Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve documentation of okta_inline_hook #2120

Open
richard-collette-precisely opened this issue Oct 30, 2024 · 4 comments
Open

Improve documentation of okta_inline_hook #2120

richard-collette-precisely opened this issue Oct 30, 2024 · 4 comments
Labels
enhancement Asking for new behavior or feature triaged Triaged into internal Jira

Comments

@richard-collette-precisely
Copy link

richard-collette-precisely commented Oct 30, 2024
edited
Loading

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The inline hook resource has two properties, auth and channel, that are of type map and therefore do not provide strict typing or documentation of the properties to be used when configuring:

  • HTTP
  • OAUTH/client_secret_post
  • OAUTH/private_key_jwt

Further hindering the ability to determine proper configuration, is the fact that the structure of the underlying API that is used:https://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createInlineHook

does not match the structure used for the inline hook resource definition.

New or Affected Resource(s)

  • okta_inline_hook

Non-working Terraform Configuration

The following configuration generated from Terraform CDK

    "okta_inline_hook": {
      "idty-test-oauth-hook-inline-hook_InlineHook_00149B4D": {
        "//": {
          "metadata": {
            "path": "normal-preview-dev/idty-test-oauth-hook-inline-hook/InlineHook",
            "uniqueId": "idty-test-oauth-hook-inline-hook_InlineHook_00149B4D"
          }
        },
        "channel": {
          "authType": "client_secret_post",
          "clientId": "test-client-id",
          "clientSecret": "test",
          "method": "POST",
          "scope": "test",
          "tokenUrl": "https://acme.com/token",
          "type": "OAUTH",
          "uri": "https://acme.com",
          "version": "1.0.0"
        },
        "name": "IDTY-test-oauth-hook-dev",
        "status": "ACTIVE",
        "type": "com.okta.oauth2.tokens.transform",
        "version": "1.0.0"
      }
    }

results in the following http request, which is missing channel.config values for many of the OAuth related properties such as clientId, clientSecret, etc.

                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: ---[ REQUEST ]---------------------------------------
                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: POST /api/v1/inlineHooks HTTP/1.1
                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Host: sso.precisely.services
                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: User-Agent: local-v2-sdk/0.0.0 golang/go1.21.13 darwin/arm64 okta-terraform/4.11.1
                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Content-Length: 242
                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Accept: application/json
normal-preview-dev  2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Authorization: Bearer redacted
normal-preview-dev  2024-10-30T14:23:04.731-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Content-Type: application/json
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Accept-Encoding: gzip
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: {
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  "channel": {
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:   "config": {
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:    "authScheme": {
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:     "type": "HEADER"
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:    },
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:    "method": "POST",
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:    "uri": "https://acme.com"
normal-preview-dev  2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:   },
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:   "type": "OAUTH",
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:   "version": "1.0.0"
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  },
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  "name": "IDTY-test-oauth-hook-dev",
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  "status": "ACTIVE",
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  "type": "com.okta.oauth2.tokens.transform",
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  "version": "1.0.0"
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: }
@richard-collette-precisely richard-collette-precisely added the enhancement Asking for new behavior or feature label Oct 30, 2024
@richard-collette-precisely
Copy link
Author

richard-collette-precisely commented Oct 31, 2024
edited
Loading

This example of an OAuth inline hook seems to be completely inaccurate because it does not include clientId, clientSecret, etc.

@richard-collette-precisely
Copy link
Author

richard-collette-precisely commented Oct 31, 2024
edited
Loading

It appears as there are no OAUTH tests

terraform-provider-okta/okta/resource_okta_inline_hook_test.go

Line 104 in d4a299c

func inlineHookExists(id string) (bool, error) {

@stuxboulot
Copy link

I think that before update the documentation the OAUTH2 configuration need to be implemented in the provider.
Actually, there are no capability to define secret information with the oAuth2 type.

@duytiennguyen-okta duytiennguyen-okta added the triaged Triaged into internal Jira label Nov 6, 2024
@duytiennguyen-okta
Copy link
Contributor

OKTA internal reference https://oktainc.atlassian.net/browse/OKTA-826990

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Asking for new behavior or feature triaged Triaged into internal Jira
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@stuxboulot @duytiennguyen-okta @richard-collette-precisely