Add session_cookie to tenant (#220)

* Adding support for session_cookie management including documentation and tests

* Adding to example

* Simplifying flattenTenantSessionCookie logic

* Removing extra Computed property, adding test to ensure that clearing a tenant resource doesn't hit a 400

* Updating to use Go SDK v0.9.0

Co-authored-by: Will Vedder <[email protected]>

auth0/resource_auth0_tenant.go

@@ -299,6 +299,25 @@ func newTenant() *schema.Resource {
 					validation.IsURLWithScheme([]string{"https"}),
 				),
 			},
+			"session_cookie": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Computed: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"mode": {
+							Type:     schema.TypeString,
+							Optional: true,
+							ValidateFunc: validation.StringInSlice([]string{
+								"persistent",
+								"non-persistent",
+							}, false),
+							Description: "Behavior of tenant session cookie. Accepts either \"persistent\" or \"non-persistent\"",
+						},
+					},
+				},
+			},
 		},
 	}
 }
@@ -339,6 +358,7 @@ func readTenant(ctx context.Context, d *schema.ResourceData, m interface{}) diag
 		d.Set("error_page", flattenTenantErrorPage(tenant.ErrorPage)),
 		d.Set("flags", flattenTenantFlags(tenant.Flags)),
 		d.Set("universal_login", flattenTenantUniversalLogin(tenant.UniversalLogin)),
+		d.Set("session_cookie", flattenTenantSessionCookie(tenant.SessionCookie)),
 	)
 
 	return diag.FromErr(result.ErrorOrNil())
@@ -378,6 +398,7 @@ func expandTenant(d *schema.ResourceData) *management.Tenant {
 		ErrorPage:             expandTenantErrorPage(d),
 		Flags:                 expandTenantFlags(d.GetRawConfig().GetAttr("flags")),
 		UniversalLogin:        expandTenantUniversalLogin(d),
+		SessionCookie:         expandTenantSessionCookie(d),
 	}
 
 	return tenant

auth0/resource_auth0_tenant_test.go

@@ -43,6 +43,7 @@ func TestAccTenant(t *testing.T) {
 					resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "universal_login.0.colors.0.primary", "#0059d6"),
 					resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "universal_login.0.colors.0.page_background", "#000000"),
 					resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "default_redirection_uri", "https://example.com/login"),
+					resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "session_cookie.0.mode", "non-persistent"),
 				),
 			},
 			{
@@ -53,6 +54,13 @@ func TestAccTenant(t *testing.T) {
 					resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.disable_clickjack_protection_headers", "false"),
 					resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.enable_public_signup_user_exists_error", "true"),
 					resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "flags.0.use_scope_descriptions_for_consent", "false"),
+					resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "session_cookie.0.mode", "persistent"),
+				),
+			},
+			{
+				Config: `resource "auth0_tenant" "my_tenant" {}`,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_tenant.my_tenant", "session_cookie.0.mode", "persistent"),
 				),
 			},
 		},
@@ -103,6 +111,9 @@ resource "auth0_tenant" "my_tenant" {
 		}
 	}
 	default_redirection_uri = "https://example.com/login"
+	session_cookie {
+		mode = "non-persistent"
+	}
 }
 `
 
@@ -150,6 +161,9 @@ resource "auth0_tenant" "my_tenant" {
 		}
 	}
 	default_redirection_uri = "https://example.com/login"
+	session_cookie {
+		mode = "persistent"
+	}
 }
 `
 

auth0/structure_auth0_tenant.go

@@ -93,6 +93,13 @@ func flattenTenantUniversalLogin(universalLogin *management.TenantUniversalLogin
 	return []interface{}{m}
 }
 
+func flattenTenantSessionCookie(sessionCookie *management.TenantSessionCookie) []interface{} {
+	m := make(map[string]interface{})
+	m["mode"] = sessionCookie.GetMode()
+
+	return []interface{}{m}
+}
+
 func expandTenantChangePassword(d ResourceData) *management.TenantChangePassword {
 	var changePassword management.TenantChangePassword
 
@@ -176,3 +183,13 @@ func expandTenantUniversalLogin(d ResourceData) *management.TenantUniversalLogin
 
 	return &universalLogin
 }
+
+func expandTenantSessionCookie(d ResourceData) *management.TenantSessionCookie {
+	var sessionCookie management.TenantSessionCookie
+
+	List(d, "session_cookie").Elem(func(d ResourceData) {
+		sessionCookie.Mode = String(d, "mode")
+	})
+
+	return &sessionCookie
+}

docs/resources/tenant.md

@@ -49,6 +49,9 @@ resource "auth0_tenant" "tenant" {
   ]
   session_lifetime = 46000
   sandbox_version  = "8"
+  session_cookie {
+    mode = "non-persistent"
+  }
 }
 ```
 
@@ -73,6 +76,7 @@ Arguments accepted by this resource include:
 * `flags` - (Optional) List(Resource). Configuration settings for tenant flags. For details, see [Flags](#flags).
 * `universal_login` - (Optional) List(Resource). Configuration settings for Universal Login. For details, see [Universal Login](#universal-login).
 * `default_redirection_uri` - (Optional) String. The default absolute redirection uri, must be https and cannot contain a fragment.
+* `session_cookie` - (Optional) List(Resource). Alters behavior of tenant's session cookie. Contains a single `mode` property that accepts two values: `"persistent"` or `"non-persistent"`.
 
 ### Change Password Page
 

example/tenant/main.tf

@@ -38,4 +38,8 @@ resource "auth0_tenant" "tenant" {
     show_log_link = true
     url           = "http://example.com/errors"
   }
+
+  session_cookie {
+    mode = "non-persistent"
+  }
 }

go.mod

@@ -3,7 +3,7 @@ module github.com/auth0/terraform-provider-auth0
 go 1.18
 
 require (
-	github.com/auth0/go-auth0 v0.8.0
+	github.com/auth0/go-auth0 v0.9.0
 	github.com/dnaeon/go-vcr/v2 v2.0.1
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/go-multierror v1.1.1

go.sum

@@ -52,8 +52,8 @@ github.com/apparentlymart/go-textseg/v12 v12.0.0/go.mod h1:S/4uRK2UtaQttw1GenVJE
 github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw=
 github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
-github.com/auth0/go-auth0 v0.8.0 h1:x5Z6q++NUtdaSyzoHMaMRjH/SpiWS5rLTQ8ZX0AsRRE=
-github.com/auth0/go-auth0 v0.8.0/go.mod h1:kxxGNgF592VPvWSNPVWNbmWHs+R9c0MZCTuW+T3NgZw=
+github.com/auth0/go-auth0 v0.9.0 h1:+jiMnvXSsu9v6eZUy6MrgqBN0nw4wK8mBivtoLeD3Pk=
+github.com/auth0/go-auth0 v0.9.0/go.mod h1:kxxGNgF592VPvWSNPVWNbmWHs+R9c0MZCTuW+T3NgZw=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
 github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=