Added client-grants and resource-servers api changes

auth0 · Aug 13, 2024 · d94706d · d94706d
1 parent a1a9f65
commit d94706d
Show file tree

Hide file tree

Showing 5 changed files with 124 additions and 0 deletions.
diff --git a/management/client.go b/management/client.go
@@ -118,6 +118,14 @@ type Client struct {
 
 	// URLs that are valid to call back from Auth0 for OIDC logout.
 	OIDCLogout *OIDCLogout `json:"oidc_logout,omitempty"`
+
+	DefaultOrganization *DefaultOrganization `json:"default_organization,omitempty"`
+}
+
+// DefaultOrganization allows the support for client credentials feature.
+type DefaultOrganization struct {
+	Flows          *[]string `json:"flows,omitempty"`
+	OrganizationID *string   `json:"organization_id,omitempty"`
 }
 
 // ClientJWTConfiguration is used to configure JWT settings for our Client.

diff --git a/management/management.gen.go b/management/management.gen.go
diff --git a/management/management.gen_test.go b/management/management.gen_test.go
diff --git a/management/organization_test.go b/management/organization_test.go
@@ -474,6 +474,48 @@ func TestOrganizationManager_ClientGrants(t *testing.T) {
 	assert.Len(t, associatedGrants.ClientGrants, 0)
 }
 
+func TestOrganizationManager_ClientGrantsWithOrg(t *testing.T) {
+	configureHTTPTestRecordings(t)
+
+	org := givenAnOrganization(t)
+	resourceServer := givenAResourceServer(t)
+
+	client := givenAClient(t)
+	client.DefaultOrganization = &DefaultOrganization{
+		&[]string{"client_credentials"},
+		auth0.String(org.GetID()),
+	}
+
+	clientGrant := &ClientGrant{
+		ClientID:             client.ClientID,
+		Audience:             resourceServer.Identifier,
+		Scope:                &[]string{"create:resource", "create:organization_client_grants"},
+		AllowAnyOrganization: auth0.Bool(true),
+		OrganizationUsage:    auth0.String("allow"),
+	}
+
+	err := api.ClientGrant.Create(context.Background(), clientGrant)
+	require.NoError(t, err)
+	t.Cleanup(func() {
+		cleanupClientGrant(t, clientGrant.GetID())
+	})
+
+	err = api.Organization.AssociateClientGrant(context.Background(), org.GetID(), clientGrant.GetID())
+	require.NoError(t, err)
+
+	associatedGrants, err := api.Organization.ClientGrants(context.Background(), org.GetID(), Parameter("grant_ids", clientGrant.GetID()))
+	require.NoError(t, err)
+	assert.Len(t, associatedGrants.ClientGrants, 1)
+	assert.Equal(t, clientGrant.GetID(), associatedGrants.ClientGrants[0].GetID())
+
+	err = api.Organization.RemoveClientGrant(context.Background(), org.GetID(), clientGrant.GetID())
+	require.NoError(t, err)
+
+	associatedGrants, err = api.Organization.ClientGrants(context.Background(), org.GetID())
+	require.NoError(t, err)
+	assert.Len(t, associatedGrants.ClientGrants, 0)
+}
+
 func givenAnOrganization(t *testing.T) *Organization {
 	org := &Organization{
 		Name:        auth0.String(fmt.Sprintf("test-organization%v", rand.Intn(999))),

diff --git a/management/resource_server_test.go b/management/resource_server_test.go
@@ -208,12 +208,22 @@ func givenAResourceServer(t *testing.T) *ResourceServer {
 				Value:       auth0.String("create:resource"),
 				Description: auth0.String("Create Resource"),
 			},
+			{
+				Value:       auth0.String("create:organization_client_grants"),
+				Description: auth0.String("Create Org Client Grants"),
+			},
 		},
 	}
 
 	err := api.ResourceServer.Create(context.Background(), resourceServer)
 	require.NoError(t, err)
 
+	resourceServerList, err := api.ResourceServer.List(context.Background(), Parameter("identifiers", resourceServer.GetIdentifier()))
+	require.NoError(t, err)
+	assert.NotEqual(t, len(resourceServerList.ResourceServers), 0)
+
+	assert.Equal(t, resourceServerList.ResourceServers[0].GetIdentifier(), resourceServer.GetIdentifier())
+
 	t.Cleanup(func() {
 		cleanupResourceServer(t, resourceServer.GetID())
 	})