Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add global jwt_issuer_format option #52

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 9 additions & 9 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,26 +1,26 @@
module github.com/pomerium/enterprise-terraform-provider

go 1.23.0
go 1.23.7

require (
github.com/go-jose/go-jose/v3 v3.0.4
github.com/google/go-cmp v0.6.0
github.com/google/go-cmp v0.7.0
github.com/hashicorp/terraform-plugin-framework v1.13.0
github.com/hashicorp/terraform-plugin-framework-timetypes v0.5.0
github.com/hashicorp/terraform-plugin-framework-validators v0.16.0
github.com/hashicorp/terraform-plugin-go v0.25.0
github.com/hashicorp/terraform-plugin-log v0.9.0
github.com/iancoleman/strcase v0.3.0
github.com/pomerium/enterprise-client-go v0.28.1-0.20250310151140-91b9684b1537
github.com/pomerium/pomerium v0.28.1-0.20250218200206-b9fd926618e2
github.com/pomerium/enterprise-client-go v0.28.1-0.20250313205349-eaa1c8257711
github.com/pomerium/pomerium v0.28.1-0.20250313134608-c4a5502f49f5
github.com/rs/zerolog v1.33.0
github.com/stretchr/testify v1.10.0
google.golang.org/grpc v1.70.0
google.golang.org/protobuf v1.36.4
google.golang.org/grpc v1.71.0
google.golang.org/protobuf v1.36.5
)

