Add session_cookie to tenant
#220
Conversation
Codecov Report
@@ Coverage Diff @@
## main #220 +/- ##
==========================================
+ Coverage 83.63% 83.71% +0.08%
==========================================
Files 36 36
Lines 6587 6620 +33
==========================================
+ Hits 5509 5542 +33
Misses 859 859
Partials 219 219
Continue to review full report at Codecov.
|
go.mod
Outdated
| @@ -3,7 +3,7 @@ module github.com/auth0/terraform-provider-auth0 | |||
| go 1.18 | |||
|
|
|||
| require ( | |||
| github.com/auth0/go-auth0 v0.8.0 | |||
| github.com/auth0/go-auth0 v0.0.0-20220706202431-cce36896b06c | |||
There was a problem hiding this comment.
Let's take @Widcket's suggestion to keep these kind of PRs in Draft mode till we make a release in go-auth0 SDK, wdyt? So we can easily differentiate between the ones that can be immediately merged and these that shouldn't yet.
| "session_cookie": { | ||
| Type: schema.TypeList, | ||
| Optional: true, | ||
| Computed: true, |
There was a problem hiding this comment.
Do we really need computed both here and on the mode? 🤔
There was a problem hiding this comment.
I don't know, do we? Frankly, it's a confusing property that possesses unintuitive behavior; I'm seeing that we set many things to Computed: true so I'm just following a precedent.
There was a problem hiding this comment.
What we can do is try first the parameters without the computed property. The computed is usually needed if there are weird diffs constantly showing whenever terraform performs a refresh, that have no explanation (my personal heuristic on when to use computed or not).
There was a problem hiding this comment.
Turns out the computed property only needs to be enabled on the root object, not necessarily the children, or at least for this example. However, enabling for the child too did not alter behavior.
I'd prefer to not require manual verification testing for these types of additions, so I added a third stage for the TestAccTenant test. It attempts to apply an empty tenant resource block to see if it triggers any odd behavior from Terraform or the Management API. Specifically for this case, it caught a 400 error that occurred when Terrafrom attempted to set the session_cookie to an empty object, something that the Management API prohibits.
There was a problem hiding this comment.
We're sending an empty object because the expand func is flawed. We can remove the Computed property and refactor the expand as follows:
func expandTenantSessionCookie(d ResourceData) *management.TenantSessionCookie {
var sessionCookie *management.TenantSessionCookie
List(d, "session_cookie").Elem(func(d ResourceData) {
sessionCookie = &management.TenantSessionCookie{Mode: String(d, "mode")}
})
return sessionCookie
}This will make it so that sessionCookie is nil in case it's not present in the config so it will get omitted from the payload because of the omitempty tag.
There was a problem hiding this comment.
| Computed: true, |
There was a problem hiding this comment.
The suggested change to refactor expandTenantSessionCookie works, but it does not enable us to remove the Computed property because it fails the "reset" test stage. The plan is not empty afterwards. I'm going to opt to keep it as-is because there is no discernible change in code. Further, the code for that expand function matches the existing precedent set by expandTenantChangePassword, expandTenantGuardianMFAPage, expandTenantErrorPage and expandTenantUniversalLogin.
… a tenant resource doesn't hit a 400
| func expandTenantSessionCookie(d ResourceData) *management.TenantSessionCookie { | ||
| var sessionCookie management.TenantSessionCookie | ||
|
|
||
| List(d, "session_cookie").Elem(func(d ResourceData) { | ||
| sessionCookie.Mode = String(d, "mode") | ||
| }) | ||
|
|
||
| return &sessionCookie | ||
| } |
There was a problem hiding this comment.
| func expandTenantSessionCookie(d ResourceData) *management.TenantSessionCookie { | |
| var sessionCookie management.TenantSessionCookie | |
| List(d, "session_cookie").Elem(func(d ResourceData) { | |
| sessionCookie.Mode = String(d, "mode") | |
| }) | |
| return &sessionCookie | |
| } | |
| func expandTenantSessionCookie(d ResourceData) *management.TenantSessionCookie { | |
| var sessionCookie *management.TenantSessionCookie | |
| List(d, "session_cookie").Elem(func(d ResourceData) { | |
| sessionCookie = &management.TenantSessionCookie{Mode: String(d, "mode")} | |
| }) | |
| return sessionCookie | |
| } |
Description
As pointed out in #55, the tenant resource is lacking support for modifying session cookie behavior. This PR adds this functionality through the
session_cookieproperty. It mimics the Management API data shape with a singlemodesub-property that accepts one of two strings:"persistent"or"non-persistent".This configuration can be found in the dashboard by following the
https://manage.auth0.com/dashboard/us/<YOUR_TENANT>/tenant/advancedroute:This depends on a similar PR to add functionality to the Go SDK.
Checklist
Note: Checklist required to be completed before a PR is considered to be reviewable.
Auth0 Code of Conduct
Auth0 General Contribution Guidelines
Changes include test coverage?
Does the description provide the correct amount of context?
Have you updated the documentation?
Is this code ready for production?