Merge branch 'mcalster-master' into master

Author: Alex Kalyvitis

CHANGELOG.md

@@ -1,4 +1,9 @@
-## 0.15.0 (Unreleased)
+## 0.15.0 (September 24, 2020)
+
+ENHANCEMENTS:
+
+* resource/auth0_connection: Support for `oauth2` connection options ([#267](https://github.com/alexkappa/terraform-provider-auth0/pull/267)).
+
 ## 0.14.0 (August 24, 2020)
 
 ENHANCEMENTS:

auth0/resource_auth0_connection.go

@@ -191,6 +191,12 @@ var connectionSchema = map[string]*schema.Schema{
 					Optional:    true,
 					Description: "",
 				},
+				"scripts": {
+					Type:        schema.TypeMap,
+					Elem:        &schema.Schema{Type: schema.TypeString},
+					Optional:    true,
+					Description: "",
+				},
 				"configuration": {
 					Type:        schema.TypeMap,
 					Elem:        &schema.Schema{Type: schema.TypeString},

auth0/resource_auth0_connection_test.go

@@ -358,6 +358,86 @@ resource "auth0_connection" "oidc" {
 }
 `
 
+func TestAccConnectionOAuth2(t *testing.T) {
+
+	rand := random.String(6)
+
+	resource.Test(t, resource.TestCase{
+		Providers: map[string]terraform.ResourceProvider{
+			"auth0": Provider(),
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: random.Template(testAccConnectionOAuth2Config, rand),
+				Check: resource.ComposeTestCheckFunc(
+					random.TestCheckResourceAttr("auth0_connection.oauth2", "name", "Acceptance-Test-OAuth2-{{.random}}", rand),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "strategy", "oauth2"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.client_id", "123456"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.client_secret", "123456"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.token_endpoint", "https://api.login.yahoo.com/oauth2/get_token"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.authorization_endpoint", "https://api.login.yahoo.com/oauth2/request_auth"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.scopes.#", "3"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.scopes.2517049750", "openid"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.scopes.4080487570", "profile"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.scopes.881205744", "email"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.scripts.fetchUserProfile", "function( { return callback(null) }"),
+				),
+			},
+			{
+				Config: random.Template(testAccConnectionOAuth2ConfigUpdate, rand),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.client_id", "1234567"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.client_secret", "1234567"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.token_endpoint", "https://api.paypal.com/v1/oauth2/token"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.authorization_endpoint", "https://www.paypal.com/signin/authorize"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.scopes.#", "2"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.scopes.2517049750", "openid"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.scopes.881205744", "email"),
+					resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.scripts.fetchUserProfile", "function( { return callback(null) }"),
+				),
+			},
+		},
+	})
+}
+
+const testAccConnectionOAuth2Config = `
+
+resource "auth0_connection" "oauth2" {
+	name     = "Acceptance-Test-OAuth2-{{.random}}"
+	strategy = "oauth2"
+	is_domain_connection = false
+	options {
+		client_id     = "123456"
+		client_secret = "123456"
+		token_endpoint         = "https://api.login.yahoo.com/oauth2/get_token"
+		authorization_endpoint = "https://api.login.yahoo.com/oauth2/request_auth"
+		scopes = [ "openid", "email", "profile" ]
+		scripts = {
+			fetchUserProfile= "function( { return callback(null) }"
+		}
+	}
+}
+`
+
+const testAccConnectionOAuth2ConfigUpdate = `
+
+resource "auth0_connection" "oauth2" {
+	name     = "Acceptance-Test-OAuth2-{{.random}}"
+	strategy = "oauth2"
+	is_domain_connection = false
+	options {
+		client_id     = "1234567"
+		client_secret = "1234567"
+		token_endpoint         = "https://api.paypal.com/v1/oauth2/token"
+		authorization_endpoint = "https://www.paypal.com/signin/authorize"
+		scopes = [ "openid", "email" ]
+		scripts = {
+			fetchUserProfile= "function( { return callback(null) }"
+		}
+	}
+}
+`
+
 func TestAccConnectionWithEnbledClients(t *testing.T) {
 
 	rand := random.String(6)

auth0/structure_auth0_connection.go

@@ -16,6 +16,8 @@ func flattenConnectionOptions(d ResourceData, options interface{}) []interface{}
 		m = flattenConnectionOptionsAuth0(d, o)
 	case *management.ConnectionOptionsGoogleOAuth2:
 		m = flattenConnectionOptionsGoogleOAuth2(o)
+	case *management.ConnectionOptionsOAuth2:
+		m = flattenConnectionOptionsOAuth2(o)
 	case *management.ConnectionOptionsFacebook:
 		m = flattenConnectionOptionsFacebook(o)
 	case *management.ConnectionOptionsApple:
@@ -81,6 +83,17 @@ func flattenConnectionOptionsGoogleOAuth2(o *management.ConnectionOptionsGoogleO
 	}
 }
 
