Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: support custom idp login when recording test fixtures #247

Merged
merged 3 commits into from
Jul 7, 2023
Merged

feat: support custom idp login when recording test fixtures #247

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
15e5e81
feat: support custom idp login when recording test fixtures
kuntzed Jun 28, 2023
34704f2
incorporate review comments
kuntzed Jul 5, 2023
648b753
fix sonar issue
kuntzed Jul 5, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 9 additions & 9 deletions internal/btpcli/client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,16 +34,16 @@ func NewV2ClientWithHttpClient(client *http.Client, serverURL *url.URL) *v2Clien
}

const (
HeaderCorrelationID string = "X-CorrelationId"
HeaderCorrelationID string = "X-Correlationid"
HeaderIDToken string = "X-Id-Token"
HeaderCLIFormat string = "X-CPCLI-Format"
HeaderCLIRefreshToken string = "X-CPCLI-RefreshToken"
HeaderCLIReplacementRefreshToken string = "X-CPCLI-ReplacementRefreshtoken"
HeaderCLISubdomain string = "X-CPCLI-Subdomain"
HeaderCLICustomIDP string = "X-CPCLI-CustomIdp"
HeaderCLIBackendStatus string = "X-CPCLI-Backend-Status"
HeaderCLIBackendMessage string = "X-CPCLI-Backend-Message"
HeaderCLIBackendMediaType string = "X-CPCLI-Backend-MediaType"
HeaderCLIFormat string = "X-Cpcli-Format"
HeaderCLIRefreshToken string = "X-Cpcli-Refreshtoken"
HeaderCLIReplacementRefreshToken string = "X-Cpcli-Replacementrefreshtoken"
HeaderCLISubdomain string = "X-Cpcli-Subdomain"
HeaderCLICustomIDP string = "X-Cpcli-Customidp"
HeaderCLIBackendStatus string = "X-Cpcli-Backend-Status"
HeaderCLIBackendMessage string = "X-Cpcli-Backend-Message"
HeaderCLIBackendMediaType string = "X-Cpcli-Backend-Mediatype"
)

const cliTargetProtocolVersion string = "v2.38.0"
Expand Down
27 changes: 21 additions & 6 deletions internal/provider/provider.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,8 @@ func (p *btpcliProvider) Metadata(_ context.Context, _ provider.MetadataRequest,
}

func (p *btpcliProvider) Configure(ctx context.Context, req provider.ConfigureRequest, resp *provider.ConfigureResponse) {
const unableToCreateClient = "unableToCreateClient"

// Retrieve provider data from configuration
var config providerData
diags := req.Config.Get(ctx, &config)
Expand All @@ -93,17 +95,30 @@ func (p *btpcliProvider) Configure(ctx context.Context, req provider.ConfigureRe
u, err := url.Parse(selectedCLIServerURL) // TODO move to NewV2Client

if err != nil {
resp.Diagnostics.AddError("Unable to create Client", fmt.Sprintf("%s", err))
resp.Diagnostics.AddError(unableToCreateClient, fmt.Sprintf("%s", err))
return
}

client := btpcli.NewClientFacade(btpcli.NewV2ClientWithHttpClient(p.httpClient, u))
client.UserAgent = fmt.Sprintf("Terraform/%s terraform-provider-btp/%s", req.TerraformVersion, version.ProviderVersion)

// User may provide an idp to the provider
var idp string
if config.IdentityProvider.IsUnknown() {
resp.Diagnostics.AddWarning(unableToCreateClient, "Cannot use unknown value as identity provider")
return
}

if config.IdentityProvider.IsNull() {
idp = os.Getenv("BTP_IDP")
} else {
idp = config.IdentityProvider.ValueString()
}

// User must provide a username to the provider
var username string
if config.Username.IsUnknown() {
resp.Diagnostics.AddWarning("Unable to create client", "Cannot use unknown value as client_certificate")
resp.Diagnostics.AddWarning(unableToCreateClient, "Cannot use unknown value as username")
return
}

