Skip to content

Commit

Permalink
Refactor userclient resource and userclientservice
Browse files Browse the repository at this point in the history
- Removed the "bankid_login_enabled" field from the userclient resource and userclientservice.
- Updated the example usage in the userclient documentation.
  • Loading branch information
christopherhaerem committed Sep 17, 2024
1 parent 5d3e541 commit 94a3dca
Show file tree
Hide file tree
Showing 4 changed files with 48 additions and 58 deletions.
5 changes: 2 additions & 3 deletions docs/resources/userclient.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,16 @@
This resource manages a useclient (Authorization code openid-connect-client).

## Example Usage

```hcl
resource "elvid_userclient" "userclient" {
client_name = "example-userclient"
scopes = ["temp"]
domains = ["http://localhost:{port}", "https://examplesystem.dev-elvia.io"]
redirect_uri_paths = ["/callback.html"]
post_logout_redirect_uri_paths = ["/index.htm"]
bankid_login_enabled = true
local_login_enabled = true
elvia_ad_login_enabled = false
hafslund_ad_login_enabled = false
test_user_login_enabled = false
require_client_secret = false
always_include_user_claims_in_id_token = true
Expand All @@ -23,4 +22,4 @@ resource "elvid_userclient" "userclient" {
}
```

->Usage for this in Elvia is mostly done indirectly through a module.
->Usage for this in Elvia is mostly done indirectly through a module.
1 change: 0 additions & 1 deletion elvidapiclient/userclientservice.go
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,6 @@ type UserClient struct {
Domains []string `json:"Domains"`
RedirectUriPaths []string `json:"RedirectUriPaths"`
PostLogoutRedirectUriPaths []string `json:"PostLogoutRedirectUriPaths"`
BankIDLoginEnabled bool `json:"BankIDLoginEnabled"`
IdPortenLoginEnabled bool `json:"IdPortenLoginEnabled"`
LocalLoginEnabled bool `json:"LocalLoginEnabled"`
ElviaADLoginEnabled bool `json:"ElviaADLoginEnabled"`
Expand Down
8 changes: 0 additions & 8 deletions resource_userclient.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,12 +60,6 @@ func resourceUserClient() *schema.Resource {
},
Description: "The path part of a PostLogoutRedirectUri, each of these will be combined with each of the domains. After logout ElvID is only allowed to send the user back to the client with one of these uris.",
},
"bankid_login_enabled": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Default: false,
Description: "Enable to allow user to log in with BankID.",
},
"idporten_login_enabled": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Expand Down Expand Up @@ -219,7 +213,6 @@ func resourceUserClientRead(d *schema.ResourceData, m interface{}) error {
d.Set("domains", userClient.Domains)
d.Set("redirect_uri_paths", userClient.RedirectUriPaths)
d.Set("post_logout_redirect_uri_paths", userClient.PostLogoutRedirectUriPaths)
d.Set("bankid_login_enabled", userClient.BankIDLoginEnabled)
d.Set("idporten_login_enabled", userClient.IdPortenLoginEnabled)
d.Set("local_login_enabled", userClient.LocalLoginEnabled)
d.Set("elvia_ad_login_enabled", userClient.ElviaADLoginEnabled)
Expand Down Expand Up @@ -278,7 +271,6 @@ func ReadUserClientFromResourceData(d *schema.ResourceData) *elvidapiclient.User
Domains: getStringArrayFromResourceSet(d, "domains"),
RedirectUriPaths: getStringArrayFromResourceSet(d, "redirect_uri_paths"),
PostLogoutRedirectUriPaths: getStringArrayFromResourceSet(d, "post_logout_redirect_uri_paths"),
BankIDLoginEnabled: d.Get("bankid_login_enabled").(bool),
IdPortenLoginEnabled: d.Get("idporten_login_enabled").(bool),
LocalLoginEnabled: d.Get("local_login_enabled").(bool),
ElviaADLoginEnabled: d.Get("elvia_ad_login_enabled").(bool),
Expand Down
92 changes: 46 additions & 46 deletions terraform-tester.tf
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ provider "elvid" {
}

provider "vault" {
address = "https://vault.dev-elvia.io"
auth_login {
path = "auth/approle/login"

Expand All @@ -23,23 +24,22 @@ provider "vault" {
## User client

# resource "elvid_userclient" "userclient" {
# client_name = "test"
# scopes = ["louvre.imageapi.useraccess", "profile", "openid", "ad_groups"]
# domains = var.domains[var.environment]
# redirect_uri_paths = ["/callback.html"]
# post_logout_redirect_uri_paths = ["/index.htm"]
# bankid_login_enabled = true
# local_login_enabled = true
# idporten_login_enabled = true
# elvia_ad_login_enabled = true
# test_user_login_enabled = false
# require_client_secret = false
# access_token_life_time = 3598
# always_include_user_claims_in_id_token = true
# client_name_language_key = null
# allow_use_of_refresh_tokens = false
# one_time_usage_for_refresh_tokens = true
# refresh_token_life_time = 2592000
# client_name = "test"
# scopes = ["louvre.imageapi.useraccess", "profile", "openid", "ad_groups"]
# domains = var.domains[var.environment]
# redirect_uri_paths = ["/callback.html"]
# post_logout_redirect_uri_paths = ["/index.htm"]
# local_login_enabled = true
# idporten_login_enabled = true
# elvia_ad_login_enabled = true
# test_user_login_enabled = false
# require_client_secret = false
# access_token_life_time = 3598
# always_include_user_claims_in_id_token = true
# client_name_language_key = null
# allow_use_of_refresh_tokens = false
# one_time_usage_for_refresh_tokens = true
# refresh_token_life_time = 2592000
# }

# output "userclient" {
Expand All @@ -48,38 +48,38 @@ provider "vault" {

## Machine client

resource "elvid_machineclient" "machineclient10" {
name = "2024-06-08-6"
test_user_login_enabled = true
access_token_life_time = 3511
scopes = ["elvid.verifydeployment"]
client_claims {
type = "client_dna_topics_read"
values = ["topic1"]
}
client_claims {
type = "client_edna_topics_write"
values = ["topicA", "topicB", "D"]
}
lifecycle {
prevent_destroy = true

}
}
# resource "elvid_machineclient" "machineclient10" {
# name = "2024-06-08-6"
# test_user_login_enabled = true
# access_token_life_time = 3511
# scopes = ["elvid.verifydeployment"]
# client_claims {
# type = "client_dna_topics_read"
# values = ["topic1"]
# }
# client_claims {
# type = "client_edna_topics_write"
# values = ["topicA", "topicB", "D"]
# }
# lifecycle {

# prevent_destroy = true

# }
# }

resource "elvid_clientsecret" "clientsecret" {
client_id = elvid_machineclient.machineclient10.id
resource_taint_version = "2"
}
# resource "elvid_clientsecret" "clientsecret" {
# client_id = elvid_machineclient.machineclient10.id
# resource_taint_version = "2"
# }

output "machineclient" {
value = elvid_machineclient.machineclient10.client_id
}
# output "machineclient" {
# value = elvid_machineclient.machineclient10.client_id
# }

output "clientsecret" {
value = nonsensitive(elvid_clientsecret.clientsecret.secret_value)
}
# output "clientsecret" {
# value = nonsensitive(elvid_clientsecret.clientsecret.secret_value)
# }

## API scope
# resource "elvid_apiscope" "apiscope" {
Expand Down

0 comments on commit 94a3dca

Please sign in to comment.