+func flattenConnectionOptionsOAuth2(o *management.ConnectionOptionsOAuth2) interface{} {
+	return map[string]interface{}{
+		"client_id":              o.GetClientID(),
+		"client_secret":          o.GetClientSecret(),
+		"scopes":                 o.Scopes(),
+		"token_endpoint":         o.GetTokenEndpoint(),
+		"authorization_endpoint": o.GetAuthorizationEndpoint(),
+		"scripts":                o.Scripts,
+	}
+}
+
 func flattenConnectionOptionsFacebook(o *management.ConnectionOptionsFacebook) interface{} {
 	return map[string]interface{}{
 		"client_id":     o.GetClientID(),
@@ -241,6 +254,8 @@ func expandConnection(d ResourceData) *management.Connection {
 			c.Options = expandConnectionOptionsAuth0(d)
 		case management.ConnectionStrategyGoogleOAuth2:
 			c.Options = expandConnectionOptionsGoogleOAuth2(d)
+		case management.ConnectionStrategyOAuth2:
+			c.Options = expandConnectionOptionsOAuth2(d)
 		case management.ConnectionStrategyFacebook:
 			c.Options = expandConnectionOptionsFacebook(d)
 		case management.ConnectionStrategyApple:
@@ -340,6 +355,20 @@ func expandConnectionOptionsGoogleOAuth2(d ResourceData) *management.ConnectionO
 
 	return o
 }
+func expandConnectionOptionsOAuth2(d ResourceData) *management.ConnectionOptionsOAuth2 {
+
+	o := &management.ConnectionOptionsOAuth2{
+		ClientID:              String(d, "client_id"),
+		ClientSecret:          String(d, "client_secret"),
+		AuthorizationEndpoint: String(d, "authorization_endpoint"),
+		TokenEndpoint:         String(d, "token_endpoint"),
+	}
+	o.Scripts = Map(d, "scripts")
+
+	expandConnectionOptionsScopes(d, o)
+
+	return o
+}
 
 func expandConnectionOptionsFacebook(d ResourceData) *management.ConnectionOptionsFacebook {
 

docs/resources/connection.md

@@ -261,6 +261,38 @@ With the `oidc` connection strategy, `options` supports the following arguments:
 * `userinfo_endpoint` - (Optional)
 * `authorization_endpoint` - (Optional)
 
+### OAuth2
+
+With the `oauth2` connection strategy, `options` supports the following arguments:
+
+* `client_id` - (Optional) OIDC provider client ID.
+* `client_secret` - (Optional) OIDC provider client secret.
+* `scopes` - (Optional) Scopes required by the connection. The value must be a list, for example `["openid", "profile", "email"]`.
+* `token_endpoint` - (Optional)
+* `authorization_endpoint` - (Optional)
+  
+**Example**:
+
+```hcl
+resource "auth0_connection" "oauth2" {
+	name = "OAuth2-Connection"
+	strategy = "oauth2"
+	options {
+		client_id = "<client-id>"
+		client_secret = "<client-secret>"
+		token_endpoint = "https://auth.example.com/oauth2/token"
+    authorization_endpoint = "https://auth.example.com/oauth2/authorize"
+    scripts = {
+			fetchUserProfile = <<EOF
+function function(accessToken, ctx, cb) {
+  return callback(new Error("Whoops!"))
+}
+EOF
+		}
+	}
+}
+```
+
 ### Azure AD
 
 With the `waad` connection strategy, `options` supports the following arguments:

go.mod

@@ -5,5 +5,5 @@ go 1.13
 require (
 	github.com/hashicorp/go-multierror v1.1.0
 	github.com/hashicorp/terraform-plugin-sdk v1.15.0
-	gopkg.in/auth0.v4 v4.5.0
+	gopkg.in/auth0.v4 v4.6.0
 )

go.sum

@@ -350,6 +350,8 @@ gopkg.in/auth0.v4 v4.4.1 h1:AGOChEbsOaGn3KyIFAefsTkxcqX28JcM/mqslF+WRXA=
 gopkg.in/auth0.v4 v4.4.1/go.mod h1:6ZOcoQequCmURgwJnGIX09/51deRWVRpUaUP8p1Jbpk=
 gopkg.in/auth0.v4 v4.5.0 h1:V3NH9rlj1RfFRSGgwk9jKZrIbOn84YTn4Bi2eZV76q4=
 gopkg.in/auth0.v4 v4.5.0/go.mod h1:6ZOcoQequCmURgwJnGIX09/51deRWVRpUaUP8p1Jbpk=
+gopkg.in/auth0.v4 v4.6.0 h1:Wuc8tgAW2l+vcQ1JnwFlK5KwbJtoABA8osug8eNS3xU=
+gopkg.in/auth0.v4 v4.6.0/go.mod h1:6ZOcoQequCmURgwJnGIX09/51deRWVRpUaUP8p1Jbpk=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=