feat(terraform-provider-jans): update terraform module

* add missing attributes for fido2 app configuration updates
* added read-only ttl attribute to oidc client
* aligned to latest config-API

Makefile

@@ -15,4 +15,8 @@ install: build
 	mv ${BINARY} ~/.terraform.d/plugins/${HOSTNAME}/${NAME}/${VERSION}/${OS_ARCH}
 
 generate-docs:
-	tfplugindocs generate
+	tfplugindocs generate
+
+sanitize:
+	go fmt ./...
+	go vet ./...

docs/resources/app_configuration.md

@@ -145,7 +145,7 @@ resource "jans_app_configuration" "global" {
 - `end_session_with_access_token` (Boolean) Accept access token to call end_session endpoint.
 - `error_handling_method` (String) A list of possible error handling methods.
 - `error_reason_enabled` (Boolean) Boolean value specifying whether to return detailed reason of the error from AS..
-- `expiration_notificator_enabled` (Boolean) Boolean value specifying whether expiration notificator is enabled (used to identify expiration for persistence that support TTL, like Couchbase).
+- `expiration_notificator_enabled` (Boolean) Boolean value specifying whether expiration notificator is enabled (used to identify expiration for persistence that support TTL).
 - `expiration_notificator_interval_in_seconds` (Number) The expiration notificator interval in seconds. Example: 600
 - `expiration_notificator_map_size_limit` (Number) The expiration notificator maximum size limit. Example: 100000
 - `external_logger_configuration` (String) Path to external log4j2 logging configuration. Example: /identity/logviewer/configure

go.mod

@@ -15,8 +15,8 @@ require (
 	github.com/hashicorp/terraform-json v0.17.1 // indirect
 	github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
-	golang.org/x/crypto v0.21.0 // indirect
-	golang.org/x/mod v0.13.0 // indirect
+	golang.org/x/crypto v0.31.0 // indirect
+	golang.org/x/mod v0.17.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 // indirect
 )
 
@@ -49,9 +49,9 @@ require (
 	github.com/oklog/run v1.0.0 // indirect
 	github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect
 	github.com/zclconf/go-cty v1.14.1 // indirect
-	golang.org/x/net v0.23.0 // indirect
-	golang.org/x/sys v0.18.0 // indirect
-	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
+	golang.org/x/sys v0.28.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/grpc v1.57.1 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect

go.sum

@@ -127,12 +127,12 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
-golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
+golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
+golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY=
-golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
+golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
+golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -141,12 +141,13 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
 golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
-golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
-golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -161,8 +162,8 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
-golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
+golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
@@ -175,13 +176,13 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
-golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ=
+golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=

jans/fido2_config.go

@@ -6,8 +6,8 @@ import (
 )
 
 type RequestedParties struct {
-	Name    string   `schema:"name" json:"name"`
-	Domains []string `schema:"domains" json:"domains"`
+	Id      string   `schema:"name" json:"name"`
+	Origins []string `schema:"domains" json:"domains"`
 }
 
 // Fido2Configuration represents the Fido2 configuration properties
@@ -17,10 +17,10 @@ type Fido2Configuration struct {
 	MdsTocsFolder                   string             `schema:"mds_tocs_folder" json:"mdsTocsFolder"`
 	ServerMetadataFolder            string             `schema:"server_metadata_folder" json:"serverMetadataFolder"`
 	RequestedParties                []RequestedParties `schema:"requested_parties" json:"requestedParties"`
-	UserAutoEnrollment              bool               `schema:"user_auto_enrollment" json:"userAutoEnrollment"`
 	UnfinishedRequestExpiration     int                `schema:"unfinished_request_expiration" json:"unfinishedRequestExpiration"`
 	AuthenticationHistoryExpiration int                `schema:"authentication_history_expiration" json:"authenticationHistoryExpiration"`
-	RequestedCredentialTypes        []string           `schema:"requested_credential_types" json:"requestedCredentialTypes"`
+	DebugUserAutoEnrollment         bool               `schema:"user_auto_enrollment" json:"userAutoEnrollment"`
+	EnabledFidoAlgorithms           []string           `schema:"requested_credential_types" json:"enabledFidoAlgorithms"`
 }
 
