auth0 · sergiught · Jul 7, 2022 · Jul 2, 2022 · Jul 3, 2022 · Jul 5, 2022
@@ -186,6 +186,70 @@ func newGuardian() *schema.Resource {
 					},
 				},
 			},
+			"push": {
+				Type:     schema.TypeList,
+				Optional: true,
+				MaxItems: 1,
+				MinItems: 0,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"amazon_sns": {
+							Type:     schema.TypeList,
+							Optional: true,
+							MaxItems: 1,
+							MinItems: 1,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"aws_access_key_id": {
+										Type:     schema.TypeString,
+										Required: true,
+									},
+									"aws_region": {
+										Type:     schema.TypeString,
+										Required: true,
+									},
+									"aws_secret_access_key": {
+										Type:      schema.TypeString,
+										Required:  true,
+										Sensitive: true,
+									},
+									"sns_apns_platform_application_arn": {
+										Type:     schema.TypeString,
+										Required: true,
+									},
+									"sns_gcm_platform_application_arn": {
+										Type:     schema.TypeString,
+										Required: true,
+									},
+								},
+							},
+						},
+						"custom_app": {
+							Type:     schema.TypeList,
+							Optional: true,
+							MaxItems: 1,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"app_name": {
+										Type:     schema.TypeString,
+										Optional: true,
+									},
+									"apple_app_link": {
+										Type:         schema.TypeString,
+										Optional:     true,
+										ValidateFunc: validation.IsURLWithHTTPS,
+									},
+									"google_app_link": {
+										Type:         schema.TypeString,
+										Optional:     true,
+										ValidateFunc: validation.IsURLWithHTTPS,
+									},
+								},
+							},
+						},
+					},
+				},
+			},
 		},
 	}
 }
@@ -263,6 +327,17 @@ func readGuardian(ctx context.Context, d *schema.ResourceData, m interface{}) di
 
 				result = multierror.Append(result, d.Set("duo", duo))
 			}
+		case "push":
+			result = multierror.Append(result, d.Set("push", nil))
+
+			if factor.GetEnabled() {
+				push, err := flattenPush(api)
+				if err != nil {
+					return diag.FromErr(err)
+				}
+
+				result = multierror.Append(result, d.Set("push", push))
+			}
 		}
 	}
 
@@ -299,6 +374,10 @@ func updateGuardian(ctx context.Context, d *schema.ResourceData, m interface{})
 		return diag.FromErr(err)
 	}
 
+	if err := updatePush(d, api); err != nil {
+		return diag.FromErr(err)
+	}
+
 	return readGuardian(ctx, d, m)
 }
 
@@ -323,6 +402,9 @@ func deleteGuardian(ctx context.Context, d *schema.ResourceData, m interface{})
 	if err := api.Guardian.MultiFactor.DUO.Enable(false); err != nil {
 		return diag.FromErr(err)
 	}
+	if err := api.Guardian.MultiFactor.Push.Enable(false); err != nil {
+		return diag.FromErr(err)
+	}
 
 	d.SetId("")
 

@@ -410,3 +410,99 @@ resource "auth0_guardian" "foo" {
 	policy = "all-applications"
 }
 `
+
+func TestAccGuardianPush(t *testing.T) {
+	httpRecorder := configureHTTPRecorder(t)
+
+	resource.Test(t, resource.TestCase{
+		ProviderFactories: testProviders(httpRecorder),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccConfigurePushCreate,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "policy", "all-applications"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.#", "1"),
+				),
+			},
+			{
+				Config: testAccConfigurePushUpdateAmazonSNS,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "policy", "all-applications"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.#", "1"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.amazon_sns.#", "1"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.amazon_sns.0.aws_access_key_id", "test1"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.amazon_sns.0.aws_region", "us-west-1"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.amazon_sns.0.aws_secret_access_key", "secretKey"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.amazon_sns.0.sns_apns_platform_application_arn", "test_arn"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.amazon_sns.0.sns_gcm_platform_application_arn", "test_arn"),
+				),
+			},
+			{
+				Config: testAccConfigurePushUpdateCustomApp,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "policy", "all-applications"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.#", "1"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.custom_app.#", "1"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.custom_app.0.app_name", "CustomApp"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.custom_app.0.apple_app_link", "https://itunes.apple.com/us/app/my-app/id123121"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.0.custom_app.0.google_app_link", "https://play.google.com/store/apps/details?id=com.my.app"),
+				),
+			},
+			{
+				Config: testAccConfigurePushDelete,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "policy", "all-applications"),
+					resource.TestCheckResourceAttr("auth0_guardian.foo", "push.#", "0"),
+				),
+			},
+		},
+	})
+}
+
+const testAccConfigurePushCreate = `
+resource "auth0_guardian" "foo" {
+	policy = "all-applications"
+	push {}
+}
+`
+
+const testAccConfigurePushUpdateAmazonSNS = `
+resource "auth0_guardian" "foo" {
+	policy = "all-applications"
+	push {
+		amazon_sns {
+			aws_access_key_id = "test1"
+			aws_region = "us-west-1"
+			aws_secret_access_key = "secretKey"
+			sns_apns_platform_application_arn = "test_arn"
+			sns_gcm_platform_application_arn = "test_arn"
+		}
+	}
+}
+`
+
+const testAccConfigurePushUpdateCustomApp = `
+resource "auth0_guardian" "foo" {
+	policy = "all-applications"
+	push {
+		amazon_sns {
+			aws_access_key_id = "test1"
+			aws_region = "us-west-1"
+			aws_secret_access_key = "secretKey"
+			sns_apns_platform_application_arn = "test_arn"
+			sns_gcm_platform_application_arn = "test_arn"
+		}
+		custom_app {
+			app_name = "CustomApp"
+			apple_app_link = "https://itunes.apple.com/us/app/my-app/id123121"
+			google_app_link = "https://play.google.com/store/apps/details?id=com.my.app"
+		}
+	}
+}
+`
+
+const testAccConfigurePushDelete = `
+resource "auth0_guardian" "foo" {
+	policy = "all-applications"
+}
+`
@@ -123,6 +123,39 @@ func flattenDUO(api *management.Management) ([]interface{}, error) {
 	return []interface{}{m}, nil
 }
 
