Update SDK based on latest spec

CHANGELOG.md

@@ -1,5 +1,31 @@
 # Okta Python SDK Changelog
 
+## v2.9.0
+* Addressed a number of open issues regarding SDK
+  * Allow overwriting of default HTTP headers
+  * Prevent automatic camel casing when using pagination to retrieve next set of results
+  * Allow key ID (kid) to be specified when providing JWT
+  * Allow log level to be set by user
+* Using `pycryptodomex` dependency instead of `pycryptodome` to prevent clash in import statements
+* Upgraded to latest version of API spec. Includes following changes:
+  * Added support for MFA Enroll policy type
+  * Added custom role type
+  * Added dynamic issuer mode for open id connect applications
+  * Added failed to verify and domain taken as domain validation statuses
+  * Added Okta managed as domain certificate source type
+  * Added create authenticator endpoint
+  * Added endpoint to preview SAML app metadata
+
+_New models:_
+* ClientSecret
+* ClientSecretMetadata
+* MultifactorEnrollmentPolicy
+* MultifactorEnrollmentPolicySettings
+* MultifactorEnrollmentPolicySettingsType
+* MultifactorEnrollmentPolicyAuthenticatorType
+* MultifactorEnrollmentPolicyAuthenticatorStatus
+* MultifactorEnrollmentPolicyAuthenticatorSettings
+
 ## v2.7.0
 _What's Changed_
 * Regenerated and added pkce_requried to app oauth credentials by @drewcarmichael-okta in https://github.com/okta/okta-sdk-python/pull/313

okta/__init__.py

@@ -1 +1 @@
-__version__ = '2.8.0'
+__version__ = '2.9.0'

okta/constants.py

@@ -79,6 +79,7 @@ def find_factor_model(factor_type):
 OKTA_POLICY_TYPE_TO_MODEL = {
     PT.ACCESS_POLICY: models.AccessPolicy,
     PT.IDP_DISCOVERY: models.IdentityProviderPolicy,
+    PT.MFA_ENROLL: models.MultifactorEnrollmentPolicy,
     PT.OAUTH_AUTHORIZATION_POLICY: models.OAuthAuthorizationPolicy,
     PT.OKTA_SIGN_ON: models.OktaSignOnPolicy,
     PT.PASSWORD: models.PasswordPolicy,

okta/models/__init__.py

@@ -178,6 +178,10 @@
 ChannelBinding = channel_binding.ChannelBinding
 from okta.models import client_policy_condition as client_policy_condition
 ClientPolicyCondition = client_policy_condition.ClientPolicyCondition
+from okta.models import client_secret as client_secret
+ClientSecret = client_secret.ClientSecret
+from okta.models import client_secret_metadata as client_secret_metadata
+ClientSecretMetadata = client_secret_metadata.ClientSecretMetadata
 from okta.models import compliance as compliance
 Compliance = compliance.Compliance
 from okta.models import context_policy_rule_condition as context_policy_rule_condition
@@ -438,6 +442,18 @@
 LogUserAgent = log_user_agent.LogUserAgent
 from okta.models import mdm_enrollment_policy_rule_condition as mdm_enrollment_policy_rule_condition
 MdmEnrollmentPolicyRuleCondition = mdm_enrollment_policy_rule_condition.MdmEnrollmentPolicyRuleCondition
+from okta.models import multifactor_enrollment_policy as multifactor_enrollment_policy
+MultifactorEnrollmentPolicy = multifactor_enrollment_policy.MultifactorEnrollmentPolicy
+from okta.models import multifactor_enrollment_policy_authenticator_settings as multifactor_enrollment_policy_authenticator_settings
+MultifactorEnrollmentPolicyAuthenticatorSettings = multifactor_enrollment_policy_authenticator_settings.MultifactorEnrollmentPolicyAuthenticatorSettings
+from okta.models import multifactor_enrollment_policy_authenticator_status as multifactor_enrollment_policy_authenticator_status
+MultifactorEnrollmentPolicyAuthenticatorStatus = multifactor_enrollment_policy_authenticator_status.MultifactorEnrollmentPolicyAuthenticatorStatus
+from okta.models import multifactor_enrollment_policy_authenticator_type as multifactor_enrollment_policy_authenticator_type
+MultifactorEnrollmentPolicyAuthenticatorType = multifactor_enrollment_policy_authenticator_type.MultifactorEnrollmentPolicyAuthenticatorType
+from okta.models import multifactor_enrollment_policy_settings as multifactor_enrollment_policy_settings
+MultifactorEnrollmentPolicySettings = multifactor_enrollment_policy_settings.MultifactorEnrollmentPolicySettings
+from okta.models import multifactor_enrollment_policy_settings_type as multifactor_enrollment_policy_settings_type
+MultifactorEnrollmentPolicySettingsType = multifactor_enrollment_policy_settings_type.MultifactorEnrollmentPolicySettingsType
 from okta.models import network_zone as network_zone
 NetworkZone = network_zone.NetworkZone
 from okta.models import network_zone_address as network_zone_address

