diff --git a/docs/resources/oauth2_app.md b/docs/resources/oauth2_app.md index 9dd1740..24b6d36 100644 --- a/docs/resources/oauth2_app.md +++ b/docs/resources/oauth2_app.md @@ -20,6 +20,10 @@ Handling [gitea oauth application](https://docs.gitea.io/en-us/oauth2-provider/) - `name` (String) OAuth Application name - `redirect_uris` (Set of String) Accepted redirect URIs +### Optional + +- `confidential_client` (Boolean) If set to false, it will be a public client (PKCE will be required) + ### Read-Only - `client_id` (String) OAuth2 Application client id diff --git a/gitea/resource_gitea_oauth_app.go b/gitea/resource_gitea_oauth_app.go index e628882..ea6cd0c 100644 --- a/gitea/resource_gitea_oauth_app.go +++ b/gitea/resource_gitea_oauth_app.go @@ -8,10 +8,11 @@ import ( ) const ( - oauth2KeyName string = "name" - oauth2KeyRedirectURIs string = "redirect_uris" - oauth2KeyClientId string = "client_id" - oauth2KeyClientSecret string = "client_secret" + oauth2KeyName string = "name" + oauth2KeyConfidentialClient string = "confidential_client" + oauth2KeyRedirectURIs string = "redirect_uris" + oauth2KeyClientId string = "client_id" + oauth2KeyClientSecret string = "client_secret" ) func resourceGiteaOauthApp() *schema.Resource { @@ -37,6 +38,12 @@ func resourceGiteaOauthApp() *schema.Resource { }, Description: "Accepted redirect URIs", }, + oauth2KeyConfidentialClient: { + Type: schema.TypeBool, + Optional: true, + Default: false, + Description: "If set to false, it will be a public client (PKCE will be required)", + }, oauth2KeyClientId: { Type: schema.TypeString, Computed: true, @@ -89,9 +96,16 @@ func resourceOauth2AppUpcreate(d *schema.ResourceData, meta interface{}) (err er return fmt.Errorf("attribute %s must be set and must be a string", oauth2KeyName) } + confidentialClient, confidentialClientOk := d.Get(oauth2KeyConfidentialClient).(bool) + + if !confidentialClientOk { + return fmt.Errorf("attribute %s must be set and must be a bool", oauth2KeyConfidentialClient) + } + opts := gitea.CreateOauth2Option{ - Name: name, - RedirectURIs: redirectURIs, + Name: name, + ConfidentialClient: confidentialClient, + RedirectURIs: redirectURIs, } var oauth2 *gitea.Oauth2 @@ -99,7 +113,7 @@ func resourceOauth2AppUpcreate(d *schema.ResourceData, meta interface{}) (err er if d.IsNewResource() { oauth2, _, err = client.CreateOauth2(opts) } else { - oauth2, err := searchOauth2AppByClientId(client, d.Id()) + oauth2, err = searchOauth2AppByClientId(client, d.Id()) if err != nil { return err @@ -176,9 +190,10 @@ func setOAuth2ResourceData(app *gitea.Oauth2, d *schema.ResourceData) (err error d.SetId(app.ClientID) for k, v := range map[string]interface{}{ - oauth2KeyName: app.Name, - oauth2KeyRedirectURIs: schema.NewSet(schema.HashString, CollapseStringList(app.RedirectURIs)), - oauth2KeyClientId: app.ClientID, + oauth2KeyName: app.Name, + oauth2KeyConfidentialClient: app.ConfidentialClient, + oauth2KeyRedirectURIs: schema.NewSet(schema.HashString, CollapseStringList(app.RedirectURIs)), + oauth2KeyClientId: app.ClientID, } { err = d.Set(k, v) if err != nil { diff --git a/vendor/code.gitea.io/sdk/gitea/oauth2.go b/vendor/code.gitea.io/sdk/gitea/oauth2.go index bbdfdaf..86e2568 100644 --- a/vendor/code.gitea.io/sdk/gitea/oauth2.go +++ b/vendor/code.gitea.io/sdk/gitea/oauth2.go @@ -13,12 +13,13 @@ import ( // Oauth2 represents an Oauth2 Application type Oauth2 struct { - ID int64 `json:"id"` - Name string `json:"name"` - ClientID string `json:"client_id"` - ClientSecret string `json:"client_secret"` - RedirectURIs []string `json:"redirect_uris"` - Created time.Time `json:"created"` + ID int64 `json:"id"` + Name string `json:"name"` + ClientID string `json:"client_id"` + ClientSecret string `json:"client_secret"` + RedirectURIs []string `json:"redirect_uris"` + ConfidentialClient bool `json:"confidential_client"` + Created time.Time `json:"created"` } // ListOauth2Option for listing Oauth2 Applications @@ -28,8 +29,9 @@ type ListOauth2Option struct { // CreateOauth2Option required options for creating an Application type CreateOauth2Option struct { - Name string `json:"name"` - RedirectURIs []string `json:"redirect_uris"` + Name string `json:"name"` + ConfidentialClient bool `json:"confidential_client"` + RedirectURIs []string `json:"redirect_uris"` } // CreateOauth2 create an Oauth2 Application and returns a completed Oauth2 object.