliases":["api.example.com","example.com"],"upstream_params":{"screen_name":{"alias":"login_hint"}},"api_enable_users":true,"useCommonEndpoint":false,"non_persistent_attrs":null,"set_user_root_attributes":"on_each_login","should_trust_email_verified_connection":"never_set_emails_as_verified"},"strategy":"waad","name":"Acceptance-Test-Azure-AD-TestAccConnectionAzureAD","provisioning_ticket_url":"https://terraform-provider-auth0-dev.eu.auth0.com/terraform-provider-auth0-dev/p/waad/wBbdOe1L","is_domain_connection":false,"show_as_button":true,"enabled_clients":[],"realms":["Acceptance-Test-Azure-AD-TestAccConnectionAzureAD"]}'
+      body: '{"id":"con_OdJxP53hwTmqQ1xc","options":{"domain":"example.onmicrosoft.com","client_id":"123456","use_wsfed":false,"app_domain":"terraform-provider-auth0-dev.eu.auth0.com","ext_groups":true,"ext_profile":true,"thumbprints":["9cea37643ace0d710ad63296857b251d1fca5c48","977b10fb9d1c087e3105564b1d31b09d247bebcd","32be7e01489b7c18a2ecd7758c179b6b16e85d6d","8d2d57a353960e3ff9daf6f018d82f40ed95ccc7","d994292775296e30185d819a5c4265f255744ce2","0ea52ef207fe9c081cca33f7f92ba994d0170277","3b36790db99cb28f50cedd8ca1d1a68a1837d01a"],"identity_api":"azure-active-directory-v1.0","basic_profile":true,"client_secret":"123456","tenant_domain":"example.onmicrosoft.com","waad_protocol":"openid-connect","domain_aliases":["api.example.com","example.com"],"upstream_params":{"screen_name":{"alias":"login_hint"}},"api_enable_users":true,"useCommonEndpoint":false,"set_user_root_attributes":"on_each_login","should_trust_email_verified_connection":"never_set_emails_as_verified"},"strategy":"waad","name":"Acceptance-Test-Azure-AD-TestAccConnectionAzureAD","provisioning_ticket_url":"https://terraform-provider-auth0-dev.eu.auth0.com/terraform-provider-auth0-dev/p/waad/8e2UHo2N","is_domain_connection":false,"show_as_button":true,"enabled_clients":[],"realms":["Acceptance-Test-Azure-AD-TestAccConnectionAzureAD"]}'
       headers:
         Content-Type:
           - application/json; charset=utf-8
@@ -126,21 +126,21 @@ interactions:
         Content-Type:
           - application/json
         User-Agent:
-          - Go-Auth0-SDK/0.10.0
-      url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/connections/con_DH7G4JZGW8Feh9Pj
+          - Go-Auth0-SDK/latest
+      url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/connections/con_OdJxP53hwTmqQ1xc
       method: DELETE
     response:
       proto: HTTP/2.0
       proto_major: 2
       proto_minor: 0
       transfer_encoding: [ ]
       trailer: { }
-      content_length: 0
+      content_length: 41
       uncompressed: false
-      body: ""
+      body: '{"deleted_at":"2022-10-13T10:14:27.933Z"}'
       headers:
         Content-Type:
           - application/json; charset=utf-8
-      status: 204 No Content
-      code: 204
+      status: 202 Accepted
+      code: 202
       duration: 1ms