fix(terraform-provider-jans): update terraform module

this a sync from the upstream jans.io repo
JanssenProject · Sep 18, 2024 · ceffd86 · ceffd86
2 parents 7f82d92 + 2b6ac9b
commit ceffd86
Show file tree

Hide file tree

Showing 48 changed files with 360 additions and 154 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,13 @@
 # Changelog
 
+## [1.1.5](https://github.com/JanssenProject/terraform-provider-jans/compare/v1.1.2...v1.1.5) (2024-09-11)
+
+
+### Bug Fixes
+
+* documentation 
+* update API and sync with jans updates 
+
 ## [1.1.2](https://github.com/JanssenProject/terraform-provider-jans/compare/v1.1.0...v1.1.2) (2024-05-29)
 
 

diff --git a/README.md b/README.md
@@ -42,5 +42,12 @@ If any of those 3 parameters is not provided, the provider will not be able to c
 Optionally, users can also set the following variables:
 
 * `insecure_client` - If set to `true`, the provider will not verify the TLS certificate of the Janssen server. This is useful for testing purposes and should not be used in production, unless absolutely unavoidable.
-
 
+## Tests
+
+Before you run the tests, the custom_attribute test requires that a custom column is present in the user table, to be added as the custom attribute. Add `tbutlonger` VARCHAR field by following the [guide](https://docs.jans.io/stable/admin/reference/database/mysql-ops/#add-custom-attribute) provided in the Janssen documentation.
+
+You can run the tests by running `make test`.
+
+The tests require some environment variables to run, which are automatically set when running them through the Makefile.
+When debugging the tests, without using the Makefile, make sure to have the environment variables present. They can be found in the Makefile.
diff --git a/docs/resources/api_app_configuration.md b/docs/resources/api_app_configuration.md
@@ -28,6 +28,7 @@ resource "jans_api_app_configuration" "global" {
 - `api_client_id` (String)
 - `api_client_password` (String)
 - `api_protection_type` (String)
+- `acr_validation_enabled` (Boolean)
 - `asset_mgt_configuration` (Block List) (see [below for nested schema](#nestedblock--asset_mgt_configuration))
 - `audit_log_conf` (Block List) (see [below for nested schema](#nestedblock--audit_log_conf))
 - `auth_issuer_url` (String)
@@ -37,6 +38,7 @@ resource "jans_api_app_configuration" "global" {
 - `auth_openid_token_url` (String)
 - `config_oauth_enabled` (Boolean)
 - `cors_configuration_filters` (Block List) (see [below for nested schema](#nestedblock--cors_configuration_filters))
+- `custom_attribute_validation_enabled` (Boolean)
 - `data_format_conversion_conf` (Block List) (see [below for nested schema](#nestedblock--data_format_conversion_conf))
 - `disable_audit_logger` (Boolean)
 - `disable_jdk_logger` (Boolean)
@@ -48,7 +50,6 @@ resource "jans_api_app_configuration" "global" {
 - `logging_level` (String)
 - `max_count` (Number)
 - `plugins` (Block List) (see [below for nested schema](#nestedblock--plugins))
-- `smallrye_health_root_path` (String)
 - `user_exclusion_attributes` (List of String)
 - `user_mandatory_attributes` (List of String)
 
@@ -74,6 +75,9 @@ Optional:
 - `asset_dir_mappings` (Block List) (see [below for nested schema](#nestedblock--asset_mgt_configuration--asset_dir_mappings))
 - `asset_mgt_enabled` (Boolean)
 - `asset_server_upload_enabled` (Boolean)
+- `file_extension_validation_enabled` (Boolean)
+- `jans_service_module` (List of String)
+- `module_name_validation_enabled` (Boolean)
 
 <a id="nestedblock--asset_mgt_configuration--asset_dir_mappings"></a>
 ### Nested Schema for `asset_mgt_configuration.asset_dir_mappings`

