Skip to content

Commit

Permalink
appservice - set allowed_applications in the expand for `active_d…
Browse files Browse the repository at this point in the history
…irectory_v2` (#26462)

* set allowed applications in the request payload

* update tests for all resources affected
  • Loading branch information
stephybun authored Jun 26, 2024
1 parent 95d55e3 commit 4ac7211
Show file tree
Hide file tree
Showing 9 changed files with 18 additions and 0 deletions.
10 changes: 10 additions & 0 deletions internal/services/appservice/helpers/auth_v2_schema.go
Original file line number Diff line number Diff line change
Expand Up @@ -994,6 +994,16 @@ func expandAadAuthV2Settings(input []AadAuthV2Settings) *webapps.AzureActiveDire
}
result.Validation.AllowedAudiences = pointer.To(aad.AllowedAudiences)
}

if len(aad.AllowedApplications) > 0 {
if result.Validation == nil {
result.Validation = &webapps.AzureActiveDirectoryValidation{}
}
if result.Validation.DefaultAuthorizationPolicy == nil {
result.Validation.DefaultAuthorizationPolicy = &webapps.DefaultAuthorizationPolicy{}
}
result.Validation.DefaultAuthorizationPolicy.AllowedApplications = pointer.To(aad.AllowedApplications)
}
}

return result
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -305,6 +305,7 @@ resource "azurerm_linux_function_app" "test" {
client_secret_setting_name = "%[3]s"
tenant_auth_endpoint = "https://sts.windows.net/%[5]s/v2.0"
allowed_groups = [azuread_group.test.object_id]
allowed_applications = ["WhoopsMissedThisOne"]
}
login {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -267,6 +267,7 @@ resource "azurerm_linux_function_app_slot" "test" {
client_id = data.azurerm_client_config.current.client_id
client_secret_setting_name = "%[3]s"
tenant_auth_endpoint = "https://sts.windows.net/%[5]s/v2.0"
allowed_applications = ["WhoopsMissedThisOne"]
}
login {}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -274,6 +274,7 @@ resource "azurerm_linux_web_app" "test" {
"activedirectorytokenaudiences",
]
tenant_auth_endpoint = "https://sts.windows.net/%[5]s/v2.0"
allowed_applications = ["WhoopsMissedThisOne"]
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,7 @@ resource "azurerm_linux_web_app_slot" "test" {
client_id = data.azurerm_client_config.current.client_id
client_secret_setting_name = "%[3]s"
tenant_auth_endpoint = "https://sts.windows.net/%[5]s/v2.0"
allowed_applications = ["WhoopsMissedThisOne"]
}
login {}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -258,6 +258,7 @@ resource "azurerm_windows_function_app" "test" {
client_id = data.azurerm_client_config.current.client_id
client_secret_setting_name = "%[3]s"
tenant_auth_endpoint = "https://sts.windows.net/%[5]s/v2.0"
allowed_applications = ["WhoopsMissedThisOne"]
}
login {}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -251,6 +251,7 @@ resource "azurerm_windows_function_app_slot" "test" {
client_id = data.azurerm_client_config.current.client_id
client_secret_setting_name = "%[3]s"
tenant_auth_endpoint = "https://sts.windows.net/%[5]s/v2.0"
allowed_applications = ["WhoopsMissedThisOne"]
}
login {}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,7 @@ resource "azurerm_windows_web_app" "test" {
client_id = data.azurerm_client_config.current.client_id
client_secret_setting_name = "%[3]s"
tenant_auth_endpoint = "https://sts.windows.net/%[5]s/v2.0"
allowed_applications = ["WhoopsMissedThisOne"]
}
login {}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,7 @@ resource "azurerm_windows_web_app_slot" "test" {
client_id = data.azurerm_client_config.current.client_id
client_secret_setting_name = "%[3]s"
tenant_auth_endpoint = "https://sts.windows.net/%[5]s/v2.0"
allowed_applications = ["WhoopsMissedThisOne"]
}
login {}
}
Expand Down

0 comments on commit 4ac7211

Please sign in to comment.