require (
github.com/OneOfOne/xxhash v1.2.8 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect
github.com/fatih/color v1.14.1 // indirect
Expand All @@ -35,7 +35,7 @@ require (
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mitchellh/go-testing-interface v1.14.1 // indirect
github.com/oklog/run v1.0.0 // indirect
github.com/open-policy-agent/opa v1.0.0 // indirect
github.com/open-policy-agent/opa v1.2.0 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
Expand All @@ -46,7 +46,7 @@ require (
golang.org/x/net v0.36.0 // indirect
golang.org/x/sys v0.30.0 // indirect
golang.org/x/text v0.22.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
sigs.k8s.io/yaml v1.4.0 // indirect
)
40 changes: 20 additions & 20 deletions go.sum
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8=
github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q=
github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA=
github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8=
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
Expand All @@ -24,8 +24,8 @@ github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5x
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
Expand Down Expand Up @@ -72,16 +72,16 @@ github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJ
github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8=
github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
github.com/open-policy-agent/opa v1.0.0 h1:fZsEwxg1knpPvUn0YDJuJZBcbVg4G3zKpWa3+CnYK+I=
github.com/open-policy-agent/opa v1.0.0/go.mod h1:+JyoH12I0+zqyC1iX7a2tmoQlipwAEGvOhVJMhmy+rM=
github.com/open-policy-agent/opa v1.2.0 h1:88NDVCM0of1eO6Z4AFeL3utTEtMuwloFmWWU7dRV1z0=
github.com/open-policy-agent/opa v1.2.0/go.mod h1:30euUmOvuBoebRCcJ7DMF42bRBOPznvt0ACUMYDUGVY=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pomerium/enterprise-client-go v0.28.1-0.20250310151140-91b9684b1537 h1:5zM4pm7dPXWMx2Eq0G7XuoQJV5gZqMbjiWjRq6YH5Ws=
github.com/pomerium/enterprise-client-go v0.28.1-0.20250310151140-91b9684b1537/go.mod h1:36+cCZpNgJQb5B1+y4rCcyQ8CM865NBNmEAQFS+73DQ=
github.com/pomerium/pomerium v0.28.1-0.20250218200206-b9fd926618e2 h1:UtyGKmmFs/DVuvhOUeFowruCv+xObqAbqNmPqhMZ88o=
github.com/pomerium/pomerium v0.28.1-0.20250218200206-b9fd926618e2/go.mod h1:8Uf1ya/wSjJyeUo5X4TqctlrYxbc5iPfFG18x1t0Deo=
github.com/pomerium/enterprise-client-go v0.28.1-0.20250313205349-eaa1c8257711 h1:T6hLEgz5RAqKVJ2+gaRx9U1Rqlrbiii+jwBDqVh7QxM=
github.com/pomerium/enterprise-client-go v0.28.1-0.20250313205349-eaa1c8257711/go.mod h1:36+cCZpNgJQb5B1+y4rCcyQ8CM865NBNmEAQFS+73DQ=
github.com/pomerium/pomerium v0.28.1-0.20250313134608-c4a5502f49f5 h1:J7uXUwA8vk1O0sD9lkgi6H9v8lxXVaoH3rIJZ8+Arpw=
github.com/pomerium/pomerium v0.28.1-0.20250313134608-c4a5502f49f5/go.mod h1:AR7TsCCxEbz1ZLKRPJSrmBHRqPewjPEac2LXsFTc/08=
github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5XpJzTSTfLsJV/mx9Q9g7kxmchpfZyxgzM=
github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
Expand Down Expand Up @@ -109,10 +109,10 @@ go.opentelemetry.io/otel v1.34.0 h1:zRLXxLCgL1WyKsPVrgbSdMN4c0FMkDAskSTQP+0hdUY=
go.opentelemetry.io/otel v1.34.0/go.mod h1:OWFPOQ+h4G8xpyjgqo4SxJYdDQ/qmRH+wivy7zzx9oI=
go.opentelemetry.io/otel/metric v1.34.0 h1:+eTR3U0MyfWjRDhmFMxe2SsW64QrZ84AOhvqS7Y+PoQ=
go.opentelemetry.io/otel/metric v1.34.0/go.mod h1:CEDrp0fy2D0MvkXE+dPV7cMi8tWZwX3dmaIhwPOaqHE=
go.opentelemetry.io/otel/sdk v1.33.0 h1:iax7M131HuAm9QkZotNHEfstof92xM+N8sr3uHXc2IM=
go.opentelemetry.io/otel/sdk v1.33.0/go.mod h1:A1Q5oi7/9XaMlIWzPSxLRWOI8nG3FnzHJNbiENQuihM=
go.opentelemetry.io/otel/sdk/metric v1.32.0 h1:rZvFnvmvawYb0alrYkjraqJq0Z4ZUJAiyYCU9snn1CU=
go.opentelemetry.io/otel/sdk/metric v1.32.0/go.mod h1:PWeZlq0zt9YkYAp3gjKZ0eicRYvOh1Gd+X99x6GHpCQ=
go.opentelemetry.io/otel/sdk v1.34.0 h1:95zS4k/2GOy069d321O8jWgYsW3MzVV+KuSPKp7Wr1A=
go.opentelemetry.io/otel/sdk v1.34.0/go.mod h1:0e/pNiaMAqaykJGKbi+tSjWfNNHMTxoC9qANsCzbyxU=
go.opentelemetry.io/otel/sdk/metric v1.34.0 h1:5CeK9ujjbFVL5c1PhLuStg1wxA7vQv7ce1EK0Gyvahk=
go.opentelemetry.io/otel/sdk/metric v1.34.0/go.mod h1:jQ/r8Ze28zRKoNRdkjCZxfs6YvBTG1+YIqyFVFYec5w=
go.opentelemetry.io/otel/trace v1.34.0 h1:+ouXS2V8Rd4hp4580a8q23bg0azF2nI8cqLYnC8mh/k=
go.opentelemetry.io/otel/trace v1.34.0/go.mod h1:Svm7lSjQD7kG7KJ/MUHPVXSDGz2OX4h0M2jHBhmSfRE=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
Expand Down Expand Up @@ -168,12 +168,12 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 h1:8ZmaLZE4XWrtU3MyClkYqqtl6Oegr3235h7jxsDyqCY=
google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU=
google.golang.org/grpc v1.70.0 h1:pWFv03aZoHzlRKHWicjsZytKAiYCtNS0dHbXnIdq7jQ=
google.golang.org/grpc v1.70.0/go.mod h1:ofIJqVKDXx/JiXrwr2IG4/zwdH9txy3IlF40RmcJSQw=
google.golang.org/protobuf v1.36.4 h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM=
google.golang.org/protobuf v1.36.4/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2 h1:DMTIbak9GhdaSxEjvVzAeNZvyc03I61duqNbnm3SU0M=
google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2/go.mod h1:LuRYeWDFV6WOn90g357N17oMCaxpgCnbi/44qJvDn2I=
google.golang.org/grpc v1.71.0 h1:kF77BGdPTQ4/JZWMlb9VpJ5pa25aqvVqogsxNHHdeBg=
google.golang.org/grpc v1.71.0/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec=
google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM=
google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
Expand Down
33 changes: 33 additions & 0 deletions internal/provider/convert.go
Original file line number Diff line number Diff line change
Expand Up @@ -332,6 +332,39 @@ func ToBearerTokenFormat(src types.String) *pb.BearerTokenFormat {
}
}

// FromIssuerFormat converts a protobuf JWT issuer format into a string.
func FromIssuerFormat(src *pb.IssuerFormat) types.String {
if src == nil {
return types.StringNull()
}

switch *src {
case pb.IssuerFormat_IssuerHostOnly:
return types.StringValue("host_only")
case pb.IssuerFormat_IssuerURI:
return types.StringValue("uri")
default:
return types.StringNull()
}
}

