From ebcdc10a4896a0b52e5609b957d168cf365e1aae Mon Sep 17 00:00:00 2001 From: Michael Parker Date: Thu, 12 Mar 2020 11:11:07 -0500 Subject: [PATCH] fix string pointer for rooturl --- keycloak/openid_client.go | 2 +- provider/resource_keycloak_openid_client.go | 39 ++++++++++++------- .../resource_keycloak_openid_client_test.go | 8 ++-- 3 files changed, 31 insertions(+), 18 deletions(-) diff --git a/keycloak/openid_client.go b/keycloak/openid_client.go index fd1a07cae..a292e3594 100644 --- a/keycloak/openid_client.go +++ b/keycloak/openid_client.go @@ -45,7 +45,7 @@ type OpenidClient struct { WebOrigins []string `json:"webOrigins"` AdminUrl string `json:"adminUrl"` BaseUrl string `json:"baseUrl"` - RootUrl *string `json:"rootUrl"` + RootUrl *string `json:"rootUrl,omitempty"` FullScopeAllowed bool `json:"fullScopeAllowed"` Attributes OpenidClientAttributes `json:"attributes"` AuthorizationSettings *OpenidClientAuthorizationSettings `json:"authorizationSettings,omitempty"` diff --git a/provider/resource_keycloak_openid_client.go b/provider/resource_keycloak_openid_client.go index b624903b1..bb2747174 100644 --- a/provider/resource_keycloak_openid_client.go +++ b/provider/resource_keycloak_openid_client.go @@ -167,23 +167,35 @@ func getOpenidClientFromData(data *schema.ResourceData) (*keycloak.OpenidClient, validRedirectUris := make([]string, 0) webOrigins := make([]string, 0) - if v, ok := data.GetOk("valid_redirect_uris"); ok { - for _, validRedirectUri := range v.(*schema.Set).List() { + rootUrlData, rootUrlOk := data.GetOkExists("root_url") + validRedirectUrisData, validRedirectUrisOk := data.GetOk("valid_redirect_uris") + webOriginsData, webOriginsOk := data.GetOk("web_origins") + + rootUrlString := rootUrlData.(string) + + if validRedirectUrisOk { + for _, validRedirectUri := range validRedirectUrisData.(*schema.Set).List() { validRedirectUris = append(validRedirectUris, validRedirectUri.(string)) } } - if v, ok := data.GetOk("web_origins"); ok { - for _, webOrigin := range v.(*schema.Set).List() { + if webOriginsOk { + for _, webOrigin := range webOriginsData.(*schema.Set).List() { webOrigins = append(webOrigins, webOrigin.(string)) } } - rootUrlData, rootUrlOk := data.GetOkExists("root_url") - rootUrl := new(string) - if rootUrlOk { - temp := rootUrlData.(string) - rootUrl = &temp + // Keycloak uses the root URL for web origins if not specified otherwise + if rootUrlOk && rootUrlString != "" { + if !validRedirectUrisOk { + return nil, errors.New("valid_redirect_uris is required when root_url is given1") + } + if !webOriginsOk { + return nil, errors.New("web_origins is required when root_url is given") + } + if _, adminOk := data.GetOk("admin_url"); !adminOk { + return nil, errors.New("admin_url is required when root_url is given") + } } openidClient := &keycloak.OpenidClient{ @@ -208,10 +220,13 @@ func getOpenidClientFromData(data *schema.ResourceData) (*keycloak.OpenidClient, WebOrigins: webOrigins, AdminUrl: data.Get("admin_url").(string), BaseUrl: data.Get("base_url").(string), - RootUrl: rootUrl, ConsentRequired: data.Get("consent_required").(bool), } + if rootUrlOk { + openidClient.RootUrl = &rootUrlString + } + if !openidClient.ImplicitFlowEnabled && !openidClient.StandardFlowEnabled { if _, ok := data.GetOk("valid_redirect_uris"); ok { return nil, errors.New("valid_redirect_uris cannot be set when standard or implicit flow is not enabled") @@ -270,9 +285,7 @@ func setOpenidClientData(keycloakClient *keycloak.KeycloakClient, data *schema.R data.Set("web_origins", client.WebOrigins) data.Set("admin_url", client.AdminUrl) data.Set("base_url", client.BaseUrl) - if client.RootUrl != nil { - data.Set("root_url", client.RootUrl) - } + data.Set("root_url", &client.RootUrl) data.Set("authorization_services_enabled", client.AuthorizationServicesEnabled) data.Set("full_scope_allowed", client.FullScopeAllowed) data.Set("consent_required", client.ConsentRequired) diff --git a/provider/resource_keycloak_openid_client_test.go b/provider/resource_keycloak_openid_client_test.go index e67b5b13d..9af848043 100644 --- a/provider/resource_keycloak_openid_client_test.go +++ b/provider/resource_keycloak_openid_client_test.go @@ -182,12 +182,12 @@ func TestAccKeycloakOpenidClient_updateInPlace(t *testing.T) { implicitFlowEnabled := randomBool() directAccessGrantsEnabled := randomBool() serviceAccountsEnabled := randomBool() - rootUrl := acctest.RandString(20) if !standardFlowEnabled { implicitFlowEnabled = !standardFlowEnabled } + rootUrlBefore := acctest.RandString(20) openidClientBefore := &keycloak.OpenidClient{ RealmId: realm, ClientId: clientId, @@ -203,12 +203,12 @@ func TestAccKeycloakOpenidClient_updateInPlace(t *testing.T) { WebOrigins: []string{acctest.RandString(10), acctest.RandString(10), acctest.RandString(10)}, AdminUrl: acctest.RandString(20), BaseUrl: acctest.RandString(20), - RootUrl: &rootUrl, + RootUrl: &rootUrlBefore, } standardFlowEnabled, implicitFlowEnabled = implicitFlowEnabled, standardFlowEnabled - rootUrl = acctest.RandString(20) + rootUrlAfter := acctest.RandString(20) openidClientAfter := &keycloak.OpenidClient{ RealmId: realm, ClientId: clientId, @@ -224,7 +224,7 @@ func TestAccKeycloakOpenidClient_updateInPlace(t *testing.T) { WebOrigins: []string{acctest.RandString(10), acctest.RandString(10), acctest.RandString(10), acctest.RandString(10), acctest.RandString(10)}, AdminUrl: acctest.RandString(20), BaseUrl: acctest.RandString(20), - RootUrl: &rootUrl, + RootUrl: &rootUrlAfter, } resource.Test(t, resource.TestCase{