Merge pull request #2043 from okta/fix-issue-when-csp-is-null

fix issue when content security policy is null
okta · Aug 12, 2024 · 62a350e · 62a350e
2 parents 2a8523b + a98f305
commit 62a350e
Show file tree

Hide file tree

Showing 5 changed files with 83 additions and 51 deletions.
diff --git a/examples/resources/okta_customized_signin_page/basic.tf b/examples/resources/okta_customized_signin_page/basic.tf
@@ -10,10 +10,4 @@ resource "okta_customized_signin_page" "test" {
   widget_customizations {
     widget_generation = "G2"
   }
-  content_security_policy_setting {
-    mode       = "report_only"
-    report_uri = ""
-    src_list   = ["https://idp.example.com/authorize", "https://idp.example.com/authoriz"]
-  }
 }
-
diff --git a/examples/resources/okta_customized_signin_page/update.tf b/examples/resources/okta_customized_signin_page/update.tf
@@ -0,0 +1,19 @@
+resource "okta_brand" "test" {
+  name   = "testBrand"
+  locale = "en"
+}
+
+resource "okta_customized_signin_page" "test" {
+  brand_id       = resource.okta_brand.test.id
+  page_content   = "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n    <meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" />\n    <meta name=\"robots\" content=\"noindex,nofollow\" />\n    <!-- Styles generated from theme -->\n    <link href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\">\n    <!-- Favicon from theme -->\n    <link rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/>\n\n    <title>{{pageTitle}}</title>\n    {{{SignInWidgetResources}}}\n\n    <style nonce=\"{{nonceValue}}\">\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    </style>\n</head>\n<body>\n    <div id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"></div>\n    <div id=\"okta-login-container\"></div>\n\n    <!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     -->\n    {{{OktaUtil}}}\n\n    <script type=\"text/javascript\" nonce=\"{{nonceValue}}\">\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    </script>\n</body>\n</html>\n"
+  widget_version = "^6"
+  widget_customizations {
+    widget_generation = "G2"
+  }
+  content_security_policy_setting {
+    mode       = "report_only"
+    report_uri = ""
+    src_list   = ["https://idp.example.com/authorize", "https://idp.example.com/authoriz"]
+  }
+}
+
diff --git a/okta/customization.go b/okta/customization.go
@@ -114,53 +114,61 @@ func buildSignInPageRequest(ctx context.Context, model signinPageModel) (okta.Si
 	sp.SetPageContent(model.PageContent.ValueString())
 	sp.SetWidgetVersion(model.WidgetVersion.ValueString())
 
-	wc := okta.SignInPageAllOfWidgetCustomizations{}
-	wcm := &widgetCustomizationsModel{}
-	model.WidgetCustomizations.As(ctx, wcm, basetypes.ObjectAsOptions{})
+	if !model.WidgetVersion.IsNull() {
+		wc := okta.SignInPageAllOfWidgetCustomizations{}
+		wcm := &widgetCustomizationsModel{}
+		diags := model.WidgetCustomizations.As(ctx, wcm, basetypes.ObjectAsOptions{})
+		if diags.HasError() {
+			return *okta.NewSignInPage(), diags
+		}
+		wc.SignInLabel = wcm.SignInLabel.ValueStringPointer()
+		wc.UsernameLabel = wcm.UsernameLabel.ValueStringPointer()
+		wc.UsernameInfoTip = wcm.UsernameInfoTip.ValueStringPointer()
+		wc.PasswordLabel = wcm.PasswordLabel.ValueStringPointer()
+		wc.PasswordInfoTip = wcm.PasswordInfoTip.ValueStringPointer()
+		wc.ShowPasswordVisibilityToggle = wcm.ShowPasswordVisibilityToggle.ValueBoolPointer()
+		wc.ShowUserIdentifier = wcm.ShowUserIdentifier.ValueBoolPointer()
+		wc.ForgotPasswordLabel = wcm.ForgotPasswordLabel.ValueStringPointer()
+		wc.ForgotPasswordUrl = wcm.ForgotPasswordURL.ValueStringPointer()
+		wc.UnlockAccountLabel = wcm.UnlockAccountLabel.ValueStringPointer()
+		wc.UnlockAccountUrl = wcm.UnlockAccountURL.ValueStringPointer()
+		wc.HelpLabel = wcm.HelpLabel.ValueStringPointer()
+		wc.HelpUrl = wcm.HelpURL.ValueStringPointer()
+		wc.CustomLink1Label = wcm.CustomLink1Label.ValueStringPointer()
+		wc.CustomLink1Url = wcm.CustomLink1URL.ValueStringPointer()
+		wc.CustomLink2Label = wcm.CustomLink2Label.ValueStringPointer()
+		wc.CustomLink2Url = wcm.CustomLink2URL.ValueStringPointer()
+		wc.AuthenticatorPageCustomLinkLabel = wcm.AuthenticatorPageCustomLinkLabel.ValueStringPointer()
+		wc.AuthenticatorPageCustomLinkUrl = wcm.AuthenticatorPageCustomLinkURL.ValueStringPointer()
+		wc.ClassicRecoveryFlowEmailOrUsernameLabel = wcm.ClassicRecoveryFlowEmailOrUsernameLabel.ValueStringPointer()
+		wc.SetWidgetGeneration(wcm.WidgetGeneration.ValueString())
 
