feat:(authFlow): Added priority to execution datasource

Signed-off-by: Dennis Kniep <[email protected]>
keycloak · Dec 31, 2024 · d17baa5 · d17baa5
1 parent 304b667
commit d17baa5
Show file tree

Hide file tree

Showing 5 changed files with 71 additions and 6 deletions.
diff --git a/docs/data-sources/authentication_execution.md b/docs/data-sources/authentication_execution.md
@@ -30,4 +30,4 @@ data "keycloak_authentication_execution" "browser_auth_cookie" {
 ## Attributes Reference
 
 - `id` - (Computed) The unique ID of the authentication execution, which can be used as an argument to other resources supported by this provider.
-
+- `priority` - (Computed) The authenticator priority.
diff --git a/provider/data_source_keycloak_authentication_execution.go b/provider/data_source_keycloak_authentication_execution.go
@@ -23,6 +23,10 @@ func dataSourceKeycloakAuthenticationExecution() *schema.Resource {
 				Type:     schema.TypeString,
 				Required: true,
 			},
+			"priority": {
+				Type:     schema.TypeInt,
+				Computed: true,
+			},
 		},
 	}
 }
@@ -39,7 +43,7 @@ func dataSourceKeycloakAuthenticationExecutionRead(ctx context.Context, data *sc
 		return diag.FromErr(err)
 	}
 
-	mapFromAuthenticationExecutionInfoToData(data, authenticationExecutionInfo)
+	mapFromAuthenticationExecutionInfoToData(ctx, keycloakClient, data, authenticationExecutionInfo)
 
 	return nil
 }
diff --git a/provider/data_source_keycloak_authentication_execution_test.go b/provider/data_source_keycloak_authentication_execution_test.go
@@ -2,6 +2,7 @@ package provider
 
 import (
 	"fmt"
+	"github.com/keycloak/terraform-provider-keycloak/keycloak"
 	"regexp"
 	"testing"
 
@@ -21,7 +22,7 @@ func TestAccKeycloakDataSourceAuthenticationExecution_basic(t *testing.T) {
 		CheckDestroy:      testAccCheckKeycloakAuthenticationExecutionConfigDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias),
+				Config: testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias, nil),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckKeycloakAuthenticationExecutionExists("keycloak_authentication_execution.execution"),
 					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "id", "data.keycloak_authentication_execution.execution", "id"),
@@ -69,6 +70,45 @@ func TestAccKeycloakDataSourceAuthenticationExecution_errorWrongProviderId(t *te
 	})
 }
 
+func TestAccKeycloakDataSourceAuthenticationExecution_basicWithPriority(t *testing.T) {
+	skipIfVersionIsLessThan(testCtx, t, keycloakClient, keycloak.Version_25)
+	t.Parallel()
+
+	parentFlowAlias := acctest.RandomWithPrefix("tf-acc")
+
+	resource.Test(t, resource.TestCase{
+		ProviderFactories: testAccProviderFactories,
+		PreCheck:          func() { testAccPreCheck(t) },
+		CheckDestroy:      testAccCheckKeycloakAuthenticationExecutionConfigDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias, nil),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckKeycloakAuthenticationExecutionExists("keycloak_authentication_execution.execution"),
+					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "id", "data.keycloak_authentication_execution.execution", "id"),
+					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "realm_id", "data.keycloak_authentication_execution.execution", "realm_id"),
+					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "priority", "data.keycloak_authentication_execution.execution", "priority"),
+					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "parent_flow_alias", "data.keycloak_authentication_execution.execution", "parent_flow_alias"),
+					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "authenticator", "data.keycloak_authentication_execution.execution", "provider_id"),
+					testAccCheckDataKeycloakAuthenticationExecution("data.keycloak_authentication_execution.execution"),
+				),
+			},
+			{
+				Config: testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias, intPointer(10)),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckKeycloakAuthenticationExecutionExists("keycloak_authentication_execution.execution"),
+					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "id", "data.keycloak_authentication_execution.execution", "id"),
+					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "realm_id", "data.keycloak_authentication_execution.execution", "realm_id"),
+					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "priority", "data.keycloak_authentication_execution.execution", "priority"),
+					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "parent_flow_alias", "data.keycloak_authentication_execution.execution", "parent_flow_alias"),
+					resource.TestCheckResourceAttrPair("keycloak_authentication_execution.execution", "authenticator", "data.keycloak_authentication_execution.execution", "provider_id"),
+					testAccCheckDataKeycloakAuthenticationExecution("data.keycloak_authentication_execution.execution"),
+				),
+			},
+		},
+	})
+}
+
 func testAccCheckDataKeycloakAuthenticationExecution(resourceName string) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		rs, ok := s.RootModule().Resources[resourceName]
@@ -94,7 +134,12 @@ func testAccCheckDataKeycloakAuthenticationExecution(resourceName string) resour
 	}
 }
 
