v0.3.9 (#111)

* initial * security schema edit * apiKey security attempt * Update README.md * removed oauth, trying apikey * swagger url * Update onelogin_config.yml * tooling extension use * removed branding service * removed brands * brand document removal * app inheritance changes * app changes * removed parameters from app * required fields * removed freeforms * simplify * updated apps * app changes * removed readonly sso * removed sso examples * app config changes * Update README.md
onelogin · Mar 30, 2023 · 2a62899 · 2a62899
1 parent e7723cc
commit 2a62899
Show file tree

Hide file tree

Showing 4 changed files with 72 additions and 88 deletions.
diff --git a/docs/data-sources/apps.md b/docs/data-sources/apps.md
@@ -27,6 +27,7 @@ description: |-
   - 6: Forms Based App
   - 7: WSFED
   - 8: OpenId Connect
+- `configuration` (Block List, Max: 1) Onelogin currently only supports OIDC App configuration through Terraform Provider. Leave blank for SAML Apps (see [below for nested schema](#nestedblock--configuration))
 - `connector_id` (Number) ID of the connector to base the app from.
 - `created_at` (String) the date the app was created
 - `description` (String) Freeform description of the app.
@@ -35,8 +36,6 @@ description: |-
 - `icon_url` (String) A link to the apps icon url
 - `name` (String) The name of the app.
 - `notes` (String) Freeform notes about the app.
-- `parameters` (Block List, Max: 1) The parameters section contains parameterized attributes that have defined at the connector level as well as custom attributes that have been defined specifically for this app. Regardless of how they are defined, all parameters have the following attributes.
-Each parameter is an object with the key for the object being set as the parameters short name. (see [below for nested schema](#nestedblock--parameters))
 - `policy_id` (Number) The security policy assigned to the app.
 - `provisioning` (Block List, Max: 1) Indicates if provisioning is enabled for this app. (see [below for nested schema](#nestedblock--provisioning))
 - `role_ids` (List of Number) List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
@@ -48,6 +47,18 @@ Each parameter is an object with the key for the object being set as the paramet
 
 - `id` (String) The ID of this resource.
 
+<a id="nestedblock--configuration"></a>
+### Nested Schema for `configuration`
+
+Optional:
+
+- `access_token_expiration_minutes` (Number) Number of minutes the refresh token will be valid for.
+- `login_url` (String) The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
+- `oidc_application_type` (Number) - 0- Web - 1- Native/Mobile
+- `redirect_uri` (String) Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
+- `token_endpoint_auth_method` (Number) Number of minutes the refresh token will be valid for.
+
+
 <a id="nestedblock--enforcement_point"></a>
 ### Nested Schema for `enforcement_point`
 
@@ -107,17 +118,6 @@ Required:
 - `values` (List of String)
 
 
-<a id="nestedblock--parameters"></a>
-### Nested Schema for `parameters`
-
-Optional:
-
-- `include_in_saml_assertion` (Boolean) When true, this parameter will be included in a SAML assertion payload.
-- `label` (String) The can only be set when creating a new parameter. It can not be updated.
-- `user_attribute_macros` (String) When `user_attribute_mappings` is set to `_macro_` this macro will be used to assign the parameter value.
-- `user_attribute_mappings` (String) A user attribute to map values from For custom attributes prefix the name of the attribute with `custom_attribute_`. e.g. To get the value for custom attribute `employee_id` use `custom_attribute_employee_id`.
-
-
 <a id="nestedblock--provisioning"></a>
 ### Nested Schema for `provisioning`
 

diff --git a/docs/data-sources/apps_instance.md b/docs/data-sources/apps_instance.md
@@ -27,15 +27,14 @@ description: |-
   - 6: Forms Based App
   - 7: WSFED
   - 8: OpenId Connect
+- `configuration` (Block List, Max: 1) Onelogin currently only supports OIDC App configuration through Terraform Provider. Leave blank for SAML Apps (see [below for nested schema](#nestedblock--configuration))
 - `connector_id` (Number) ID of the connector to base the app from.
 - `created_at` (String) the date the app was created
 - `description` (String) Freeform description of the app.
 - `enforcement_point` (Block List, Max: 1) For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload. (see [below for nested schema](#nestedblock--enforcement_point))
 - `icon_url` (String) A link to the apps icon url
 - `name` (String) The name of the app.
 - `notes` (String) Freeform notes about the app.
-- `parameters` (Block List, Max: 1) The parameters section contains parameterized attributes that have defined at the connector level as well as custom attributes that have been defined specifically for this app. Regardless of how they are defined, all parameters have the following attributes.
-Each parameter is an object with the key for the object being set as the parameters short name. (see [below for nested schema](#nestedblock--parameters))
 - `policy_id` (Number) The security policy assigned to the app.
 - `provisioning` (Block List, Max: 1) Indicates if provisioning is enabled for this app. (see [below for nested schema](#nestedblock--provisioning))
 - `role_ids` (List of Number) List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
@@ -47,6 +46,18 @@ Each parameter is an object with the key for the object being set as the paramet
 
 - `id` (String) The ID of this resource.
 
