Merge pull request #6 from 3lvia/feature/clientproperties

Feature/clientproperties
3lvia · Apr 12, 2023 · f84f20a · f84f20a
2 parents 2e47abd + fbbb306
commit f84f20a
Show file tree

Hide file tree

Showing 3 changed files with 74 additions and 18 deletions.
diff --git a/elvidapiclient/userclientservice.go b/elvidapiclient/userclientservice.go
@@ -94,22 +94,28 @@ func DeleteUserClient(elvidAuthority string, accessTokenAD string, id string) er
 }
 
 type UserClient struct {
-	Id                               int      `json:"Id"`
-	ClientId                         string   `json:"ClientId"`
-	ClientName                       string   `json:"ClientName"`
-	Scopes                           []string `json:"Scopes"`
-	Domains                          []string `json:"Domains"`
-	RedirectUriPaths                 []string `json:"RedirectUriPaths"`
-	PostLogoutRedirectUriPaths       []string `json:"PostLogoutRedirectUriPaths"`
-	BankIDLoginEnabled               bool     `json:"BankIDLoginEnabled"`
-	LocalLoginEnabled                bool     `json:"LocalLoginEnabled"`
-	ElviaADLoginEnabled              bool     `json:"ElviaADLoginEnabled"`
-	TestUserLoginEnabled             bool     `json:"TestUserLoginEnabled"`
-	RequireClientSecret              bool     `json:"RequireClientSecret"`
-	AccessTokenLifetime              int      `json:"AccessTokenLifetime"`
-	AlwaysIncludeUserClaimsInIdToken bool     `json:"AlwaysIncludeUserClaimsInIdToken"`
-	ClientNameLanguageKey            string   `json:"ClientNameLanguageKey"`
-	AllowUseOfRefreshTokens          bool     `json:"AllowUseOfRefreshTokens"`
-	OneTimeUsageForRefreshTokens     bool     `json:"OneTimeUsageForRefreshTokens"`
-	RefreshTokensLifeTime            int      `json:"RefreshTokensLifeTime"`
+	Id                               int              `json:"Id"`
+	ClientId                         string           `json:"ClientId"`
+	ClientName                       string           `json:"ClientName"`
+	Scopes                           []string         `json:"Scopes"`
+	Domains                          []string         `json:"Domains"`
+	RedirectUriPaths                 []string         `json:"RedirectUriPaths"`
+	PostLogoutRedirectUriPaths       []string         `json:"PostLogoutRedirectUriPaths"`
+	BankIDLoginEnabled               bool             `json:"BankIDLoginEnabled"`
+	LocalLoginEnabled                bool             `json:"LocalLoginEnabled"`
+	ElviaADLoginEnabled              bool             `json:"ElviaADLoginEnabled"`
+	TestUserLoginEnabled             bool             `json:"TestUserLoginEnabled"`
+	RequireClientSecret              bool             `json:"RequireClientSecret"`
+	AccessTokenLifetime              int              `json:"AccessTokenLifetime"`
+	AlwaysIncludeUserClaimsInIdToken bool             `json:"AlwaysIncludeUserClaimsInIdToken"`
+	ClientNameLanguageKey            string           `json:"ClientNameLanguageKey"`
+	AllowUseOfRefreshTokens          bool             `json:"AllowUseOfRefreshTokens"`
+	OneTimeUsageForRefreshTokens     bool             `json:"OneTimeUsageForRefreshTokens"`
+	RefreshTokensLifeTime            int              `json:"RefreshTokensLifeTime"`
+	ClientProperties                 []ClientProperty `json:"ClientProperties"`
+}
+
+type ClientProperty struct {
+	Type   string   `json:"Key"`
+	Values []string `json:"Values"`
 }
diff --git a/resource_userclient.go b/resource_userclient.go
@@ -152,6 +152,27 @@ func resourceUserClient() *schema.Resource {
 				Default:     "1",
 				Description: "A change in value for this field will force recreating the resource",
 			},
+			"client_properties": {
+				Type:        schema.TypeSet,
+				Optional:    true,
+				Description: "Used this to set other key-value(s) properties on a client. The allowed keys to set here must be whitelisted in elvid.",
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"key": {
+							Type:     schema.TypeString,
+							Required: true,
+						},
+
+						"values": {
+							Type:     schema.TypeList,
+							Required: true,
+							Elem: &schema.Schema{
+								Type: schema.TypeString,
+							},
+						},
+					},
+				},
+			},
 		},
 	}
 }
@@ -204,6 +225,14 @@ func resourceUserClientRead(d *schema.ResourceData, m interface{}) error {
 	d.Set("allow_use_of_refresh_tokens", userClient.AllowUseOfRefreshTokens)
 	d.Set("one_time_usage_for_refresh_tokens", userClient.OneTimeUsageForRefreshTokens)
 	d.Set("refresh_token_life_time", userClient.RefreshTokensLifeTime)
+	clientProperties := make([]interface{}, len(userClient.ClientProperties))
+	for i, s := range userClient.ClientProperties {
+		clientPropertiesMap := make(map[string]interface{})
+		clientPropertiesMap["type"] = s.Type
+		clientPropertiesMap["values"] = s.Values
+		clientProperties[i] = clientPropertiesMap
+	}
+	d.Set("client_properties", clientProperties)
 
 	return nil
 }
@@ -253,6 +282,25 @@ func ReadUserClientFromResourceData(d *schema.ResourceData) *elvidapiclient.User
 		AllowUseOfRefreshTokens:          d.Get("allow_use_of_refresh_tokens").(bool),
 		OneTimeUsageForRefreshTokens:     d.Get("one_time_usage_for_refresh_tokens").(bool),
 		RefreshTokensLifeTime:            d.Get("refresh_token_life_time").(int),
+		ClientProperties:                 readClientPropertiesFromResourceData(d),
 	}
 	return userClient
 }
+
+func readClientPropertiesFromResourceData(d *schema.ResourceData) []elvidapiclient.ClientProperty {
+	rawList := d.Get("client_properties").(*schema.Set).List()
+	clientProperties := make([]elvidapiclient.ClientProperty, len(rawList))
+	for i, v := range rawList {
+		clientPropertyMap := v.(map[string]interface{})
+		valuesInterface := clientPropertyMap["values"].([]interface{})
+		values := make([]string, len(valuesInterface))
+		for i, v := range valuesInterface {
+			values[i] = v.(string)
+		}
+		clientProperties[i] = elvidapiclient.ClientProperty{
+			Type:   fmt.Sprintf("%v", clientPropertyMap["key"]),
+			Values: values,
+		}
+	}
+	return clientProperties
+}
diff --git a/terraform-tester.tf b/terraform-tester.tf
@@ -87,6 +87,7 @@ provider "vault" {
 ## Module userclient
 ## Note that this require vault setup. Se readme
 # module "elvid_userclient" {
+#   # # source  = "app.terraform.io/Elvia/userclient/elvid"
 #   source      = "C:\\3lvia\\terraform-elvid-userclient"
 #   environment = "dev"
 #   client_name = "test-bff"
@@ -97,6 +98,7 @@ provider "vault" {
 #   elvia_ad_login_enabled         = true
 #   system_name      = "elvid"
 #   client_secret_enabled = true
+#   ad_groups_filter = ["test"]
 # }
 
 ## Module machineclient