Comments (8)
That's the approach I ended up going with. I've got a set of updates to both the underlying go-auth0
library as well as this provider. I'm still doing some testing on them but I will hopefully get some PRs up later today.
from terraform-provider-auth0.
Hi @jeff-french thanks for submitting this. It seems the addons
property is not properly defined in the terraform schema.
I'll try to work on this on the short term, but if you can give it a try yourself it would be a lot of help.
Cheers,
Alex
from terraform-provider-auth0.
@jeff-french could you kick the tyres on #32 and let me know if we're on the right track?
from terraform-provider-auth0.
@alexkappa Thanks for the quick response and PR! Unfortunately, it still didn't quite meet my use case. It appears that it works fine for setting first level primitive type properties of the addon but can't handle nested maps or lists.
Here's the full addons
block I'm trying to use to configure the samlp
addon:
addons = {
samlp = {
audience = "https://signin.aws.amazon.com/saml",
mappings = {
email = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
name = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
},
createUpnClaim = false,
passthroughClaimsWithNoMapping = false,
mapUnknownClaimsAsIs = false,
mapIdentities = false,
nameIdentifierFormat = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
nameIdentifierProbes = [
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
]
}
}
When I try to run a plan I get this error when it hits a nested map:
Error: module.auth0_sso_tools.auth0_client.aws_sso: addons.0.samlp (mappings): '' expected type 'string', got unconvertible type '[]map[string]interface {}'
And this error when it hits a nested list:
Error: module.auth0_sso_tools.auth0_client.aws_sso: addons.0.samlp (nameIdentifierProbes): '' expected type 'string', got unconvertible type '[]interface {}'
If I remove the mappings
and namedIdentifierProbes
from my configuration the plan is successful but I can't create the resource because I need the full configuration.
I'm not sure the best way to solve this without having to maintain an extensive and exhaustive schema for every addon (that seems like a maintenance nightmare). The only other thing I could think of would be to support JSONifying a string for each addon. Something like this:
addons = {
samlp = <<EOF
{
"audience": "https://signin.aws.amazon.com/saml",
"mappings": {
"email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
"name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"
},
"createUpnClaim": false,
"passthroughClaimsWithNoMapping": false,
"mapUnknownClaimsAsIs": false,
"mapIdentities": false,
"nameIdentifierFormat": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"nameIdentifierProbes": [
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
]
}
EOF
}
And basically just take the entire string, parse it as JSON and send it on to the auth0 API as is. No idea how difficult that might be to implement.
from terraform-provider-auth0.
I can't seem to find any authoritative source for the schema of all addons. After looking through UI I it may be that most or all addons only use first level primitive options (with the obvious exception of the samlp
addon. So it may be enough to simply specify the full parameter schema for the samlp
addon and the others will "just work" with the implementation in #32. I'll play this some more and if I get something working I'll put up a PR for it.
from terraform-provider-auth0.
Hi @jeff-french, I'm torn as to which direction we should take on this. On one hand we could use json as you mention yourself, but I find it a little ugly to mix HCL and JSON and would prefer to avoid it if we can. On the other hand we either need to define all the properties of each addon which makes it pretty impractical in the long run. Perhaps defining the schema for samlp
only which uses nested fields and leave the rest as is? Would you be willing to give this a go?
from terraform-provider-auth0.
@alexkappa I've pushed up PRs at go-auth0/auth0#14 and #35. I don't have much experience writing Golang so I'm not sure where to go from here.
from terraform-provider-auth0.
Closing this one as implemented in #35 and #58
from terraform-provider-auth0.
Related Issues (20)
- Add native_social_login option to auth0_client HOT 1
- auth0_tenant flags not working as expected HOT 1
- Support for `session_cookie` argument in `auth0_tenant` resource HOT 1
- `auth0_connection`: add `show_as_button` option HOT 5
- Allow enabling "Connection button" for Azure Active Directory enterprise connection (waad) HOT 1
- auth0_resource_server `scopes` are not configured properly via terraform HOT 1
- `auth0_action` for `post-user-registration` trigger is created as Post Login in Auth0 HOT 1
- User data source HOT 2
- User roles resource HOT 1
- Error when creation Auth) connection with strategy = "auth0-adldap". HOT 2
- Multiple tenants HOT 4
- Only send tenant configuration if changed HOT 1
- Where can I find the ID of a tenant? HOT 2
- Dependency didn't resolved between trigger binding and action when we want to delete an action. HOT 1
- How do I find the ID of various resources in the portal? HOT 3
- Allow to update Node Runtime Extensibility on Tenant settings HOT 2
- Which Terraform resource covers "Machine to Machine Applications" under the applications page? HOT 1
- Organization connection does not get updated HOT 1
- THIS REPOSITORY HAS MOVED
- Thank you!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-auth0.