+func flattenPush(api *management.Management) ([]interface{}, error) {
+	amazonSNS, err := api.Guardian.MultiFactor.Push.AmazonSNS()
+	if err != nil {
+		return nil, err
+	}
+
+	pushData := make(map[string]interface{})
+	pushData["amazon_sns"] = []interface{}{
+		map[string]interface{}{
+			"aws_access_key_id":                 amazonSNS.GetAccessKeyID(),
+			"aws_region":                        amazonSNS.GetRegion(),
+			"aws_secret_access_key":             amazonSNS.GetSecretAccessKeyID(),
+			"sns_apns_platform_application_arn": amazonSNS.GetAPNSPlatformApplicationARN(),
+			"sns_gcm_platform_application_arn":  amazonSNS.GetGCMPlatformApplicationARN(),
+		},
+	}
+
+	customApp, err := api.Guardian.MultiFactor.Push.CustomApp()
+	if err != nil {
+		return nil, err
+	}
+
+	pushData["custom_app"] = []interface{}{
+		map[string]interface{}{
+			"app_name":        customApp.GetAppName(),
+			"apple_app_link":  customApp.GetAppleAppLink(),
+			"google_app_link": customApp.GetGoogleAppLink(),
+		},
+	}
+
+	return []interface{}{pushData}, nil
+}
+
 func updatePolicy(d *schema.ResourceData, api *management.Management) error {
 	if d.HasChange("policy") {
 		multiFactorPolicies := management.MultiFactorPolicies{}
@@ -349,3 +382,43 @@ func updateDUO(d *schema.ResourceData, api *management.Management) error {
 
 	return api.Guardian.MultiFactor.DUO.Enable(false)
 }
+
+func updatePush(d *schema.ResourceData, api *management.Management) error {
+	if factorShouldBeUpdated(d, "push") {
+		if err := api.Guardian.MultiFactor.Push.Enable(true); err != nil {
+			return err
+		}
+
+		var amazonSNS *management.MultiFactorProviderAmazonSNS
+		List(d, "amazon_sns", HasChange()).Elem(func(d ResourceData) {
+			amazonSNS = &management.MultiFactorProviderAmazonSNS{
+				AccessKeyID:                String(d, "aws_access_key_id"),
+				SecretAccessKeyID:          String(d, "aws_secret_access_key"),
+				Region:                     String(d, "aws_region"),
+				APNSPlatformApplicationARN: String(d, "sns_apns_platform_application_arn"),
+				GCMPlatformApplicationARN:  String(d, "sns_gcm_platform_application_arn"),
+			}
+		})
+		if amazonSNS != nil {
+			if err := api.Guardian.MultiFactor.Push.UpdateAmazonSNS(amazonSNS); err != nil {
+				return err
+			}
+		}
+
+		var customApp *management.MultiFactorPushCustomApp
+		List(d, "custom_app", HasChange()).Elem(func(d ResourceData) {
+			customApp = &management.MultiFactorPushCustomApp{
+				AppName:       String(d, "app_name"),
+				AppleAppLink:  String(d, "apple_app_link"),
+				GoogleAppLink: String(d, "google_app_link"),
+			}
+		})
+		if customApp != nil {
+			if err := api.Guardian.MultiFactor.Push.UpdateCustomApp(customApp); err != nil {
+				return err
+			}
+		}
+	}
+
+	return api.Guardian.MultiFactor.Push.Enable(false)
+}