 // JansFido2DynConfiguration defines the Fido2 dynamic configuration
@@ -40,8 +40,6 @@ type JansFido2DynConfiguration struct {
 	MetricReporterKeepDataDays  int                `schema:"metric_reporter_keep_data_days" json:"metricReporterKeepDataDays,omitempty"`
 	PersonCustomObjectClassList []string           `schema:"person_custom_object_class_list" json:"personCustomObjectClassList,omitempty"`
 	Fido2Configuration          Fido2Configuration `schema:"fido2_configuration" json:"fido2Configuration,omitempty"`
-	OldU2fMigrationEnabled      bool               `schema:"old_u2f_migration_enabled" json:"oldU2fMigrationEnabled,omitempty"`
-	SuperGluuEnabled            bool               `schema:"super_gluu_enabled" json:"superGluuEnabled,omitempty"`
 }
 
 // GetFido2Configuration returns the current Fido2 configuration.

jans/fido2_config_test.go

@@ -28,16 +28,8 @@ func TestFido2Config(t *testing.T) {
 	origBasepoint := cfg.BaseEndpoint
 	cfg.BaseEndpoint = "newbasepoint"
 
-	origSuperGluuEnabled := cfg.SuperGluuEnabled
-	cfg.SuperGluuEnabled = true
-
-	origOldU2fMigrationEnabled := cfg.OldU2fMigrationEnabled
-	cfg.OldU2fMigrationEnabled = true
-
 	ret := &JansFido2DynConfiguration{
-		BaseEndpoint:           "newbasepoint",
-		SuperGluuEnabled:       true,
-		OldU2fMigrationEnabled: true,
+		BaseEndpoint: "newbasepoint",
 	}
 	updatedConfig, err := client.UpdateFido2Configuration(ctx, ret)
 	if err != nil {
@@ -46,8 +38,6 @@ func TestFido2Config(t *testing.T) {
 
 	t.Cleanup(func() {
 		ret.BaseEndpoint = origBasepoint
-		ret.SuperGluuEnabled = origSuperGluuEnabled
-		ret.OldU2fMigrationEnabled = origOldU2fMigrationEnabled
 		_, _ = client.UpdateFido2Configuration(ctx, ret)
 	})
 

jans/jans_asset.go

@@ -16,20 +16,19 @@ type PagedResult[T any] struct {
 }
 
 type Document struct {
-	Dn                 string   `schema:"dn" json:"dn"`
-	Inum               string   `schema:"inum" json:"inum"`
-	DisplayName        string   `schema:"display_name" json:"displayName"`
-	Description        string   `schema:"description" json:"description"`
-	Document           string   `schema:"document" json:"document"`
-	CreationDate       string   `schema:"creation_date" json:"creationDate"`
-	JansFilePath       string   `schema:"jans_file_path" json:"jansFilePath"`
-	JansModuleProperty []string `schema:"jans_module_property" json:"jansModuleProperty"`
-	JansLevel          string   `schema:"jans_level" json:"jansLevel"`
-	JansRevision       string   `schema:"jans_revision" json:"jansRevision"`
-	JansEnabled        bool     `schema:"jans_enabled" json:"jansEnabled"`
-	JansAlias          string   `schema:"jans_alias" json:"jansAlias"`
-	Selected           bool     `schema:"selected" json:"selected"`
-	BaseDn             string   `schema:"base_dn" json:"baseDn"`
+	Dn           string `schema:"dn" json:"dn"`
+	Inum         string `schema:"inum" json:"inum"`
+	FileName     string `schema:"file_name" json:"fileName"`
+	FilePath     string `schema:"file_path" json:"filePath"`
+	Description  string `schema:"description" json:"description"`
+	Document     string `schema:"document" json:"document"`
+	CreationDate string `schema:"creation_date" json:"creationDate"`
+	Service      string `schema:"service" json:"service"`
+	Level        string `schema:"level" json:"level"`
+	Revision     string `schema:"revision" json:"revision"`
+	Enabled      bool   `schema:"enabled" json:"enabled"`
+	Alias        string `schema:"alias" json:"alias"`
+	BaseDn       string `schema:"base_dn" json:"baseDn"`
 }
 
 type AssetForm struct {

jans/jans_asset_test.go

@@ -30,11 +30,11 @@ func TestCreateJansAsset(t *testing.T) {
 	})
 
 	doc, err := c.CreateJansAsset(ctx, Document{
-		DisplayName: "metadata.xml",
+		FileName:    "metadata.xml",
 		Description: "A document made for testing purposes",
 		Document:    "Doc",
 		BaseDn:      "RandomBaseDN",
-		JansLevel:   "1",
+		Level:       "1",
 	}, file)
 	if err != nil {
 		t.Fatal(err)