Expand All @@ -116,7 +131,7 @@ func (p *btpcliProvider) Configure(ctx context.Context, req provider.ConfigureRe
// User must provide a password to the provider
var password string
if config.Password.IsUnknown() {
resp.Diagnostics.AddWarning("Unable to create client", "Cannot use unknown value as password")
resp.Diagnostics.AddWarning(unableToCreateClient, "Cannot use unknown value as password")
return
}

Expand All @@ -127,12 +142,12 @@ func (p *btpcliProvider) Configure(ctx context.Context, req provider.ConfigureRe
}

if len(username) == 0 || len(password) == 0 {
resp.Diagnostics.AddError("Unable to create Client", "globalaccount, username and password must be given.")
resp.Diagnostics.AddError(unableToCreateClient, "globalaccount, username and password must be given.")
return
}

if _, err = client.Login(ctx, btpcli.NewLoginRequestWithCustomIDP(config.IdentityProvider.ValueString(), config.GlobalAccount.ValueString(), username, password)); err != nil {
resp.Diagnostics.AddError("Unable to create Client", fmt.Sprintf("%s", err))
if _, err = client.Login(ctx, btpcli.NewLoginRequestWithCustomIDP(idp, config.GlobalAccount.ValueString(), username, password)); err != nil {
resp.Diagnostics.AddError(unableToCreateClient, fmt.Sprintf("%s", err))
return
}

Expand Down
16 changes: 16 additions & 0 deletions internal/provider/provider_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import (
"github.com/hashicorp/terraform-plugin-framework/resource"
"github.com/hashicorp/terraform-plugin-go/tfprotov6"

"github.com/SAP/terraform-provider-btp/internal/btpcli"
"github.com/SAP/terraform-provider-btp/internal/validation/uuidvalidator"

"github.com/stretchr/testify/assert"
Expand All @@ -39,6 +40,7 @@ provider "btp" {
globalaccount = "terraformintcanary"
username = "[email protected]"
password = "redacted"
idp = ""
}
`, cliServerURL)
}
Expand All @@ -62,11 +64,25 @@ func setupVCR(t *testing.T, cassetteName string) *recorder.Recorder {
hookRedactIntegrationUserCredentials := func(i *cassette.Interaction) error {
intUser := os.Getenv("BTP_USERNAME")
intUserPwd := os.Getenv("BTP_PASSWORD")
intUserIdp := os.Getenv("BTP_IDP")

firstName, lastName := getNameFromEmail(intUser)

if strings.Contains(i.Request.URL, "/login/") {
i.Request.Body = strings.ReplaceAll(i.Request.Body, intUserPwd, "redacted")
// TODO #277 the custom idp and issuer values should be redacted to some special value
// for now the custom idp is replaced by the empty string and the issuer by "accounts.sap.com" to keep
// existing fixtures working that were recorded without selecting a custom idp during login
i.Request.Body = strings.ReplaceAll(i.Request.Body, "\"customIdp\":\""+intUserIdp+"\"", "\"customIdp\":\"\"")
i.Response.Body = strings.ReplaceAll(i.Response.Body, "\"issuer\":\""+intUserIdp+"\"", "\"issuer\":\"accounts.sap.com\"")
i.Response.Body = strings.ReplaceAll(i.Response.Body, "\"issuer\":\""+intUserIdp+".accounts400.ondemand.com\"", "\"issuer\":\"accounts.sap.com\"")
}

if _, exists := i.Request.Headers[btpcli.HeaderCLICustomIDP]; exists {
// TODO #277 the custom idp header value should be redacted to some special value
// for now the header is replaced by the empty string to keep existing fixtures working that were
// recorded without selecting a custom idp during login
i.Request.Headers.Set(btpcli.HeaderCLICustomIDP, "")
kuntzed marked this conversation as resolved.
Show resolved Hide resolved
}

i.Request.Body = strings.ReplaceAll(i.Request.Body, intUser, "[email protected]")
Expand Down