Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Support for Token Exchange Profile #1119

Open
wants to merge 14 commits into
base: main
Choose a base branch
from
29 changes: 29 additions & 0 deletions docs/data-sources/token_exchange_profile.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
---
page_title: "Data Source: auth0_token_exchange_profile"
description: |-
Data source to retrieve a specific Auth0 Token Exchange Profile by id
---

# Data Source: auth0_token_exchange_profile

Data source to retrieve a specific Auth0 Token Exchange Profile by `id`



<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `id` (String) The id of the Token Exchange Profile

### Read-Only

- `action_id` (String) Unique identifier of the Action
- `created_at` (String) The ISO 8601 formatted date the credential was created.
- `name` (String) Name of the token exchange profile.
- `subject_token_type` (String) Type of the subject token
- `type` (String) Type of the token exchange profile
- `updated_at` (String) The ISO 8601 formatted date the credential was updated.


32 changes: 32 additions & 0 deletions docs/resources/token_exchange_profile.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
---
page_title: "Resource: auth0_token_exchange_profile"
description: |-
With this resource, you can manage Auth0 Custom Token Exchange Profiles
---

# Resource: auth0_token_exchange_profile

With this resource, you can manage Auth0 Custom Token Exchange Profiles



<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `name` (String) Name of the token exchange profile.

### Optional

- `action_id` (String) Unique identifier of the Action
- `subject_token_type` (String) Type of the subject token
- `type` (String) Type of the token exchange profile

### Read-Only

- `created_at` (String) The ISO 8601 formatted date the credential was created.
- `id` (String) The ID of this resource.
- `updated_at` (String) The ISO 8601 formatted date the credential was updated.


2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ toolchain go1.22.5

require (
github.com/PuerkitoBio/rehttp v1.4.0
github.com/auth0/go-auth0 v1.14.0
github.com/auth0/go-auth0 v1.14.1-0.20250117054610-a1e5b43bb00f
github.com/google/go-cmp v0.6.0
github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
github.com/hashicorp/go-multierror v1.1.1
Expand Down
6 changes: 6 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,12 @@ github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
github.com/auth0/go-auth0 v1.14.0 h1:T/wQGIwXylf1DnrDtDEuo/92YBnRizRcw15zXb+e3k4=
github.com/auth0/go-auth0 v1.14.0/go.mod h1:PjkjJXvHIbGPJgig9lNjlYrK2lsP5pdh3tM+VV4Dmpc=
github.com/auth0/go-auth0 v1.14.1-0.20250113064852-20ae1831ccae h1:fwojeLnkOGp2ty90zp7EAWLpraUjoyUNHMyvUeqYVvU=
github.com/auth0/go-auth0 v1.14.1-0.20250113064852-20ae1831ccae/go.mod h1:PjkjJXvHIbGPJgig9lNjlYrK2lsP5pdh3tM+VV4Dmpc=
github.com/auth0/go-auth0 v1.14.1-0.20250113124145-16b8925bd444 h1:f7TS75W5/UzJ+8Z1bgqW5Rid8NbHiodPoWXXE8jLdVs=
github.com/auth0/go-auth0 v1.14.1-0.20250113124145-16b8925bd444/go.mod h1:PjkjJXvHIbGPJgig9lNjlYrK2lsP5pdh3tM+VV4Dmpc=
github.com/auth0/go-auth0 v1.14.1-0.20250117054610-a1e5b43bb00f h1:b0E/GFcjVsdAStpZaqVlRHJzeWjSINRXVzr8dmTFfl0=
github.com/auth0/go-auth0 v1.14.1-0.20250117054610-a1e5b43bb00f/go.mod h1:PjkjJXvHIbGPJgig9lNjlYrK2lsP5pdh3tM+VV4Dmpc=
github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
Expand Down
43 changes: 43 additions & 0 deletions internal/auth0/tokenexchangeprofile/data_source.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
package tokenexchangeprofile

import (
"context"

"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

"github.com/auth0/terraform-provider-auth0/internal/config"
internalSchema "github.com/auth0/terraform-provider-auth0/internal/schema"
)

