Merge branch 'yvovandoorn-yvovandoorn/addSAMLmappings/1' into master

auth0/resource_auth0_connection.go

@@ -435,6 +435,7 @@ var connectionSchema = map[string]*schema.Schema{
 					Optional:    true,
 					Description: "",
 				},
+				// SAML options
 				"debug": {
 					Type:        schema.TypeBool,
 					Optional:    true,
@@ -454,6 +455,16 @@ var connectionSchema = map[string]*schema.Schema{
 						"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
 					}, true),
 				},
+				"request_template": {
+					Type:        schema.TypeString,
+					Optional:    true,
+					Description: "Template that formats the SAML request.",
+				},
+				"user_id_attribute": {
+					Type:        schema.TypeString,
+					Optional:    true,
+					Description: "Attribute in the SAML token that will be mapped to the user_id property in Auth0.",
+				},
 				"idp_initiated": {
 					Type:     schema.TypeList,
 					MaxItems: 1,

auth0/resource_auth0_connection_test.go

@@ -1139,11 +1139,14 @@ yE+vPxsiUkvQHdO2fojCkY8jg70jxM+gu59tPDNbw3Uh/2Ij310FgTHsnGQMyA==
 EOF
 		sign_in_endpoint = "https://saml.provider/sign_in"
 		sign_out_endpoint = "https://saml.provider/sign_out"
+		user_id_attribute = "https://saml.provider/imi/ns/identity-200810"
 		tenant_domain = "example.com"
 		domain_aliases = ["example.com", "example.coz"]
 		protocol_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post"
+		request_template = "<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"\n@@AssertServiceURLAndDestination@@\n    ID=\"@@ID@@\"\n    IssueInstant=\"@@IssueInstant@@\"\n    ProtocolBinding=\"@@ProtocolBinding@@\" Version=\"2.0\">\n    <saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">@@Issuer@@</saml:Issuer>\n</samlp:AuthnRequest>"
 		signature_algorithm = "rsa-sha256"
 		digest_algorithm = "sha256"
+		icon_url = "https://example.com/logo.svg"
 		fields_map = {
 			foo = "bar"
 			baz = "baa"

auth0/structure_auth0_connection.go

@@ -233,6 +233,9 @@ func flattenConnectionOptionsSAML(o *management.ConnectionOptionsSAML) interface
 		"digest_algorithm":    o.GetDigestAglorithm(),
 		"fields_map":          o.FieldsMap,
 		"sign_saml_request":   o.GetSignSAMLRequest(),
+		"icon_url":            o.GetLogoURL(),
+		"request_template":    o.GetRequestTemplate(),
+		"user_id_attribute":   o.GetUserIDAttribute(),
 	}
 }
 
@@ -552,6 +555,9 @@ func expandConnectionOptionsSAML(d ResourceData) *management.ConnectionOptionsSA
 		DigestAglorithm:    String(d, "digest_algorithm"),
 		FieldsMap:          Map(d, "fields_map"),
 		SignSAMLRequest:    Bool(d, "sign_saml_request"),
+		RequestTemplate:    String(d, "request_template"),
+		UserIDAttribute:    String(d, "user_id_attribute"),
+		LogoURL:            String(d, "icon_url"),
 	}
 
 	List(d, "idp_initiated").Elem(func(d ResourceData) {

docs/resources/connection.md

@@ -374,6 +374,8 @@ With the `samlp` connection strategy, `options` supports the following arguments
 * `sign_saml_request` - (Optional) (Boolean) When enabled, the SAML authentication request will be signed.
 * `signature_algorithm` - (Optional) Sign Request Algorithm
 * `digest_algorithm` - (Optional) Sign Request Algorithm Digest
+* `request_template` - (Optional) Template that formats the SAML request
+* `user_id_attribute` - (Optional) Attribute in the SAML token that will be mapped to the user_id property in Auth0.
 
 **Example**:
 ```hcl
@@ -387,6 +389,8 @@ resource "auth0_connection" "samlp" {
 		tenant_domain = "example.com"
 		domain_aliases = ["example.com", "alias.example.com"]
 		binding_method = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Post"
+    request_template = "<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"\n@@AssertServiceURLAndDestination@@\n    ID=\"@@ID@@\"\n    IssueInstant=\"@@IssueInstant@@\"\n    ProtocolBinding=\"@@ProtocolBinding@@\" Version=\"2.0\">\n    <saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">@@Issuer@@</saml:Issuer>\n</samlp:AuthnRequest>"
+    user_id_attribute = "https://saml.provider/imi/ns/identity-200810"
 		signature_algorithm = "rsa-sha256"
 		digest_algorithm = "sha256"
 		fields_map = {