-	wc.SignInLabel = wcm.SignInLabel.ValueStringPointer()
-	wc.UsernameLabel = wcm.UsernameLabel.ValueStringPointer()
-	wc.UsernameInfoTip = wcm.UsernameInfoTip.ValueStringPointer()
-	wc.PasswordLabel = wcm.PasswordLabel.ValueStringPointer()
-	wc.PasswordInfoTip = wcm.PasswordInfoTip.ValueStringPointer()
-	wc.ShowPasswordVisibilityToggle = wcm.ShowPasswordVisibilityToggle.ValueBoolPointer()
-	wc.ShowUserIdentifier = wcm.ShowUserIdentifier.ValueBoolPointer()
-	wc.ForgotPasswordLabel = wcm.ForgotPasswordLabel.ValueStringPointer()
-	wc.ForgotPasswordUrl = wcm.ForgotPasswordURL.ValueStringPointer()
-	wc.UnlockAccountLabel = wcm.UnlockAccountLabel.ValueStringPointer()
-	wc.UnlockAccountUrl = wcm.UnlockAccountURL.ValueStringPointer()
-	wc.HelpLabel = wcm.HelpLabel.ValueStringPointer()
-	wc.HelpUrl = wcm.HelpURL.ValueStringPointer()
-	wc.CustomLink1Label = wcm.CustomLink1Label.ValueStringPointer()
-	wc.CustomLink1Url = wcm.CustomLink1URL.ValueStringPointer()
-	wc.CustomLink2Label = wcm.CustomLink2Label.ValueStringPointer()
-	wc.CustomLink2Url = wcm.CustomLink2URL.ValueStringPointer()
-	wc.AuthenticatorPageCustomLinkLabel = wcm.AuthenticatorPageCustomLinkLabel.ValueStringPointer()
-	wc.AuthenticatorPageCustomLinkUrl = wcm.AuthenticatorPageCustomLinkURL.ValueStringPointer()
-	wc.ClassicRecoveryFlowEmailOrUsernameLabel = wcm.ClassicRecoveryFlowEmailOrUsernameLabel.ValueStringPointer()
-	wc.SetWidgetGeneration(wcm.WidgetGeneration.ValueString())
+		sp.SetWidgetCustomizations(wc)
+	}
 
-	sp.SetWidgetCustomizations(wc)
+	if !model.ContentSecurityPolicySetting.IsNull() {
+		csp := okta.ContentSecurityPolicySetting{}
+		cspm := &contentSecurityPolicySettingModel{}
+		diags := model.ContentSecurityPolicySetting.As(ctx, cspm, basetypes.ObjectAsOptions{})
+		if diags.HasError() {
+			return *okta.NewSignInPage(), diags
+		}
+		csp.Mode = cspm.Mode.ValueStringPointer()
+		csp.ReportUri = cspm.ReportUri.ValueStringPointer()
+		elements := make([]types.String, 0, len(cspm.SrcList.Elements()))
+		diags = cspm.SrcList.ElementsAs(ctx, &elements, false)
+		if diags.HasError() {
+			return *okta.NewSignInPage(), diags
+		}
+		convertElements := make([]string, 0)
+		for _, v := range elements {
+			convertElements = append(convertElements, v.ValueString())
+		}
+		csp.SrcList = convertElements
 
