Add api scopes #356
Add api scopes #356
Conversation
|
Hi, @mariussturm! Thanks for submitting this PR. I'll review it and get back to asap. |
|
Is this going to be released? |
Hi! Yes, this is going to be released by the end of this week. |
|
The last thing I wanted to ask is to merge with the latest master and run |
mariussturm
force-pushed
the
add-api-scopes
branch
from
dc8905d
to
b5fbb81
Compare
|
Thanks for the approval! Did a rebase and |
* Custom swa app (okta#328) * Set AUTO_LOGIN as sign_on mode for predefined apps * Force 'okta_app_user_schema' resource recreate when changing scope (okta#331) * Fix 'terraform plan' in case delete_when_absent is set to 'false' (okta#332) * Fixed validation for 'login_mode' and 'login_scopes' (okta#333) * Add 5 second wait after create * Added okta_auth_server_scopes datasource (okta#336) * Added social IdP data source (okta#337) * Fixed error handling (okta#338) * Moved validation for okta_app_oauth out of CustomizeDiff (okta#340) * Fixed group role when removing all the items from target_group_list (okta#341) Fixed group role when removing all the items from target_group_list * Added retry for role re-assignment * Formating * Improved retry logic * Build fix * Added extra code * Added changelog * Remove extra space * Fixed okta_idp_oidc subject_match_attribute value setup * use loop to perform multiple retries of find * Use backoff lib per bogdanprodan-okta * Update error messages * Only set ID at end once search for user passes * Bump actions/stale from v3.0.16 to v3.0.17 Bumps [actions/stale](https://github.com/actions/stale) from v3.0.16 to v3.0.17. - [Release notes](https://github.com/actions/stale/releases) - [Commits](actions/stale@v3.0.16...996798e) Signed-off-by: dependabot[bot] <support@github.com> * Retain user group app assignments (okta#330) Add option to retain `okta_app_group_assignment` and `okta_app_user` on destroy. * Fixed validation for several resources (okta#348) * Added 'target_app_list' to the 'okta_group_role' resource (okta#349) Added 'target_app_list' to the 'okta_group_role' resource * Added 'OVERRIDE' master property (okta#351) * Fixed setup for default scope (okta#352) * Fixed setup for deafult scope * Fixed vet * Updated CHANGELOG (okta#354) Updated CHANGELOG * Changelog (okta#355) Updated CHANGELOG * Bump github.com/hashicorp/terraform-plugin-sdk/v2 from 2.4.3 to 2.4.4 (okta#357) Bumps [github.com/hashicorp/terraform-plugin-sdk/v2](https://github.com/hashicorp/terraform-plugin-sdk) from 2.4.3 to 2.4.4. - [Release notes](https://github.com/hashicorp/terraform-plugin-sdk/releases) - [Changelog](https://github.com/hashicorp/terraform-plugin-sdk/blob/master/CHANGELOG.md) - [Commits](hashicorp/terraform-plugin-sdk@v2.4.3...v2.4.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Removed redundant method (okta#358) Removed redundant method * Added new formatting tool, remove unused dep (okta#360) * Add api scopes (okta#356) Add resource okta_app_oauth_api_scope * Removed 'ForceNew' in case policy name changes (okta#362) Removed 'ForceNew' in case policy name changes * Added hotp factor to the Okta MFA policy (okta#363) Added hotp factor to the okta mfa policy * Fixed error handler (okta#366) * Fixed error handler * Removed validation for 'single_logout_issuer' * Bump actions/stale from v3.0.17 to v3.0.18 (okta#371) Bumps [actions/stale](https://github.com/actions/stale) from v3.0.17 to v3.0.18. - [Release notes](https://github.com/actions/stale/releases) - [Commits](actions/stale@v3.0.17...3b3c3f0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: bogdanprodan-okta <71279414+bogdanprodan-okta@users.noreply.github.com> Co-authored-by: Tom Goodsell <ymylei@users.noreply.github.com> Co-authored-by: Bogdan Prodan <bogdan.prodan@okta.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian Zoetewey <brian.zoetewey@cru.org> Co-authored-by: Marius Sturm <marius@graylog.com>
