Merge pull request #2838 from F21/access-app-saml-attributes

Add idp_entity_id, public_key and sso_endpoint attributes to cloudflare_access_application.saas_app
cloudflare · Oct 16, 2023 · be30605 · be30605
2 parents 80af2ab + 45e9229
commit be30605
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 0 deletions.
diff --git a/.changelog/2838.txt b/.changelog/2838.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/cloudflare_access_application: Add idp_entity_id, public_key and sso_endpoint attributes to saas_app
+```
diff --git a/docs/resources/access_application.md b/docs/resources/access_application.md
@@ -111,6 +111,12 @@ Optional:
 - `custom_attribute` (Block List) Custom attribute mapped from IDPs. (see [below for nested schema](#nestedblock--saas_app--custom_attribute))
 - `name_id_format` (String) The format of the name identifier sent to the SaaS application. Defaults to `email`.
 
+Read-Only:
+
+- `idp_entity_id` (String) The unique identifier for the SaaS application.
+- `public_key` (String) The public certificate that will be used to verify identities.
+- `sso_endpoint` (String) The endpoint where the SaaS application will send login requests.
+
 <a id="nestedblock--saas_app--custom_attribute"></a>
 ### Nested Schema for `saas_app.custom_attribute`
 

diff --git a/internal/sdkv2provider/resource_cloudflare_access_application_test.go b/internal/sdkv2provider/resource_cloudflare_access_application_test.go
@@ -185,6 +185,9 @@ func TestAccCloudflareAccessApplication_WithSaas(t *testing.T) {
 					resource.TestCheckResourceAttr(name, "saas_app.0.sp_entity_id", "saas-app.example"),
 					resource.TestCheckResourceAttr(name, "saas_app.0.consumer_service_url", "https://saas-app.example/sso/saml/consume"),
 					resource.TestCheckResourceAttr(name, "saas_app.0.name_id_format", "email"),
+					resource.TestCheckResourceAttrSet(name, "saas_app.0.idp_entity_id"),
+					resource.TestCheckResourceAttrSet(name, "saas_app.0.public_key"),
+					resource.TestCheckResourceAttrSet(name, "saas_app.0.sso_endpoint"),
 
 					resource.TestCheckResourceAttr(name, "saas_app.0.custom_attribute.#", "2"),
 					resource.TestCheckResourceAttr(name, "saas_app.0.custom_attribute.0.name", "email"),

diff --git a/internal/sdkv2provider/schema_cloudflare_access_application.go b/internal/sdkv2provider/schema_cloudflare_access_application.go
@@ -208,6 +208,21 @@ func resourceCloudflareAccessApplicationSchema() map[string]*schema.Schema {
 							},
 						},
 					},
+					"idp_entity_id": {
+						Type:        schema.TypeString,
+						Computed:    true,
+						Description: "The unique identifier for the SaaS application.",
+					},
+					"public_key": {
+						Type:        schema.TypeString,
+						Computed:    true,
+						Description: "The public certificate that will be used to verify identities.",
+					},
+					"sso_endpoint": {
+						Type:        schema.TypeString,
+						Computed:    true,
+						Description: "The endpoint where the SaaS application will send login requests.",
+					},
 				},
 			},
 		},
@@ -430,6 +445,9 @@ func convertSaasStructToSchema(d *schema.ResourceData, app *cloudflare.SaasAppli
 		"sp_entity_id":         app.SPEntityID,
 		"consumer_service_url": app.ConsumerServiceUrl,
 		"name_id_format":       app.NameIDFormat,
+		"idp_entity_id":        app.IDPEntityID,
+		"public_key":           app.PublicKey,
+		"sso_endpoint":         app.SSOEndpoint,
 	}
 
 	var customAttributes []interface{}