WIP: Support for verifying custom domains

auth0/provider.go

@@ -45,21 +45,22 @@ func init() {
  },
  },
  ResourcesMap: map[string]*schema.Resource{
- "auth0_client": newClient(),
- "auth0_global_client": newGlobalClient(),
- "auth0_client_grant": newClientGrant(),
- "auth0_connection": newConnection(),
- "auth0_custom_domain": newCustomDomain(),
- "auth0_resource_server": newResourceServer(),
- "auth0_rule": newRule(),
- "auth0_rule_config": newRuleConfig(),
- "auth0_hook": newHook(),
- "auth0_prompt": newPrompt(),
- "auth0_email": newEmail(),
- "auth0_email_template": newEmailTemplate(),
- "auth0_user": newUser(),
- "auth0_tenant": newTenant(),
- "auth0_role": newRole(),
+ "auth0_client": newClient(),
+ "auth0_global_client": newGlobalClient(),
+ "auth0_client_grant": newClientGrant(),
+ "auth0_connection": newConnection(),
+ "auth0_custom_domain": newCustomDomain(),
+ "auth0_custom_domain_verification": newCustomDomainVerification(),
+ "auth0_resource_server": newResourceServer(),
+ "auth0_rule": newRule(),
+ "auth0_rule_config": newRuleConfig(),
+ "auth0_hook": newHook(),
+ "auth0_prompt": newPrompt(),
+ "auth0_email": newEmail(),
+ "auth0_email_template": newEmailTemplate(),
+ "auth0_user": newUser(),
+ "auth0_tenant": newTenant(),
+ "auth0_role": newRole(),
  },
  ConfigureFunc: Configure,
  }

auth0/resource_auth0_custom_domain_verification.go

@@ -0,0 +1,62 @@
+package auth0
+
+import (
+ "net/http"
+
+ "github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+
+ "gopkg.in/auth0.v4"
+ "gopkg.in/auth0.v4/management"
+)
+
+func newCustomDomainVerification() *schema.Resource {
+ return &schema.Resource{
+
+ Create: createCustomDomainVerification,
+ Read: readCustomDomainVerification,
+ Delete: deleteCustomDomainVerification,
+ Importer: &schema.ResourceImporter{
+ State: schema.ImportStatePassthrough,
+ },
+
+ Schema: map[string]*schema.Schema{
+ "custom_domain_id": {
+ Type: schema.TypeString,
+ Required: true,
+ ForceNew: true,
+ },
+ },
+ }
+}
+
+func createCustomDomainVerification(d *schema.ResourceData, m interface{}) error {
+ api := m.(*management.Management)
+ c, err := api.CustomDomain.Verify(d.Get("custom_domain_id").(string))
+ if err != nil {
+ return err
+ }
+ d.SetId(auth0.StringValue(c.ID))
+ return nil
+}
+
+func readCustomDomainVerification(d *schema.ResourceData, m interface{}) error {
+ api := m.(*management.Management)
+ c, err := api.CustomDomain.Read(d.Id())
+ if err != nil {
+ if mErr, ok := err.(management.Error); ok {
+ if mErr.Status() == http.StatusNotFound {
+ d.SetId("")
+ return nil
+ }
+ }
+ return err
+ }
+
+ d.SetId(auth0.StringValue(c.ID))
+ d.Set("custom_domain_id", auth0.StringValue(c.ID))
+ return nil
+}
+
+func deleteCustomDomainVerification(d *schema.ResourceData, m interface{}) error {
+ return nil
+}

website/auth0.erb

@@ -11,6 +11,7 @@
  <li><a href="/docs/providers/auth0/r/client.html">auth0_client</a></li>
  <li><a href="/docs/providers/auth0/r/connection.html">auth0_connection</a></li>
  <li><a href="/docs/providers/auth0/r/custom_domain.html">auth0_custom_domain</a></li>
+ <li><a href="/docs/providers/auth0/r/custom_domain_verification.html">auth0_custom_domain_verification</a></li>
  <li><a href="/docs/providers/auth0/r/email_template.html">auth0_email_template</a></li>
  <li><a href="/docs/providers/auth0/r/email.html">auth0_email</a></li>
  <li><a href="/docs/providers/auth0/r/resource_server.html">auth0_resource_server</a></li>
@@ -28,4 +29,4 @@
  <% end %>
 
  <%= yield %>
-<% end %>
+<% end %>

website/docs/r/custom_domain_verification.html.md

@@ -0,0 +1,45 @@
+---
+layout: "auth0"
+page_title: "Auth0: auth0_custom_domain_verification"
+description: |-
+ With this resource, you can verify a custom domain created with the `auth0_custom_domain` resource.
+---
+
+# auth0_custom_domain_verification
+
+With Auth0, you can use a custom domain to maintain a consistent user experience. This is a three-step process; you must configure the custom domain in Auth0, then create a DNS record for the domain, then verify the DNS record in Auth0. This resources allows for automating the verification part of the process.
+
+## Example Usage
+
+```hcl
+resource "auth0_custom_domain" "my_custom_domain" {
+ domain = "auth.example.com"
+ type = "auth0_managed_certs"
+ verification_method = "txt"
+}
+resource "digitalocean_record" "auth0_domain" {
+ domain = "example.com"
+ type = upper(auth0_custom_domain.my_custom_domain.verification[0].methods[0].name)
+ name = "auth"
+ value = "${auth0_custom_domain.my_custom_domain.verification[0].methods[0].record}."
+}
+# wait for DNS record to propagate
+resource "null_resource" "wait_for_auth0_dns" {
+ provisioner "local-exec" {
+ command = "while ! nslookup ${digitalocean_record.auth0_domain.fqdn}; do sleep 1; done"
+ }
+ triggers = {
+ dns = digitalocean_record.auth0_domain.id
+ }
+}
+resource "auth0_custom_domain_verification" "my_custom_domain" {
+ custom_domain_id = auth0_custom_domain.my_custom_domain.id
+ depends_on = [null_resource.wait_for_auth0_dns]
+}
+```
+
+## Argument Reference
+
+Arguments accepted by this resource include:
+
+* `custom_domain_id` - (Required) String. ID of the custom domain resource.