okta/models/application_credentials_o_auth_client.py

@@ -39,6 +39,8 @@ def __init__(self, config=None):
                 if "clientId" in config else None
             self.client_secret = config["clientSecret"]\
                 if "clientSecret" in config else None
+            self.pkce_required = config["pkceRequired"]\
+                if "pkceRequired" in config else None
             if "tokenEndpointAuthMethod" in config:
                 if isinstance(config["tokenEndpointAuthMethod"],
                               o_auth_endpoint_authentication_method.OAuthEndpointAuthenticationMethod):
@@ -55,6 +57,7 @@ def __init__(self, config=None):
             self.auto_key_rotation = None
             self.client_id = None
             self.client_secret = None
+            self.pkce_required = None
             self.token_endpoint_auth_method = None
 
     def request_format(self):
@@ -63,6 +66,7 @@ def request_format(self):
             "autoKeyRotation": self.auto_key_rotation,
             "client_id": self.client_id,
             "client_secret": self.client_secret,
+            "pkce_required": self.pkce_required,
             "token_endpoint_auth_method": self.token_endpoint_auth_method
         }
         parent_req_format.update(current_obj_format)

okta/models/authorization_server.py

@@ -57,6 +57,8 @@ def __init__(self, config=None):
                     self.credentials = None
             else:
                 self.credentials = None
+            self.default = config["default"]\
+                if "default" in config else None
             self.description = config["description"]\
                 if "description" in config else None
             self.id = config["id"]\
@@ -76,6 +78,7 @@ def __init__(self, config=None):
             self.audiences = []
             self.created = None
             self.credentials = None
+            self.default = None
             self.description = None
             self.id = None
             self.issuer = None
@@ -91,6 +94,7 @@ def request_format(self):
             "audiences": self.audiences,
             "created": self.created,
             "credentials": self.credentials,
+            "default": self.default,
             "description": self.description,
             "id": self.id,
             "issuer": self.issuer,

okta/models/client_secret.py

@@ -0,0 +1,71 @@
+# flake8: noqa
+"""
+Copyright 2020 - Present Okta, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+
+# AUTO-GENERATED! DO NOT EDIT FILE DIRECTLY
+# SEE CONTRIBUTOR DOCUMENTATION
+
+from okta.okta_object import OktaObject
+
+
+class ClientSecret(
+    OktaObject
+):
+    """
+    A class for ClientSecret objects.
+    """
+
+    def __init__(self, config=None):
+        super().__init__(config)
+        if config:
+            self.links = config["links"]\
+                if "links" in config else None
+            if "_links" in config:
+                self.links = config["_links"]
+            self.client_secret = config["clientSecret"]\
+                if "clientSecret" in config else None
+            self.created = config["created"]\
+                if "created" in config else None
+            self.id = config["id"]\
+                if "id" in config else None
+            self.last_updated = config["lastUpdated"]\
+                if "lastUpdated" in config else None
+            self.secret_hash = config["secretHash"]\
+                if "secretHash" in config else None
+            self.status = config["status"]\
+                if "status" in config else None
+        else:
+            self.links = None
+            self.client_secret = None
+            self.created = None
+            self.id = None
+            self.last_updated = None
+            self.secret_hash = None
+            self.status = None
+
+    def request_format(self):
+        parent_req_format = super().request_format()
+        current_obj_format = {
+            "_links": self.links,
+            "client_secret": self.client_secret,
+            "created": self.created,
+            "id": self.id,
+            "lastUpdated": self.last_updated,
+            "secret_hash": self.secret_hash,
+            "status": self.status
+        }
+        parent_req_format.update(current_obj_format)
+        return parent_req_format

okta/models/client_secret_metadata.py

@@ -0,0 +1,45 @@
+# flake8: noqa
+"""
+Copyright 2020 - Present Okta, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+
+# AUTO-GENERATED! DO NOT EDIT FILE DIRECTLY
+# SEE CONTRIBUTOR DOCUMENTATION
+
+from okta.okta_object import OktaObject
+
+
+class ClientSecretMetadata(
+    OktaObject
+):
+    """
+    A class for ClientSecretMetadata objects.
+    """
+
+    def __init__(self, config=None):
+        super().__init__(config)
+        if config:
+            self.client_secret = config["clientSecret"]\
+                if "clientSecret" in config else None
+        else:
+            self.client_secret = None
+
+    def request_format(self):
+        parent_req_format = super().request_format()
+        current_obj_format = {
+            "client_secret": self.client_secret
+        }
+        parent_req_format.update(current_obj_format)
+        return parent_req_format

okta/models/domain_certificate_source_type.py

@@ -30,3 +30,4 @@ class DomainCertificateSourceType(
     """
 
