From bb19e794d7c61003a7b6ac9b47c2569aae4ba216 Mon Sep 17 00:00:00 2001 From: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com> Date: Sat, 26 Aug 2023 14:52:27 +0300 Subject: [PATCH 1/2] Improve DX for managing is_token_endpoint_ip_header_trusted on client --- docs/data-sources/client.md | 2 +- docs/resources/client.md | 2 +- internal/auth0/client/expand.go | 71 +-- internal/auth0/client/resource.go | 11 +- internal/auth0/client/resource_test.go | 44 +- ...IsTokenEndpointIPHeaderTrustedEnabled.yaml | 218 +++++++ ...sTokenEndpointIPHeaderTrustedOnCreate.yaml | 578 ------------------ 7 files changed, 287 insertions(+), 639 deletions(-) create mode 100644 test/data/recordings/TestAccClientGetsCreatedWithIsTokenEndpointIPHeaderTrustedEnabled.yaml delete mode 100644 test/data/recordings/TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate.yaml diff --git a/docs/data-sources/client.md b/docs/data-sources/client.md index 4df512c05..9eccf8c54 100644 --- a/docs/data-sources/client.md +++ b/docs/data-sources/client.md @@ -52,7 +52,7 @@ data "auth0_client" "some-client-by-id" { - `id` (String) The ID of this resource. - `initiate_login_uri` (String) Initiate login URI. Must be HTTPS or an empty string. - `is_first_party` (Boolean) Indicates whether this client is a first-party client. -- `is_token_endpoint_ip_header_trusted` (Boolean) Indicates whether the token endpoint IP header is trusted. This attribute can only be updated after the client gets created. +- `is_token_endpoint_ip_header_trusted` (Boolean) Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to `client_secret_post` or `client_secret_basic`. Setting this property when creating the resource, will default the authentication method to `client_secret_post`. To changethe authentication method to `client_secret_basic` use the `auth0_client_credentials` resource. - `jwt_configuration` (List of Object) Configuration settings for the JWTs issued for this client. (see [below for nested schema](#nestedatt--jwt_configuration)) - `logo_uri` (String) URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown. - `mobile` (List of Object) Additional configuration for native mobile apps. (see [below for nested schema](#nestedatt--mobile)) diff --git a/docs/resources/client.md b/docs/resources/client.md index 49d29f41f..53b285192 100644 --- a/docs/resources/client.md +++ b/docs/resources/client.md @@ -107,7 +107,7 @@ resource "auth0_client" "my_client" { - `grant_types` (List of String) Types of grants that this client is authorized to use. - `initiate_login_uri` (String) Initiate login URI. Must be HTTPS or an empty string. - `is_first_party` (Boolean) Indicates whether this client is a first-party client. -- `is_token_endpoint_ip_header_trusted` (Boolean) Indicates whether the token endpoint IP header is trusted. This attribute can only be updated after the client gets created. +- `is_token_endpoint_ip_header_trusted` (Boolean) Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to `client_secret_post` or `client_secret_basic`. Setting this property when creating the resource, will default the authentication method to `client_secret_post`. To changethe authentication method to `client_secret_basic` use the `auth0_client_credentials` resource. - `jwt_configuration` (Block List, Max: 1) Configuration settings for the JWTs issued for this client. (see [below for nested schema](#nestedblock--jwt_configuration)) - `logo_uri` (String) URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown. - `mobile` (Block List, Max: 1) Additional configuration for native mobile apps. (see [below for nested schema](#nestedblock--mobile)) diff --git a/internal/auth0/client/expand.go b/internal/auth0/client/expand.go index b45b32fef..e121587b6 100644 --- a/internal/auth0/client/expand.go +++ b/internal/auth0/client/expand.go @@ -13,41 +13,42 @@ func expandClient(data *schema.ResourceData) *management.Client { config := data.GetRawConfig() client := &management.Client{ - Name: value.String(config.GetAttr("name")), - Description: value.String(config.GetAttr("description")), - AppType: value.String(config.GetAttr("app_type")), - LogoURI: value.String(config.GetAttr("logo_uri")), - IsFirstParty: value.Bool(config.GetAttr("is_first_party")), - OIDCConformant: value.Bool(config.GetAttr("oidc_conformant")), - ClientAliases: value.Strings(config.GetAttr("client_aliases")), - Callbacks: value.Strings(config.GetAttr("callbacks")), - AllowedLogoutURLs: value.Strings(config.GetAttr("allowed_logout_urls")), - AllowedOrigins: value.Strings(config.GetAttr("allowed_origins")), - AllowedClients: value.Strings(config.GetAttr("allowed_clients")), - GrantTypes: value.Strings(config.GetAttr("grant_types")), - OrganizationUsage: value.String(config.GetAttr("organization_usage")), - OrganizationRequireBehavior: value.String(config.GetAttr("organization_require_behavior")), - WebOrigins: value.Strings(config.GetAttr("web_origins")), - SSO: value.Bool(config.GetAttr("sso")), - SSODisabled: value.Bool(config.GetAttr("sso_disabled")), - CrossOriginAuth: value.Bool(config.GetAttr("cross_origin_auth")), - CrossOriginLocation: value.String(config.GetAttr("cross_origin_loc")), - CustomLoginPageOn: value.Bool(config.GetAttr("custom_login_page_on")), - CustomLoginPage: value.String(config.GetAttr("custom_login_page")), - FormTemplate: value.String(config.GetAttr("form_template")), - InitiateLoginURI: value.String(config.GetAttr("initiate_login_uri")), - EncryptionKey: value.MapOfStrings(config.GetAttr("encryption_key")), - OIDCBackchannelLogout: expandOIDCBackchannelLogout(data), - ClientMetadata: expandClientMetadata(data), - RefreshToken: expandClientRefreshToken(data), - JWTConfiguration: expandClientJWTConfiguration(data), - Addons: expandClientAddons(data), - NativeSocialLogin: expandClientNativeSocialLogin(data), - Mobile: expandClientMobile(data), - } - - if !data.IsNewResource() { - client.IsTokenEndpointIPHeaderTrusted = value.Bool(config.GetAttr("is_token_endpoint_ip_header_trusted")) + Name: value.String(config.GetAttr("name")), + Description: value.String(config.GetAttr("description")), + AppType: value.String(config.GetAttr("app_type")), + LogoURI: value.String(config.GetAttr("logo_uri")), + IsFirstParty: value.Bool(config.GetAttr("is_first_party")), + OIDCConformant: value.Bool(config.GetAttr("oidc_conformant")), + ClientAliases: value.Strings(config.GetAttr("client_aliases")), + Callbacks: value.Strings(config.GetAttr("callbacks")), + AllowedLogoutURLs: value.Strings(config.GetAttr("allowed_logout_urls")), + AllowedOrigins: value.Strings(config.GetAttr("allowed_origins")), + AllowedClients: value.Strings(config.GetAttr("allowed_clients")), + GrantTypes: value.Strings(config.GetAttr("grant_types")), + OrganizationUsage: value.String(config.GetAttr("organization_usage")), + OrganizationRequireBehavior: value.String(config.GetAttr("organization_require_behavior")), + WebOrigins: value.Strings(config.GetAttr("web_origins")), + SSO: value.Bool(config.GetAttr("sso")), + SSODisabled: value.Bool(config.GetAttr("sso_disabled")), + CrossOriginAuth: value.Bool(config.GetAttr("cross_origin_auth")), + CrossOriginLocation: value.String(config.GetAttr("cross_origin_loc")), + CustomLoginPageOn: value.Bool(config.GetAttr("custom_login_page_on")), + CustomLoginPage: value.String(config.GetAttr("custom_login_page")), + FormTemplate: value.String(config.GetAttr("form_template")), + InitiateLoginURI: value.String(config.GetAttr("initiate_login_uri")), + EncryptionKey: value.MapOfStrings(config.GetAttr("encryption_key")), + IsTokenEndpointIPHeaderTrusted: value.Bool(config.GetAttr("is_token_endpoint_ip_header_trusted")), + OIDCBackchannelLogout: expandOIDCBackchannelLogout(data), + ClientMetadata: expandClientMetadata(data), + RefreshToken: expandClientRefreshToken(data), + JWTConfiguration: expandClientJWTConfiguration(data), + Addons: expandClientAddons(data), + NativeSocialLogin: expandClientNativeSocialLogin(data), + Mobile: expandClientMobile(data), + } + + if data.IsNewResource() && client.IsTokenEndpointIPHeaderTrusted != nil { + client.TokenEndpointAuthMethod = auth0.String("client_secret_post") } return client diff --git a/internal/auth0/client/resource.go b/internal/auth0/client/resource.go index a52639915..e503f0422 100644 --- a/internal/auth0/client/resource.go +++ b/internal/auth0/client/resource.go @@ -78,10 +78,13 @@ func NewResource() *schema.Resource { Description: "Indicates whether this client is a first-party client.", }, "is_token_endpoint_ip_header_trusted": { - Type: schema.TypeBool, - Optional: true, - Computed: true, - Description: "Indicates whether the token endpoint IP header is trusted. This attribute can only be updated after the client gets created.", + Type: schema.TypeBool, + Optional: true, + Computed: true, + Description: "Indicates whether the token endpoint IP header is trusted. Requires the authentication " + + "method to be set to `client_secret_post` or `client_secret_basic`. Setting this property when " + + "creating the resource, will default the authentication method to `client_secret_post`. To change" + + "the authentication method to `client_secret_basic` use the `auth0_client_credentials` resource.", }, "oidc_conformant": { Type: schema.TypeBool, diff --git a/internal/auth0/client/resource_test.go b/internal/auth0/client/resource_test.go index aad74b066..c65eb2f22 100644 --- a/internal/auth0/client/resource_test.go +++ b/internal/auth0/client/resource_test.go @@ -6,7 +6,8 @@ import ( "testing" "github.com/hashicorp/terraform-plugin-testing/helper/resource" - "github.com/hashicorp/terraform-plugin-testing/plancheck" + "github.com/hashicorp/terraform-plugin-testing/terraform" + "github.com/stretchr/testify/assert" "github.com/auth0/terraform-provider-auth0/internal/acctest" ) @@ -2100,44 +2101,47 @@ resource "auth0_client" "my_client" { is_token_endpoint_ip_header_trusted = true } +` + +const testAccImportClientCredentialsForClientWithIsTokenEndpointIPHeaderTrustedSetToTrueOnCreate = ` +resource "auth0_client" "my_client" { + name = "Test IP Header Trusted - {{.testName}}" + + is_token_endpoint_ip_header_trusted = true +} -resource "auth0_client_credentials" "my_client-credentials" { +resource "auth0_client_credentials" "my_client_credentials" { client_id = auth0_client.my_client.id authentication_method = "client_secret_post" } ` -func TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate(t *testing.T) { +func TestAccClientGetsCreatedWithIsTokenEndpointIPHeaderTrustedEnabled(t *testing.T) { acctest.Test(t, resource.TestCase{ Steps: []resource.TestStep{ { - Config: acctest.ParseTestName(testAccCreateClientWithIsTokenEndpointIPHeaderTrustedSetToTrue, t.Name()), - ExpectNonEmptyPlan: true, - ConfigPlanChecks: resource.ConfigPlanChecks{ - PostApplyPostRefresh: []plancheck.PlanCheck{ - plancheck.ExpectResourceAction("auth0_client.my_client", plancheck.ResourceActionUpdate), - }, - }, + Config: acctest.ParseTestName(testAccCreateClientWithIsTokenEndpointIPHeaderTrustedSetToTrue, t.Name()), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("auth0_client.my_client", "name", fmt.Sprintf("Test IP Header Trusted - %s", t.Name())), - resource.TestCheckResourceAttr("auth0_client.my_client", "is_token_endpoint_ip_header_trusted", "false"), - resource.TestCheckTypeSetElemAttrPair("auth0_client_credentials.my_client-credentials", "client_id", "auth0_client.my_client", "id"), - resource.TestCheckResourceAttr("auth0_client_credentials.my_client-credentials", "authentication_method", "client_secret_post"), + resource.TestCheckResourceAttr("auth0_client.my_client", "is_token_endpoint_ip_header_trusted", "true"), ), }, { - Config: acctest.ParseTestName(testAccCreateClientWithIsTokenEndpointIPHeaderTrustedSetToTrue, t.Name()), - ConfigPlanChecks: resource.ConfigPlanChecks{ - PostApplyPostRefresh: []plancheck.PlanCheck{ - plancheck.ExpectEmptyPlan(), - }, + Config: acctest.ParseTestName(testAccImportClientCredentialsForClientWithIsTokenEndpointIPHeaderTrustedSetToTrueOnCreate, t.Name()), + ResourceName: "auth0_client_credentials.my_client_credentials", + ImportState: true, + ImportStateIdFunc: func(state *terraform.State) (string, error) { + clientID, err := acctest.ExtractResourceAttributeFromState(state, "auth0_client.my_client", "id") + assert.NoError(t, err) + return clientID, nil }, + ImportStatePersist: true, Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("auth0_client.my_client", "name", fmt.Sprintf("Test IP Header Trusted - %s", t.Name())), resource.TestCheckResourceAttr("auth0_client.my_client", "is_token_endpoint_ip_header_trusted", "true"), - resource.TestCheckTypeSetElemAttrPair("auth0_client_credentials.my_client-credentials", "client_id", "auth0_client.my_client", "id"), - resource.TestCheckResourceAttr("auth0_client_credentials.my_client-credentials", "authentication_method", "client_secret_post"), + resource.TestCheckTypeSetElemAttrPair("auth0_client_credentials.my_client_credentials", "client_id", "auth0_client.my_client", "id"), + resource.TestCheckResourceAttr("auth0_client_credentials.my_client_credentials", "authentication_method", "client_secret_post"), ), }, }, diff --git a/test/data/recordings/TestAccClientGetsCreatedWithIsTokenEndpointIPHeaderTrustedEnabled.yaml b/test/data/recordings/TestAccClientGetsCreatedWithIsTokenEndpointIPHeaderTrustedEnabled.yaml new file mode 100644 index 000000000..f529be4b2 --- /dev/null +++ b/test/data/recordings/TestAccClientGetsCreatedWithIsTokenEndpointIPHeaderTrustedEnabled.yaml @@ -0,0 +1,218 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 195 + transfer_encoding: [] + trailer: {} + host: terraform-provider-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithIsTokenEndpointIPHeaderTrustedEnabled","is_token_endpoint_ip_header_trusted":true,"token_endpoint_auth_method":"client_secret_post"} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.0.0 + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithIsTokenEndpointIPHeaderTrustedEnabled","client_id":"ksJk1Kzcd558bgfKYA2kOkyZs3BVoxAz","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"token_endpoint_auth_method":"client_secret_post","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":31557600,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":2592000}}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 286.212166ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 5 + transfer_encoding: [] + trailer: {} + host: terraform-provider-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.0.0 + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/ksJk1Kzcd558bgfKYA2kOkyZs3BVoxAz + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithIsTokenEndpointIPHeaderTrustedEnabled","client_id":"ksJk1Kzcd558bgfKYA2kOkyZs3BVoxAz","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"token_endpoint_auth_method":"client_secret_post","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":31557600,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":2592000}}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 119.636042ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 5 + transfer_encoding: [] + trailer: {} + host: terraform-provider-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.0.0 + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/ksJk1Kzcd558bgfKYA2kOkyZs3BVoxAz + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithIsTokenEndpointIPHeaderTrustedEnabled","client_id":"ksJk1Kzcd558bgfKYA2kOkyZs3BVoxAz","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"token_endpoint_auth_method":"client_secret_post","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":31557600,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":2592000}}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 153.430625ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 5 + transfer_encoding: [] + trailer: {} + host: terraform-provider-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.0.0 + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/ksJk1Kzcd558bgfKYA2kOkyZs3BVoxAz?fields=client_id%2Cclient_secret%2Ctoken_endpoint_auth_method%2Cclient_authentication_methods&include_fields=true + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"client_id":"ksJk1Kzcd558bgfKYA2kOkyZs3BVoxAz","client_secret":"[REDACTED]","signing_keys":[{"cert":"[REDACTED]"}],"token_endpoint_auth_method":"client_secret_post"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 220.605125ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: terraform-provider-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.0.0 + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/ksJk1Kzcd558bgfKYA2kOkyZs3BVoxAz + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 180.447125ms + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 5 + transfer_encoding: [] + trailer: {} + host: terraform-provider-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + null + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.0.0 + url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/ksJk1Kzcd558bgfKYA2kOkyZs3BVoxAz?fields=client_id%2Capp_type&include_fields=true + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"statusCode":404,"error":"Not Found","message":"The client does not exist","errorCode":"inexistent_client"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 404 Not Found + code: 404 + duration: 330.494875ms diff --git a/test/data/recordings/TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate.yaml b/test/data/recordings/TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate.yaml deleted file mode 100644 index 05a39c8f0..000000000 --- a/test/data/recordings/TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate.yaml +++ /dev/null @@ -1,578 +0,0 @@ ---- -version: 2 -interactions: - - id: 0 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 113 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - {"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate"} - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: false - body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate","client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 201 Created - code: 201 - duration: 564.524375ms - - id: 1 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate","client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 101.871667ms - - id: 2 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD?fields=client_id&include_fields=true - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","signing_keys":[{"cert":"[REDACTED]"}]}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 90.994292ms - - id: 3 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 52 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - {"token_endpoint_auth_method":"client_secret_post"} - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD - method: PATCH - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate","client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"token_endpoint_auth_method":"client_secret_post","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 131.992875ms - - id: 4 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD?fields=client_id%2Cclient_secret%2Ctoken_endpoint_auth_method%2Cclient_authentication_methods&include_fields=true - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","signing_keys":[{"cert":"[REDACTED]"}],"token_endpoint_auth_method":"client_secret_post"}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 250.113ms - - id: 5 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate","client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"token_endpoint_auth_method":"client_secret_post","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 96.528916ms - - id: 6 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD?fields=client_id%2Cclient_secret%2Ctoken_endpoint_auth_method%2Cclient_authentication_methods&include_fields=true - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","signing_keys":[{"cert":"[REDACTED]"}],"token_endpoint_auth_method":"client_secret_post"}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 93.107042ms - - id: 7 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate","client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":false,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"token_endpoint_auth_method":"client_secret_post","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 90.879ms - - id: 8 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD?fields=client_id%2Cclient_secret%2Ctoken_endpoint_auth_method%2Cclient_authentication_methods&include_fields=true - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","signing_keys":[{"cert":"[REDACTED]"}],"token_endpoint_auth_method":"client_secret_post"}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 100.073583ms - - id: 9 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 156 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - {"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate","is_token_endpoint_ip_header_trusted":true} - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD - method: PATCH - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate","client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"token_endpoint_auth_method":"client_secret_post","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 107.686667ms - - id: 10 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate","client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"token_endpoint_auth_method":"client_secret_post","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 126.225625ms - - id: 11 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate","client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"token_endpoint_auth_method":"client_secret_post","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 109.906167ms - - id: 12 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD?fields=client_id%2Cclient_secret%2Ctoken_endpoint_auth_method%2Cclient_authentication_methods&include_fields=true - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","signing_keys":[{"cert":"[REDACTED]"}],"token_endpoint_auth_method":"client_secret_post"}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 98.35925ms - - id: 13 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 5 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - null - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD?fields=client_id%2Capp_type&include_fields=true - method: GET - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","signing_keys":[{"cert":"[REDACTED]"}]}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 109.580209ms - - id: 14 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 53 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: | - {"token_endpoint_auth_method":"client_secret_basic"} - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD - method: PATCH - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: -1 - uncompressed: true - body: '{"name":"Test IP Header Trusted - TestAccClientGetsCreatedWithoutSettingIsTokenEndpointIPHeaderTrustedOnCreate","client_id":"w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD","client_secret":"[REDACTED]","is_first_party":true,"is_token_endpoint_ip_header_trusted":true,"oidc_conformant":false,"jwt_configuration":{"secret_encoded":false,"lifetime_in_seconds":36000},"signing_keys":[{"cert":"[REDACTED]"}],"sso_disabled":false,"grant_types":["authorization_code","implicit","refresh_token","client_credentials"],"custom_login_page_on":true,"token_endpoint_auth_method":"client_secret_basic","refresh_token":{"rotation_type":"non-rotating","expiration_type":"non-expiring","leeway":0,"token_lifetime":2592000,"infinite_token_lifetime":true,"infinite_idle_token_lifetime":true,"idle_token_lifetime":1296000}}' - headers: - Content-Type: - - application/json; charset=utf-8 - status: 200 OK - code: 200 - duration: 100.014625ms - - id: 15 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 0 - transfer_encoding: [] - trailer: {} - host: terraform-provider-auth0-dev.eu.auth0.com - remote_addr: "" - request_uri: "" - body: "" - form: {} - headers: - Content-Type: - - application/json - User-Agent: - - Go-Auth0-SDK/0.17.2 - url: https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/clients/w6rwi7QVCxmhqUrg2cllOOk8BrRdCEcD - method: DELETE - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - transfer_encoding: [] - trailer: {} - content_length: 0 - uncompressed: false - body: "" - headers: - Content-Type: - - application/json; charset=utf-8 - status: 204 No Content - code: 204 - duration: 224.79525ms From 6ac43997a38ea52eef6c176aa2261eb5da644a89 Mon Sep 17 00:00:00 2001 From: Will Vedder Date: Tue, 29 Aug 2023 10:20:10 -0400 Subject: [PATCH 2/2] Apply suggestions from code review --- docs/data-sources/client.md | 2 +- docs/resources/client.md | 2 +- internal/auth0/client/resource.