This repository has been archived by the owner on Aug 5, 2020. It is now read-only.
forked from okta/terraform-provider-okta
/
resource_okta_policy_sign_on.go
113 lines (90 loc) · 2.62 KB
/
resource_okta_policy_sign_on.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
package okta
import (
"fmt"
"log"
articulateOkta "github.com/articulate/oktasdk-go/okta"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
)
func resourcePolicySignon() *schema.Resource {
return &schema.Resource{
Exists: resourcePolicyExists,
Create: resourcePolicySignonCreate,
Read: resourcePolicySignonRead,
Update: resourcePolicySignonUpdate,
Delete: resourcePolicySignonDelete,
Importer: &schema.ResourceImporter{
State: schema.ImportStatePassthrough,
},
Schema: basePolicySchema,
}
}
func resourcePolicySignonCreate(d *schema.ResourceData, m interface{}) error {
if err := ensureNotDefaultPolicy(d); err != nil {
return err
}
log.Printf("[INFO] Creating Policy %v", d.Get("name").(string))
template := buildSignOnPolicy(d, m)
err := createPolicy(d, m, template)
if err != nil {
return err
}
return resourcePolicySignonRead(d, m)
}
func resourcePolicySignonRead(d *schema.ResourceData, m interface{}) error {
log.Printf("[INFO] List Policy %v", d.Get("name").(string))
policy, err := getPolicy(d, m)
if policy == nil {
d.SetId("")
return nil
}
if err != nil {
return err
}
return syncPolicyFromUpstream(d, policy)
}
func resourcePolicySignonUpdate(d *schema.ResourceData, m interface{}) error {
if err := ensureNotDefaultPolicy(d); err != nil {
return err
}
log.Printf("[INFO] Update Policy %v", d.Get("name").(string))
d.Partial(true)
template := buildSignOnPolicy(d, m)
err := updatePolicy(d, m, template)
if err != nil {
return err
}
d.Partial(false)
return resourcePolicySignonRead(d, m)
}
func resourcePolicySignonDelete(d *schema.ResourceData, m interface{}) error {
if err := ensureNotDefaultPolicy(d); err != nil {
return err
}
log.Printf("[INFO] Delete Policy %v", d.Get("name").(string))
client := m.(*Config).articulateOktaClient
_, err := client.Policies.DeletePolicy(d.Id())
if err != nil {
return fmt.Errorf("[ERROR] Error Deleting Policy from Okta: %v", err)
}
// remove the policy resource from terraform
d.SetId("")
return nil
}
// create or update a signon policy
func buildSignOnPolicy(d *schema.ResourceData, m interface{}) *articulateOkta.Policy {
client := m.(*Config).articulateOktaClient
template := client.Policies.SignOnPolicy()
template.Name = d.Get("name").(string)
template.Status = d.Get("status").(string)
template.Type = signOnPolicyType
if description, ok := d.GetOk("description"); ok {
template.Description = description.(string)
}
if priority, ok := d.GetOk("priority"); ok {
template.Priority = priority.(int)
}
template.Conditions = &articulateOkta.PolicyConditions{
People: getGroups(d),
}
return &template
}