Add terraform provider support for new SCIM server api2 endpoints (#980)

DXCDT-644 Add support for SCIM APIs

docs/data-sources/connection_scim_configuration.md

@@ -0,0 +1,73 @@
+---
+page_title: "Data Source: auth0_connection_scim_configuration"
+description: |-
+  Data source to retrieve a SCIM configuration for an Auth0 connection by connection_id.
+---
+
+# Data Source: auth0_connection_scim_configuration
+
+Data source to retrieve a SCIM configuration for an Auth0 connection by `connection_id`.
+
+## Example Usage
+
+```terraform
+resource "auth0_connection" "my_enterprise_connection" {
+  name         = "my-enterprise-connection"
+  display_name = "My Enterprise Connection"
+  strategy     = "okta"
+
+  options {
+    client_id              = "1234567"
+    client_secret          = "1234567"
+    issuer                 = "https://example.okta.com"
+    jwks_uri               = "https://example.okta.com/oauth2/v1/keys"
+    token_endpoint         = "https://example.okta.com/oauth2/v1/token"
+    authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
+  }
+}
+
+resource "auth0_connection_scim_configuration" "my_conn_scim_configuration" {
+  connection_id = auth0_connection.my_enterprise_connection.id
+}
+
+# A data source for an Auth0 Connection SCIM Configuration.
+data "auth0_connection_scim_configuration" "my_conn_scim_configuration_data" {
+  connection_id = auth0_connection_scim_configuration.my_conn_scim_configuration.id
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `connection_id` (String) ID of the connection for this SCIM configuration.
+
+### Read-Only
+
+- `connection_name` (String) Name of the connection for this SCIM configuration.
+- `default_mapping` (Block Set) Default mapping between Auth0 attributes and SCIM attributes for this connection type. (see [below for nested schema](#nestedblock--default_mapping))
+- `id` (String) The ID of this resource.
+- `mapping` (Block Set) Mapping between Auth0 attributes and SCIM attributes. (see [below for nested schema](#nestedblock--mapping))
+- `strategy` (String) Schema of the connection for this SCIM configuration.
+- `tenant_name` (String) Name of the tenant for this SCIM configuration.
+- `user_id_attribute` (String) User ID attribute for generation unique of user ids.
+
+<a id="nestedblock--default_mapping"></a>
+### Nested Schema for `default_mapping`
+
+Read-Only:
+
+- `auth0` (String) The field location in the Auth0 schema.
+- `scim` (String) The field location in the SCIM schema.
+
+
+<a id="nestedblock--mapping"></a>
+### Nested Schema for `mapping`
+
+Read-Only:
+
+- `auth0` (String) The field location in the Auth0 schema.
+- `scim` (String) The field location in the SCIM schema.
+
+

