Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Add OAUTH integration for custom clients #2908

Merged
merged 8 commits into from
Jul 9, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Merge branch 'refs/heads/main' into oauth-for-custom-clients-v1
# Conflicts:
#	docs/index.md
#	examples/additional/deprecated_resources.MD
#	pkg/acceptance/helpers/random/certs.go
#	pkg/acceptance/importchecks/import_checks.go
#	pkg/sdk/testint/security_integrations_gen_integration_test.go
  • Loading branch information
sfc-gh-jcieslak committed Jul 5, 2024
commit 9be505ac4e8a40b614b550f4e3615f8549d10c7d
2 changes: 1 addition & 1 deletion docs/index.md
Original file line number Diff line number Diff line change
@@ -230,7 +230,7 @@ The Snowflake provider will use the following order of precedence when determini
## Currently deprecated resources

- [snowflake_database_old](./docs/resources/database_old)
- [snowflake_oauth_integration](./docs/resources/oauth_integration)
- [snowflake_saml_integration](./docs/resources/saml_integration) - use [snowflake_saml2_integration](./docs/resources/saml2_integration) instead
- [snowflake_unsafe_execute](./docs/resources/unsafe_execute)

## Currently deprecated datasources
1 change: 1 addition & 0 deletions examples/additional/deprecated_resources.MD
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
## Currently deprecated resources

- [snowflake_database_old](./docs/resources/database_old)
- [snowflake_saml_integration](./docs/resources/saml_integration) - use [snowflake_saml2_integration](./docs/resources/saml2_integration) instead
- [snowflake_oauth_integration](./docs/resources/oauth_integration)
- [snowflake_unsafe_execute](./docs/resources/unsafe_execute)
4 changes: 2 additions & 2 deletions pkg/acceptance/helpers/random/certs.go
Original file line number Diff line number Diff line change
@@ -40,7 +40,7 @@ func GenerateX509(t *testing.T) string {
return encode(t, "CERTIFICATE", caBytes)
}

// GenerateRSA returns an RSA public key without BEGIN and END markers.
// GenerateRSA returns an RSA public key without BEGIN and END markers, and key's hash.
func GenerateRSAPublicKey(t *testing.T) (string, string) {
t.Helper()
key, err := rsa.GenerateKey(rand.Reader, 2048)
@@ -49,7 +49,7 @@ func GenerateRSAPublicKey(t *testing.T) (string, string) {
pub := key.Public()
b, err := x509.MarshalPKIXPublicKey(pub.(*rsa.PublicKey))
require.NoError(t, err)
return encode(t, "RSA PUBLIC KEY", b), fmt.Sprintf("SHA256:%s", hash(t, b))
return encode(t, "RSA PUBLIC KEY", b), hash(t, b)
}

func hash(t *testing.T, b []byte) string {
36 changes: 36 additions & 0 deletions pkg/acceptance/importchecks/import_checks.go
Original file line number Diff line number Diff line change
@@ -73,6 +73,42 @@ func TestCheckResourceAttrInstanceState(id string, attributeName, attributeValue
}
}

// TestCheckResourceAttrNotInInstanceState is based on unexported testCheckResourceAttrInstanceState from teststep_providers_test.go,
// but instead of comparing values, it only checks if the attribute is present in the InstanceState.
func TestCheckResourceAttrNotInInstanceState(id string, attributeName string) resource.ImportStateCheckFunc {
return func(is []*terraform.InstanceState) error {
for _, v := range is {
if v.ID != id {
continue
}

if _, ok := v.Attributes[attributeName]; ok {
return fmt.Errorf("attribute %s found in instance state, but expected not to be there", attributeName)
}
}

return nil
}
}

// TestCheckResourceAttrInstanceStateSet is based on unexported testCheckResourceAttrInstanceState from teststep_providers_test.go,
// but instead of comparing values, it only checks if the value is set.
func TestCheckResourceAttrInstanceStateSet(id string, attributeName string) resource.ImportStateCheckFunc {
return func(is []*terraform.InstanceState) error {
for _, v := range is {
if v.ID != id {
continue
}

if _, ok := v.Attributes[attributeName]; ok {
return nil
}
}

return fmt.Errorf("attribute %s not found in instance state", attributeName)
}
}

// TestCheckNoResourceAttrInstanceState checks if the value is present in the instatnce state and returns an error if it does.
func TestCheckNoResourceAttrInstanceState(id string, attributeName string) resource.ImportStateCheckFunc {
return func(is []*terraform.InstanceState) error {
Original file line number Diff line number Diff line change
@@ -19,7 +19,7 @@ func TestInt_SecurityIntegrations(t *testing.T) {
acsURL := testClientHelper().Context.ACSURL(t)
issuerURL := testClientHelper().Context.IssuerURL(t)
cert := random.GenerateX509(t)
rsaKey, _ := random.GenerateRSAPublicKey(t)
rsaKey, rsaKeyHash := random.GenerateRSAPublicKey(t)

revertParameter := testClientHelper().Parameter.UpdateAccountParameterTemporarily(t, sdk.AccountParameterEnableIdentifierFirstLogin, "true")
t.Cleanup(revertParameter)
You are viewing a condensed version of this merge commit. You can view the full changes here.