diff --git a/docs/data-sources/connection.md b/docs/data-sources/connection.md index e53de015..aa324413 100644 --- a/docs/data-sources/connection.md +++ b/docs/data-sources/connection.md @@ -62,6 +62,7 @@ Read-Only: - `community_base_url` (String) - `configuration` (Map of String) - `connection_settings` (List of Object) (see [below for nested schema](#nestedobjatt--options--connection_settings)) +- `custom_headers` (List of Map of String) - `custom_scripts` (Map of String) - `debug` (Boolean) - `decryption_key` (List of Object) (see [below for nested schema](#nestedobjatt--options--decryption_key)) diff --git a/docs/resources/connection.md b/docs/resources/connection.md index 6195bff0..c471bdf8 100644 --- a/docs/resources/connection.md +++ b/docs/resources/connection.md @@ -697,6 +697,7 @@ Optional: - `community_base_url` (String) Salesforce community base URL. - `configuration` (Map of String, Sensitive) A case-sensitive map of key value pairs used as configuration variables for the `custom_script`. - `connection_settings` (Block List, Max: 1) Proof Key for Code Exchange (PKCE) configuration settings for an OIDC or Okta Workforce connection. (see [below for nested schema](#nestedblock--options--connection_settings)) +- `custom_headers` (List of Map of String) Configure extra headers to the Token endpoint of an OAuth 2.0 provider - `custom_scripts` (Map of String) A map of scripts used to integrate with a custom database. - `debug` (Boolean) When enabled, additional debug information will be generated. - `decryption_key` (Block List, Max: 1) The key used to decrypt encrypted responses from the connection. Uses the `key` and `cert` properties to provide the private key and certificate respectively. (see [below for nested schema](#nestedblock--options--decryption_key)) diff --git a/internal/auth0/connection/expand.go b/internal/auth0/connection/expand.go index 31663a02..3d476870 100644 --- a/internal/auth0/connection/expand.go +++ b/internal/auth0/connection/expand.go @@ -579,6 +579,19 @@ func expandConnectionOptionsOAuth2(data *schema.ResourceData, config cty.Value) StrategyVersion: value.Int(config.GetAttr("strategy_version")), } + customHeadersConfig := config.GetAttr("custom_headers") + + if !customHeadersConfig.IsNull() { + customHeaders := make([]map[string]string, 0) + + customHeadersConfig.ForEachElement(func(_ cty.Value, httpHeader cty.Value) (stop bool) { + customHeaders = append(customHeaders, *value.MapOfStrings(httpHeader)) + return stop + }) + + options.CustomHeaders = &customHeaders + } + expandConnectionOptionsScopes(data, options) var err error diff --git a/internal/auth0/connection/flatten.go b/internal/auth0/connection/flatten.go index 34a0963b..8f81c48c 100644 --- a/internal/auth0/connection/flatten.go +++ b/internal/auth0/connection/flatten.go @@ -509,6 +509,7 @@ func flattenConnectionOptionsOAuth2( "pkce_enabled": options.GetPKCEEnabled(), "strategy_version": options.GetStrategyVersion(), "upstream_params": upstreamParams, + "custom_headers": options.CustomHeaders, } return optionsMap, nil diff --git a/internal/auth0/connection/resource_test.go b/internal/auth0/connection/resource_test.go index 30aaa4e2..f3bca2ba 100644 --- a/internal/auth0/connection/resource_test.go +++ b/internal/auth0/connection/resource_test.go @@ -1281,6 +1281,7 @@ func TestAccConnectionOAuth2(t *testing.T) { resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.icon_url", ""), resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.pkce_enabled", "true"), resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.upstream_params", "{\"screen_name\":{\"alias\":\"login_hint\"}}"), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.#", "0"), ), }, { @@ -1298,6 +1299,11 @@ func TestAccConnectionOAuth2(t *testing.T) { resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.icon_url", "https://cdn.paypal.com/assets/logo.png"), resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.pkce_enabled", "false"), resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.upstream_params", ""), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.#", "2"), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.0.header", "foo"), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.0.value", "bar"), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.1.header", "bar"), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.1.value", "foo"), ), }, }, @@ -1326,6 +1332,7 @@ resource "auth0_connection" "oauth2" { "alias": "login_hint" } }) + custom_headers = [] } } ` @@ -1347,6 +1354,16 @@ resource "auth0_connection" "oauth2" { fetchUserProfile= "function( { return callback(null) }" } pkce_enabled = false + custom_headers = [ + { + header = "foo" + value = "bar" + }, + { + header = "bar" + value = "foo" + } + ] } } ` diff --git a/internal/auth0/connection/schema.go b/internal/auth0/connection/schema.go index db8799a3..522c7947 100644 --- a/internal/auth0/connection/schema.go +++ b/internal/auth0/connection/schema.go @@ -355,6 +355,18 @@ var optionsSchema = &schema.Schema{ Sensitive: true, Description: "The strategy's client secret.", }, + "custom_headers": { + Type: schema.TypeList, + Elem: &schema.Schema{ + Type: schema.TypeMap, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + Optional: true, + Default: nil, + Description: "Configure extra headers to the Token endpoint of an OAuth 2.0 provider", + }, "allowed_audiences": { Type: schema.TypeSet, Computed: true,