-
Notifications
You must be signed in to change notification settings - Fork 207
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure jwks_uri
or jwks
can be set when using private_key_jwt
#1648
Conversation
@@ -190,7 +192,7 @@ Valid values: `"CUSTOM_URL"`,`"ORG_URL"` or `"DYNAMIC"`. Default is `"ORG_URL"`. | |||
|
|||
## Timeouts | |||
|
|||
The `timeouts` block allows you to specify custom [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions: | |||
The `timeouts` block allows you to specify custom [timeouts](https://www.terraform.io/language/resources/syntax#operation-timeouts) for certain actions: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Result of formatting - Must have had trailing whitespace
- `jwks_uri` - (Optional) URL of the custom authorization server's JSON Web Key Set document. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ensure this property is documented in Okta documentation for this resource. This was missed during addition of the original logic.
_, jwks := d.GetOk("jwks") | ||
_, jwks_uri := d.GetOk("jwks_uri") | ||
if !(jwks || jwks_uri) && d.Get("token_endpoint_auth_method").(string) == "private_key_jwt" { | ||
return errors.New("'jwks' or 'jwks_uri' is required when 'token_endpoint_auth_method' is 'private_key_jwt'") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Update the logic to ensure that if private_key_jwt
is specified we allow either jwks
or jwks_uri
var ( | ||
testAccProvidersFactories map[string]func() (*schema.Provider, error) | ||
) | ||
var testAccProvidersFactories map[string]func() (*schema.Provider, error) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Result of make fmt
@@ -57,7 +57,7 @@ func dataSourceGroupRuleRead(ctx context.Context, d *schema.ResourceData, m inte | |||
} else { | |||
ruleName, nameOk := d.GetOk("name") | |||
if nameOk { | |||
var name = ruleName.(string) | |||
name := ruleName.(string) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Result of make fmt
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm. Thanks @virgofx
jwks_uri
or jwks
can be set when using private_key_jwtjwks_uri
or jwks
can be set when using private_key_jwt
merged into #1649 |
Small bugfix to ensure
jwks_uri
can be used and additionally adds the field into documentation for the resource and error message./cc @MikeMondragon-okta @duytiennguyen-okta
Testing
The following app uses
jwks_uri
. Tested creation and updating. Updating log shown below:Updating: