Skip to content

Commit

Permalink
Add client_secret support to identity_provider resource
Browse files Browse the repository at this point in the history
  • Loading branch information
Shawn Castrianni authored and Shawn Castrianni committed Jun 18, 2023
1 parent 9d7b4cc commit 96ae8f4
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 0 deletions.
2 changes: 2 additions & 0 deletions docs/resources/identity_provider.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ Represents identity provider settings
resource "konnect_identity_provider" "example" {
issuer = "https://example.com"
client_id = "XXXX"
client_secret = "YYYY"
login_path = "login"
scopes = [
"email",
Expand All @@ -22,6 +23,7 @@ resource "konnect_identity_provider" "example" {
## Argument Reference
* `issuer` - **(Optional, String)** Issuer of the identity provider.
* `client_id` - **(Optional, String)** Client ID of the identity provider.
* `client_secret` - **(Optional, String, Sensitive)** Client secret of the identity provider.
* `login_path` - **(Optional, String)** Login path of the identity provider.
* `scopes` - **(Optional, List of String)** Scopes of the identity provider.
* `email_claim_mapping` - **(Optional, String)** Claim to map email for the identity provider.
Expand Down
1 change: 1 addition & 0 deletions konnect/client/identity_provider.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ type IdentityProvider struct {
Issuer string `json:"issuer,omitempty"`
LoginPath string `json:"login_path,omitempty"`
ClientId string `json:"client_id,omitempty"`
ClientSecret string `json:"client_secret,omitempty"`
Scopes []string `json:"scopes,omitempty"`
ClaimMappings map[string]string `json:"claim_mappings,omitempty"`
}
11 changes: 11 additions & 0 deletions konnect/resource_identity_provider.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,11 @@ func resourceIdentityProvider() *schema.Resource {
Type: schema.TypeString,
Optional: true,
},
"client_secret": {
Type: schema.TypeString,
Optional: true,
Sensitive: true,
},
"scopes": {
Type: schema.TypeSet,
Optional: true,
Expand Down Expand Up @@ -70,6 +75,10 @@ func fillIdentityProvider(c *client.IdentityProvider, d *schema.ResourceData) {
if ok {
c.ClientId = clientId.(string)
}
clientSecret, ok := d.GetOk("client_secret")
if ok {
c.ClientSecret = clientSecret.(string)
}
scopes, ok := d.GetOk("scopes")
if ok {
c.Scopes = convertSetToArray(scopes.(*schema.Set))
Expand All @@ -93,6 +102,8 @@ func fillResourceDataFromIdentityProvider(c *client.IdentityProvider, d *schema.
d.Set("issuer", c.Issuer)
d.Set("login_path", c.LoginPath)
d.Set("client_id", c.ClientId)
//Do not set client_secret in state since it can never be read back. Let previous value propagate forward for No Changes
//d.Set("client_secret", c.ClientSecret)
d.Set("scopes", c.Scopes)
if c.ClaimMappings == nil {
d.Set("email_claim_mapping", "")
Expand Down

0 comments on commit 96ae8f4

Please sign in to comment.