Adds support for basic auth application

articulate · Nov 12, 2019 · 46aa3a6 · 46aa3a6
1 parent bfb2bc4
commit 46aa3a6
Show file tree

Hide file tree

Showing 6 changed files with 220 additions and 0 deletions.
diff --git a/examples/okta_app_basic_auth/README.md b/examples/okta_app_basic_auth/README.md
@@ -0,0 +1,6 @@
+# okta_app_bookmark
+
+Represents an Okta Basic Auth App. [See Okta documentation for more details](https://developer.okta.com/docs/reference/api/apps/#add-basic-authentication-application).
+
+* Example of an app with a group association [can be found here](./basic.tf)
+* Example of an app with a user association [can be found here](./basic_updated.tf)
diff --git a/examples/okta_app_basic_auth/basic.tf b/examples/okta_app_basic_auth/basic.tf
@@ -0,0 +1,10 @@
+resource "okta_group" "group" {
+  name = "testAcc_replace_with_uuid"
+}
+
+resource "okta_app_basic_auth" "test" {
+  label    = "testAcc_replace_with_uuid"
+  url      = "https://example.com/login.html"
+  auth_url = "https://example.com/auth.html"
+  groups   = ["${okta_group.group.id}"]
+}
diff --git a/examples/okta_app_basic_auth/basic_updated.tf b/examples/okta_app_basic_auth/basic_updated.tf
@@ -0,0 +1,22 @@
+resource "okta_user" "user" {
+  admin_roles = ["APP_ADMIN", "USER_ADMIN"]
+  first_name  = "TestAcc"
+  last_name   = "blah"
+  login       = "[email protected]"
+  email       = "[email protected]"
+}
+
+resource "okta_group" "group" {
+  name = "testAcc_replace_with_uuid"
+}
+
+resource "okta_app_basic_auth" "test" {
+  label = "testAcc_replace_with_uuid"
+  url   = "https://example.com/login.html"
+  auth_url = "https://example.com/auth.html"
+
+  users {
+    id       = "${okta_user.user.id}"
+    username = "${okta_user.user.email}"
+  }
+}
diff --git a/okta/provider.go b/okta/provider.go
@@ -14,6 +14,7 @@ import (
 const (
 	appAutoLogin           = "okta_app_auto_login"
 	appBookmark            = "okta_app_bookmark"
+	appBasicAuth           = "okta_app_basic_auth"
 	appGroupAssignment     = "okta_app_group_assignment"
 	appUser                = "okta_app_user"
 	appOAuth               = "okta_app_oauth"
@@ -116,6 +117,7 @@ func Provider() terraform.ResourceProvider {
 		ResourcesMap: map[string]*schema.Resource{
 			appAutoLogin:           resourceAppAutoLogin(),
 			appBookmark:            resourceAppBookmark(),
+			appBasicAuth:           resourceAppBasicAuth(),
 			appGroupAssignment:     resourceAppGroupAssignment(),
 			appUser:                resourceAppUser(),
 			appOAuth:               resourceAppOAuth(),
@@ -160,6 +162,7 @@ func Provider() terraform.ResourceProvider {
 			"okta_saml_idp_signing_key":      deprecateIncorrectNaming(resourceIdpSigningKey(), idpSamlKey),
 			"okta_social_idp":                deprecateIncorrectNaming(resourceIdpSocial(), idpSocial),
 			"okta_bookmark_app":              deprecateIncorrectNaming(resourceAppBookmark(), appBookmark),
+			"okta_basic_auth_app":            deprecateIncorrectNaming(resourceAppBasicAuth(), appBasicAuth),
 			"okta_saml_app":                  deprecateIncorrectNaming(resourceAppSaml(), appSaml),
 			"okta_oauth_app":                 deprecateIncorrectNaming(resourceAppOAuth(), appOAuth),
 			"okta_oauth_app_redirect_uri":    deprecateIncorrectNaming(resourceAppOAuthRedirectUri(), appOAuthRedirectUri),