diff --git a/docs/resources/app_configuration.md b/docs/resources/app_configuration.md
@@ -309,6 +309,10 @@ resource "jans_app_configuration" "global" {
 - `stat_timer_interval_in_seconds` (Number) Statistical data capture time interval.
 - `static_decryption_kid` (String) Specifies static decryption Kid
 - `static_kid` (String) Specifies static Kid
+- `status_list_bit_size` (Number) The size of status list bit.
+- `status_list_index_allocation_block_size` (Number) The size of status list index allocation block.
+- `status_list_response_jwt_lifetime` (Number) The lifetime of status list response JWT.
+- `status_list_response_jwt_signature_algorithm` (String) The signature algorithm for status list response JWT.
 - `subject_identifiers_per_client_supported` (List of String) A list of the subject identifiers supported per client.
 - `subject_types_supported` (List of String) A list of the Subject Identifier types that this OP supports. Valid types include pairwise and public.
 - `token_endpoint` (String) The token endpoint URL. Example: https://server.example.com/restv1/token

diff --git a/docs/resources/custom_user.md b/docs/resources/custom_user.md
@@ -56,6 +56,7 @@ resource "jans_custom_user" "test" {
 - `custom_object_classes` (List of String)
 - `external_uid` (List of String) External UID.
 - `ox_auth_persistent_jwt` (List of String) Persistent JWT.
+- `status` (String) User status
 - `user_password` (String) User password
 
 ### Read-Only

diff --git a/docs/resources/default_authentication_method.md b/docs/resources/default_authentication_method.md
@@ -14,7 +14,7 @@ description: |-
 
 ```terraform
 resource "jans_default_authentication_method" "global" {
-  default_acr = "pwd"
+  default_acr = "simple_password_auth"
 }
 ```
 

diff --git a/docs/resources/kc_saml_configuration.md b/docs/resources/kc_saml_configuration.md
@@ -31,14 +31,15 @@ Resource for managing Keycloak SAML Configuration.
 - `idp_metadata_temp_dir` (String) IDP Metadata Temporary Directory.
 - `idp_root_dir` (String) IDP Root Directory.
 - `idp_url` (String) IDP URL.
-- `ignore_validation` (String) Ignore Validation.
+- `ignore_validation` (Boolean) Ignore Validation.
 - `kc_attributes` (List of String) KC Attributes.
 - `kc_saml_config` (List of String) KC SAML Config..
 - `password` (String) Password.
 - `realm` (String) Realm.
 - `saml_trust_relationship_dn` (String) SAML trust relationship DN.
 - `scope` (String) Scope.
 - `server_url` (String) Server URL.
+- `set_config_default_value` (Boolean) Set Config Default Value.
 - `slected_idp` (String) Selected IDP.
 - `sp_metadata_dir` (String) SP Metadata Directory.
 - `sp_metadata_file` (String) SP Metadata File.

diff --git a/docs/resources/kc_saml_identity_provider.md b/docs/resources/kc_saml_identity_provider.md
@@ -39,6 +39,8 @@ Resource for managing Keycloak SAML Identity Provider.
 - `metadata_file` (String) Metadata file location for the trust relationship.
 - `name_id_policy_format` (String) Name ID policy format of the identity provider.
 - `post_broker_login_flow_alias` (String) Post broker login flow alias of the identity provider.
+- `principal_attribute` (String) Principal attribute of the identity provider.
+- `principal_type` (String) Principal type of the identity provider.
 - `provider_id` (String) Provider ID of the identity provider.
 - `signing_certificate` (String) Signing certificate of the identity provider.
 - `single_logout_service_url` (String) Single logout service URL of the identity provider.

diff --git a/docs/resources/kc_saml_trust_relationship.md b/docs/resources/kc_saml_trust_relationship.md
@@ -22,10 +22,8 @@ Resource for managing Keycloak SAML Trust Relationship.
 
 ### Optional
 
-- `admin_url` (String) Admin URL of the trust relationship.
 - `always_display_in_console` (Boolean) Always display in console of the trust relationship.
 - `base_dn` (String) Base DN of the trust relationship.
-- `base_url` (String) Base URL of the trust relationship.
 - `client_authenticator_type` (String) Client authenticator type of the trust relationship.
 - `consent_required` (Boolean) Consent required of the trust relationship.
 - `enabled` (Boolean) Status of the trust relationship.
@@ -43,8 +41,6 @@ Resource for managing Keycloak SAML Trust Relationship.
 - `sp_logout_url` (String) SP logout URL of the trust relationship.
 - `sp_meta_data_url` (String) SP metadata URL of the trust relationship.
 - `status` (String) Status of the trust relationship.
-- `surrogate_auth_required` (Boolean) Surrogate auth required of the trust relationship.
-- `url` (String) URL of the trust relationship.
 - `validation_log` (List of String) Validation log of the trust relationship.
 - `validation_status` (String) Validation status of the trust relationship.
 