// NewDataSource will return a new auth0_token_exchange_profile data source.
func NewDataSource() *schema.Resource {
return &schema.Resource{
ReadContext: readTokenExchangeProfileForDataSource,
Description: "Data source to retrieve a specific Auth0 Token Exchange Profile by `id`",
Schema: dataSourceSchema(),
}
}

func dataSourceSchema() map[string]*schema.Schema {
dataSourceSchema := internalSchema.TransformResourceToDataSource(NewResource().Schema)
dataSourceSchema["id"] = &schema.Schema{
Type: schema.TypeString,
Required: true,
Description: "The ID of the Self Service Profile.",
}
dataSourceSchema["id"].Description = "The id of the Token Exchange Profile "
return dataSourceSchema
}

func readTokenExchangeProfileForDataSource(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
api := meta.(*config.Config).GetAPI()
id := data.Get("id").(string)
data.SetId(id)
ssp, err := api.TokenExchangeProfile.Read(ctx, data.Id())
if err != nil {
return diag.FromErr(err)
}
err = flattenTokenExchangeProfile(data, ssp)
return diag.FromErr(err)
}
1 change: 1 addition & 0 deletions internal/auth0/tokenexchangeprofile/data_source_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
package tokenexchangeprofile
19 changes: 19 additions & 0 deletions internal/auth0/tokenexchangeprofile/expand.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
package tokenexchangeprofile

import (
"github.com/auth0/go-auth0/management"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

"github.com/auth0/terraform-provider-auth0/internal/value"
)

func expandTokenExchangeProfiles(data *schema.ResourceData) *management.TokenExchangeProfile {
cfg := data.GetRawConfig()

return &management.TokenExchangeProfile{
Name: value.String(cfg.GetAttr("name")),
SubjectTokenType: value.String(cfg.GetAttr("subject_token_type")),
ActionID: value.String(cfg.GetAttr("action_id")),
Type: value.String(cfg.GetAttr("type")),
}
}
19 changes: 19 additions & 0 deletions internal/auth0/tokenexchangeprofile/flatten.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
package tokenexchangeprofile

import (
"github.com/auth0/go-auth0/management"
"github.com/hashicorp/go-multierror"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
)

func flattenTokenExchangeProfile(data *schema.ResourceData, tokenExchangeProfile *management.TokenExchangeProfile) error {
result := multierror.Append(
data.Set("name", tokenExchangeProfile.GetName()),
data.Set("subject_token_type", tokenExchangeProfile.GetSubjectTokenType()),
data.Set("action_id", tokenExchangeProfile.GetActionID()),
data.Set("type", tokenExchangeProfile.GetType()),
data.Set("created_at", tokenExchangeProfile.GetCreatedAt().String()),
data.Set("updated_at", tokenExchangeProfile.GetUpdatedAt().String()),
)
return result.ErrorOrNil()
}
105 changes: 105 additions & 0 deletions internal/auth0/tokenexchangeprofile/resource.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
package tokenexchangeprofile

import (
"context"

"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

"github.com/auth0/terraform-provider-auth0/internal/config"
internalError "github.com/auth0/terraform-provider-auth0/internal/error"
)

// NewResource will return a new auth0_token_exchange_profile resource.
func NewResource() *schema.Resource {
return &schema.Resource{
CreateContext: createTokenExchangeProfile,
ReadContext: readTokenExchangeProfile,
UpdateContext: updateTokenExchangeProfile,
DeleteContext: deleteTokenExchangeProfile,
Importer: &schema.ResourceImporter{
StateContext: schema.ImportStatePassthroughContext,
},
Description: "With this resource, you can manage Auth0 Custom Token Exchange Profiles",
Schema: map[string]*schema.Schema{
"name": {
Type: schema.TypeString,
Required: true,
Description: "Name of the token exchange profile.",
},
"subject_token_type": {
Type: schema.TypeString,
Optional: true,
Description: "Type of the subject token",
},
"action_id": {
Type: schema.TypeString,
Optional: true,
Description: "Unique identifier of the Action",
},
"type": {
Type: schema.TypeString,
Optional: true,
Computed: true,
Description: "Type of the token exchange profile",
},
"created_at": {
Type: schema.TypeString,
Computed: true,
Description: "The ISO 8601 formatted date the credential was created.",
},
"updated_at": {
Type: schema.TypeString,
Computed: true,
Description: "The ISO 8601 formatted date the credential was updated.",
},
},
}
}

func createTokenExchangeProfile(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
api := meta.(*config.Config).GetAPI()

tep := expandTokenExchangeProfiles(data)

if err := api.TokenExchangeProfile.Create(ctx, tep); err != nil {
return diag.FromErr(err)
}

data.SetId(tep.GetID())

return readTokenExchangeProfile(ctx, data, meta)
}

func readTokenExchangeProfile(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
api := meta.(*config.Config).GetAPI()

ssp, err := api.TokenExchangeProfile.Read(ctx, data.Id())
if err != nil {
return diag.FromErr(internalError.HandleAPIError(data, err))
}

return diag.FromErr(flattenTokenExchangeProfile(data, ssp))
}

func updateTokenExchangeProfile(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
api := meta.(*config.Config).GetAPI()

