add more fields to external_identities

integrations · Jul 18, 2023 · 79caa49 · 79caa49
1 parent 3c5dfae
commit 79caa49
Show file tree

Hide file tree

Showing 3 changed files with 82 additions and 18 deletions.
diff --git a/github/data_source_github_organization_external_identities.go b/github/data_source_github_organization_external_identities.go
@@ -13,10 +13,26 @@ func dataSourceGithubOrganizationExternalIdentities() *schema.Resource {
 			"identities": {
 				Type:     schema.TypeList,
 				Computed: true,
-				Elem: &schema.Schema{
-					Type: schema.TypeMap,
-					Elem: &schema.Schema{
-						Type: schema.TypeString,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"login": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"saml_identity": {
+							Type:     schema.TypeMap,
+							Computed: true,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+						},
+						"scim_identity": {
+							Type:     schema.TypeMap,
+							Computed: true,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+						},
 					},
 				},
 			},
@@ -40,7 +56,15 @@ func dataSourceGithubOrganizationExternalIdentitiesRead(d *schema.ResourceData,
 								Login githubv4.String
 							}
 							SamlIdentity struct {
-								NameId githubv4.String
+								NameId     githubv4.String
+								Username   githubv4.String
+								GivenName  githubv4.String
+								FamilyName githubv4.String
+							}
+							ScimIdentity struct {
+								Username   githubv4.String
+								GivenName  githubv4.String
+								FamilyName githubv4.String
 							}
 						}
 					}
@@ -57,18 +81,38 @@ func dataSourceGithubOrganizationExternalIdentitiesRead(d *schema.ResourceData,
 		"after": (*githubv4.String)(nil),
 	}
 
-	var identities []map[string]string
+	var identities []map[string]interface{}
 
 	for {
 		err := client4.Query(ctx, &query, variables)
 		if err != nil {
 			return err
 		}
 		for _, edge := range query.Organization.SamlIdentityProvider.ExternalIdentities.Edges {
-			identities = append(identities, map[string]string{
-				"login":              string(edge.Node.User.Login),
-				"samlIdentityNameId": string(edge.Node.SamlIdentity.NameId),
-			})
+			identity := map[string]interface{}{
+				"login":         string(edge.Node.User.Login),
+				"saml_identity": nil,
+				"scim_identity": nil,
+			}
+
+			if edge.Node.SamlIdentity.NameId != "" {
+				identity["saml_identity"] = map[string]string{
+					"name_id":     string(edge.Node.SamlIdentity.NameId),
+					"username":    string(edge.Node.SamlIdentity.Username),
+					"given_name":  string(edge.Node.SamlIdentity.GivenName),
+					"family_name": string(edge.Node.SamlIdentity.FamilyName),
+				}
+			}
+
+			if edge.Node.ScimIdentity.Username != "" {
+				identity["scim_identity"] = map[string]string{
+					"username":    string(edge.Node.ScimIdentity.Username),
+					"given_name":  string(edge.Node.ScimIdentity.GivenName),
+					"family_name": string(edge.Node.ScimIdentity.FamilyName),
+				}
+			}
+
+			identities = append(identities, identity)
 		}
 		if !query.Organization.SamlIdentityProvider.ExternalIdentities.PageInfo.HasNextPage {
 			break

diff --git a/github/data_source_github_organization_external_identities_test.go b/github/data_source_github_organization_external_identities_test.go
@@ -12,14 +12,12 @@ func TestAccGithubOrganizationExternalIdentities(t *testing.T) {
 	}
 
 	t.Run("queries without error", func(t *testing.T) {
-		config := `
-			data "github_organization_external_identities" "test" {}
-		`
+		config := `data "github_organization_external_identities" "test" {}`
 
 		check := resource.ComposeAggregateTestCheckFunc(
 			resource.TestCheckResourceAttrSet("data.github_organization_external_identities.test", "identities.#"),
 			resource.TestCheckResourceAttrSet("data.github_organization_external_identities.test", "identities.0.login"),
-			resource.TestCheckResourceAttrSet("data.github_organization_external_identities.test", "identities.0.samlIdentityNameId"),
+			resource.TestCheckResourceAttrSet("data.github_organization_external_identities.test", "identities.0.saml_identity.name_id"),
 		)
 
 		testCase := func(t *testing.T, mode string) {

diff --git a/website/docs/d/organization_external_identities.markdown b/website/docs/d/organization_external_identities.markdown
@@ -7,8 +7,8 @@ description: |-
 
 # github_organization_external_identities
 
-Use this data source to retrieve each organization member's SAML linked external
-identity's NameID.
+Use this data source to retrieve each organization member's SAML or SCIM user
+attributes.
 
 ## Example Usage
 
@@ -25,5 +25,27 @@ data "github_organization_external_identities" "all" {}
 Each element in the `identities` block consists of:
 
 - `login` - The username of the GitHub user
-- `samlIdentityNameID` - The external identity NameID attached to the GitHub
-  user
+- `saml_identity` - An Object containing the user's SAML data. This object will
+  be empty if the user is not managed by SAML.
+- `scim_identity` - An Object contining the user's SCIM data. This object will
+  be empty if the user is not managed by SCIM.
+
+---
+
+If a user is managed by SAML, the `saml_identity` object will contain:
+
+- `name_id` - The member's SAML NameID
+- `username` - The member's SAML Username
+- `groups` - The member's SAML Groups
+- `family_name` - The member's SAML Family Name
+- `given_name` - The member's SAML Given Name
+
+---
+
+If a user is managed by SCIM, the `scim_identity` object will contain:
+
+- `scim_username` - The member's SCIM Username. (will be empty string if user is
+  not managed by SCIM)
+- `scim_groups` - The member's SCIM Groups
+- `scim_family_name` - The member's SCIM Family Name
+- `scim_given_name` - The member's SCIM Given Name