diff --git a/auth0/resource_auth0_guardian.go b/auth0/resource_auth0_guardian.go index 54296b7a3..d948d7149 100644 --- a/auth0/resource_auth0_guardian.go +++ b/auth0/resource_auth0_guardian.go @@ -163,6 +163,29 @@ func newGuardian() *schema.Resource { Optional: true, Default: false, }, + "duo": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + MinItems: 0, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "integration_key": { + Type: schema.TypeString, + Required: true, + }, + "secret_key": { + Type: schema.TypeString, + Required: true, + Sensitive: true, + }, + "hostname": { + Type: schema.TypeString, + Required: true, + }, + }, + }, + }, }, } } @@ -229,6 +252,17 @@ func readGuardian(ctx context.Context, d *schema.ResourceData, m interface{}) di result = multierror.Append(result, d.Set("webauthn_platform", webAuthnPlatform)) } + case "duo": + result = multierror.Append(result, d.Set("duo", nil)) + + if factor.GetEnabled() { + duo, err := flattenDUO(api) + if err != nil { + return diag.FromErr(err) + } + + result = multierror.Append(result, d.Set("duo", duo)) + } } } @@ -261,6 +295,10 @@ func updateGuardian(ctx context.Context, d *schema.ResourceData, m interface{}) return diag.FromErr(err) } + if err := updateDUO(d, api); err != nil { + return diag.FromErr(err) + } + return readGuardian(ctx, d, m) } @@ -279,6 +317,12 @@ func deleteGuardian(ctx context.Context, d *schema.ResourceData, m interface{}) if err := api.Guardian.MultiFactor.WebAuthnRoaming.Enable(false); err != nil { return diag.FromErr(err) } + if err := api.Guardian.MultiFactor.WebAuthnPlatform.Enable(false); err != nil { + return diag.FromErr(err) + } + if err := api.Guardian.MultiFactor.DUO.Enable(false); err != nil { + return diag.FromErr(err) + } d.SetId("") diff --git a/auth0/resource_auth0_guardian_test.go b/auth0/resource_auth0_guardian_test.go index ec4a11e91..697f623da 100644 --- a/auth0/resource_auth0_guardian_test.go +++ b/auth0/resource_auth0_guardian_test.go @@ -366,3 +366,47 @@ resource "auth0_guardian" "foo" { policy = "all-applications" } ` + +func TestAccGuardianDUO(t *testing.T) { + httpRecorder := configureHTTPRecorder(t) + + resource.Test(t, resource.TestCase{ + ProviderFactories: testProviders(httpRecorder), + Steps: []resource.TestStep{ + { + Config: testAccConfigureDUOCreate, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("auth0_guardian.foo", "policy", "all-applications"), + resource.TestCheckResourceAttr("auth0_guardian.foo", "duo.#", "1"), + resource.TestCheckResourceAttr("auth0_guardian.foo", "duo.0.hostname", "api-hostname"), + resource.TestCheckResourceAttr("auth0_guardian.foo", "duo.0.secret_key", "someSecret"), + resource.TestCheckResourceAttr("auth0_guardian.foo", "duo.0.integration_key", "someKey"), + ), + }, + { + Config: testAccConfigureDUODelete, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("auth0_guardian.foo", "policy", "all-applications"), + resource.TestCheckResourceAttr("auth0_guardian.foo", "duo.#", "0"), + ), + }, + }, + }) +} + +const testAccConfigureDUOCreate = ` +resource "auth0_guardian" "foo" { + policy = "all-applications" + duo { + integration_key = "someKey" + secret_key = "someSecret" + hostname = "api-hostname" + } +} +` + +const testAccConfigureDUODelete = ` +resource "auth0_guardian" "foo" { + policy = "all-applications" +} +` diff --git a/auth0/structure_auth0_guardian.go b/auth0/structure_auth0_guardian.go index a3d20d85a..ed863f796 100644 --- a/auth0/structure_auth0_guardian.go +++ b/auth0/structure_auth0_guardian.go @@ -108,6 +108,21 @@ func flattenWebAuthnPlatform(api *management.Management) ([]interface{}, error) return []interface{}{m}, nil } +func flattenDUO(api *management.Management) ([]interface{}, error) { + duoSettings, err := api.Guardian.MultiFactor.DUO.Read() + if err != nil { + return nil, err + } + + m := map[string]interface{}{ + "integration_key": duoSettings.GetIntegrationKey(), + "secret_key": duoSettings.GetSecretKey(), + "hostname": duoSettings.GetHostname(), + } + + return []interface{}{m}, nil +} + func updatePolicy(d *schema.ResourceData, api *management.Management) error { if d.HasChange("policy") { multiFactorPolicies := management.MultiFactorPolicies{} @@ -314,3 +329,23 @@ func updateWebAuthnPlatform(d *schema.ResourceData, api *management.Management) return api.Guardian.MultiFactor.WebAuthnPlatform.Enable(false) } + +func updateDUO(d *schema.ResourceData, api *management.Management) error { + if factorShouldBeUpdated(d, "duo") { + if err := api.Guardian.MultiFactor.DUO.Enable(true); err != nil { + return err + } + + var duoSettings management.MultiFactorDUOSettings + + List(d, "duo").Elem(func(d ResourceData) { + duoSettings.SecretKey = String(d, "secret_key") + duoSettings.Hostname = String(d, "hostname") + duoSettings.IntegrationKey = String(d, "integration_key") + }) + + return api.Guardian.MultiFactor.DUO.Update(&duoSettings) + } + + return api.Guardian.MultiFactor.DUO.Enable(false) +} diff --git a/auth0/testdata/recordings/TestAccGuardian.yaml b/auth0/testdata/recordings/TestAccGuardian.yaml index fcb9a2eb9..40d64d9c4 100644 --- a/auth0/testdata/recordings/TestAccGuardian.yaml +++ b/auth0/testdata/recordings/TestAccGuardian.yaml @@ -153,6 +153,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -552,6 +571,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -799,6 +837,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -1238,47 +1295,22 @@ interactions: duration: 1ms - request: body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/latest - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/policies - method: GET - response: - body: '{"statusCode":429,"error":"Too Many Requests","message":"Global limit has - been reached","errorCode":"too_many_requests"}' - headers: - Content-Length: - - "120" - Content-Type: - - application/json; charset=utf-8 - status: 429 Too Many Requests - code: 429 - duration: 1ms -- request: - body: | - null + {"enabled":false} form: {} headers: Content-Type: - application/json User-Agent: - Go-Auth0-SDK/latest - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/policies - method: GET + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT response: - body: '{"statusCode":429,"error":"Too Many Requests","message":"Global limit has - been reached","errorCode":"too_many_requests"}' + body: '{"enabled":false}' headers: - Content-Length: - - "120" Content-Type: - application/json; charset=utf-8 - status: 429 Too Many Requests - code: 429 + status: 200 OK + code: 200 duration: 1ms - request: body: | @@ -1622,6 +1654,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -2154,6 +2205,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -2344,6 +2414,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -2534,6 +2623,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -2724,6 +2832,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -2907,37 +3034,12 @@ interactions: url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-platform method: PUT response: - body: '{"statusCode":429,"error":"Too Many Requests","message":"Global limit has - been reached","errorCode":"too_many_requests"}' - headers: - Content-Length: - - "120" - Content-Type: - - application/json; charset=utf-8 - status: 429 Too Many Requests - code: 429 - duration: 1ms -- request: - body: | - {"enabled":false} - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/latest - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-platform - method: PUT - response: - body: '{"statusCode":429,"error":"Too Many Requests","message":"Global limit has - been reached","errorCode":"too_many_requests"}' + body: '{"enabled":false}' headers: - Content-Length: - - "120" Content-Type: - application/json; charset=utf-8 - status: 429 Too Many Requests - code: 429 + status: 200 OK + code: 200 duration: 1ms - request: body: | @@ -2948,7 +3050,7 @@ interactions: - application/json User-Agent: - Go-Auth0-SDK/latest - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-platform + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo method: PUT response: body: '{"enabled":false}' @@ -3110,3 +3212,41 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-platform + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms diff --git a/auth0/testdata/recordings/TestAccGuardianDUO.yaml b/auth0/testdata/recordings/TestAccGuardianDUO.yaml new file mode 100644 index 000000000..276c630d3 --- /dev/null +++ b/auth0/testdata/recordings/TestAccGuardianDUO.yaml @@ -0,0 +1,554 @@ +--- +version: 1 +interactions: +- request: + body: | + ["all-applications"] + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/policies + method: PUT + response: + body: '["all-applications"]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/sms + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-roaming + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-platform + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":true} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":true}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"host":"api-hostname","ikey":"someKey","skey":"someSecret"} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo/settings + method: PUT + response: + body: '{"host":"api-hostname","ikey":"someKey","skey":"someSecret"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/policies + method: GET + response: + body: '["all-applications"]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors + method: GET + response: + body: '[{"name":"sms","enabled":false,"trial_expired":false},{"name":"push-notification","enabled":false,"trial_expired":false},{"name":"otp","enabled":false,"trial_expired":false},{"name":"email","enabled":false,"trial_expired":false},{"name":"duo","enabled":true,"trial_expired":false},{"name":"webauthn-roaming","enabled":false,"trial_expired":false},{"name":"webauthn-platform","enabled":false,"trial_expired":false},{"name":"recovery-code","enabled":false,"trial_expired":false}]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo/settings + method: GET + response: + body: '{"ikey":"someKey","skey":"someSecret","host":"api-hostname"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/policies + method: GET + response: + body: '["all-applications"]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors + method: GET + response: + body: '[{"name":"sms","enabled":false,"trial_expired":false},{"name":"push-notification","enabled":false,"trial_expired":false},{"name":"otp","enabled":false,"trial_expired":false},{"name":"email","enabled":false,"trial_expired":false},{"name":"duo","enabled":true,"trial_expired":false},{"name":"webauthn-roaming","enabled":false,"trial_expired":false},{"name":"webauthn-platform","enabled":false,"trial_expired":false},{"name":"recovery-code","enabled":false,"trial_expired":false}]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo/settings + method: GET + response: + body: '{"ikey":"someKey","skey":"someSecret","host":"api-hostname"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/policies + method: GET + response: + body: '["all-applications"]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors + method: GET + response: + body: '[{"name":"sms","enabled":false,"trial_expired":false},{"name":"push-notification","enabled":false,"trial_expired":false},{"name":"otp","enabled":false,"trial_expired":false},{"name":"email","enabled":false,"trial_expired":false},{"name":"duo","enabled":true,"trial_expired":false},{"name":"webauthn-roaming","enabled":false,"trial_expired":false},{"name":"webauthn-platform","enabled":false,"trial_expired":false},{"name":"recovery-code","enabled":false,"trial_expired":false}]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo/settings + method: GET + response: + body: '{"ikey":"someKey","skey":"someSecret","host":"api-hostname"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/sms + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-roaming + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-platform + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/policies + method: GET + response: + body: '["all-applications"]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors + method: GET + response: + body: '[{"name":"sms","enabled":false,"trial_expired":false},{"name":"push-notification","enabled":false,"trial_expired":false},{"name":"otp","enabled":false,"trial_expired":false},{"name":"email","enabled":false,"trial_expired":false},{"name":"duo","enabled":false,"trial_expired":false},{"name":"webauthn-roaming","enabled":false,"trial_expired":false},{"name":"webauthn-platform","enabled":false,"trial_expired":false},{"name":"recovery-code","enabled":false,"trial_expired":false}]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/policies + method: GET + response: + body: '["all-applications"]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors + method: GET + response: + body: '[{"name":"sms","enabled":false,"trial_expired":false},{"name":"push-notification","enabled":false,"trial_expired":false},{"name":"otp","enabled":false,"trial_expired":false},{"name":"email","enabled":false,"trial_expired":false},{"name":"duo","enabled":false,"trial_expired":false},{"name":"webauthn-roaming","enabled":false,"trial_expired":false},{"name":"webauthn-platform","enabled":false,"trial_expired":false},{"name":"recovery-code","enabled":false,"trial_expired":false}]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/sms + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/email + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/otp + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-roaming + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-platform + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms diff --git a/auth0/testdata/recordings/TestAccGuardianPhoneMessageHookWithNoOptions.yaml b/auth0/testdata/recordings/TestAccGuardianPhoneMessageHookWithNoOptions.yaml index 4a83ddbe4..0faa2b07f 100644 --- a/auth0/testdata/recordings/TestAccGuardianPhoneMessageHookWithNoOptions.yaml +++ b/auth0/testdata/recordings/TestAccGuardianPhoneMessageHookWithNoOptions.yaml @@ -77,6 +77,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -286,6 +305,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -666,3 +704,41 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-platform + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms diff --git a/auth0/testdata/recordings/TestAccGuardianWebAuthnPlatform.yaml b/auth0/testdata/recordings/TestAccGuardianWebAuthnPlatform.yaml index a48d3ecf8..af773dd73 100644 --- a/auth0/testdata/recordings/TestAccGuardianWebAuthnPlatform.yaml +++ b/auth0/testdata/recordings/TestAccGuardianWebAuthnPlatform.yaml @@ -77,6 +77,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -305,6 +324,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -457,3 +495,41 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-platform + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms diff --git a/auth0/testdata/recordings/TestAccGuardianWebAuthnRoaming.yaml b/auth0/testdata/recordings/TestAccGuardianWebAuthnRoaming.yaml index 72bbdc1e1..ad72538dc 100644 --- a/auth0/testdata/recordings/TestAccGuardianWebAuthnRoaming.yaml +++ b/auth0/testdata/recordings/TestAccGuardianWebAuthnRoaming.yaml @@ -77,6 +77,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -419,6 +438,25 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms - request: body: | null @@ -571,3 +609,41 @@ interactions: status: 200 OK code: 200 duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/webauthn-platform + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms +- request: + body: | + {"enabled":false} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0-SDK/latest + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/guardian/factors/duo + method: PUT + response: + body: '{"enabled":false}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 1ms diff --git a/docs/resources/guardian.md b/docs/resources/guardian.md index 8222966b3..e7da805c2 100644 --- a/docs/resources/guardian.md +++ b/docs/resources/guardian.md @@ -41,6 +41,7 @@ The option `confidence-score` means the trigger of MFA will be adaptive. See [Au * `phone` - (Optional) List(Resource). Configuration settings for the phone MFA. For details, see [Phone](#phone). * `webauthn_roaming` - (Optional) List(Resource). Configuration settings for the WebAuthn with FIDO Security Keys MFA. For details, see [WebAuthn Roaming](#webauthn-roaming). * `webauthn_platform` - (Optional) List(Resource). Configuration settings for the WebAuthn with FIDO Device Biometrics MFA. For details, see [WebAuthn Platform](#webauthn-platform). +* `duo` - (Optional) List(Resource). Configuration settings for the Duo MFA. For details, see [Duo](#duo). * `email` - (Optional) Boolean. Indicates whether email MFA is enabled. * `OTP` - (Optional) Boolean. Indicates whether one time password MFA is enabled. @@ -87,6 +88,15 @@ See [phone message hook docs](https://auth0.com/docs/hooks/extensibility-points/ * `override_relying_party` - (Optional) Bool. The Relying Party is the domain for which the WebAuthn keys will be issued, set to true if you are customizing the identifier. * `relying_party_identifier`- (Optional) String. The Relying Party should be a suffix of the custom domain. +### Duo + +`duo` supports the following arguments: + +* `integration_key` - (Optional) String. Duo client ID, see the Duo documentation for more details on Duo setup. +* `secret_key`- (Optional) String. Duo client secret, see the Duo documentation for more details on Duo setup. +* `hostname`- (Optional) String. Duo API Hostname, see the Duo documentation for more details on Duo setup. + + ## Attributes Reference No additional attributes are exported by this resource.