v0.4.6 (#117)

* authentication

* env var fields

* readme updates

docs/data-sources/apps.md

@@ -59,12 +59,17 @@ Optional:
 - `access_token_expiration_minutes` (Number) OIDC Apps only Number of minutes the refresh token will be valid for.
 - `login_url` (String) OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
 - `oidc_api_version` (String)
-- `oidc_application_type` (Number) OIDC Apps Only - 0: Web - 1: Native/Mobile
+- `oidc_application_type` (Number) OIDC Apps Only
+  - 0: Web
+  - 1: Native/Mobile
 - `oidc_encryption_key` (String) OIDC Apps only
 - `post_logout_redirect_uri` (String) OIDC Apps only
 - `redirect_uri` (String) OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
-- `refresh_token_expiration_minutes` (Number)
-- `token_endpoint_auth_method` (Number) OIDC Apps only Number of minutes the refresh token will be valid for.
+- `refresh_token_expiration_minutes` (Number) Number of minutes the refresh token will be valid for.
+- `token_endpoint_auth_method` (Number) OIDC Apps only
+ - 0: Basic
+ - 1: POST
+ - 2: None / PKCE
 
 
 <a id="nestedblock--enforcement_point"></a>

docs/data-sources/apps_instance.md

@@ -58,12 +58,17 @@ Optional:
 - `access_token_expiration_minutes` (Number) OIDC Apps only Number of minutes the refresh token will be valid for.
 - `login_url` (String) OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
 - `oidc_api_version` (String)
-- `oidc_application_type` (Number) OIDC Apps Only - 0: Web - 1: Native/Mobile
+- `oidc_application_type` (Number) OIDC Apps Only
+  - 0: Web
+  - 1: Native/Mobile
 - `oidc_encryption_key` (String) OIDC Apps only
 - `post_logout_redirect_uri` (String) OIDC Apps only
 - `redirect_uri` (String) OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
-- `refresh_token_expiration_minutes` (Number)
-- `token_endpoint_auth_method` (Number) OIDC Apps only Number of minutes the refresh token will be valid for.
+- `refresh_token_expiration_minutes` (Number) Number of minutes the refresh token will be valid for.
+- `token_endpoint_auth_method` (Number) OIDC Apps only
+ - 0: Basic
+ - 1: POST
+ - 2: None / PKCE
 
 
 <a id="nestedblock--enforcement_point"></a>

docs/resources/apps.md

@@ -62,12 +62,17 @@ Optional:
 - `access_token_expiration_minutes` (Number) OIDC Apps only Number of minutes the refresh token will be valid for.
 - `login_url` (String) OIDC Apps only The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
 - `oidc_api_version` (String)
-- `oidc_application_type` (Number) OIDC Apps Only - 0: Web - 1: Native/Mobile
+- `oidc_application_type` (Number) OIDC Apps Only
+  - 0: Web
+  - 1: Native/Mobile
 - `oidc_encryption_key` (String) OIDC Apps only
 - `post_logout_redirect_uri` (String) OIDC Apps only
 - `redirect_uri` (String) OIDC Apps only Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
-- `refresh_token_expiration_minutes` (Number)
-- `token_endpoint_auth_method` (Number) OIDC Apps only Number of minutes the refresh token will be valid for.
+- `refresh_token_expiration_minutes` (Number) Number of minutes the refresh token will be valid for.
+- `token_endpoint_auth_method` (Number) OIDC Apps only
+ - 0: Basic
+ - 1: POST
+ - 2: None / PKCE
 
 
 <a id="nestedblock--enforcement_point"></a>

main.go

@@ -27,7 +27,7 @@ func main() {
 	//log.Printf("[INFO] Initializing OpenAPI Terraform provider '%s' with service provider's OpenAPI document: %s", ProviderName, ProviderOpenAPIURL)
 
 	var providerName = "onelogin"
-	var providerOpenAPIURL = "https://raw.githubusercontent.com/onelogin/terraform-provider-onelogin/develop/swag-api.yml"
+	var providerOpenAPIURL = "https://raw.githubusercontent.com/onelogin/terraform-provider-onelogin/tpoas/swag-api.yml"
 
 	p := openapi.ProviderOpenAPI{ProviderName: providerName}
 	serviceProviderConfig := &openapi.ServiceConfigV1{

swag-api.yml

@@ -9049,17 +9049,16 @@ definitions:
         example: 0
       configuration:
         description: Only apply configurations that are applicable to the type of app
+        x-terraform-computed: true
         type: object
         properties: 
           redirect_uri:
             type: string
-            x-terraform-computed: true
             description: >-
              OIDC Apps only
              Comma or newline separated list of valid redirect uris for the OpenId Connect Authorization Code flow.
           login_url:
             type: string
-            x-terraform-computed: true
             description: >-
               OIDC Apps only
               The OpenId Connect Client Id. Note that client_secret is only returned after Creating an App.
@@ -9068,31 +9067,28 @@ definitions:
             readOnly: true
           oidc_encryption_key:
             type: string
-            x-terraform-computed: true
             description: OIDC Apps only
           post_logout_redirect_uri:
             type: string
-            x-terraform-computed: true
             description: OIDC Apps only
           refresh_token_expiration_minutes:
             type: integer
-            readOnly: true
+            description: Number of minutes the refresh token will be valid for.
           oidc_application_type:
             type: integer
-            x-terraform-computed: true
             description: >-
               OIDC Apps Only
-              - 0: Web
-              - 1: Native/Mobile
+                - 0: Web
+                - 1: Native/Mobile
           token_endpoint_auth_method:
             type: integer
-            x-terraform-computed: true
             description: >-
              OIDC Apps only
-             Number of minutes the refresh token will be valid for.
+              - 0: Basic
+              - 1: POST
+              - 2: None / PKCE
           access_token_expiration_minutes:
             type: integer
-            x-terraform-computed: true
             description: >-
              OIDC Apps only
              Number of minutes the refresh token will be valid for.
@@ -9864,7 +9860,9 @@ securityDefinitions:
     name: Authorization
     # name: "something" the name paramter will be ignored when using the 'x-terraform-authentication-scheme-bearer' extension, "Authorization" name will be use as default value
     x-terraform-authentication-scheme-bearer: true
-
+    x-terraform-refresh-token-url: https://api.onelogin.com/auth/oauth2/v2/token      
+    x-terraform-env-client-id: "ONELOGIN_CLIENT_ID"
+    x-terraform-env-client-secret: "ONELOGIN_CLIENT_SECRET"
 tags:
   - description: OAuth2
     name: OAuth2