     MANUAL = "MANUAL", "manual"
+    OKTA_MANAGED = "OKTA_MANAGED", "okta_managed"

okta/models/domain_validation_status.py

@@ -32,4 +32,6 @@ class DomainValidationStatus(
     NOT_STARTED = "NOT_STARTED", "not_started"
     IN_PROGRESS = "IN_PROGRESS", "in_progress"
     VERIFIED = "VERIFIED", "verified"
+    FAILED_TO_VERIFY = "FAILED_TO_VERIFY", "failed_to_verify"
+    DOMAIN_TAKEN = "DOMAIN_TAKEN", "domain_taken"
     COMPLETED = "COMPLETED", "completed"

okta/models/multifactor_enrollment_policy.py

@@ -0,0 +1,42 @@
+# flake8: noqa
+"""
+Copyright 2020 - Present Okta, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+
+# AUTO-GENERATED! DO NOT EDIT FILE DIRECTLY
+# SEE CONTRIBUTOR DOCUMENTATION
+
+from okta.models.policy\
+    import Policy
+from okta.models.policy_type import PolicyType
+
+
+class MultifactorEnrollmentPolicy(
+    Policy
+):
+    """
+    A class for MultifactorEnrollmentPolicy objects.
+    """
+
+    def __init__(self, config=None):
+        super().__init__(config)
+        pass
+
+    def request_format(self):
+        parent_req_format = super().request_format()
+        current_obj_format = {
+        }
+        parent_req_format.update(current_obj_format)
+        return parent_req_format

okta/models/multifactor_enrollment_policy_authenticator_settings.py

@@ -0,0 +1,65 @@
+# flake8: noqa
+"""
+Copyright 2020 - Present Okta, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+
+# AUTO-GENERATED! DO NOT EDIT FILE DIRECTLY
+# SEE CONTRIBUTOR DOCUMENTATION
+
+from okta.okta_object import OktaObject
+from okta.models import multifactor_enrollment_policy_authenticator_type\
+    as multifactor_enrollment_policy_authenticator_type
+
+
+class MultifactorEnrollmentPolicyAuthenticatorSettings(
+    OktaObject
+):
+    """
+    A class for MultifactorEnrollmentPolicyAuthenticatorSettings objects.
+    """
+
+    def __init__(self, config=None):
+        super().__init__(config)
+        if config:
+            self.constraints = config["constraints"]\
+                if "constraints" in config else None
+            self.enroll = config["enroll"]\
+                if "enroll" in config else None
+            if "key" in config:
+                if isinstance(config["key"],
+                              multifactor_enrollment_policy_authenticator_type.MultifactorEnrollmentPolicyAuthenticatorType):
+                    self.key = config["key"]
+                elif config["key"] is not None:
+                    self.key = multifactor_enrollment_policy_authenticator_type.MultifactorEnrollmentPolicyAuthenticatorType(
+                        config["key"].upper()
+                    )
+                else:
+                    self.key = None
+            else:
+                self.key = None
+        else:
+            self.constraints = None
+            self.enroll = None
+            self.key = None
+
+    def request_format(self):
+        parent_req_format = super().request_format()
+        current_obj_format = {
+            "constraints": self.constraints,
+            "enroll": self.enroll,
+            "key": self.key
+        }
+        parent_req_format.update(current_obj_format)
+        return parent_req_format

okta/models/multifactor_enrollment_policy_authenticator_status.py

@@ -0,0 +1,34 @@
+# flake8: noqa
+"""
+Copyright 2020 - Present Okta, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+
+# AUTO-GENERATED! DO NOT EDIT FILE DIRECTLY
+# SEE CONTRIBUTOR DOCUMENTATION
+
+from aenum import MultiValueEnum
+
+
+class MultifactorEnrollmentPolicyAuthenticatorStatus(
+    str,
+    MultiValueEnum
+):
+    """
+    An enumeration class for MultifactorEnrollmentPolicyAuthenticatorStatus.
+    """
+
+    NOT_ALLOWED = "NOT_ALLOWED", "not_allowed"
+    OPTIONAL = "OPTIONAL", "optional"
+    REQUIRED = "REQUIRED", "required"