-func testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias string) string {
+func testDataSourceKeycloakAuthenticationExecution_basic(parentFlowAlias string, priority *int) string {
+	priorityAttr := ""
+	if priority != nil {
+		priorityAttr = fmt.Sprintf(`priority = %d`, *priority)
+	}
+
 	return fmt.Sprintf(`
 data "keycloak_realm" "realm" {
 	realm = "%s"
@@ -110,6 +155,7 @@ resource "keycloak_authentication_execution" "execution" {
 	parent_flow_alias = keycloak_authentication_flow.flow.alias
 	authenticator     = "identity-provider-redirector"
 	requirement       = "REQUIRED"
+    %s
 }
 
 data "keycloak_authentication_execution" "execution" {
@@ -121,7 +167,7 @@ data "keycloak_authentication_execution" "execution" {
 		keycloak_authentication_execution.execution,
 	]
 }
-	`, testAccRealm.Realm, parentFlowAlias)
+	`, testAccRealm.Realm, parentFlowAlias, priorityAttr)
 }
 
 func testDataSourceKeycloakAuthenticationExecution_errorNoExecutions(parentFlowAlias string) string {

diff --git a/provider/resource_keycloak_authentication_execution.go b/provider/resource_keycloak_authentication_execution.go
@@ -85,11 +85,22 @@ func mapFromAuthenticationExecutionToData(ctx context.Context, keycloakClient *k
 	return nil
 }
 
-func mapFromAuthenticationExecutionInfoToData(data *schema.ResourceData, authenticationExecutionInfo *keycloak.AuthenticationExecutionInfo) {
+func mapFromAuthenticationExecutionInfoToData(ctx context.Context, keycloakClient *keycloak.KeycloakClient, data *schema.ResourceData, authenticationExecutionInfo *keycloak.AuthenticationExecutionInfo) error {
 	data.SetId(authenticationExecutionInfo.Id)
 
 	data.Set("realm_id", authenticationExecutionInfo.RealmId)
 	data.Set("parent_flow_alias", authenticationExecutionInfo.ParentFlowAlias)
+
+	versionOk, err := keycloakClient.VersionIsGreaterThanOrEqualTo(ctx, keycloak.Version_25)
+	if err != nil {
+		return err
+	}
+
+	if versionOk {
+		data.Set("priority", authenticationExecutionInfo.Priority)
+	}
+
+	return nil
 }
 
 func resourceKeycloakAuthenticationExecutionCreate(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {

diff --git a/provider/utils.go b/provider/utils.go
@@ -112,3 +112,7 @@ func stringSliceContains(s []string, e string) bool {
 func stringPointer(s string) *string {
 	return &s
 }
+
+func intPointer(i int) *int {
+	return &i
+}
Original file line number	Diff line number	Diff line change
Expand Up		@@ -30,4 +30,4 @@ data "keycloak_authentication_execution" "browser_auth_cookie" {
		## Attributes Reference

		- `id` - (Computed) The unique ID of the authentication execution, which can be used as an argument to other resources supported by this provider.

		- `priority` - (Computed) The authenticator priority.