diff --git a/terraform-provider-jans/docs/resources/admin_ui_permission.md b/terraform-provider-jans/docs/resources/admin_ui_permission.md deleted file mode 100644 index a43d2ae67f7..00000000000 --- a/terraform-provider-jans/docs/resources/admin_ui_permission.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "jans_admin_ui_permission Resource - terraform-provider-jans" -subcategory: "" -description: |- - Resource for managing permissions for the AdminUI. ---- - -# jans_admin_ui_permission (Resource) - -Resource for managing permissions for the AdminUI. - -## Example Usage - -```terraform -resource "jans_admin_ui_permission" "attribute_delete" { - permission = "https://jans.io/oauth/config/attributes.delete" - description = "Permission to delete an already existing attribute" -} -``` - - -## Schema - -### Required - -- `permission` (String) Permission - -### Optional - -- `default_permission_in_token` (Boolean) Default permission in token -- `description` (String) Permission description - -### Read-Only - -- `id` (String) The ID of this resource. - - diff --git a/terraform-provider-jans/docs/resources/admin_ui_role.md b/terraform-provider-jans/docs/resources/admin_ui_role.md deleted file mode 100644 index 3ca0a4f6d7f..00000000000 --- a/terraform-provider-jans/docs/resources/admin_ui_role.md +++ /dev/null @@ -1,39 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "jans_admin_ui_role Resource - terraform-provider-jans" -subcategory: "" -description: |- - Resource for managing roles for the AdminUI. ---- - -# jans_admin_ui_role (Resource) - -Resource for managing roles for the AdminUI. - -## Example Usage - -```terraform -resource "jans_admin_ui_role" "api_attribute_manager" { - role = "api-attribute-manager" - description = "Role to manage attributes" - deletable = true -} -``` - - -## Schema - -### Required - -- `role` (String) Role name - -### Optional - -- `deletable` (Boolean) Whether the role can be deleted -- `description` (String) Role description - -### Read-Only - -- `id` (String) The ID of this resource. - - diff --git a/terraform-provider-jans/docs/resources/admin_ui_role_permission_mapping.md b/terraform-provider-jans/docs/resources/admin_ui_role_permission_mapping.md deleted file mode 100644 index 8c1d9612418..00000000000 --- a/terraform-provider-jans/docs/resources/admin_ui_role_permission_mapping.md +++ /dev/null @@ -1,50 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "jans_admin_ui_role_permission_mapping Resource - terraform-provider-jans" -subcategory: "" -description: |- - Resource for managing role permissions for the AdminUI. ---- - -# jans_admin_ui_role_permission_mapping (Resource) - -Resource for managing role permissions for the AdminUI. - -## Example Usage - -```terraform -resource "jans_admin_ui_role" "api_attribute_manager" { - role = "api-attribute-manager" - description = "Role to manage attributes" - deletable = true -} - -resource "jans_admin_ui_permission" "attribute_delete" { - permission = "https://jans.io/oauth/config/attributes.delete" - description = "Permission to delete an already existing attribute" -} - -resource "jans_admin_ui_role_permission_mapping" "api_attribute_manager_mapping" { - role = resource.jans_admin_ui_role.api_attribute_manager.role - permissions = [ - resource.jans_admin_ui_permission.attribute_delete.permission, - ] -} -``` - - -## Schema - -### Required - -- `role` (String) Role name - -### Optional - -- `permissions` (List of String) Permissions - -### Read-Only - -- `id` (String) The ID of this resource. - - diff --git a/terraform-provider-jans/docs/resources/agama_flow.md b/terraform-provider-jans/docs/resources/agama_flow.md deleted file mode 100644 index 80071763000..00000000000 --- a/terraform-provider-jans/docs/resources/agama_flow.md +++ /dev/null @@ -1,70 +0,0 @@ ---- -# generated by https://github.com/hashicorp/terraform-plugin-docs -page_title: "jans_agama_flow Resource - terraform-provider-jans" -subcategory: "" -description: |- - Resource for managing authentication flows via the Agama engine. ---- - -# jans_agama_flow (Resource) - -Resource for managing authentication flows via the Agama engine. - -## Example Usage - -```terraform -resource "jans_agama_flow" "test" { - qname = "test" - revision = 1 - enabled = true - source = < -## Schema - -### Optional - -- `code_error` (String) Errors in the flow source detected by Agama transpiler -- `enabled` (Boolean) Whether the flow can be launched directly from an authentication request -- `metadata` (Block List, Max: 1) Flow metadata (see [below for nested schema](#nestedblock--metadata)) -- `qname` (String) Flow qualified name -- `revision` (Number) Revision number of the flow -- `source` (String) Source code -- `transpiled` (String) - -### Read-Only - -- `base_dn` (String) -- `dn` (String) Flow distinguished name -- `id` (String) The ID of this resource. -- `trans_hash` (String) - - -### Nested Schema for `metadata` - -Optional: - -- `author` (String) Author of the flow -- `description` (String) Descriptive details of the flow -- `display_name` (String) Name of the flow for displaying purposes -- `func_name` (String) For internal use only. This property should not be modified -- `inputs` (List of String) For internal use only. This property should not be modified -- `properties` (Map of String) Configuration parameters of the flow -- `timeout` (Number) For internal use only. This property should not be modified - -Read-Only: - -- `timestamp` (Number) Flow creation timestamp relative to UNIX epoch - - diff --git a/terraform-provider-jans/example/main.tf b/terraform-provider-jans/example/main.tf deleted file mode 100644 index 00fa8a22fb0..00000000000 --- a/terraform-provider-jans/example/main.tf +++ /dev/null @@ -1,14 +0,0 @@ -terraform { - required_version = ">= 0.12.0" - required_providers { - janssen = { - source = "terraform.local/janssen/terraform-provider-jans" - version = ">= 0.1.0" - } - } -} - -provider "janssen" { - url = "http://localhost:8080" - api_key = "secret" -} \ No newline at end of file diff --git a/terraform-provider-jans/jans/agama_flow.go b/terraform-provider-jans/jans/agama_flow.go deleted file mode 100644 index 5470f79cf35..00000000000 --- a/terraform-provider-jans/jans/agama_flow.go +++ /dev/null @@ -1,152 +0,0 @@ -package jans - -import ( - "context" - "fmt" -) - -type FlowMetadata struct { - FuncName string `schema:"func_name" json:"funcName"` - Inputs []string `schema:"inputs" json:"inputs"` - Timeout int `schema:"timeout" json:"timeout"` - DisplayName string `schema:"display_name" json:"displayName"` - Author string `schema:"author" json:"author"` - Timestamp int `schema:"timestamp" json:"timestamp"` - Description string `schema:"description" json:"description"` - Properties map[string]string `schema:"properties" json:"properties"` -} - -type AgamaFlow struct { - Dn string `schema:"dn" json:"dn"` - Qname string `schema:"qname" json:"qname"` - TransHash string `schema:"trans_hash" json:"transHash"` - Revision int `schema:"revision" json:"revision"` - Enabled bool `schema:"enabled" json:"enabled"` - Metadata FlowMetadata `schema:"metadata" json:"metadata"` - Source string `schema:"source" json:"source"` - Transpiled string `schema:"transpiled" json:"transpiled"` - CodeError string `schema:"code_error" json:"codeError"` - BaseDn string `schema:"base_dn" json:"baseDn"` -} - -// GetAgamaFlows returns all currently configured Agama flows. -func (c *Client) GetAgamaFlows(ctx context.Context) ([]AgamaFlow, error) { - - token, err := c.getToken(ctx, "https://jans.io/oauth/config/agama.readonly") - if err != nil { - return nil, fmt.Errorf("failed to get token: %w", err) - } - - type response struct { - Data []AgamaFlow `json:"data"` - Count int `json:"entriesCount"` - TotalItems int `json:"totalItems"` - } - ret := response{} - - if err := c.get(ctx, "/jans-config-api/api/v1/agama", token, &ret); err != nil { - return nil, fmt.Errorf("get request failed: %w", err) - } - - return ret.Data, nil -} - -// GetAgamaFlow returns the Agama flow with the given qname. -func (c *Client) GetAgamaFlow(ctx context.Context, qname string) (*AgamaFlow, error) { - - if qname == "" { - return nil, fmt.Errorf("qname is empty") - } - - token, err := c.getToken(ctx, "https://jans.io/oauth/config/agama.readonly") - if err != nil { - return nil, fmt.Errorf("failed to get token: %w", err) - } - - ret := &AgamaFlow{} - - if err := c.get(ctx, "/jans-config-api/api/v1/agama/"+qname, token, ret); err != nil { - return nil, fmt.Errorf("get request failed: %w", err) - } - - return ret, nil -} - -// CreateAgamaFlow creates a new Agama flow. -func (c *Client) CreateAgamaFlow(ctx context.Context, flow *AgamaFlow) (*AgamaFlow, error) { - - if flow == nil { - return nil, fmt.Errorf("agama flow is nil") - } - - token, err := c.getToken(ctx, "https://jans.io/oauth/config/agama.write") - if err != nil { - return nil, fmt.Errorf("failed to get token: %w", err) - } - - ret := &AgamaFlow{} - - if err := c.post(ctx, "/jans-config-api/api/v1/agama", token, flow, ret); err != nil { - return nil, fmt.Errorf("post request failed: %w", err) - } - - return ret, nil -} - -// // UpdateAgamaFlow updates an already existing OIDC client. -func (c *Client) UpdateAgamaFlow(ctx context.Context, flow *AgamaFlow) error { - - if flow == nil { - return fmt.Errorf("agama flow is nil") - } - - token, err := c.getToken(ctx, "https://jans.io/oauth/config/agama.write") - if err != nil { - return fmt.Errorf("failed to get token: %w", err) - } - - orig, err := c.GetAgamaFlow(ctx, flow.Qname) - if err != nil { - return fmt.Errorf("failed to get original agama flow: %w", err) - } - - patches, err := createPatches(flow, orig) - if err != nil { - return fmt.Errorf("failed to create patches: %w", err) - } - - if len(patches) == 0 { - return fmt.Errorf("no patches provided") - } - - // first update the flow attributes - if err := c.patch(ctx, "/jans-config-api/api/v1/agama/"+flow.Qname, token, patches); err != nil { - return fmt.Errorf("patch request failed: %w", err) - } - - // then update the flow source code - if err := c.putText(ctx, "/jans-config-api/api/v1/agama/source/"+flow.Qname, token, flow.Source, nil); err != nil { - return fmt.Errorf("put request failed: %w", err) - } - - return nil -} - -// DeleteAgamaFlow deletes an already existing Agama flow. -func (c *Client) DeleteAgamaFlow(ctx context.Context, qname string) error { - - if qname == "" { - return fmt.Errorf("qname is empty") - } - - token, err := c.getToken(ctx, "https://jans.io/oauth/config/agama.delete") - if err != nil { - return fmt.Errorf("failed to get token: %w", err) - } - - if err := c.delete(ctx, "/jans-config-api/api/v1/agama/"+qname, token); err != nil { - return fmt.Errorf("delete request failed: %w", err) - } - - return nil -} diff --git a/terraform-provider-jans/jans/agama_flow_test.go b/terraform-provider-jans/jans/agama_flow_test.go deleted file mode 100644 index c056cbd15b6..00000000000 --- a/terraform-provider-jans/jans/agama_flow_test.go +++ /dev/null @@ -1,84 +0,0 @@ -package jans - -import ( - "context" - "errors" - "testing" -) - -func TestAgamaFlow(t *testing.T) { - - client, err := NewInsecureClient(host, user, pass) - if err != nil { - t.Fatal(err) - } - - ctx := context.Background() - - _, err = client.GetAgamaFlows(ctx) - if err != nil { - t.Error(err) - } - - newFlow := AgamaFlow{ - Qname: "test", - Enabled: true, - Source: `//This is a comment -Flow test - Basepath "hello" - -in = { name: "John" } -RRF "index.ftlh" in - -Log "Done!" -Finish "john_doe" -`, - } - - _, err = client.CreateAgamaFlow(ctx, &newFlow) - if err != nil { - t.Fatal(err) - } - - t.Cleanup(func() { - _ = client.DeleteAgamaFlow(ctx, newFlow.Qname) - }) - - loadedFlow, err := client.GetAgamaFlow(ctx, "test") - if err != nil { - t.Fatal(err) - } - - if newFlow.Qname != loadedFlow.Qname { - t.Errorf("expected qname %s, got %s", newFlow.Qname, loadedFlow.Qname) - } - - if newFlow.Enabled != loadedFlow.Enabled { - t.Errorf("expected