Merge pull request #46 from deblasis/fix/gitea_oauth2_app_confidential_client

Support `gitea_oauth2_app` `confidential_client` flag
This commit is contained in:
Tobias Trabelsi 2023-07-20 09:09:50 +02:00 committed by GitHub
commit 340bcd48fe
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 39 additions and 18 deletions

View file

@ -20,6 +20,10 @@ Handling [gitea oauth application](https://docs.gitea.io/en-us/oauth2-provider/)
- `name` (String) OAuth Application name - `name` (String) OAuth Application name
- `redirect_uris` (Set of String) Accepted redirect URIs - `redirect_uris` (Set of String) Accepted redirect URIs
### Optional
- `confidential_client` (Boolean) If set to false, it will be a public client (PKCE will be required)
### Read-Only ### Read-Only
- `client_id` (String) OAuth2 Application client id - `client_id` (String) OAuth2 Application client id

View file

@ -9,6 +9,7 @@ import (
const ( const (
oauth2KeyName string = "name" oauth2KeyName string = "name"
oauth2KeyConfidentialClient string = "confidential_client"
oauth2KeyRedirectURIs string = "redirect_uris" oauth2KeyRedirectURIs string = "redirect_uris"
oauth2KeyClientId string = "client_id" oauth2KeyClientId string = "client_id"
oauth2KeyClientSecret string = "client_secret" oauth2KeyClientSecret string = "client_secret"
@ -37,6 +38,12 @@ func resourceGiteaOauthApp() *schema.Resource {
}, },
Description: "Accepted redirect URIs", Description: "Accepted redirect URIs",
}, },
oauth2KeyConfidentialClient: {
Type: schema.TypeBool,
Optional: true,
Default: false,
Description: "If set to false, it will be a public client (PKCE will be required)",
},
oauth2KeyClientId: { oauth2KeyClientId: {
Type: schema.TypeString, Type: schema.TypeString,
Computed: true, Computed: true,
@ -89,8 +96,15 @@ func resourceOauth2AppUpcreate(d *schema.ResourceData, meta interface{}) (err er
return fmt.Errorf("attribute %s must be set and must be a string", oauth2KeyName) return fmt.Errorf("attribute %s must be set and must be a string", oauth2KeyName)
} }
confidentialClient, confidentialClientOk := d.Get(oauth2KeyConfidentialClient).(bool)
if !confidentialClientOk {
return fmt.Errorf("attribute %s must be set and must be a bool", oauth2KeyConfidentialClient)
}
opts := gitea.CreateOauth2Option{ opts := gitea.CreateOauth2Option{
Name: name, Name: name,
ConfidentialClient: confidentialClient,
RedirectURIs: redirectURIs, RedirectURIs: redirectURIs,
} }
@ -99,7 +113,7 @@ func resourceOauth2AppUpcreate(d *schema.ResourceData, meta interface{}) (err er
if d.IsNewResource() { if d.IsNewResource() {
oauth2, _, err = client.CreateOauth2(opts) oauth2, _, err = client.CreateOauth2(opts)
} else { } else {
oauth2, err := searchOauth2AppByClientId(client, d.Id()) oauth2, err = searchOauth2AppByClientId(client, d.Id())
if err != nil { if err != nil {
return err return err
@ -177,6 +191,7 @@ func setOAuth2ResourceData(app *gitea.Oauth2, d *schema.ResourceData) (err error
for k, v := range map[string]interface{}{ for k, v := range map[string]interface{}{
oauth2KeyName: app.Name, oauth2KeyName: app.Name,
oauth2KeyConfidentialClient: app.ConfidentialClient,
oauth2KeyRedirectURIs: schema.NewSet(schema.HashString, CollapseStringList(app.RedirectURIs)), oauth2KeyRedirectURIs: schema.NewSet(schema.HashString, CollapseStringList(app.RedirectURIs)),
oauth2KeyClientId: app.ClientID, oauth2KeyClientId: app.ClientID,
} { } {

View file

@ -18,6 +18,7 @@ type Oauth2 struct {
ClientID string `json:"client_id"` ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"` ClientSecret string `json:"client_secret"`
RedirectURIs []string `json:"redirect_uris"` RedirectURIs []string `json:"redirect_uris"`
ConfidentialClient bool `json:"confidential_client"`
Created time.Time `json:"created"` Created time.Time `json:"created"`
} }
@ -29,6 +30,7 @@ type ListOauth2Option struct {
// CreateOauth2Option required options for creating an Application // CreateOauth2Option required options for creating an Application
type CreateOauth2Option struct { type CreateOauth2Option struct {
Name string `json:"name"` Name string `json:"name"`
ConfidentialClient bool `json:"confidential_client"`
RedirectURIs []string `json:"redirect_uris"` RedirectURIs []string `json:"redirect_uris"`
} }