+<a id="nestedblock--configuration"></a>
+### Nested Schema for `configuration`
+
+Optional:
+
+- `access_token_expiration_minutes` (Number) Number of minutes the refresh token will be valid for.
+- `login_url` (String) The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
+- `oidc_application_type` (Number) - 0- Web - 1- Native/Mobile
+- `redirect_uri` (String) Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
+- `token_endpoint_auth_method` (Number) Number of minutes the refresh token will be valid for.
+
+
 <a id="nestedblock--enforcement_point"></a>
 ### Nested Schema for `enforcement_point`
 
@@ -97,17 +108,6 @@ Optional:
 
 
 
-<a id="nestedblock--parameters"></a>
-### Nested Schema for `parameters`
-
-Optional:
-
-- `include_in_saml_assertion` (Boolean) When true, this parameter will be included in a SAML assertion payload.
-- `label` (String) The can only be set when creating a new parameter. It can not be updated.
-- `user_attribute_macros` (String) When `user_attribute_mappings` is set to `_macro_` this macro will be used to assign the parameter value.
-- `user_attribute_mappings` (String) A user attribute to map values from For custom attributes prefix the name of the attribute with `custom_attribute_`. e.g. To get the value for custom attribute `employee_id` use `custom_attribute_employee_id`.
-
-
 <a id="nestedblock--provisioning"></a>
 ### Nested Schema for `provisioning`
 

diff --git a/docs/resources/apps.md b/docs/resources/apps.md
@@ -15,6 +15,11 @@ description: |-
 <!-- schema generated by tfplugindocs -->
 ## Schema
 
+### Required
+
+- `connector_id` (Number) ID of the connector to base the app from.
+- `name` (String) The name of the app.
+
 ### Optional
 
 - `allow_assumed_signin` (Boolean) Indicates whether or not administrators can access the app as a user that they have assumed control over.
@@ -27,15 +32,12 @@ description: |-
   - 6: Forms Based App
   - 7: WSFED
   - 8: OpenId Connect
-- `connector_id` (Number) ID of the connector to base the app from.
+- `configuration` (Block List, Max: 1) Onelogin currently only supports OIDC App configuration through Terraform Provider. Leave blank for SAML Apps (see [below for nested schema](#nestedblock--configuration))
 - `created_at` (String) the date the app was created
 - `description` (String) Freeform description of the app.
 - `enforcement_point` (Block List, Max: 1) For apps that connect to a OneLogin Access Enforcement Point the following enforcement_point object will be included with the app payload. (see [below for nested schema](#nestedblock--enforcement_point))
 - `icon_url` (String) A link to the apps icon url
-- `name` (String) The name of the app.
 - `notes` (String) Freeform notes about the app.
-- `parameters` (Block List, Max: 1) The parameters section contains parameterized attributes that have defined at the connector level as well as custom attributes that have been defined specifically for this app. Regardless of how they are defined, all parameters have the following attributes.
-Each parameter is an object with the key for the object being set as the parameters short name. (see [below for nested schema](#nestedblock--parameters))
 - `policy_id` (Number) The security policy assigned to the app.
 - `provisioning` (Block List, Max: 1) Indicates if provisioning is enabled for this app. (see [below for nested schema](#nestedblock--provisioning))
 - `role_ids` (List of Number) List of Role IDs that are assigned to the app. On App Create or Update the entire array is replaced with the values provided.
@@ -48,6 +50,18 @@ Each parameter is an object with the key for the object being set as the paramet
 
 - `id` (String) The ID of this resource.
 
+<a id="nestedblock--configuration"></a>
+### Nested Schema for `configuration`
+
+Optional:
+
+- `access_token_expiration_minutes` (Number) Number of minutes the refresh token will be valid for.
+- `login_url` (String) The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
+- `oidc_application_type` (Number) - 0- Web - 1- Native/Mobile
+- `redirect_uri` (String) Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
+- `token_endpoint_auth_method` (Number) Number of minutes the refresh token will be valid for.
+
+
 <a id="nestedblock--enforcement_point"></a>
 ### Nested Schema for `enforcement_point`
 
@@ -98,17 +112,6 @@ Optional:
 
 
 