docs/resources/connection_scim_configuration.md

@@ -0,0 +1,102 @@
+---
+page_title: "Resource: auth0_connection_scim_configuration"
+description: |-
+  With this resource, you can configure SCIM(System for Cross-domain Identity Management) https://simplecloud.info/ support for SAML and OpenID Connect Enterprise connections.
+---
+
+# Resource: auth0_connection_scim_configuration
+
+With this resource, you can configure [SCIM(System for Cross-domain Identity Management)](https://simplecloud.info/) support for `SAML` and `OpenID Connect` Enterprise connections.
+
+## Example Usage
+
+```terraform
+resource "auth0_connection" "my_enterprise_connection" {
+  name         = "my-enterprise-connection"
+  display_name = "My Enterprise Connection"
+  strategy     = "okta"
+
+  options {
+    client_id              = "1234567"
+    client_secret          = "1234567"
+    issuer                 = "https://example.okta.com"
+    jwks_uri               = "https://example.okta.com/oauth2/v1/keys"
+    token_endpoint         = "https://example.okta.com/oauth2/v1/token"
+    authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
+  }
+}
+
+resource "auth0_connection" "my_enterprise_connection_2" {
+  name         = "my-enterprise-connection-2"
+  display_name = "My Enterprise Connection 2"
+  strategy     = "okta"
+
+  options {
+    client_id              = "1234567"
+    client_secret          = "1234567"
+    issuer                 = "https://example.okta.com"
+    jwks_uri               = "https://example.okta.com/oauth2/v1/keys"
+    token_endpoint         = "https://example.okta.com/oauth2/v1/token"
+    authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
+  }
+}
+
+# A resource for configuring an Auth0 Connection SCIM Configuration, using default values.
+# Only one can be specified for a connection.
+resource "auth0_connection_scim_configuration" "my_conn_scim_configuration_default" {
+  connection_id = auth0_connection.my_enterprise_connection.id
+}
+
+# A resource for configuring an Auth0 Connection SCIM Configuration, specifying `user_id_attribute` and `mapping`.
+# Only one can be specified for a connection.
+resource "auth0_connection_scim_configuration" "my_conn_scim_configuration" {
+  connection_id     = auth0_connection.my_enterprise_connection_2.id
+  user_id_attribute = "attribute1"
+  mapping {
+    auth0 = "auth0_attribute1"
+    scim  = "sacim_attribute1"
+  }
+  mapping {
+    auth0 = "auth0_attribute2"
+    scim  = "sacim_attribute2"
+  }
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `connection_id` (String) ID of the connection for this SCIM configuration.
+
+### Optional
+
+- `mapping` (Block Set) Mapping between Auth0 attributes and SCIM attributes. If `user_id_attribute` is set, `mapping` must be set as well. (see [below for nested schema](#nestedblock--mapping))
+- `user_id_attribute` (String) User ID attribute for generation unique of user ids. If `user_id_attribute` is set, `mapping` must be set as well. Defaults to `userName` for SAML connections and `externalId` for OIDC connections.
+
+### Read-Only
+
+- `connection_name` (String) Name of the connection for this SCIM configuration.
+- `id` (String) The ID of this resource.
+- `strategy` (String) Schema of the connection for this SCIM configuration.
+- `tenant_name` (String) Name of the tenant for this SCIM configuration.
+
+<a id="nestedblock--mapping"></a>
+### Nested Schema for `mapping`
+
+Required:
+
+- `auth0` (String) The field location in the Auth0 schema.
+- `scim` (String) The field location in the SCIM schema.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+# This resource can be imported by specifying the connection ID <connectionID>
+#
+# Example:
+terraform import auth0_connection_scim_configuration.my_conn_scim_conf "con_XXXXX"
+```

examples/data-sources/auth0_connection_scim_configuration/data-source.tf

@@ -0,0 +1,24 @@
+resource "auth0_connection" "my_enterprise_connection" {
+  name         = "my-enterprise-connection"
+  display_name = "My Enterprise Connection"
+  strategy     = "okta"
+
+  options {
+    client_id              = "1234567"
+    client_secret          = "1234567"
+    issuer                 = "https://example.okta.com"
+    jwks_uri               = "https://example.okta.com/oauth2/v1/keys"
+    token_endpoint         = "https://example.okta.com/oauth2/v1/token"
+    authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
+  }
+}
+
+resource "auth0_connection_scim_configuration" "my_conn_scim_configuration" {
+  connection_id = auth0_connection.my_enterprise_connection.id
+}
+
+# A data source for an Auth0 Connection SCIM Configuration.
+data "auth0_connection_scim_configuration" "my_conn_scim_configuration_data" {
+  connection_id = auth0_connection_scim_configuration.my_conn_scim_configuration.id
+}
+

examples/resources/auth0_connection_scim_configuration/import.sh

@@ -0,0 +1,4 @@
+# This resource can be imported by specifying the connection ID <connectionID>
+#
+# Example:
+terraform import auth0_connection_scim_configuration.my_conn_scim_conf "con_XXXXX"

