Skip to content

Commit

Permalink
AUTH-5608 added warp auth fields to access organizations and apps
Browse files Browse the repository at this point in the history
  • Loading branch information
rkernscloudflaretest committed Feb 5, 2024
1 parent 38c591e commit 1227eb0
Show file tree
Hide file tree
Showing 5 changed files with 60 additions and 22 deletions.
4 changes: 4 additions & 0 deletions .changelog/1496.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
```release-note:enhancement
access_application: Add support for allow_authenticate_via_warp
access_organization: Add support for allow_authenticate_via_warp and warp_auth_session_duration
```
3 changes: 3 additions & 0 deletions access_application.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ type AccessApplication struct {
HttpOnlyCookieAttribute *bool `json:"http_only_cookie_attribute,omitempty"`
ServiceAuth401Redirect *bool `json:"service_auth_401_redirect,omitempty"`
PathCookieAttribute *bool `json:"path_cookie_attribute,omitempty"`
AllowAuthenticateViaWarp *bool `json:"allow_authenticate_via_warp,omitempty"`
CustomPages []string `json:"custom_pages,omitempty"`
Tags []string `json:"tags,omitempty"`
AccessAppLauncherCustomization
Expand Down Expand Up @@ -166,6 +167,7 @@ type CreateAccessApplicationParams struct {
SessionDuration string `json:"session_duration,omitempty"`
SkipInterstitial *bool `json:"skip_interstitial,omitempty"`
Type AccessApplicationType `json:"type,omitempty"`
AllowAuthenticateViaWarp *bool `json:"allow_authenticate_via_warp,omitempty"`
CustomPages []string `json:"custom_pages,omitempty"`
Tags []string `json:"tags,omitempty"`
AccessAppLauncherCustomization
Expand Down Expand Up @@ -196,6 +198,7 @@ type UpdateAccessApplicationParams struct {
SessionDuration string `json:"session_duration,omitempty"`
SkipInterstitial *bool `json:"skip_interstitial,omitempty"`
Type AccessApplicationType `json:"type,omitempty"`
AllowAuthenticateViaWarp *bool `json:"allow_authenticate_via_warp,omitempty"`
CustomPages []string `json:"custom_pages,omitempty"`
Tags []string `json:"tags,omitempty"`
AccessAppLauncherCustomization
Expand Down
17 changes: 13 additions & 4 deletions access_application_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,8 @@ func TestAccessApplications(t *testing.T) {
"service_auth_401_redirect": true,
"path_cookie_attribute": true,
"custom_pages": ["480f4f69-1a28-4fdd-9240-1ed29f0ac1dc"],
"tags": ["engineers"]
"tags": ["engineers"],
"allow_authenticate_via_warp": true
}
],
"result_info": {
Expand Down Expand Up @@ -89,6 +90,7 @@ func TestAccessApplications(t *testing.T) {
CustomPages: []string{"480f4f69-1a28-4fdd-9240-1ed29f0ac1dc"},
Tags: []string{"engineers"},
CustomNonIdentityDenyURL: "https://blocked.com",
AllowAuthenticateViaWarp: BoolPtr(true),
}}

mux.HandleFunc("/accounts/"+testAccountID+"/access/apps", handler)
Expand Down Expand Up @@ -140,7 +142,8 @@ func TestAccessApplication(t *testing.T) {
"app_launcher_visible": true,
"service_auth_401_redirect": true,
"http_only_cookie_attribute": false,
"path_cookie_attribute": false
"path_cookie_attribute": false,
"allow_authenticate_via_warp": false
}
}
`)
Expand Down Expand Up @@ -171,6 +174,7 @@ func TestAccessApplication(t *testing.T) {
HttpOnlyCookieAttribute: BoolPtr(false),
PathCookieAttribute: BoolPtr(false),
CustomNonIdentityDenyURL: "https://blocked.com",
AllowAuthenticateViaWarp: BoolPtr(false),
}

mux.HandleFunc("/accounts/"+testAccountID+"/access/apps/480f4f69-1a28-4fdd-9240-1ed29f0ac1db", handler)
Expand Down Expand Up @@ -221,7 +225,8 @@ func TestCreateAccessApplications(t *testing.T) {
"skip_interstitial": true,
"app_launcher_visible": true,
"service_auth_401_redirect": true,
"tags": ["engineers"]
"tags": ["engineers"],
"allow_authenticate_via_warp": false
}
}
`)
Expand Down Expand Up @@ -250,6 +255,7 @@ func TestCreateAccessApplications(t *testing.T) {
UpdatedAt: &updatedAt,
CustomNonIdentityDenyURL: "https://blocked.com",
Tags: []string{"engineers"},
AllowAuthenticateViaWarp: BoolPtr(false),
}