enabled %t, got %t", newFlow.Enabled, loadedFlow.Enabled) - } - - loadedFlow.Enabled = false - loadedFlow.Source = newFlow.Source - if err := client.UpdateAgamaFlow(ctx, loadedFlow); err != nil { - t.Fatal(err) - } - - updatedFlow, err := client.GetAgamaFlow(ctx, "test") - if err != nil { - t.Fatal(err) - } - - if updatedFlow.Enabled != false { - t.Errorf("expected enabled %t, got %t", false, updatedFlow.Enabled) - } - - // delete - if err = client.DeleteAgamaFlow(ctx, newFlow.Qname); err != nil { - t.Fatal(err) - } - - if _, err := client.GetAgamaFlow(ctx, "test"); !errors.Is(err, ErrorNotFound) { - t.Errorf("expected 404 error, got %v", err) - } - -} diff --git a/terraform-provider-jans/provider/resource_agama_flow.go b/terraform-provider-jans/provider/resource_agama_flow.go deleted file mode 100644 index 342d6278883..00000000000 --- a/terraform-provider-jans/provider/resource_agama_flow.go +++ /dev/null @@ -1,199 +0,0 @@ -package provider - -import ( - "context" - - "github.com/hashicorp/terraform-plugin-log/tflog" - "github.com/hashicorp/terraform-plugin-sdk/v2/diag" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - "github.com/jans/terraform-provider-jans/jans" -) - -func resourceAgamaFlow() *schema.Resource { - - return &schema.Resource{ - Description: "Resource for managing authentication flows via the Agama engine.", - CreateContext: resourceAgamaFlowCreate, - ReadContext: resourceAgamaFlowRead, - UpdateContext: resourceAgamaFlowUpdate, - DeleteContext: resourceAgamaFlowDelete, - Importer: &schema.ResourceImporter{ - StateContext: schema.ImportStatePassthroughContext, - }, - Schema: map[string]*schema.Schema{ - "dn": { - Type: schema.TypeString, - Computed: true, - Description: "Flow distinguished name", - }, - "qname": { - Type: schema.TypeString, - Optional: true, - Description: "Flow qualified name", - }, - "trans_hash": { - Type: schema.TypeString, - Computed: true, - Description: "", - }, - "revision": { - Type: schema.TypeInt, - Optional: true, - Description: "Revision number of the flow", - }, - "enabled": { - Type: schema.TypeBool, - Optional: true, - Description: "Whether the flow can be launched directly from an authentication request", - }, - "metadata": { - Type: schema.TypeList, - Optional: true, - MaxItems: 1, - Description: "Flow metadata", - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "func_name": { - Type: schema.TypeString, - Optional: true, - Description: "For internal use only. This property should not be modified", - }, - "inputs": { - Type: schema.TypeList, - Optional: true, - Description: "For internal use only. This property should not be modified", - Elem: &schema.Schema{ - Type: schema.TypeString, - }, - }, - "timeout": { - Type: schema.TypeInt, - Optional: true, - Description: "For internal use only. This property should not be modified", - }, - "display_name": { - Type: schema.TypeString, - Optional: true, - Description: "Name of the flow for displaying purposes", - }, - "author": { - Type: schema.TypeString, - Optional: true, - Description: "Author of the flow", - }, - "timestamp": { - Type: schema.TypeInt, - Computed: true, - Description: "Flow creation timestamp relative to UNIX epoch", - }, - "description": { - Type: schema.TypeString, - Optional: true, - Description: "Descriptive details of the flow", - }, - "properties": { - Type: schema.TypeMap, - Optional: true, - Description: "Configuration parameters of the flow", - Elem: &schema.Schema{ - Type: schema.TypeString, - }, - }, - }, - }, - }, - "source": { - Type: schema.TypeString, - Optional: true, - Description: "Source code", - }, - "transpiled": { - Type: schema.TypeString, - Optional: true, - Description: "", - }, - "code_error": { - Type: schema.TypeString, - Optional: true, - Description: "Errors in the flow source detected by Agama transpiler", - }, - "base_dn": { - Type: schema.TypeString, - Computed: true, - }, - }, - } -} - -func resourceAgamaFlowCreate(ctx context.Context, d *schema.ResourceData, meta any) diag.Diagnostics { - - c := meta.