diff --git a/docs/data-sources/connection.md b/docs/data-sources/connection.md index 7bf322f97..2323ae695 100644 --- a/docs/data-sources/connection.md +++ b/docs/data-sources/connection.md @@ -60,6 +60,7 @@ Read-Only: - `community_base_url` (String) - `configuration` (Map of String) - `connection_settings` (List of Object) (see [below for nested schema](#nestedobjatt--options--connection_settings)) +- `custom_headers` (List of Map of String) - `custom_scripts` (Map of String) - `debug` (Boolean) - `decryption_key` (List of Object) (see [below for nested schema](#nestedobjatt--options--decryption_key)) diff --git a/docs/resources/connection.md b/docs/resources/connection.md index a5c46b0eb..b8ba93a23 100644 --- a/docs/resources/connection.md +++ b/docs/resources/connection.md @@ -672,6 +672,7 @@ Optional: - `community_base_url` (String) Salesforce community base URL. - `configuration` (Map of String, Sensitive) A case-sensitive map of key value pairs used as configuration variables for the `custom_script`. - `connection_settings` (Block List, Max: 1) Proof Key for Code Exchange (PKCE) configuration settings for an OIDC or Okta Workforce connection. (see [below for nested schema](#nestedblock--options--connection_settings)) +- `custom_headers` (List of Map of String) Configure extra headers to the Token endpoint of an OAuth 2.0 provider - `custom_scripts` (Map of String) A map of scripts used to integrate with a custom database. - `debug` (Boolean) When enabled, additional debug information will be generated. - `decryption_key` (Block List, Max: 1) The key used to decrypt encrypted responses from the connection. Uses the `key` and `cert` properties to provide the private key and certificate respectively. (see [below for nested schema](#nestedblock--options--decryption_key)) diff --git a/internal/auth0/connection/expand.go b/internal/auth0/connection/expand.go index 9ae2021df..44682a37d 100644 --- a/internal/auth0/connection/expand.go +++ b/internal/auth0/connection/expand.go @@ -373,6 +373,19 @@ func expandConnectionOptionsOAuth2(data *schema.ResourceData, config cty.Value) Scripts: value.MapOfStrings(config.GetAttr("scripts")), } + customHeadersConfig := config.GetAttr("custom_headers") + + if !customHeadersConfig.IsNull() { + customHeaders := make([]map[string]string, 0) + + customHeadersConfig.ForEachElement(func(_ cty.Value, httpHeader cty.Value) (stop bool) { + customHeaders = append(customHeaders, *value.MapOfStrings(httpHeader)) + return stop + }) + + options.CustomHeaders = &customHeaders + } + expandConnectionOptionsScopes(data, options) var err error diff --git a/internal/auth0/connection/flatten.go b/internal/auth0/connection/flatten.go index 6e18e5a08..f1eedabf4 100644 --- a/internal/auth0/connection/flatten.go +++ b/internal/auth0/connection/flatten.go @@ -327,6 +327,7 @@ func flattenConnectionOptionsOAuth2( "icon_url": options.GetLogoURL(), "pkce_enabled": options.GetPKCEEnabled(), "upstream_params": upstreamParams, + "custom_headers": options.CustomHeaders, } return optionsMap, nil diff --git a/internal/auth0/connection/resource_test.go b/internal/auth0/connection/resource_test.go index e41b53fe8..9b20aed51 100644 --- a/internal/auth0/connection/resource_test.go +++ b/internal/auth0/connection/resource_test.go @@ -930,6 +930,7 @@ func TestAccConnectionOAuth2(t *testing.T) { resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.icon_url", ""), resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.pkce_enabled", "true"), resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.upstream_params", "{\"screen_name\":{\"alias\":\"login_hint\"}}"), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.#", "0"), ), }, { @@ -947,6 +948,11 @@ func TestAccConnectionOAuth2(t *testing.T) { resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.icon_url", "https://cdn.paypal.com/assets/logo.png"), resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.pkce_enabled", "false"), resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.upstream_params", ""), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.#", "2"), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.0.header", "foo"), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.0.value", "bar"), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.1.header", "bar"), + resource.TestCheckResourceAttr("auth0_connection.oauth2", "options.0.custom_headers.1.value", "foo"), ), }, }, @@ -974,6 +980,7 @@ resource "auth0_connection" "oauth2" { "alias": "login_hint" } }) + custom_headers = [] } } ` @@ -995,6 +1002,16 @@ resource "auth0_connection" "oauth2" { fetchUserProfile= "function( { return callback(null) }" } pkce_enabled = false + custom_headers = [ + { + header = "foo" + value = "bar" + }, + { + header = "bar" + value = "foo" + } + ] } } ` diff --git a/internal/auth0/connection/schema.go b/internal/auth0/connection/schema.go index 7ac4ecbed..dcbd5a4d0 100644 --- a/internal/auth0/connection/schema.go +++ b/internal/auth0/connection/schema.go @@ -276,6 +276,18 @@ var optionsSchema = &schema.Schema{ Sensitive: true, Description: "The strategy's client secret.", }, + "custom_headers": { + Type: schema.TypeList, + Elem: &schema.Schema{ + Type: schema.TypeMap, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + Optional: true, + Default: nil, + Description: "Configure extra headers to the Token endpoint of an OAuth 2.0 provider", + }, "allowed_audiences": { Type: schema.TypeSet, Computed: true,