mux.HandleFunc("/accounts/"+testAccountID+"/access/apps", handler)
Expand Down Expand Up @@ -308,7 +314,8 @@ func TestUpdateAccessApplication(t *testing.T) {
"skip_interstitial": true,
"app_launcher_visible": true,
"service_auth_401_redirect": true,
"tags": ["engineers"]
"tags": ["engineers"],
"allow_authenticate_via_warp": true
}
}
`)
Expand All @@ -333,6 +340,7 @@ func TestUpdateAccessApplication(t *testing.T) {
CustomNonIdentityDenyURL: "https://blocked.com",
Tags: []string{"engineers"},
SkipInterstitial: BoolPtr(true),
AllowAuthenticateViaWarp: BoolPtr(true),
CreatedAt: &createdAt,
UpdatedAt: &updatedAt,
}
Expand All @@ -356,6 +364,7 @@ func TestUpdateAccessApplication(t *testing.T) {
SkipInterstitial: BoolPtr(true),
CustomNonIdentityDenyURL: "https://blocked.com",
Tags: []string{"engineers"},
AllowAuthenticateViaWarp: BoolPtr(true),
}

mux.HandleFunc("/accounts/"+testAccountID+"/access/apps/480f4f69-1a28-4fdd-9240-1ed29f0ac1db", handler)
Expand Down
6 changes: 6 additions & 0 deletions access_organization.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ type AccessOrganization struct {
AutoRedirectToIdentity *bool `json:"auto_redirect_to_identity,omitempty"`
SessionDuration *string `json:"session_duration,omitempty"`
CustomPages AccessOrganizationCustomPages `json:"custom_pages,omitempty"`
WarpAuthSessionDuration *string `json:"warp_auth_session_duration,omitempty"`
AllowAuthenticateViaWarp *bool `json:"allow_authenticate_via_warp,omitempty"`
}

// AccessOrganizationLoginDesign represents the login design options.
Expand Down Expand Up @@ -67,6 +69,8 @@ type CreateAccessOrganizationParams struct {
AutoRedirectToIdentity *bool `json:"auto_redirect_to_identity,omitempty"`
SessionDuration *string `json:"session_duration,omitempty"`
CustomPages AccessOrganizationCustomPages `json:"custom_pages,omitempty"`
WarpAuthSessionDuration *string `json:"warp_auth_session_duration,omitempty"`
AllowAuthenticateViaWarp *bool `json:"allow_authenticate_via_warp,omitempty"`
}

type UpdateAccessOrganizationParams struct {
Expand All @@ -79,6 +83,8 @@ type UpdateAccessOrganizationParams struct {
AutoRedirectToIdentity *bool `json:"auto_redirect_to_identity,omitempty"`
SessionDuration *string `json:"session_duration,omitempty"`
CustomPages AccessOrganizationCustomPages `json:"custom_pages,omitempty"`
WarpAuthSessionDuration *string `json:"warp_auth_session_duration,omitempty"`
AllowAuthenticateViaWarp *bool `json:"allow_authenticate_via_warp,omitempty"`
}

func (api *API) GetAccessOrganization(ctx context.Context, rc *ResourceContainer, params GetAccessOrganizationParams) (AccessOrganization, ResultInfo, error) {
Expand Down
52 changes: 34 additions & 18 deletions access_organization_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ func TestAccessOrganization(t *testing.T) {
"is_ui_read_only": false,
"user_seat_expiration_inactive_time": "720h",
"auto_redirect_to_identity": true,
"allow_authenticate_via_warp": true,
"warp_auth_session_duration": "24h",
"session_duration": "12h",
"login_design": {
"background_color": "#c5ed1b",
Expand All @@ -46,10 +48,12 @@ func TestAccessOrganization(t *testing.T) {
updatedAt, _ := time.Parse(time.RFC3339, "2014-01-01T05:20:00.12345Z")