diff --git a/docs/resources/scim_app_configuration.md b/docs/resources/scim_app_configuration.md
@@ -43,7 +43,9 @@ resource "jans_scim_app_configuration" "global" {
 - `base_endpoint` (String) SCIM base endpoint URL
 - `bulk_max_operations` (Number) Specifies maximum bulk operations.
 - `bulk_max_payload_size` (Number) Specifies maximum payload size of bulk operations.
+- `disable_audit_logger` (Boolean)
 - `disable_jdk_logger` (Boolean) Boolean value specifying whether to enable JDK Loggers.
+- `disable_logger_timer` (Boolean)
 - `external_logger_configuration` (String) Path to external log4j2 logging configuration.
 - `logging_layout` (String) Logging layout used for Server loggers.
 - `logging_level` (String) Logging level for scim logger.

diff --git a/examples/resources/jans_default_authentication_method/resource.tf b/examples/resources/jans_default_authentication_method/resource.tf
@@ -1,3 +1,3 @@
 resource "jans_default_authentication_method" "global" {
-  default_acr = "pwd"
-}
+  default_acr = "simple_password_auth"
+}
diff --git a/examples/resources/jans_smtp_configuration/resource.tf b/examples/resources/jans_smtp_configuration/resource.tf
@@ -1,17 +1,17 @@
 resource "jans_smtp_configuration" "global" {
-  host                    = "smtp.janssen.io"
-  port                    = 587
-  requires_ssl            = true
-  trust_host              = true
-  from_name               = "Janssen"
-  from_email_address      = "[email protected]"
-  requires_authentication = true
-  user_name               = "janssen"
-  password                = "password"
+  host                                 = "smtp.janssen.io"
+  port                                 = 587
+  requires_ssl                         = true
+  trust_host                           = true
+  from_name                            = "Janssen"
+  from_email_address                   = "[email protected]"
+  requires_authentication              = true
+  smtp_authentication_account_username = "janssen"
+  smtp_authentication_account_password = "password"
 
   lifecycle {
 		# ignore changes to password, as it will be returned as a hash
 		# from the API
     ignore_changes = [ password ]
   }
-}
+}
diff --git a/go.mod b/go.mod
@@ -15,7 +15,7 @@ require (
 	github.com/hashicorp/terraform-json v0.17.1 // indirect
 	github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
-	golang.org/x/crypto v0.17.0 // indirect
+	golang.org/x/crypto v0.21.0 // indirect
 	golang.org/x/mod v0.13.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 // indirect
 )
@@ -49,10 +49,10 @@ require (
 	github.com/oklog/run v1.0.0 // indirect
 	github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect
 	github.com/zclconf/go-cty v1.14.1 // indirect
-	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/net v0.23.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/grpc v1.57.1 // indirect
-	google.golang.org/protobuf v1.31.0 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -127,8 +127,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
-golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY=
@@ -141,8 +141,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
 golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
-golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
-golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
+golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
+golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -161,8 +161,8 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
-golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
@@ -193,8 +193,8 @@ google.golang.org/grpc v1.57.1 h1:upNTNqv0ES+2ZOOqACwVtS3Il8M12/+Hz41RCPzAjQg=
 google.golang.org/grpc v1.57.1/go.mod h1:Sd+9RMTACXwmub0zcNY2c4arhtrbBYD1AUHI/dt16Mo=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
-google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

diff --git a/jans/agama_deployment_test.go b/jans/agama_deployment_test.go
@@ -23,8 +23,8 @@ func TestAgamaDeployment(t *testing.T) {
 		t.Error(err)
 	}
 
-	if len(deployments) != 0 {
-		t.Errorf("expected 0 deployments, got %d", len(deployments))
+	if len(deployments) != 1 {
+		t.Errorf("expected 1 deployments, got %d", len(deployments))
 	}
 	_ = client.DeleteAgamaDeployment(ctx, "test-deployment")
 
@@ -70,8 +70,8 @@ func TestAgamaDeployment(t *testing.T) {
 		t.Error(err)
 	}
 
-	if len(deployments) != 1 {
-		t.Errorf("expected 1 deployment, got %d", len(deployments))
+	if len(deployments) != 2 {
+		t.Errorf("expected 2 deployment, got %d", len(deployments))
 	}
 
 	// delete test deployment