Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DXCDT-518: Stop requiring read:client_keys permission for reading the auth0_client_credentials resource #795

Merged
merged 2 commits into from
Aug 30, 2023
Merged

DXCDT-518: Stop requiring read:client_keys permission for reading the auth0_client_credentials resource #795

merged 2 commits into from
Aug 30, 2023

Conversation

sergiught
Copy link
Contributor

@sergiught sergiught commented Aug 25, 2023
edited

🔧 Changes

This PR stops requiring the read:client_keys permission for reading the auth0_client_credentials resource by removing the include fields query param for client_secret. This will be set to a specific value if the permissions is available, otherwise it will be an empty string.

📚 References

🔬 Testing

Tested manually, as our automated tests rely on the full set of permissions to run.

📝 Checklist

  • All new/changed/fixed functionality is covered by tests (or N/A)
  • I have added documentation for all new/changed functionality (or N/A)

@sergiught sergiught requested a review from a team as a code owner August 25, 2023 15:27
sergiught
sergiught commented Aug 25, 2023
View reviewed changes
internal/auth0/client/resource_credentials.go
data.Id(),
management.IncludeFields(
"client_id",
"client_secret",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By explicitly requiring the client_secret to be within the response, we were implying a requirement on the read:client_keys permission.

@sergiught sergiught mentioned this pull request Aug 25, 2023
Closed
6 tasks
tadhglewis
tadhglewis approved these changes Aug 25, 2023
View reviewed changes
Copy link

@tadhglewis tadhglewis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙇‍♂️

@codecov-commenter
Copy link

codecov-commenter commented Aug 26, 2023
edited

Codecov Report

Merging #795 (4bc3172) into v1 (bb277ab) will increase coverage by 0.03%.
The diff coverage is 100.00%.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##               v1     #795      +/-   ##
==========================================
+ Coverage   90.50%   90.54%   +0.03%     
==========================================
  Files          99       99              
  Lines       13265    13256       -9     
==========================================
- Hits        12005    12002       -3     
+ Misses        893      889       -4     
+ Partials      367      365       -2
Files Changed Coverage Δ
internal/auth0/client/resource_credentials.go 80.04% <100.00%> (-0.42%) ⬇️

... and 1 file with indirect coverage changes

@sergiught sergiught merged commit a9e6cf9 into v1 Aug 30, 2023
6 checks passed
@sergiught sergiught deleted the DXCDT-518-client-secret branch August 30, 2023 08:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@willvedd willvedd willvedd approved these changes

@Widcket Widcket Widcket approved these changes

@tadhglewis tadhglewis tadhglewis approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@sergiught @codecov-commenter @willvedd @Widcket @tadhglewis