feat: add missing fields from AdminSAMLSetting and AdminSAMLSettingsUpdateOptions structs

CHANGELOG.md

@@ -1,5 +1,9 @@
 # UNRELEASED
 
+## Enhancements
+* Adds `SignatureSigningMethod` and `SignatureDigestMethod` fields in `AdminSAMLSetting` struct by @karvounis-form3 [#731](https://github.com/hashicorp/go-tfe/pull/731)
+* Adds `Certificate`, `PrivateKey`, `TeamManagementEnabled`, `AuthnRequestsSigned`, `WantAssertionsSigned`, `SignatureSigningMethod`, `SignatureDigestMethod` fields in `AdminSAMLSettingsUpdateOptions` struct by @karvounis-form3 [#731](https://github.com/hashicorp/go-tfe/pull/731)
+
 # v1.29.0
 
 ## Enhancements

admin_setting_saml.go

@@ -33,6 +33,9 @@ type AdminSAMLSetting struct {
 	ID                        string `jsonapi:"primary,saml-settings"`
 	Enabled                   bool   `jsonapi:"attr,enabled"`
 	Debug                     bool   `jsonapi:"attr,debug"`
+	AuthnRequestsSigned       bool   `jsonapi:"attr,authn-requests-signed"`
+	WantAssertionsSigned      bool   `jsonapi:"attr,want-assertions-signed"`
+	TeamManagementEnabled     bool   `jsonapi:"attr,team-management-enabled"`
 	OldIDPCert                string `jsonapi:"attr,old-idp-cert"`
 	IDPCert                   string `jsonapi:"attr,idp-cert"`
 	SLOEndpointURL            string `jsonapi:"attr,slo-endpoint-url"`
@@ -44,11 +47,10 @@ type AdminSAMLSetting struct {
 	SSOAPITokenSessionTimeout int    `jsonapi:"attr,sso-api-token-session-timeout"`
 	ACSConsumerURL            string `jsonapi:"attr,acs-consumer-url"`
 	MetadataURL               string `jsonapi:"attr,metadata-url"`
-	TeamManagementEnabled     bool   `jsonapi:"attr,team-management-enabled"`
 	Certificate               string `jsonapi:"attr,certificate"`
-	AuthnRequestsSigned       bool   `jsonapi:"attr,authn-requests-signed"`
-	WantAssertionsSigned      bool   `jsonapi:"attr,want-assertions-signed"`
 	PrivateKey                string `jsonapi:"attr,private-key"`
+	SignatureSigningMethod    string `jsonapi:"attr,signature-signing-method"`
+	SignatureDigestMethod     string `jsonapi:"attr,signature-digest-method"`
 }
 
 // Read returns the SAML settings.
@@ -74,13 +76,20 @@ type AdminSAMLSettingsUpdateOptions struct {
 	Enabled                   *bool   `jsonapi:"attr,enabled,omitempty"`
 	Debug                     *bool   `jsonapi:"attr,debug,omitempty"`
 	IDPCert                   *string `jsonapi:"attr,idp-cert,omitempty"`
+	Certificate               *string `jsonapi:"attr,certificate,omitempty"`
+	PrivateKey                *string `jsonapi:"attr,private-key,omitempty"`
 	SLOEndpointURL            *string `jsonapi:"attr,slo-endpoint-url,omitempty"`
 	SSOEndpointURL            *string `jsonapi:"attr,sso-endpoint-url,omitempty"`
 	AttrUsername              *string `jsonapi:"attr,attr-username,omitempty"`
 	AttrGroups                *string `jsonapi:"attr,attr-groups,omitempty"`
 	AttrSiteAdmin             *string `jsonapi:"attr,attr-site-admin,omitempty"`
 	SiteAdminRole             *string `jsonapi:"attr,site-admin-role,omitempty"`
 	SSOAPITokenSessionTimeout *int    `jsonapi:"attr,sso-api-token-session-timeout,omitempty"`
+	TeamManagementEnabled     *bool   `jsonapi:"attr,team-management-enabled,omitempty"`
+	AuthnRequestsSigned       *bool   `jsonapi:"attr,authn-requests-signed,omitempty"`
+	WantAssertionsSigned      *bool   `jsonapi:"attr,want-assertions-signed,omitempty"`
+	SignatureSigningMethod    *string `jsonapi:"attr,signature-signing-method,omitempty"`
+	SignatureDigestMethod     *string `jsonapi:"attr,signature-digest-method,omitempty"`
 }
 
 // Update updates the SAML settings.

admin_setting_saml_integration_test.go

@@ -37,6 +37,8 @@ func TestAdminSettings_SAML_Read(t *testing.T) {
 	assert.NotNil(t, samlSettings.AuthnRequestsSigned)
 	assert.NotNil(t, samlSettings.WantAssertionsSigned)
 	assert.NotNil(t, samlSettings.PrivateKey)
+	assert.NotNil(t, samlSettings.SignatureSigningMethod)
+	assert.NotNil(t, samlSettings.SignatureDigestMethod)
 }
 
 func TestAdminSettings_SAML_Update(t *testing.T) {
@@ -58,6 +60,48 @@ func TestAdminSettings_SAML_Update(t *testing.T) {
 	require.NoError(t, err)
 	assert.Equal(t, enabled, samlSettings.Enabled)
 	assert.Equal(t, debug, samlSettings.Debug)
+	assert.Empty(t, samlSettings.PrivateKey)
+
+	t.Run("with certificate defined", func(t *testing.T) {
+		cert := "testCert"
+		pKey := "testPrivateKey"
+		signatureSigningMethod := "SHA1"
+		signatureDigestMethod := "SHA1"
+		samlSettingsUpd, err := client.Admin.Settings.SAML.Update(ctx, AdminSAMLSettingsUpdateOptions{
+			Certificate:            String(cert),
+			PrivateKey:             String(pKey),
+			SignatureSigningMethod: String(signatureSigningMethod),
+			SignatureDigestMethod:  String(signatureDigestMethod),
+		})
+		require.NoError(t, err)
+		assert.Equal(t, cert, samlSettingsUpd.Certificate)
+		assert.NotNil(t, samlSettingsUpd.PrivateKey)
+		assert.Equal(t, signatureSigningMethod, samlSettingsUpd.SignatureSigningMethod)
+		assert.Equal(t, signatureDigestMethod, samlSettingsUpd.SignatureDigestMethod)
+	})
+
+	t.Run("with team management enabled", func(t *testing.T) {
+		samlSettingsUpd, err := client.Admin.Settings.SAML.Update(ctx, AdminSAMLSettingsUpdateOptions{
+			Enabled:               Bool(true),
+			TeamManagementEnabled: Bool(true),
+		})
+		require.NoError(t, err)
+		assert.True(t, samlSettingsUpd.TeamManagementEnabled)
+	})
+
+	t.Run("with invalid signature digest method", func(t *testing.T) {
+		_, err := client.Admin.Settings.SAML.Update(ctx, AdminSAMLSettingsUpdateOptions{
+			SignatureDigestMethod: String("SHA1234"),
+		})
+		require.Error(t, err)
+	})
+
+	t.Run("with invalid signature signing method", func(t *testing.T) {
+		_, err := client.Admin.Settings.SAML.Update(ctx, AdminSAMLSettingsUpdateOptions{
+			SignatureSigningMethod: String("SHA1234"),
+		})
+		require.Error(t, err)
+	})
 }
 
 func TestAdminSettings_SAML_RevokeIdpCert(t *testing.T) {