want := AccessOrganization{
Name: "Widget Corps Internal Applications",
CreatedAt: &createdAt,
UpdatedAt: &updatedAt,
AuthDomain: "test.cloudflareaccess.com",
Name: "Widget Corps Internal Applications",
CreatedAt: &createdAt,
UpdatedAt: &updatedAt,
AuthDomain: "test.cloudflareaccess.com",
AllowAuthenticateViaWarp: BoolPtr(true),
WarpAuthSessionDuration: StringPtr("24h"),
LoginDesign: AccessOrganizationLoginDesign{
BackgroundColor: "#c5ed1b",
LogoPath: "https://example.com/logo.png",
Expand Down Expand Up @@ -96,6 +100,8 @@ func TestCreateAccessOrganization(t *testing.T) {
"updated_at": "2014-01-01T05:20:00.12345Z",
"name": "Widget Corps Internal Applications",
"auth_domain": "test.cloudflareaccess.com",
"allow_authenticate_via_warp": true,
"warp_auth_session_duration": "24h",
"is_ui_read_only": true,
"session_duration": "12h",
"login_design": {
Expand All @@ -114,10 +120,12 @@ func TestCreateAccessOrganization(t *testing.T) {
updatedAt, _ := time.Parse(time.RFC3339, "2014-01-01T05:20:00.12345Z")

want := AccessOrganization{
CreatedAt: &createdAt,
UpdatedAt: &updatedAt,
Name: "Widget Corps Internal Applications",
AuthDomain: "test.cloudflareaccess.com",
CreatedAt: &createdAt,
UpdatedAt: &updatedAt,
Name: "Widget Corps Internal Applications",
AuthDomain: "test.cloudflareaccess.com",
AllowAuthenticateViaWarp: BoolPtr(true),
WarpAuthSessionDuration: StringPtr("24h"),
LoginDesign: AccessOrganizationLoginDesign{
BackgroundColor: "#c5ed1b",
LogoPath: "https://example.com/logo.png",
Expand Down Expand Up @@ -186,6 +194,8 @@ func TestUpdateAccessOrganization(t *testing.T) {
"updated_at": "2014-01-01T05:20:00.12345Z",
"name": "Widget Corps Internal Applications",
"auth_domain": "test.cloudflareaccess.com",
"allow_authenticate_via_warp": false,
"warp_auth_session_duration": "18h",
"login_design": {
"background_color": "#c5ed1b",
"logo_path": "https://example.com/logo.png",
Expand All @@ -205,10 +215,12 @@ func TestUpdateAccessOrganization(t *testing.T) {
updatedAt, _ := time.Parse(time.RFC3339, "2014-01-01T05:20:00.12345Z")

want := AccessOrganization{
CreatedAt: &createdAt,
UpdatedAt: &updatedAt,
Name: "Widget Corps Internal Applications",
AuthDomain: "test.cloudflareaccess.com",
CreatedAt: &createdAt,
UpdatedAt: &updatedAt,
Name: "Widget Corps Internal Applications",
AuthDomain: "test.cloudflareaccess.com",
WarpAuthSessionDuration: StringPtr("18h"),
AllowAuthenticateViaWarp: BoolPtr(false),
LoginDesign: AccessOrganizationLoginDesign{
BackgroundColor: "#c5ed1b",
LogoPath: "https://example.com/logo.png",
Expand All @@ -233,9 +245,11 @@ func TestUpdateAccessOrganization(t *testing.T) {
HeaderText: "Widget Corp",
FooterText: "© Widget Corp",
},
IsUIReadOnly: BoolPtr(false),
SessionDuration: StringPtr("12h"),
UIReadOnlyToggleReason: "this is my reason",
WarpAuthSessionDuration: StringPtr("18h"),
AllowAuthenticateViaWarp: BoolPtr(false),
IsUIReadOnly: BoolPtr(false),
SessionDuration: StringPtr("12h"),
UIReadOnlyToggleReason: "this is my reason",
})

if assert.NoError(t, err) {
Expand All @@ -254,9 +268,11 @@ func TestUpdateAccessOrganization(t *testing.T) {
HeaderText: "Widget Corp",
FooterText: "© Widget Corp",
},
IsUIReadOnly: BoolPtr(false),
UIReadOnlyToggleReason: "this is my reason",
SessionDuration: StringPtr("12h"),
WarpAuthSessionDuration: StringPtr("18h"),
AllowAuthenticateViaWarp: BoolPtr(false),
IsUIReadOnly: BoolPtr(false),
UIReadOnlyToggleReason: "this is my reason",
SessionDuration: StringPtr("12h"),
})

if assert.NoError(t, err) {
Expand Down

0 comments on commit 1227eb0

Please sign in to comment.