jans/oidc_client_test.go

@@ -177,9 +177,9 @@ func TestOIDCClient(t *testing.T) {
 		Organization: "inum=1200.33AFBA,ou=scopes,o=jans",
 		// Groups:               []string{},
 		// Ttl:                  3600,
-		DisplayName:          "SCIM client",
-		BaseDn:               "inum=1201.d52300ed-8193-510e-b31d-5829f4af346e,ou=clients,o=jans",
-		Inum:                 "1201.d52300ed-8193-510e-b31d-5829f4af346e",
+		DisplayName: "SCIM client",
+		BaseDn:      "inum=1201.d52300ed-8193-510e-b31d-5829f4af346e,ou=clients,o=jans",
+		Inum:        "1201.d52300ed-8193-510e-b31d-5829f4af346e",
 		// TODO: Add new encryption algs
 	}
 

provider/resource_fido2_configuration_test.go

@@ -38,17 +38,15 @@ func TestResourceFido2Config_Mapping(t *testing.T) {
 			ServerMetadataFolder:     "/etc/jans/conf/fido2/server_metadata",
 			RequestedParties: []jans.RequestedParties{
 				{
-					Name:    "https://moabu-21f13b7c-9069-ad58-5685-852e6d236020.gluu.info",
-					Domains: []string{"moabu-21f13b7c-9069-ad58-5685-852e6d236020.gluu.info"},
+					Id:      "https://moabu-21f13b7c-9069-ad58-5685-852e6d236020.gluu.info",
+					Origins: []string{"moabu-21f13b7c-9069-ad58-5685-852e6d236020.gluu.info"},
 				},
 			},
-			UserAutoEnrollment:              false,
+			DebugUserAutoEnrollment:         false,
 			UnfinishedRequestExpiration:     180,
 			AuthenticationHistoryExpiration: 1296000,
-			RequestedCredentialTypes:        []string{"RS256", "ES256"},
+			EnabledFidoAlgorithms:           []string{"RS256", "ES256"},
 		},
-		SuperGluuEnabled:       true,
-		OldU2fMigrationEnabled: true,
 	}
 
 	if err := toSchemaResource(data, cfg); err != nil {

provider/resource_jans_asset.go

@@ -32,10 +32,15 @@ func resourceAsset() *schema.Resource {
 				Optional:    true,
 				Description: "The inum of the document.",
 			},
-			"display_name": {
+			"file_name": {
 				Type:        schema.TypeString,
 				Optional:    true,
-				Description: "The display name of the document.",
+				Description: "The file name of the document.",
+			},
+			"file_path": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "The Jans file path of the document.",
 			},
 			"description": {
 				Type:        schema.TypeString,
@@ -52,44 +57,31 @@ func resourceAsset() *schema.Resource {
 				Optional:    true,
 				Description: "The creation date of the document.",
 			},
-			"jans_file_path": {
+			"service": {
 				Type:        schema.TypeString,
 				Optional:    true,
-				Description: "The Jans file path of the document.",
-			},
-			"jans_module_property": {
-				Type:        schema.TypeList,
-				Optional:    true,
-				Description: "The Jans module property of the document.",
-				Elem: &schema.Schema{
-					Type: schema.TypeString,
-				},
+				Description: "The Jans service of the document.",
 			},
-			"jans_level": {
+			"level": {
 				Type:        schema.TypeString,
 				Optional:    true,
 				Description: "The Jans level of the document.",
 			},
-			"jans_revision": {
+			"revision": {
 				Type:        schema.TypeString,
 				Optional:    true,
 				Description: "The Jans revision of the document.",
 			},
-			"jans_enabled": {
+			"enabled": {
 				Type:        schema.TypeBool,
 				Optional:    true,
 				Description: "The Jans enabled of the document.",
 			},
-			"jans_alias": {
+			"alias": {
 				Type:        schema.TypeString,
 				Optional:    true,
 				Description: "The Jans alias of the document.",
 			},
-			"selected": {
-				Type:        schema.TypeBool,
-				Optional:    true,
-				Description: "The selected of the document.",
-			},
 			"base_dn": {
 				Type:        schema.TypeString,
 				Optional:    true,

provider/resource_script.go

@@ -76,6 +76,8 @@ func resourceScript() *schema.Resource {
 						"uma_rpt_policy",
 						"uma_rpt_claims",
 						"uma_claims_gathering",
+						"access_evaluation",
+						"access_evaluation_discovery",
 						"consent_gathering",
 						"dynamic_scope",
 						"spontaneous_scope",