* Custom swa app (okta#328) * Set AUTO_LOGIN as sign_on mode for predefined apps * Force 'okta_app_user_schema' resource recreate when changing scope (okta#331) * Fix 'terraform plan' in case delete_when_absent is set to 'false' (okta#332) * Fixed validation for 'login_mode' and 'login_scopes' (okta#333) * Add 5 second wait after create * Added okta_auth_server_scopes datasource (okta#336) * Added social IdP data source (okta#337) * Fixed error handling (okta#338) * Moved validation for okta_app_oauth out of CustomizeDiff (okta#340) * Fixed group role when removing all the items from target_group_list (okta#341) Fixed group role when removing all the items from target_group_list * Added retry for role re-assignment * Formating * Improved retry logic * Build fix * Added extra code * Added changelog * Remove extra space * Fixed okta_idp_oidc subject_match_attribute value setup * use loop to perform multiple retries of find * Use backoff lib per bogdanprodan-okta * Update error messages * Only set ID at end once search for user passes * Bump actions/stale from v3.0.16 to v3.0.17 Bumps [actions/stale](https://github.com/actions/stale) from v3.0.16 to v3.0.17. - [Release notes](https://github.com/actions/stale/releases) - [Commits](actions/stale@v3.0.16...996798e) Signed-off-by: dependabot[bot] <support@github.com> * Retain user group app assignments (okta#330) Add option to retain `okta_app_group_assignment` and `okta_app_user` on destroy. * Fixed validation for several resources (okta#348) * Added 'target_app_list' to the 'okta_group_role' resource (okta#349) Added 'target_app_list' to the 'okta_group_role' resource * Added 'OVERRIDE' master property (okta#351) * Fixed setup for default scope (okta#352) * Fixed setup for deafult scope * Fixed vet * Updated CHANGELOG (okta#354) Updated CHANGELOG * Changelog (okta#355) Updated CHANGELOG * Bump github.com/hashicorp/terraform-plugin-sdk/v2 from 2.4.3 to 2.4.4 (okta#357) Bumps [github.com/hashicorp/terraform-plugin-sdk/v2](https://github.com/hashicorp/terraform-plugin-sdk) from 2.4.3 to 2.4.4. - [Release notes](https://github.com/hashicorp/terraform-plugin-sdk/releases) - [Changelog](https://github.com/hashicorp/terraform-plugin-sdk/blob/master/CHANGELOG.md) - [Commits](hashicorp/terraform-plugin-sdk@v2.4.3...v2.4.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Removed redundant method (okta#358) Removed redundant method * Added new formatting tool, remove unused dep (okta#360) * Add api scopes (okta#356) Add resource okta_app_oauth_api_scope * Removed 'ForceNew' in case policy name changes (okta#362) Removed 'ForceNew' in case policy name changes * Added hotp factor to the Okta MFA policy (okta#363) Added hotp factor to the okta mfa policy * Fixed error handler (okta#366) * Fixed error handler * Removed validation for 'single_logout_issuer' * Bump actions/stale from v3.0.17 to v3.0.18 (okta#371) Bumps [actions/stale](https://github.com/actions/stale) from v3.0.17 to v3.0.18. - [Release notes](https://github.com/actions/stale/releases) - [Commits](actions/stale@v3.0.17...3b3c3f0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: bogdanprodan-okta <71279414+bogdanprodan-okta@users.noreply.github.com> Co-authored-by: Tom Goodsell <ymylei@users.noreply.github.com> Co-authored-by: Bogdan Prodan <bogdan.prodan@okta.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian Zoetewey <brian.zoetewey@cru.org> Co-authored-by: Marius Sturm <marius@graylog.com>
|
@bogdanprodan-okta I've got a project that I'm waiting to be able to use this in - now that it's merged, will there be another release being done soon to include it? |
|
Hi, @blakemann ! The next release will probably this week. The only problem is that provider has migrated from |
|
@bogdanprodan-okta thanks for the investigation! A registry deployment of 3.11 would be great so that we can officially make use of that feature. |
|
Sorry to comment to an old PR, but is there any reason why the On the client side, the provider attributes are not accessible (especially problem on common modules), and there doesn't seem to exist any data source for getting the URL either. |
|
@tmatilai if the What exactly is the use-case for reading back the |
If there are edge cases, then the
If the provider is passed from a root module to a common module, the common module doesn't know about the org or base URL any more. So now it's required to add separate variables just for the In case of auth server is created, the base URL can actually be parsed from its issuer URL, but that feels extraneous, too. Btw, thanks @mariussturm for adding the resource in the first place! 🤗 |
This PR adds a new resource
okta_app_oauth_api_scopein order to manage OAuth API scopes.First-time provider dev here might be that there is some oddity.
Fixes #69, #237