examples/resources/auth0_connection_scim_configuration/resource.tf

@@ -0,0 +1,50 @@
+resource "auth0_connection" "my_enterprise_connection" {
+  name         = "my-enterprise-connection"
+  display_name = "My Enterprise Connection"
+  strategy     = "okta"
+
+  options {
+    client_id              = "1234567"
+    client_secret          = "1234567"
+    issuer                 = "https://example.okta.com"
+    jwks_uri               = "https://example.okta.com/oauth2/v1/keys"
+    token_endpoint         = "https://example.okta.com/oauth2/v1/token"
+    authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
+  }
+}
+
+resource "auth0_connection" "my_enterprise_connection_2" {
+  name         = "my-enterprise-connection-2"
+  display_name = "My Enterprise Connection 2"
+  strategy     = "okta"
+
+  options {
+    client_id              = "1234567"
+    client_secret          = "1234567"
+    issuer                 = "https://example.okta.com"
+    jwks_uri               = "https://example.okta.com/oauth2/v1/keys"
+    token_endpoint         = "https://example.okta.com/oauth2/v1/token"
+    authorization_endpoint = "https://example.okta.com/oauth2/v1/authorize"
+  }
+}
+
+# A resource for configuring an Auth0 Connection SCIM Configuration, using default values.
+# Only one can be specified for a connection.
+resource "auth0_connection_scim_configuration" "my_conn_scim_configuration_default" {
+  connection_id = auth0_connection.my_enterprise_connection.id
+}
+
+# A resource for configuring an Auth0 Connection SCIM Configuration, specifying `user_id_attribute` and `mapping`.
+# Only one can be specified for a connection.
+resource "auth0_connection_scim_configuration" "my_conn_scim_configuration" {
+  connection_id     = auth0_connection.my_enterprise_connection_2.id
+  user_id_attribute = "attribute1"
+  mapping {
+    auth0 = "auth0_attribute1"
+    scim  = "sacim_attribute1"
+  }
+  mapping {
+    auth0 = "auth0_attribute2"
+    scim  = "sacim_attribute2"
+  }
+}

internal/auth0/connection/data_source_scim.go

@@ -0,0 +1,78 @@
+package connection
+
+import (
+	"context"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+
+	"github.com/auth0/terraform-provider-auth0/internal/config"
+	internalError "github.com/auth0/terraform-provider-auth0/internal/error"
+	internalSchema "github.com/auth0/terraform-provider-auth0/internal/schema"
+)
+
+// NewSCIMConfigurationDataSource will return a new auth0_connection_scim_configuration data source.
+func NewSCIMConfigurationDataSource() *schema.Resource {
+	return &schema.Resource{
+		ReadContext: readSCIMConfigurationDataSource,
+		Description: "Data source to retrieve a SCIM configuration for an Auth0 connection by `connection_id`.",
+		Schema:      getSCIMDataSourceSchema(),
+	}
+}
+
+func getSCIMDataSourceSchema() map[string]*schema.Schema {
+	dataSourceSchema := internalSchema.TransformResourceToDataSource(NewSCIMConfigurationResource().Schema)
+	internalSchema.SetExistingAttributesAsRequired(dataSourceSchema, "connection_id")
+	dataSourceSchema["user_id_attribute"].Description = "User ID attribute for generation unique of user ids."
+	dataSourceSchema["mapping"].Description = "Mapping between Auth0 attributes and SCIM attributes."
+	dataSourceSchema["mapping"].Optional = true // This is necessary to make the documentation generate correctly.
+	dataSourceSchema["default_mapping"] = &schema.Schema{
+		Type:         schema.TypeSet,
+		Optional:     true, // This is necessary to make the documentation generate correctly.
+		RequiredWith: []string{"user_id_attribute", "mapping"},
+		Computed:     true,
+		Description:  "Default mapping between Auth0 attributes and SCIM attributes for this connection type.",
+		Elem: &schema.Resource{
+			Schema: map[string]*schema.Schema{
+				"auth0": {
+					Type:        schema.TypeString,
+					Computed:    true,
+					Description: "The field location in the Auth0 schema.",
+				},
+				"scim": {
+					Type:        schema.TypeString,
+					Computed:    true,
+					Description: "The field location in the SCIM schema.",
+				},
+			},
+		},
+	}
+
+	return dataSourceSchema
+}
+
+func readSCIMConfigurationDataSource(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	api := meta.(*config.Config).GetAPI()
+
+	connectionID := data.Get("connection_id").(string)
+	scimConfiguration, err := api.Connection.ReadSCIMConfiguration(ctx, connectionID)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	defaultSCIMConfiguration, err := api.Connection.ReadSCIMDefaultConfiguration(ctx, connectionID)
+	if err != nil {
+		return diag.FromErr(internalError.HandleAPIError(data, err))
+	}
+
+	diags := flattenSCIMConfiguration(data, scimConfiguration)
+	if diags.HasError() {
+		return diags
+	}
+	err = data.Set("default_mapping", flattenSCIMMappings(defaultSCIMConfiguration.GetMapping()))
+	if err == nil {
+		data.SetId(connectionID)
+	}
+
+	return diag.FromErr(err)
+}