ESD-25022: Add provider to auth0_guardian.push (#415)

auth0 · Dec 14, 2022 · 3c8b8b9 · 3c8b8b9
1 parent 72ce2b1
commit 3c8b8b9
Show file tree

Hide file tree

Showing 7 changed files with 296 additions and 161 deletions.
diff --git a/docs/resources/guardian.md b/docs/resources/guardian.md
@@ -118,6 +118,10 @@ Optional:
 <a id="nestedblock--push"></a>
 ### Nested Schema for `push`
 
+Required:
+
+- `provider` (String) Provider to use, one of `guardian`, `sns`.
+
 Optional:
 
 - `amazon_sns` (Block List, Max: 1) Configuration for Amazon SNS. (see [below for nested schema](#nestedblock--push--amazon_sns))

diff --git a/go.mod b/go.mod
@@ -3,7 +3,7 @@ module github.com/auth0/terraform-provider-auth0
 go 1.19
 
 require (
-	github.com/auth0/go-auth0 v0.13.0
+	github.com/auth0/go-auth0 v0.13.1
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/go-multierror v1.1.1
 	github.com/hashicorp/terraform-plugin-docs v0.13.0

diff --git a/go.sum b/go.sum
@@ -63,8 +63,8 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj
 github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
 github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
-github.com/auth0/go-auth0 v0.13.0 h1:0HHEHwfZnpb3xmZOkZEHeqwJ85k3yTN2wCNJobNvLh4=
-github.com/auth0/go-auth0 v0.13.0/go.mod h1:FOHI93YSRdyWcgecep+6YFNZ0v0FsAaMbnSVzTWdMHI=
+github.com/auth0/go-auth0 v0.13.1 h1:BAVy+0UFfUgHqt4hG5bLFjQG9eJ58FLFFSRz5+eo9sA=
+github.com/auth0/go-auth0 v0.13.1/go.mod h1:FOHI93YSRdyWcgecep+6YFNZ0v0FsAaMbnSVzTWdMHI=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
 github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=

diff --git a/internal/provider/resource_auth0_guardian.go b/internal/provider/resource_auth0_guardian.go
@@ -234,6 +234,12 @@ func newGuardian() *schema.Resource {
 					"Push MFA will be enabled, and disabled otherwise.",
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
+						"provider": {
+							Type:         schema.TypeString,
+							Required:     true,
+							ValidateFunc: validation.StringInSlice([]string{"guardian", "sns"}, false),
+							Description:  "Provider to use, one of `guardian`, `sns`.",
+						},
 						"amazon_sns": {
 							Type:        schema.TypeList,
 							Optional:    true,

diff --git a/internal/provider/resource_auth0_guardian_test.go b/internal/provider/resource_auth0_guardian_test.go
@@ -488,14 +488,18 @@ func TestAccGuardianDUO(t *testing.T) {
 const testAccConfigurePushCreate = `
 resource "auth0_guardian" "foo" {
 	policy = "all-applications"
-	push {}
+	push {
+		provider = "guardian"
+	}
 }
 `
 
 const testAccConfigurePushUpdateAmazonSNS = `
 resource "auth0_guardian" "foo" {
 	policy = "all-applications"
 	push {
+		provider = "sns"
+
 		amazon_sns {
 			aws_access_key_id = "test1"
 			aws_region = "us-west-1"
@@ -511,13 +515,16 @@ const testAccConfigurePushUpdateCustomApp = `
 resource "auth0_guardian" "foo" {
 	policy = "all-applications"
 	push {
+		provider = "sns"
+
 		amazon_sns {
 			aws_access_key_id = "test1"
 			aws_region = "us-west-1"
 			aws_secret_access_key = "secretKey"
 			sns_apns_platform_application_arn = "test_arn"
 			sns_gcm_platform_application_arn = "test_arn"
 		}
+
 		custom_app {
 			app_name = "CustomApp"
 			apple_app_link = "https://itunes.apple.com/us/app/my-app/id123121"
@@ -551,6 +558,7 @@ func TestAccGuardianPush(t *testing.T) {
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "webauthn_platform.#", "0"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "recovery_code", "false"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.#", "1"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.provider", "guardian"),
 				),
 			},
 			{
@@ -565,6 +573,7 @@ func TestAccGuardianPush(t *testing.T) {
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "webauthn_platform.#", "0"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "recovery_code", "false"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.#", "1"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.provider", "sns"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.amazon_sns.#", "1"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.amazon_sns.0.aws_access_key_id", "test1"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.amazon_sns.0.aws_region", "us-west-1"),
@@ -585,6 +594,7 @@ func TestAccGuardianPush(t *testing.T) {
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "webauthn_platform.#", "0"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "recovery_code", "false"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.#", "1"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.provider", "sns"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.custom_app.#", "1"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.custom_app.0.app_name", "CustomApp"),
 					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.custom_app.0.apple_app_link", "https://itunes.apple.com/us/app/my-app/id123121"),

diff --git a/internal/provider/structure_auth0_guardian.go b/internal/provider/structure_auth0_guardian.go
@@ -415,7 +415,14 @@ func updatePush(d *schema.ResourceData, api *management.Management) error {
 
 		var err error
 		d.GetRawConfig().GetAttr("push").ForEachElement(func(_ cty.Value, push cty.Value) (stop bool) {
-			if d.HasChange("push.0.amazon_sns") {
+			mfaProvider := &management.MultiFactorProvider{
+				Provider: value.String(push.GetAttr("provider")),
+			}
+			if err = api.Guardian.MultiFactor.Push.UpdateProvider(mfaProvider); err != nil {
+				return true
+			}
+
+			if d.HasChange("push.0.amazon_sns.0") {
 				var amazonSNS *management.MultiFactorProviderAmazonSNS
 				push.GetAttr("amazon_sns").ForEachElement(func(_ cty.Value, config cty.Value) (stop bool) {
 					amazonSNS = &management.MultiFactorProviderAmazonSNS{
@@ -434,7 +441,7 @@ func updatePush(d *schema.ResourceData, api *management.Management) error {
 				}
 			}
 
-			if d.HasChange("push.0.custom_app") {
+			if d.HasChange("push.0.custom_app.0") {
 				var customApp *management.MultiFactorPushCustomApp
 				push.GetAttr("custom_app").ForEachElement(func(_ cty.Value, config cty.Value) (stop bool) {
 					customApp = &management.MultiFactorPushCustomApp{