(*jans.Client) - - var flow jans.AgamaFlow - if err := fromSchemaResource(d, &flow); err != nil { - return diag.FromErr(err) - } - - tflog.Debug(ctx, "Creating new agama flow") - newFlow, err := c.CreateAgamaFlow(ctx, &flow) - if err != nil { - return diag.FromErr(err) - } - tflog.Debug(ctx, "New agama flow created", map[string]interface{}{"dn": newFlow.Dn}) - - d.SetId(newFlow.Qname) - - return resourceAgamaFlowRead(ctx, d, meta) -} - -func resourceAgamaFlowRead(ctx context.Context, d *schema.ResourceData, meta any) diag.Diagnostics { - - c := meta.(*jans.Client) - - var diags diag.Diagnostics - - dn := d.Id() - flow, err := c.GetAgamaFlow(ctx, dn) - if err != nil { - return handleNotFoundError(ctx, err, d) - } - - if err := toSchemaResource(d, flow); err != nil { - return diag.FromErr(err) - } - d.SetId(flow.Qname) - - return diags - -} - -func resourceAgamaFlowUpdate(ctx context.Context, d *schema.ResourceData, meta any) diag.Diagnostics { - - c := meta.(*jans.Client) - - var flow jans.AgamaFlow - if err := fromSchemaResource(d, &flow); err != nil { - return diag.FromErr(err) - } - tflog.Debug(ctx, "Updating agama flow", map[string]interface{}{"dn": flow.Dn}) - if err := c.UpdateAgamaFlow(ctx, &flow); err != nil { - return diag.FromErr(err) - } - tflog.Debug(ctx, "Agama flow updated", map[string]interface{}{"dn": flow.Dn}) - - return resourceAgamaFlowRead(ctx, d, meta) -} - -func resourceAgamaFlowDelete(ctx context.Context, d *schema.ResourceData, meta any) diag.Diagnostics { - - c := meta.(*jans.Client) - - dn := d.Id() - tflog.Debug(ctx, "Deleting agama flow", map[string]interface{}{"dn": dn}) - if err := c.DeleteAgamaFlow(ctx, dn); err != nil { - return diag.FromErr(err) - } - tflog.Debug(ctx, "Agama flow deleted", map[string]interface{}{"dn": dn}) - - return resourceAgamaFlowRead(ctx, d, meta) -} diff --git a/terraform-provider-jans/provider/resource_agama_flow_test.go b/terraform-provider-jans/provider/resource_agama_flow_test.go deleted file mode 100644 index bf8775bc150..00000000000 --- a/terraform-provider-jans/provider/resource_agama_flow_test.go +++ /dev/null @@ -1,148 +0,0 @@ -package provider - -import ( - "context" - "errors" - "fmt" - "testing" - - "github.com/google/go-cmp/cmp" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" - "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" - "github.com/jans/terraform-provider-jans/jans" -) - -func TestAgamaFlow_Mapping(t *testing.T) { - - schema := resourceAgamaFlow() - - data := schema.Data(nil) - - flow := jans.AgamaFlow{ - Dn: "dn", - Qname: "qname", - Revision: 1, - Enabled: true, - Metadata: jans.FlowMetadata{ - FuncName: "func_name", - Inputs: []string{"inputs"}, - Timeout: 60, - DisplayName: "display_name", - Author: "author", - Timestamp: 60, - Description: "description", - Properties: map[string]string{"key": "value"}, - }, - Source: "source", - CodeError: "code_error", - } - - if err := toSchemaResource(data, flow); err != nil { - t.Fatal(err) - } - - newFlow := jans.AgamaFlow{} - - if err := fromSchemaResource(data, &newFlow); err != nil { - t.Fatal(err) - } - - if diff := cmp.Diff(flow, newFlow); diff != "" { - t.Errorf("Got different entity after mapping: %s", diff) - } -} - -func TestAccResourceAgamaFlow_basic(t *testing.T) { - - resourceName := "jans_agama_flow.test" - - resource.Test(t, resource.TestCase{ - PreCheck: func() { testAccPreCheck(t) }, - Providers: testAccProviders, - CheckDestroy: testAccResourceCheckAgamaFlowDestroy, - Steps: []resource.TestStep{ - { - Config: testAccResourceAgamaFlowConfig_basic(), - Check: resource.ComposeTestCheckFunc( - testAccResourceCheckAgamaFlowExists(resourceName), - resource.TestCheckResourceAttr(resourceName, "qname", "test"), - resource.TestCheckResourceAttr(resourceName, "enabled", "true"), - ), - }, - }, - }) -} - -func testAccResourceAgamaFlowConfig_basic() string { - return ` -resource "jans_agama_flow" "test" { - qname = "test" - enabled = true - source = <