-	csp := okta.ContentSecurityPolicySetting{}
-	cspm := &contentSecurityPolicySettingModel{}
-	diags := model.ContentSecurityPolicySetting.As(ctx, cspm, basetypes.ObjectAsOptions{})
-	if diags.HasError() {
-		return *okta.NewSignInPage(), diags
-	}
-	csp.Mode = cspm.Mode.ValueStringPointer()
-	csp.ReportUri = cspm.ReportUri.ValueStringPointer()
-	elements := make([]types.String, 0, len(cspm.SrcList.Elements()))
-	diags = cspm.SrcList.ElementsAs(ctx, &elements, false)
-	if diags.HasError() {
-		return *okta.NewSignInPage(), diags
+		sp.SetContentSecurityPolicySetting(csp)
 	}
-	convertElements := make([]string, 0)
-	for _, v := range elements {
-		convertElements = append(convertElements, v.ValueString())
-	}
-	csp.SrcList = convertElements
-	sp.SetContentSecurityPolicySetting(csp)
+
 	return sp, nil
 }
 

diff --git a/okta/resource_okta_customized_signin_page.go b/okta/resource_okta_customized_signin_page.go
@@ -46,7 +46,8 @@ func (r *customizedSigninPageResource) Create(ctx context.Context, req resource.
 	}
 
 	reqBody, diags := buildSignInPageRequest(ctx, state)
-	if diags.HasError() {
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
 		return
 	}
 
@@ -125,7 +126,8 @@ func (r *customizedSigninPageResource) Update(ctx context.Context, req resource.
 	}
 
 	reqBody, diags := buildSignInPageRequest(ctx, state)
-	if diags.HasError() {
+	resp.Diagnostics.Append(diags...)
+	if resp.Diagnostics.HasError() {
 		return
 	}
 

diff --git a/okta/resource_okta_customized_signin_page_test.go b/okta/resource_okta_customized_signin_page_test.go
@@ -16,6 +16,15 @@ func TestAccResourceOktaCustomizedSignInPage_crud(t *testing.T) {
 		Steps: []resource.TestStep{
 			{
 				Config: mgr.GetFixtures("basic.tf", t),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("okta_customized_signin_page.test", "page_content", "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n    <meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" />\n    <meta name=\"robots\" content=\"noindex,nofollow\" />\n    <!-- Styles generated from theme -->\n    <link href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\">\n    <!-- Favicon from theme -->\n    <link rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/>\n\n    <title>{{pageTitle}}</title>\n    {{{SignInWidgetResources}}}\n\n    <style nonce=\"{{nonceValue}}\">\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    </style>\n</head>\n<body>\n    <div id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"></div>\n    <div id=\"okta-login-container\"></div>\n\n    <!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     -->\n    {{{OktaUtil}}}\n\n    <script type=\"text/javascript\" nonce=\"{{nonceValue}}\">\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    </script>\n</body>\n</html>\n"),
+					resource.TestCheckResourceAttr("okta_customized_signin_page.test", "widget_version", "^6"),
+					resource.TestCheckResourceAttr("okta_customized_signin_page.test", "widget_customizations.widget_generation", "G2"),
+					resource.TestCheckNoResourceAttr("okta_customized_signin_page.test", "content_security_policy_setting"),
+				),
+			},
+			{
+				Config: mgr.GetFixtures("update.tf", t),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttr("okta_customized_signin_page.test", "page_content", "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n    <meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\" />\n    <meta name=\"robots\" content=\"noindex,nofollow\" />\n    <!-- Styles generated from theme -->\n    <link href=\"{{themedStylesUrl}}\" rel=\"stylesheet\" type=\"text/css\">\n    <!-- Favicon from theme -->\n    <link rel=\"shortcut icon\" href=\"{{faviconUrl}}\" type=\"image/x-icon\"/>\n\n    <title>{{pageTitle}}</title>\n    {{{SignInWidgetResources}}}\n\n    <style nonce=\"{{nonceValue}}\">\n        #login-bg-image-id {\n            background-image: {{bgImageUrl}}\n        }\n    </style>\n</head>\n<body>\n    <div id=\"login-bg-image-id\" class=\"login-bg-image tb--background\"></div>\n    <div id=\"okta-login-container\"></div>\n\n    <!--\n        \"OktaUtil\" defines a global OktaUtil object\n        that contains methods used to complete the Okta login flow.\n     -->\n    {{{OktaUtil}}}\n\n    <script type=\"text/javascript\" nonce=\"{{nonceValue}}\">\n        // \"config\" object contains default widget configuration\n        // with any custom overrides defined in your admin settings.\n        var config = OktaUtil.getSignInWidgetConfig();\n\n        // Render the Okta Sign-In Widget\n        var oktaSignIn = new OktaSignIn(config);\n        oktaSignIn.renderEl({ el: '#okta-login-container' },\n            OktaUtil.completeLogin,\n            function(error) {\n                // Logs errors that occur when configuring the widget.\n                // Remove or replace this with your own custom error handler.\n                console.log(error.message, error);\n            }\n        );\n    </script>\n</body>\n</html>\n"),
 					resource.TestCheckResourceAttr("okta_customized_signin_page.test", "widget_version", "^6"),