// ToIssuerFormat converts a JWT issuer format string into a protobuf enum.
func ToIssuerFormat(src types.String, diags *diag.Diagnostics) *pb.IssuerFormat {
if src.IsNull() || src.IsUnknown() {
return nil
}

switch src.ValueString() {
case "host_only":
return pb.IssuerFormat_IssuerHostOnly.Enum()
case "uri":
return pb.IssuerFormat_IssuerURI.Enum()
default:
diags.AddError("unknown issuer format", fmt.Sprintf("unknown issuer format %q", src.ValueString()))
return nil
}
}

// UInt32ToInt64OrNull converts a uint32 to types.Int64, returning null if the value is 0
func UInt32ToInt64OrNull(value uint32) types.Int64 {
if value > 0 {
Expand Down
45 changes: 45 additions & 0 deletions internal/provider/convert_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
"github.com/hashicorp/terraform-plugin-framework/types/basetypes"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"google.golang.org/protobuf/proto"
"google.golang.org/protobuf/testing/protocmp"
"google.golang.org/protobuf/types/known/durationpb"
"google.golang.org/protobuf/types/known/structpb"
Expand Down Expand Up @@ -786,6 +787,50 @@ func TestToBearerTokenFormat(t *testing.T) {
}
}

func TestFromIssuerFormat(t *testing.T) {
t.Parallel()

for _, tc := range []struct {
name string
in *pb.IssuerFormat
expect types.String
}{
{"null", nil, types.StringNull()},
{"host_only", pb.IssuerFormat_IssuerHostOnly.Enum(), types.StringValue("host_only")},
{"uri", pb.IssuerFormat_IssuerURI.Enum(), types.StringValue("uri")},
{"unknown", (*pb.IssuerFormat)(proto.Int32(123)), types.StringNull()},
} {
assert.Equal(t, tc.expect, provider.FromIssuerFormat(tc.in),
"%s: should convert %v to %v", tc.name, tc.in, tc.expect)
}
}

func TestToIssuerFormat(t *testing.T) {
t.Parallel()

for _, tc := range []struct {
name string
in types.String
expect *pb.IssuerFormat
expectedErrorDetails string
}{
{"null", types.StringNull(), nil, ""},
{"host_only", types.StringValue("host_only"), pb.IssuerFormat_IssuerHostOnly.Enum(), ""},
{"uri", types.StringValue("uri"), pb.IssuerFormat_IssuerURI.Enum(), ""},
{"unknown", types.StringValue("foobar"), nil, `unknown issuer format "foobar"`},
} {
diagnostics := diag.Diagnostics{}
assert.Equal(t, tc.expect, provider.ToIssuerFormat(tc.in, &diagnostics),
"%s: should convert %v to %v", tc.name, tc.in, tc.expect)
if tc.expectedErrorDetails == "" {
assert.False(t, diagnostics.HasError())
} else {
assert.Len(t, diagnostics, 1)
assert.Equal(t, tc.expectedErrorDetails, diagnostics[0].Detail())
}
}
}

func TestToRouteStringList(t *testing.T) {
t.Parallel()

