Merge pull request #267 from cyralinc/feature/add-idp-import-config

Add ImportIdentityProviderConfig method
Nerzal · Mar 27, 2021 · 485eeac · 485eeac
2 parents 0bd22a7 + c526c82
commit 485eeac
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 0 deletions.
diff --git a/client.go b/client.go
@@ -2305,6 +2305,26 @@ func (client *gocloak) DeleteIdentityProvider(ctx context.Context, token, realm,
 	return checkForError(resp, err, errMessage)
 }
 
+// ImportIdentityProviderConfig parses and returns the identity provider config at a given URL
+func (client *gocloak) ImportIdentityProviderConfig(ctx context.Context, token, realm, fromURL, providerID string) (map[string]string, error) {
+	const errMessage = "could not import config"
+
+	result := make(map[string]string)
+	resp, err := client.getRequestWithBearerAuth(ctx, token).
+		SetResult(&result).
+		SetBody(map[string]string{
+			"fromUrl":    fromURL,
+			"providerId": providerID,
+		}).
+		Post(client.getAdminRealmURL(realm, "identity-provider", "import-config"))
+
+	if err := checkForError(resp, err, errMessage); err != nil {
+		return nil, err
+	}
+
+	return result, nil
+}
+
 // ------------------
 // Protection API
 // ------------------

diff --git a/client_test.go b/client_test.go
@@ -5308,3 +5308,40 @@ func TestGocloak_GetClientsWithPagination(t *testing.T) {
 	require.NoError(t, err)
 	require.Equal(t, max, len(clients))
 }
+
+func TestGocloak_ImportIdentityProviderConfig(t *testing.T) {
+	t.Parallel()
+	cfg := GetConfig(t)
+	client := NewClientWithDebug(t)
+	token := GetAdminToken(t, client)
+
+	actual, err := client.ImportIdentityProviderConfig(
+		context.Background(),
+		token.AccessToken,
+		cfg.GoCloak.Realm,
+		"https://accounts.google.com/.well-known/openid-configuration",
+		"oidc")
+
+	require.NoError(t, err, "ImportIdentityProviderConfig failed")
+
+	expected := map[string]string{
+		"userInfoUrl":       "https://openidconnect.googleapis.com/v1/userinfo",
+		"validateSignature": "true",
+		"tokenUrl":          "https://oauth2.googleapis.com/token",
+		"authorizationUrl":  "https://accounts.google.com/o/oauth2/v2/auth",
+		"jwksUrl":           "https://www.googleapis.com/oauth2/v3/certs",
+		"issuer":            "https://accounts.google.com",
+		"useJwksUrl":        "true",
+	}
+
+	require.Len(
+		t, actual, len(expected),
+		"ImportIdentityProviderConfig should return exactly %d fields", len(expected))
+
+	for expectedKey, expectedVal := range expected {
+		require.Equal(
+			t, expectedVal, actual[expectedKey],
+			"ImportIdentityProviderConfig should return %q for %q, but returned %q",
+			expectedVal, expectedKey, actual[expectedKey])
+	}
+}
diff --git a/gocloak.go b/gocloak.go
@@ -316,6 +316,8 @@ type GoCloak interface {
 	UpdateIdentityProvider(ctx context.Context, token, realm, alias string, providerRep IdentityProviderRepresentation) error
 	// DeleteIdentityProvider deletes the identity provider in a realm
 	DeleteIdentityProvider(ctx context.Context, token, realm, alias string) error
+	// ImportIdentityProviderConfig parses and returns the identity provider config at a given URL
+	ImportIdentityProviderConfig(ctx context.Context, token, realm, fromURL, providerID string) (map[string]string, error)
 
 	// *** Protection API ***
 	// GetResource returns a client's resource with the given id, using access token from client