-
Notifications
You must be signed in to change notification settings - Fork 3
/
okta.go
121 lines (95 loc) · 2.68 KB
/
okta.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
package credential
import (
"context"
"os"
"github.com/hashicorp/hcl/v2"
"github.com/turbot/go-kit/helpers"
"github.com/turbot/pipe-fittings/v2/modconfig"
"github.com/turbot/pipe-fittings/v2/utils"
"github.com/zclconf/go-cty/cty"
)
type OktaCredential struct {
CredentialImpl
Domain *string `json:"domain,omitempty" cty:"domain" hcl:"domain,optional"`
Token *string `json:"token,omitempty" cty:"token" hcl:"token,optional"`
}
func (c *OktaCredential) getEnv() map[string]cty.Value {
env := map[string]cty.Value{}
if c.Token != nil {
env["OKTA_CLIENT_TOKEN"] = cty.StringVal(*c.Token)
}
if c.Domain != nil {
env["OKTA_ORGURL"] = cty.StringVal(*c.Domain)
}
return env
}
func (c *OktaCredential) CtyValue() (cty.Value, error) {
ctyValue, err := modconfig.GetCtyValue(c)
if err != nil {
return cty.NilVal, err
}
valueMap := ctyValue.AsValueMap()
valueMap["env"] = cty.ObjectVal(c.getEnv())
return cty.ObjectVal(valueMap), nil
}
func (c *OktaCredential) Equals(otherCredential Credential) bool {
// If both pointers are nil, they are considered equal
if c == nil && helpers.IsNil(otherCredential) {
return true
}
if (c == nil && !helpers.IsNil(otherCredential)) || (c != nil && helpers.IsNil(otherCredential)) {
return false
}
other, ok := otherCredential.(*OktaCredential)
if !ok {
return false
}
if !utils.PtrEqual(c.Domain, other.Domain) {
return false
}
if !utils.PtrEqual(c.Token, other.Token) {
return false
}
return true
}
func (c *OktaCredential) Resolve(ctx context.Context) (Credential, error) {
if c.Token == nil && c.Domain == nil {
apiTokenEnvVar := os.Getenv("OKTA_CLIENT_TOKEN")
domainEnvVar := os.Getenv("OKTA_ORGURL")
// Don't modify existing credential, resolve to a new one
newCreds := &OktaCredential{
CredentialImpl: c.CredentialImpl,
Token: &apiTokenEnvVar,
Domain: &domainEnvVar,
}
return newCreds, nil
}
return c, nil
}
func (c *OktaCredential) GetTtl() int {
return -1
}
func (c *OktaCredential) Validate() hcl.Diagnostics {
return hcl.Diagnostics{}
}
type OktaConnectionConfig struct {
ClientID *string `cty:"client_id" hcl:"client_id,optional"`
Domain *string `cty:"domain" hcl:"domain,optional"`
PrivateKey *string `cty:"private_key" hcl:"private_key,optional"`
Token *string `cty:"token" hcl:"token,optional"`
}
func (c *OktaConnectionConfig) GetCredential(name string, shortName string) Credential {
oktaCred := &OktaCredential{
CredentialImpl: CredentialImpl{
HclResourceImpl: modconfig.HclResourceImpl{
FullName: name,
ShortName: shortName,
UnqualifiedName: name,
},
Type: "okta",
},
Domain: c.Domain,
Token: c.Token,
}
return oktaCred
}