Skip to content

Commit

Permalink
Add duo support to guardian resource
Browse files Browse the repository at this point in the history
  • Loading branch information
sergiught committed Jul 6, 2022
1 parent 8c2299b commit 85840f5
Show file tree
Hide file tree
Showing 9 changed files with 1,115 additions and 60 deletions.
44 changes: 44 additions & 0 deletions auth0/resource_auth0_guardian.go
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,29 @@ func newGuardian() *schema.Resource {
Optional: true,
Default: false,
},
"duo": {
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
MinItems: 0,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"integration_key": {
Type: schema.TypeString,
Required: true,
},
"secret_key": {
Type: schema.TypeString,
Required: true,
Sensitive: true,
},
"hostname": {
Type: schema.TypeString,
Required: true,
},
},
},
},
},
}
}
Expand Down Expand Up @@ -229,6 +252,17 @@ func readGuardian(ctx context.Context, d *schema.ResourceData, m interface{}) di

result = multierror.Append(result, d.Set("webauthn_platform", webAuthnPlatform))
}
case "duo":
result = multierror.Append(result, d.Set("duo", nil))

if factor.GetEnabled() {
duo, err := flattenDUO(api)
if err != nil {
return diag.FromErr(err)
}

result = multierror.Append(result, d.Set("duo", duo))
}
}
}

Expand Down Expand Up @@ -261,6 +295,10 @@ func updateGuardian(ctx context.Context, d *schema.ResourceData, m interface{})
return diag.FromErr(err)
}

if err := updateDUO(d, api); err != nil {
return diag.FromErr(err)
}

return readGuardian(ctx, d, m)
}

Expand All @@ -279,6 +317,12 @@ func deleteGuardian(ctx context.Context, d *schema.ResourceData, m interface{})
if err := api.Guardian.MultiFactor.WebAuthnRoaming.Enable(false); err != nil {
return diag.FromErr(err)
}
if err := api.Guardian.MultiFactor.WebAuthnPlatform.Enable(false); err != nil {
return diag.FromErr(err)
}
if err := api.Guardian.MultiFactor.DUO.Enable(false); err != nil {
return diag.FromErr(err)
}

d.SetId("")

Expand Down
44 changes: 44 additions & 0 deletions auth0/resource_auth0_guardian_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -366,3 +366,47 @@ resource "auth0_guardian" "foo" {
policy = "all-applications"
}
`

func TestAccGuardianDUO(t *testing.T) {
httpRecorder := configureHTTPRecorder(t)

resource.Test(t, resource.TestCase{
ProviderFactories: testProviders(httpRecorder),
Steps: []resource.TestStep{
{
Config: testAccConfigureDUOCreate,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_guardian.foo", "policy", "all-applications"),
resource.TestCheckResourceAttr("auth0_guardian.foo", "duo.#", "1"),
resource.TestCheckResourceAttr("auth0_guardian.foo", "duo.0.hostname", "api-hostname"),
resource.TestCheckResourceAttr("auth0_guardian.foo", "duo.0.secret_key", "someSecret"),
resource.TestCheckResourceAttr("auth0_guardian.foo", "duo.0.integration_key", "someKey"),
),
},
{
Config: testAccConfigureDUODelete,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_guardian.foo", "policy", "all-applications"),
resource.TestCheckResourceAttr("auth0_guardian.foo", "duo.#", "0"),
),
},
},
})
}

const testAccConfigureDUOCreate = `
resource "auth0_guardian" "foo" {
policy = "all-applications"
duo {
integration_key = "someKey"
secret_key = "someSecret"
hostname = "api-hostname"
}
}
`

const testAccConfigureDUODelete = `
resource "auth0_guardian" "foo" {
policy = "all-applications"
}
`
35 changes: 35 additions & 0 deletions auth0/structure_auth0_guardian.go
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,21 @@ func flattenWebAuthnPlatform(api *management.Management) ([]interface{}, error)
return []interface{}{m}, nil
}

func flattenDUO(api *management.Management) ([]interface{}, error) {
duoSettings, err := api.Guardian.MultiFactor.DUO.Read()
if err != nil {
return nil, err
}

m := map[string]interface{}{
"integration_key": duoSettings.GetIntegrationKey(),
"secret_key": duoSettings.GetSecretKey(),
"hostname": duoSettings.GetHostname(),
}

return []interface{}{m}, nil
}

func updatePolicy(d *schema.ResourceData, api *management.Management) error {
if d.HasChange("policy") {
multiFactorPolicies := management.MultiFactorPolicies{}
Expand Down Expand Up @@ -314,3 +329,23 @@ func updateWebAuthnPlatform(d *schema.ResourceData, api *management.Management)

return api.Guardian.MultiFactor.WebAuthnPlatform.Enable(false)
}

func updateDUO(d *schema.ResourceData, api *management.Management) error {
if factorShouldBeUpdated(d, "duo") {
if err := api.Guardian.MultiFactor.DUO.Enable(true); err != nil {
return err
}

var duoSettings management.MultiFactorDUOSettings

List(d, "duo").Elem(func(d ResourceData) {
duoSettings.SecretKey = String(d, "secret_key")
duoSettings.Hostname = String(d, "hostname")
duoSettings.IntegrationKey = String(d, "integration_key")
})

return api.Guardian.MultiFactor.DUO.Update(&duoSettings)
}

return api.Guardian.MultiFactor.DUO.Enable(false)
}
Loading

0 comments on commit 85840f5

Please sign in to comment.