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/data-sources/client.md b/docs/data-sources/client.md index 9eccf8c54..d172bb75a 100644 --- a/docs/data-sources/client.md +++ b/docs/data-sources/client.md @@ -52,7 +52,7 @@ data "auth0_client" "some-client-by-id" { - `id` (String) The ID of this resource. - `initiate_login_uri` (String) Initiate login URI. Must be HTTPS or an empty string. - `is_first_party` (Boolean) Indicates whether this client is a first-party client. -- `is_token_endpoint_ip_header_trusted` (Boolean) Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to `client_secret_post` or `client_secret_basic`. Setting this property when creating the resource, will default the authentication method to `client_secret_post`. To changethe authentication method to `client_secret_basic` use the `auth0_client_credentials` resource. +- `is_token_endpoint_ip_header_trusted` (Boolean) Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to `client_secret_post` or `client_secret_basic`. Setting this property when creating the resource, will default the authentication method to `client_secret_post`. To change the authentication method to `client_secret_basic` use the `auth0_client_credentials` resource. - `jwt_configuration` (List of Object) Configuration settings for the JWTs issued for this client. (see [below for nested schema](#nestedatt--jwt_configuration)) - `logo_uri` (String) URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown. - `mobile` (List of Object) Additional configuration for native mobile apps. (see [below for nested schema](#nestedatt--mobile)) diff --git a/docs/resources/client.md b/docs/resources/client.md index 53b285192..94f23403a 100644 --- a/docs/resources/client.md +++ b/docs/resources/client.md @@ -107,7 +107,7 @@ resource "auth0_client" "my_client" { - `grant_types` (List of String) Types of grants that this client is authorized to use. - `initiate_login_uri` (String) Initiate login URI. Must be HTTPS or an empty string. - `is_first_party` (Boolean) Indicates whether this client is a first-party client. -- `is_token_endpoint_ip_header_trusted` (Boolean) Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to `client_secret_post` or `client_secret_basic`. Setting this property when creating the resource, will default the authentication method to `client_secret_post`. To changethe authentication method to `client_secret_basic` use the `auth0_client_credentials` resource. +- `is_token_endpoint_ip_header_trusted` (Boolean) Indicates whether the token endpoint IP header is trusted. Requires the authentication method to be set to `client_secret_post` or `client_secret_basic`. Setting this property when creating the resource, will default the authentication method to `client_secret_post`. To change the authentication method to `client_secret_basic` use the `auth0_client_credentials` resource. - `jwt_configuration` (Block List, Max: 1) Configuration settings for the JWTs issued for this client. (see [below for nested schema](#nestedblock--jwt_configuration)) - `logo_uri` (String) URL of the logo for the client. Recommended size is 150px x 150px. If none is set, the default badge for the application type will be shown. - `mobile` (Block List, Max: 1) Additional configuration for native mobile apps. (see [below for nested schema](#nestedblock--mobile)) diff --git a/internal/auth0/client/resource.go b/internal/auth0/client/resource.go index e503f0422..5b2455638 100644 --- a/internal/auth0/client/resource.go +++ b/internal/auth0/client/resource.go @@ -83,7 +83,7 @@ func NewResource() *schema.Resource { Computed: true, Description: "Indicates whether the token endpoint IP header is trusted. Requires the authentication " + "method to be set to `client_secret_post` or `client_secret_basic`. Setting this property when " + - "creating the resource, will default the authentication method to `client_secret_post`. To change" + + "creating the resource, will default the authentication method to `client_secret_post`. To change " + "the authentication method to `client_secret_basic` use the `auth0_client_credentials` resource.", }, "oidc_conformant": {