Expand Down
4 changes: 2 additions & 2 deletions internal/provider/route_model.go
Original file line number Diff line number Diff line change
Expand Up @@ -590,7 +590,7 @@ func ConvertRouteToPB(
pbRoute.EnableGoogleCloudServerlessAuthentication = src.EnableGoogleCloudServerlessAuthentication.ValueBool()
}
pbRoute.KubernetesServiceAccountTokenFile = src.KubernetesServiceAccountTokenFile.ValueStringPointer()
EnumValueToPBWithDefault(&pbRoute.JwtIssuerFormat, src.JWTIssuerFormat, pb.IssuerFormat_IssuerHostOnly, &diagnostics)
pbRoute.JwtIssuerFormat = ToIssuerFormat(src.JWTIssuerFormat, &diagnostics)
pbRoute.RewriteResponseHeaders = rewriteHeadersToPB(src.RewriteResponseHeaders)
pbRoute.BearerTokenFormat = ToBearerTokenFormat(src.BearerTokenFormat)
ToRouteStringList(ctx, &pbRoute.IdpAccessTokenAllowedAudiences, src.IDPAccessTokenAllowedAudiences, &diagnostics)
Expand Down Expand Up @@ -652,7 +652,7 @@ func ConvertRouteFromPB(
dst.EnableGoogleCloudServerlessAuthentication = types.BoolValue(true)
}
dst.KubernetesServiceAccountTokenFile = types.StringPointerValue(src.KubernetesServiceAccountTokenFile)
dst.JWTIssuerFormat = EnumValueFromPB(src.JwtIssuerFormat)
dst.JWTIssuerFormat = FromIssuerFormat(src.JwtIssuerFormat)
dst.RewriteResponseHeaders = rewriteHeadersFromPB(src.RewriteResponseHeaders)
dst.BearerTokenFormat = FromBearerTokenFormat(src.BearerTokenFormat)
dst.IDPAccessTokenAllowedAudiences = FromStringList(src.IdpAccessTokenAllowedAudiences)
Expand Down
4 changes: 2 additions & 2 deletions internal/provider/route_model_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ func TestConvertRoute(t *testing.T) {
LogoUrl: ptr("https://logo.example.com/logo.png"),
EnableGoogleCloudServerlessAuthentication: true,
KubernetesServiceAccountTokenFile: ptr("/path/to/token"),
JwtIssuerFormat: pb.IssuerFormat_IssuerURI,
JwtIssuerFormat: pb.IssuerFormat_IssuerURI.Enum(),
BearerTokenFormat: pb.BearerTokenFormat_BEARER_TOKEN_FORMAT_IDP_ACCESS_TOKEN.Enum(),
IdpAccessTokenAllowedAudiences: &pb.Route_StringList{Values: []string{"aud1", "aud2"}},
LoadBalancingPolicy: pb.LoadBalancingPolicy_LOAD_BALANCING_POLICY_ROUND_ROBIN.Enum(),
Expand Down Expand Up @@ -186,7 +186,7 @@ func TestConvertRoute(t *testing.T) {
LogoURL: types.StringValue("https://logo.example.com/logo.png"),
EnableGoogleCloudServerlessAuthentication: types.BoolValue(true),
KubernetesServiceAccountTokenFile: types.StringValue("/path/to/token"),
JWTIssuerFormat: types.StringValue("IssuerURI"),
JWTIssuerFormat: types.StringValue("uri"),
BearerTokenFormat: types.StringValue("idp_access_token"),
IDPAccessTokenAllowedAudiences: types.SetValueMust(types.StringType, []attr.Value{types.StringValue("aud1"), types.StringValue("aud2")}),
LoadBalancingPolicy: types.StringValue("round_robin"),
Expand Down
2 changes: 2 additions & 0 deletions internal/provider/settings_model.go
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ type SettingsModel struct {
InstallationID types.String `tfsdk:"installation_id"`
JWTClaimsHeaders types.Map `tfsdk:"jwt_claims_headers"`
JWTGroupsFilter types.Object `tfsdk:"jwt_groups_filter"`
JWTIssuerFormat types.String `tfsdk:"jwt_issuer_format"`
LogLevel types.String `tfsdk:"log_level"`
LogoURL types.String `tfsdk:"logo_url"`
MetricsAddress types.String `tfsdk:"metrics_address"`
Expand Down Expand Up @@ -158,6 +159,7 @@ func ConvertSettingsToPB(
pbSettings.InsecureServer = src.InsecureServer.ValueBoolPointer()
pbSettings.InstallationId = src.InstallationID.ValueStringPointer()
ToStringMap(ctx, &pbSettings.JwtClaimsHeaders, src.JWTClaimsHeaders, &diagnostics)
pbSettings.JwtIssuerFormat = ToIssuerFormat(src.JWTIssuerFormat, &diagnostics)
pbSettings.LogLevel = src.LogLevel.ValueStringPointer()
pbSettings.LogoUrl = src.LogoURL.ValueStringPointer()
pbSettings.MetricsAddress = src.MetricsAddress.ValueStringPointer()
Expand Down
2 changes: 2 additions & 0 deletions internal/provider/settings_model_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ func TestConvertSettingsToPB(t *testing.T) {
InstallationId: proto.String("INSTALLATION_ID"),
JwtClaimsHeaders: map[string]string{"X": "Y"},
JwtGroupsFilter: &pb.JwtGroupsFilter{InferFromPpl: proto.Bool(true), Groups: []string{"z"}},
JwtIssuerFormat: pb.IssuerFormat_IssuerURI.Enum(),
LogLevel: proto.String("debug"),
LogoUrl: proto.String("https://logo.example.com"),
MetricsAddress: proto.String("127.0.0.1:9999"),
Expand Down Expand Up @@ -139,6 +140,7 @@ func TestConvertSettingsToPB(t *testing.T) {
InstallationID: types.StringValue("INSTALLATION_ID"),
JWTClaimsHeaders: types.MapValueMust(types.StringType, map[string]attr.Value{"X": types.StringValue("Y")}),
JWTGroupsFilter: types.ObjectValueMust(map[string]attr.Type{"infer_from_ppl": types.BoolType, "groups": types.ListType{ElemType: types.StringType}}, map[string]attr.Value{"infer_from_ppl": types.BoolValue(true), "groups": types.ListValueMust(types.StringType, []attr.Value{types.StringValue("z")})}),
JWTIssuerFormat: types.StringValue("uri"),
LogLevel: types.StringValue("debug"),
LogoURL: types.StringValue("https://logo.example.com"),
MetricsAddress: types.StringValue("127.0.0.1:9999"),
Expand Down