-
Notifications
You must be signed in to change notification settings - Fork 58
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for Ping Federate connection #175
Conversation
These are created server side based on the provided cert
d6ad98e
to
dfc7966
Compare
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #175 +/- ##
==========================================
+ Coverage 94.74% 94.79% +0.05%
==========================================
Files 38 38
Lines 6616 6685 +69
==========================================
+ Hits 6268 6337 +69
Misses 278 278
Partials 70 70
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report in Codecov by Sentry. |
trailer: {} | ||
content_length: -1 | ||
uncompressed: false | ||
body: '{"id":"con_R96acQao7HOUjVnE","options":{"digestAlgorithm":"sha256","signSAMLRequest":true,"signatureAlgorithm":"rsa-sha256","pingFederateBaseUrl":"https://ping.example.com","signInEndpoint":"https://ping.example.com","expires":"2010-09-09T22:05:43.000Z","subject":{"countryName":"AU","stateOrProvinceName":"Some-State","organizationName":"Internet Widgits Pty Ltd","commonName":"europa.sfo.corp.google.com"},"thumbprints":["b93611bf2cfdb64110c7aae1485718cc9385e151"],"cert":"-----BEGIN CERTIFICATE-----\nMIID6TCCA1ICAQEwDQYJKoZIhvcNAQEFBQAwgYsxCzAJBgNVBAYTAlVTMRMwEQYD\nVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRQwEgYDVQQK\nEwtHb29nbGUgSW5jLjEMMAoGA1UECxMDRW5nMQwwCgYDVQQDEwNhZ2wxHTAbBgkq\nhkiG9w0BCQEWDmFnbEBnb29nbGUuY29tMB4XDTA5MDkwOTIyMDU0M1oXDTEwMDkw\nOTIyMDU0M1owajELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAf\nBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEjMCEGA1UEAxMaZXVyb3Bh\nLnNmby5jb3JwLmdvb2dsZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK\nAoICAQC6pgYt7/EibBDumASF+S0qvqdL/f+nouJw2T1Qc8GmXF/iiUcrsgzh/Fd8\npDhz/T96Qg9IyR4ztuc2MXrmPra+zAuSf5bevFReSqvpIt8Duv0HbDbcqs/XKPfB\nuMDe+of7a9GCywvAZ4ZUJcp0thqD9fKTTjUWOBzHY1uNE4RitrhmJCrbBGXbJ249\nbvgmb7jgdInH2PU7PT55hujvOoIsQW2osXBFRur4pF1wmVh4W4lTLD6pjfIMUcML\nICHEXEN73PDic8KS3EtNYCwoIld+tpIBjE1QOb1KOyuJBNW6Esw9ALZn7stWdYcE\nqAwvv20egN2tEXqj7Q4/1ccyPZc3PQgC3FJ8Be2mtllM+80qf4dAaQ/fWvCtOrQ5\npnfe9juQvCo8Y0VGlFcrSys/MzSg9LJ/24jZVgzQved/Qupsp89wVidwIzjt+WdS\nfyWfH0/v1aQLvu5cMYuW//C0W2nlYziL5blETntM8My2ybNARy3ICHxCBv2RNtPI\nWQVm+E9/W5rwh2IJR4DHn2LHwUVmT/hHNTdBLl5Uhwr4Wc7JhE7AVqb14pVNz1lr\n5jxsp//ncIwftb7mZQ3DF03Yna+jJhpzx8CQoeLT6aQCHyzmH68MrHHT4MALPyUs\nPomjn71GNTtDeWAXibjCgdL6iHACCF6Htbl0zGlG0OAK+bdn0QIDAQABMA0GCSqG\nSIb3DQEBBQUAA4GBAOKnQDtqBV24vVqvesL5dnmyFpFPXBn3WdFfwD6DzEb21UVG\n5krmJiu+ViipORJPGMkgoL6BjU21XI95VQbun5P8vvg8Z+FnFsvRFY3e1CCzAVQY\nZsUkLw2I7zI/dNlWdB8Xp7v+3w9sX5N3J/WuJ1KOO5m26kRlHQo7EzT3974g\n-----END CERTIFICATE-----"},"strategy":"pingfederate","name":"Test-Ping-Federate-Connection-1678372717","provisioning_ticket_url":"https://go-auth0-dev.eu.auth0.com.eu.auth0.com/p/pingfederate/mw8OUGSy","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-Ping-Federate-Connection-1678372717"]}' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems we are missing the "cert" property in the type definition. So what we send as "signingCert" gets returned as "cert" in the response payload. 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added the Cert
field to the ConnectionOptionsPingFederate
struct and added comments to clarify the differences between it and SigningCert
and when to use them
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💪🏻
🔧 Changes
This adds support for the Ping Federate connection, it does not expose the
expires
,subject
, orthumbprints
properties as these are populated on creation/update by the backend based on the provided cert (which can be a string representing the contents of a pem file, or a base64 representation of the contents of a pem file).In v1 we could potentially look into providing read-only properties such as these in a way that disallows a developer from overriding them.
📚 References
terraform-provider-auth0/issues/428
🔬 Testing
Test creating and updating the properties of a Ping Federate connection locally alongside the unit tests added
📝 Checklist