diff --git a/okta/resource_okta_app_basic_auth.go b/okta/resource_okta_app_basic_auth.go
@@ -0,0 +1,131 @@
+package okta
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/okta/okta-sdk-golang/okta"
+	"github.com/okta/okta-sdk-golang/okta/query"
+)
+
+func resourceAppBasicAuth() *schema.Resource {
+	return &schema.Resource{
+		CustomizeDiff: func(d *schema.ResourceDiff, v interface{}) error {
+			return nil
+		},
+		Create: resourceAppBasicAuthCreate,
+		Read:   resourceAppBasicAuthRead,
+		Update: resourceAppBasicAuthUpdate,
+		Delete: resourceAppBasicAuthDelete,
+		Exists: resourceAppExists,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: buildAppSchemaWithVisibility(map[string]*schema.Schema{
+			"auth_url": &schema.Schema{
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Login button field",
+			},
+			"url": &schema.Schema{
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Login password field",
+			},
+		}),
+	}
+}
+
+func resourceAppBasicAuthCreate(d *schema.ResourceData, m interface{}) error {
+	client := getOktaClientFromMetadata(m)
+	app := buildAppBasicAuth(d, m)
+	activate := d.Get("status").(string) == "ACTIVE"
+	params := &query.Params{Activate: &activate}
+	_, _, err := client.Application.CreateApplication(app, params)
+
+	if err != nil {
+		return err
+	}
+
+	d.SetId(app.Id)
+
+	err = handleAppGroupsAndUsers(app.Id, d, m)
+
+	if err != nil {
+		return err
+	}
+
+	return resourceAppBasicAuthRead(d, m)
+}
+
+func resourceAppBasicAuthRead(d *schema.ResourceData, m interface{}) error {
+	app := okta.NewBasicAuthApplication()
+	err := fetchApp(d, m, app)
+
+	if app == nil {
+		d.SetId("")
+		return nil
+	}
+
+	if err != nil {
+		return err
+	}
+
+	d.Set("url", app.Settings.App.Url)
+	d.Set("auth_url", app.Settings.App.AuthURL)
+	appRead(d, app.Name, app.Status, app.SignOnMode, app.Label, app.Accessibility, app.Visibility)
+
+	return syncGroupsAndUsers(app.Id, d, m)
+}
+
+func resourceAppBasicAuthUpdate(d *schema.ResourceData, m interface{}) error {
+	client := getOktaClientFromMetadata(m)
+	app := buildAppBasicAuth(d, m)
+	_, _, err := client.Application.UpdateApplication(d.Id(), app)
+
+	if err != nil {
+		return err
+	}
+
+	desiredStatus := d.Get("status").(string)
+	err = setAppStatus(d, client, app.Status, desiredStatus)
+
+	if err != nil {
+		return err
+	}
+
+	err = handleAppGroupsAndUsers(app.Id, d, m)
+
+	if err != nil {
+		return err
+	}
+
+	return resourceAppBasicAuthRead(d, m)
+}
+
+func resourceAppBasicAuthDelete(d *schema.ResourceData, m interface{}) error {
+	client := getOktaClientFromMetadata(m)
+	_, err := client.Application.DeactivateApplication(d.Id())
+	if err != nil {
+		return err
+	}
+
+	_, err = client.Application.DeleteApplication(d.Id())
+
+	return err
+}
+
+func buildAppBasicAuth(d *schema.ResourceData, m interface{}) *okta.BasicAuthApplication {
+	// Abstracts away name and SignOnMode which are constant for this app type.
+	app := okta.NewBasicAuthApplication()
+	app.Label = d.Get("label").(string)
+
+	app.Settings = &okta.BasicApplicationSettings{
+		App: &okta.BasicApplicationSettingsApplication{
+			AuthURL: d.Get("auth_url").(string),
+			Url:     d.Get("url").(string),
+		},
+	}
+	app.Visibility = buildVisibility(d)
+
+	return app
+}
diff --git a/okta/resource_okta_app_basic_auth_test.go b/okta/resource_okta_app_basic_auth_test.go
@@ -0,0 +1,48 @@
+package okta
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/okta/okta-sdk-golang/okta"
+)
+
+func TestAccAppBasicAuthApplication_crud(t *testing.T) {
+	ri := acctest.RandInt()
+	mgr := newFixtureManager(appBasicAuth)
+	config := mgr.GetFixtures("basic.tf", ri, t)
+	updatedConfig := mgr.GetFixtures("basic_updated.tf", ri, t)
+	resourceName := fmt.Sprintf("%s.test", appBasicAuth)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: createCheckResourceDestroy(appBasicAuth, createDoesAppExist(okta.NewBasicAuthApplication())),
+		Steps: []resource.TestStep{
+			{
+				Config: config,
+				Check: resource.ComposeTestCheckFunc(
+					ensureResourceExists(resourceName, createDoesAppExist(okta.NewBasicAuthApplication())),
+					resource.TestCheckResourceAttr(resourceName, "label", buildResourceName(ri)),
+					resource.TestCheckResourceAttr(resourceName, "status", "ACTIVE"),
+					resource.TestCheckResourceAttr(resourceName, "url", "https://example.com/login.html"),
+					resource.TestCheckResourceAttr(resourceName, "auth_url", "https://example.com/auth.html"),
+					resource.TestCheckResourceAttr(resourceName, "groups.#", "1"),
+				),
+			},
+			{
+				Config: updatedConfig,
+				Check: resource.ComposeTestCheckFunc(
+					ensureResourceExists(resourceName, createDoesAppExist(okta.NewBasicAuthApplication())),
+					resource.TestCheckResourceAttr(resourceName, "label", buildResourceName(ri)),
+					resource.TestCheckResourceAttr(resourceName, "status", "ACTIVE"),
+					resource.TestCheckResourceAttr(resourceName, "url", "https://example.com/login.html"),
+					resource.TestCheckResourceAttr(resourceName, "auth_url", "https://example.com/auth.html"),
+					resource.TestCheckResourceAttr(resourceName, "users.#", "1"),
+				),
+			},
+		},
+	})
+}