-<a id="nestedblock--parameters"></a>
-### Nested Schema for `parameters`
-
-Optional:
-
-- `include_in_saml_assertion` (Boolean) When true, this parameter will be included in a SAML assertion payload.
-- `label` (String) The can only be set when creating a new parameter. It can not be updated.
-- `user_attribute_macros` (String) When `user_attribute_mappings` is set to `_macro_` this macro will be used to assign the parameter value.
-- `user_attribute_mappings` (String) A user attribute to map values from For custom attributes prefix the name of the attribute with `custom_attribute_`. e.g. To get the value for custom attribute `employee_id` use `custom_attribute_employee_id`.
-
-
 <a id="nestedblock--provisioning"></a>
 ### Nested Schema for `provisioning`
 

diff --git a/swag-api.yml b/swag-api.yml
@@ -9099,10 +9099,29 @@ definitions:
     description: Set to the value of the __tdli_fp cookie.
     type: string
   generic-app:
-    additionalProperties: true
+    x-terraform-computed: true
     properties:
-      parameters:
-        $ref: '#/definitions/app_parameters'
+      configuration:
+        description: Onelogin currently only supports OIDC App configuration through Terraform Provider. Leave blank for SAML Apps
+        type: object
+        properties: 
+          redirect_uri:
+            type: string
+            description: Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
+          login_url:
+            type: string
+            description: The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
+          oidc_application_type:
+            type: integer
+            description: >-
+              - 0- Web
+              - 1- Native/Mobile
+          token_endpoint_auth_method:
+            type: integer
+            description: Number of minutes the refresh token will be valid for.
+          access_token_expiration_minutes:
+            type: integer
+            description: Number of minutes the refresh token will be valid for.
       allow_assumed_signin:
         description: >-
           Indicates whether or not administrators can access the app as a user
@@ -9119,6 +9138,7 @@ definitions:
         description: the date the app was created
         example: '2018-04-12T21:50:42Z'
         type: string
+        readOnly: true
       description:
         description: Freeform description of the app.
         type: string
@@ -9169,17 +9189,22 @@ definitions:
         description: the date the app was last updated
         example: '2019-05-16T19:20:34Z'
         type: string
+        readOnly: true
       visible:
         description: Indicates if the app is visible in the OneLogin portal.
         example: true
         type: boolean
+    required:
+      - connector_id
+      - name
     type: object
   group:
     properties:
       id:
         description: Group's unique Onelogin ID
         example: 425741
         type: integer
+        readOnly: true
       name:
         description: Group name
         example: group.security.policy.default
@@ -9194,16 +9219,6 @@ definitions:
   ip:
     description: The IP address of the User's request.
     type: string
-  locale:
-    properties:
-      is_default:
-        description: indicator if language is default
-        type: boolean
-      language:
-        description: locale string
-        format: '^[a-z]{2,4}(-[A-Z][a-z]{3})?(-([A-Z]{2}|[0-9]{3}))?$'
-        type: string
-    type: object
   mapping:
     properties:
       actions:
@@ -9251,18 +9266,6 @@ definitions:
     allOf:
       - $ref: '#/definitions/generic-app'
       - example:
-          parameters:
-            groups:
-              attributes_transformations: null
-              default_values: null
-              id: 237825
-              include_in_saml_assertion: true
-              label: Groups
-              provisioned_entitlements: false
-              skip_if_blank: false
-              user_attribute_macros: null
-              user_attribute_mappings: null
-              values: null
           allow_assumed_signin: false
           auth_method: 8
           configuration:
@@ -9283,17 +9286,12 @@ definitions:
           policy_id: 165278
           provisioning:
             enabled: false
-          sso:
-            client_id: b5dee2e0-5cbf-0137-6e19-12c80e5197ec92920
-            client_secret: 3acdcdba4e57bbb4f0454a8729fbc4ec5c4ac327c8e1d6d60c305cc9ea5dbcd3
           tab_id: null
           updated_at: '2019-05-19T23:56:57Z'
           visible: true
         properties:
           configuration:
             $ref: '#/definitions/configuration_oidc'
-          sso:
-            $ref: '#/definitions/sso_oidc'
         required:
           - connector_id
           - name
@@ -9432,21 +9430,6 @@ definitions:
       - name
       - privilege
     type: object
-  rate_limit:
-    properties:
-      X-RateLimit-Limit:
-        description: Rate Limit Limit
-        example: 5000
-        type: integer
-      X-RateLimit-Remaining:
-        description: Rate Limit Remaining
-        example: 4988
-        type: integer
-      X-RateLimit-Reset:
-        description: Rate Limit Reset
-        example: 832
-        type: integer
-    type: object
   risk_device:
     description: Information about the device being used.
     properties:
@@ -9578,8 +9561,6 @@ definitions:
             type: object
           configuration:
             $ref: '#/definitions/configuration_saml'
-          sso:
-            $ref: '#/definitions/sso_saml'
         required:
           - connector_id
           - name