tep := expandTokenExchangeProfiles(data)

if err := api.TokenExchangeProfile.Update(ctx, data.Id(), tep); err != nil {
return diag.FromErr(internalError.HandleAPIError(data, err))
}

return readTokenExchangeProfile(ctx, data, meta)
}

func deleteTokenExchangeProfile(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
api := meta.(*config.Config).GetAPI()

if err := api.TokenExchangeProfile.Delete(ctx, data.Id()); err != nil {
return diag.FromErr(internalError.HandleAPIError(data, err))
}

return nil
}
71 changes: 71 additions & 0 deletions internal/auth0/tokenexchangeprofile/resource_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
package tokenexchangeprofile_test

import (
"fmt"
"testing"

"github.com/hashicorp/terraform-plugin-testing/helper/resource"

"github.com/auth0/terraform-provider-auth0/internal/acctest"
)

const givenACustomTokenAction = `
resource "auth0_action" "my_action" {
name = "{{.testName}}-Action"
code = <<-EOT
exports.onContinuePostLogin = async (event, api) => {
console.log("foo")
};"
EOT
deploy = true
supported_triggers {
id = "custom-token-exchange"
version = "v1"
}
}
`

const testTokenExchangeProfileCreate = givenACustomTokenAction + `
resource "auth0_token_exchange_profile" "my_token_exchange_profile" {
name = "token-prof-{{.testName}}"
subject_token_type = "https://acme.com/cis-token"
action_id = auth0_action.my_action.id
type = "custom_authentication"
}
`

const testTokenExchangeProfileUpdate = givenACustomTokenAction + `
resource "auth0_token_exchange_profile" "my_token_exchange_profile" {
name = "token-prof-updated-{{.testName}}"
subject_token_type = "https://acme.com/cis-token-updated"
action_id = auth0_action.my_action.id
type = "custom_authentication"
}
`

func TestTokenExchangeProfile(t *testing.T) {
acctest.Test(t, resource.TestCase{
Steps: []resource.TestStep{
{
Config: acctest.ParseTestName(testTokenExchangeProfileCreate, t.Name()),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_token_exchange_profile.my_token_exchange_profile", "name", fmt.Sprintf("token-prof-%s", t.Name())),
resource.TestCheckResourceAttr("auth0_token_exchange_profile.my_token_exchange_profile", "subject_token_type", "https://acme.com/cis-token"),
resource.TestCheckResourceAttr("auth0_token_exchange_profile.my_token_exchange_profile", "type", "custom_authentication"),
resource.TestCheckResourceAttrSet("auth0_token_exchange_profile.my_token_exchange_profile", "action_id"),
),
},
{
Config: acctest.ParseTestName(testTokenExchangeProfileUpdate, t.Name()),
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr("auth0_token_exchange_profile.my_token_exchange_profile", "name", fmt.Sprintf("token-prof-updated-%s", t.Name())),
resource.TestCheckResourceAttr("auth0_token_exchange_profile.my_token_exchange_profile", "subject_token_type", "https://acme.com/cis-token-updated"),
),
},
{
Config: acctest.ParseTestName(givenACustomTokenAction, t.Name()),
Check: resource.ComposeTestCheckFunc(),
},
},
})
}
4 changes: 4 additions & 0 deletions internal/provider/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ package provider
import (
"os"

"github.com/auth0/terraform-provider-auth0/internal/auth0/tokenexchangeprofile"

"github.com/auth0/terraform-provider-auth0/internal/auth0/flow"

"github.com/auth0/terraform-provider-auth0/internal/auth0/form"
Expand Down Expand Up @@ -145,6 +147,7 @@ func New() *schema.Provider {
"auth0_self_service_profile": selfserviceprofile.NewResource(),
"auth0_self_service_profile_custom_text": selfserviceprofile.NewCustomTextResource(),
"auth0_tenant": tenant.NewResource(),
"auth0_token_exchange_profile": tokenexchangeprofile.NewResource(),
"auth0_user": user.NewResource(),
"auth0_user_permission": user.NewPermissionResource(),
"auth0_user_permissions": user.NewPermissionsResource(),
Expand Down Expand Up @@ -172,6 +175,7 @@ func New() *schema.Provider {
"auth0_self_service_profile": selfserviceprofile.NewDataSource(),
"auth0_signing_keys": signingkey.NewDataSource(),
"auth0_tenant": tenant.NewDataSource(),
"auth0_token_exchange_profile": tokenexchangeprofile.NewDataSource(),
"auth0_user": user.NewDataSource(),
},
}
Expand Down
Loading
Loading