Merge pull request #1698 from okta/okta_app_signon_policy_assignment

Okta app access policy assignment
okta · Sep 7, 2023 · 226f21d · 226f21d
2 parents 30d4a3c + bb93a8d
commit 226f21d
Show file tree

Hide file tree

Showing 11 changed files with 514 additions and 7 deletions.
diff --git a/examples/okta_app_access_policy_assignment/README.md b/examples/okta_app_access_policy_assignment/README.md
@@ -0,0 +1,8 @@
+# okta_app_access_policy_assignment
+
+Resource to manage the access policy for an Application. [See Okta
+documentation for more
+details](https://developer.okta.com/docs/api/resources/apps).
+
+- Simple example [can be found here](./basic.tf)
+- Update to the simple example [can be found here](./update.tf)
diff --git a/examples/okta_app_access_policy_assignment/basic.tf b/examples/okta_app_access_policy_assignment/basic.tf
@@ -0,0 +1,26 @@
+resource "okta_app_oauth" "test" {
+  label                      = "testAcc_App_replace_with_uuid"
+  type                       = "web"
+  grant_types                = ["authorization_code"]
+  redirect_uris              = ["http://d.com/"]
+  response_types             = ["code"]
+  client_basic_secret        = "something_from_somewhere"
+  client_id                  = "cid_replace_with_uuid"
+  token_endpoint_auth_method = "client_secret_basic"
+  consent_method             = "TRUSTED"
+  wildcard_redirect          = "DISABLED"
+}
+resource "okta_app_signon_policy" "policy_1" {
+  name        = "testAcc_Access_Policy_1_replace_with_uuid"
+  description = "Policy 1"
+}
+
+resource "okta_app_signon_policy" "policy_2" {
+  name        = "testAcc_Access_Policy_2_replace_with_uuid"
+  description = "Policy 2"
+}
+
+resource "okta_app_access_policy_assignment" "test" {
+  app_id    = okta_app_oauth.test.id
+  policy_id = okta_app_signon_policy.policy_1.id
+}
diff --git a/examples/okta_app_access_policy_assignment/updated.tf b/examples/okta_app_access_policy_assignment/updated.tf
@@ -0,0 +1,26 @@
+resource "okta_app_oauth" "test" {
+  label                      = "testAcc_App_replace_with_uuid"
+  type                       = "web"
+  grant_types                = ["authorization_code"]
+  redirect_uris              = ["http://d.com/"]
+  response_types             = ["code"]
+  client_basic_secret        = "something_from_somewhere"
+  client_id                  = "cid_replace_with_uuid"
+  token_endpoint_auth_method = "client_secret_basic"
+  consent_method             = "TRUSTED"
+  wildcard_redirect          = "DISABLED"
+}
+resource "okta_app_signon_policy" "policy_1" {
+  name        = "testAcc_SignOn_Policy_1_replace_with_uuid"
+  description = "Policy 1"
+}
+
+resource "okta_app_signon_policy" "policy_2" {
+  name        = "testAcc_SignOn_Policy_2_replace_with_uuid"
+  description = "Policy 2"
+}
+
+resource "okta_app_access_policy_assignment" "test" {
+  app_id    = okta_app_oauth.test.id
+  policy_id = okta_app_signon_policy.policy_2.id
+}
diff --git a/go.mod b/go.mod
@@ -15,6 +15,7 @@ require (
 	github.com/hashicorp/terraform-plugin-framework v1.3.5
 	github.com/hashicorp/terraform-plugin-framework-validators v0.12.0
 	github.com/hashicorp/terraform-plugin-go v0.18.0
+	github.com/hashicorp/terraform-plugin-log v0.9.0
 	github.com/hashicorp/terraform-plugin-mux v0.11.2
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.28.0
 	github.com/kelseyhightower/envconfig v1.4.0
@@ -54,7 +55,6 @@ require (
 	github.com/hashicorp/logutils v1.0.0 // indirect
 	github.com/hashicorp/terraform-exec v0.18.1 // indirect
 	github.com/hashicorp/terraform-json v0.17.1 // indirect
-	github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect
 	github.com/hashicorp/terraform-registry-address v0.2.1 // indirect
 	github.com/hashicorp/terraform-svchost v0.1.1 // indirect
 	github.com/hashicorp/yamux v0.0.0-20211028200310-0bc27b27de87 // indirect
@@ -80,9 +80,9 @@ require (
 	github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect
 	github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
-	github.com/zclconf/go-cty v1.13.2 // indirect
+	github.com/zclconf/go-cty v1.13.3 // indirect
 	golang.org/x/crypto v0.12.0 // indirect
-	golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df // indirect
+	golang.org/x/exp v0.0.0-20230809150735-7b3493d9a819 // indirect
 	golang.org/x/mod v0.11.0 // indirect
 	golang.org/x/net v0.11.0 // indirect
 	golang.org/x/oauth2 v0.7.0 // indirect

diff --git a/go.sum b/go.sum
@@ -224,8 +224,8 @@ github.com/vmihailenco/msgpack/v5 v5.3.5/go.mod h1:7xyJ9e+0+9SaZT0Wt1RGleJXzli6Q
 github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g=
 github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds=
 github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
-github.com/zclconf/go-cty v1.13.2 h1:4GvrUxe/QUDYuJKAav4EYqdM47/kZa672LwmXFmEKT0=
-github.com/zclconf/go-cty v1.13.2/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0=
+github.com/zclconf/go-cty v1.13.3 h1:m+b9q3YDbg6Bec5rr+KGy1MzEVzY/jC2X+YX4yqKtHI=
+github.com/zclconf/go-cty v1.13.3/go.mod h1:YKQzy/7pZ7iq2jNFzy5go57xdxdWoLLpaEp4u238AE0=
 github.com/zenazn/goji v1.0.1/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@@ -235,8 +235,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y
 golang.org/x/crypto v0.0.0-20220128200615-198e4374d7ed/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
 golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
-golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df h1:UA2aFVmmsIlefxMk29Dp2juaUSth8Pyn3Tq5Y5mJGME=
-golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc=
+golang.org/x/exp v0.0.0-20230809150735-7b3493d9a819 h1:EDuYyU/MkFXllv9QF9819VlI9a4tzGuCbhG0ExK9o1U=
+golang.org/x/exp v0.0.0-20230809150735-7b3493d9a819/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc=
 golang.org/x/mod v0.11.0 h1:bUO06HqtnRcc/7l71XBe4WcqTZ+3AH1J59zWDDwLKgU=
 golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=

diff --git a/okta/framework_provider.go b/okta/framework_provider.go
@@ -248,6 +248,7 @@ func (p *FrameworkProvider) DataSources(_ context.Context) []func() datasource.D
 // DataSources defines the data sources implemented in the provider.
 func (p *FrameworkProvider) Resources(_ context.Context) []func() resource.Resource {
 	return []func() resource.Resource{
+		NewAppAccessPolicyAssignmentResource,
 		NewBrandResource,
 		NewPolicyDeviceAssuranceAndroidResource,
 		NewPolicyDeviceAssuranceIOSResource,

diff --git a/okta/framework_provider_test.go b/okta/framework_provider_test.go
@@ -0,0 +1,17 @@
+package okta
+
+// TODO placeholder to add VCR testing to plugin framework provider based
+// resources and datasources
+func NewFrameworkProviderTest(testName string) *frameworkProviderTest {
+	return &frameworkProviderTest{
+		FrameworkProvider: FrameworkProvider{
+			Version: "test",
+		},
+		TestName: testName,
+	}
+}
+
+type frameworkProviderTest struct {
+	FrameworkProvider
+	TestName string
+}