pingidentity · erikostien-pingidentity · Mar 3, 2025 · Oct 8, 2024 · Oct 10, 2024 · Oct 11, 2024
@@ -5,4 +5,5 @@ go.work
 go.work.sum
 export
 vendor
-env*.sh
+env*.sh
+.env
@@ -12,6 +12,7 @@ require (
 	github.com/hashicorp/go-uuid v1.0.3
 	github.com/manifoldco/promptui v0.9.0
 	github.com/patrickcping/pingone-go-sdk-v2 v0.12.9
+	github.com/patrickcping/pingone-go-sdk-v2/authorize v0.8.0
 	github.com/patrickcping/pingone-go-sdk-v2/management v0.49.0
 	github.com/patrickcping/pingone-go-sdk-v2/mfa v0.23.0
 	github.com/patrickcping/pingone-go-sdk-v2/risk v0.19.0
@@ -137,7 +138,6 @@ require (
 	github.com/nishanths/predeclared v0.2.2 // indirect
 	github.com/nunnatsa/ginkgolinter v0.19.0 // indirect
 	github.com/olekukonko/tablewriter v0.0.5 // indirect
-	github.com/patrickcping/pingone-go-sdk-v2/authorize v0.8.0 // indirect
 	github.com/patrickcping/pingone-go-sdk-v2/credentials v0.11.0 // indirect
 	github.com/patrickcping/pingone-go-sdk-v2/verify v0.9.0 // indirect
 	github.com/pavius/impi v0.0.3 // indirect

@@ -17,6 +17,7 @@ import (
 	"github.com/pingidentity/pingcli/internal/connector"
 	"github.com/pingidentity/pingcli/internal/connector/common"
 	"github.com/pingidentity/pingcli/internal/connector/pingfederate"
+	"github.com/pingidentity/pingcli/internal/connector/pingone/authorize"
 	"github.com/pingidentity/pingcli/internal/connector/pingone/mfa"
 	"github.com/pingidentity/pingcli/internal/connector/pingone/platform"
 	"github.com/pingidentity/pingcli/internal/connector/pingone/protect"
@@ -464,6 +465,8 @@ func getExportableConnectors(exportServices *customtypes.ExportServices) (export
 		switch service {
 		case customtypes.ENUM_EXPORT_SERVICE_PINGONE_PLATFORM:
 			connectors = append(connectors, platform.PlatformConnector(pingoneContext, pingoneApiClient, &pingoneApiClientId, pingoneExportEnvID))
+		case customtypes.ENUM_EXPORT_SERVICE_PINGONE_AUTHORIZE:
+			connectors = append(connectors, authorize.AuthorizeConnector(pingoneContext, pingoneApiClient, &pingoneApiClientId, pingoneExportEnvID))
 		case customtypes.ENUM_EXPORT_SERVICE_PINGONE_SSO:
 			connectors = append(connectors, sso.SSOConnector(pingoneContext, pingoneApiClient, &pingoneApiClientId, pingoneExportEnvID))
 		case customtypes.ENUM_EXPORT_SERVICE_PINGONE_MFA:

@@ -0,0 +1,68 @@
+package authorize
+
+import (
+	"context"
+
+	pingoneGoClient "github.com/patrickcping/pingone-go-sdk-v2/pingone"
+	"github.com/pingidentity/pingcli/internal/connector"
+	"github.com/pingidentity/pingcli/internal/connector/common"
+	"github.com/pingidentity/pingcli/internal/connector/pingone/authorize/resources"
+	"github.com/pingidentity/pingcli/internal/logger"
+)
+
+const (
+	serviceName = "pingone-authorize"
+)
+
+// Verify that the connector satisfies the expected interfaces
+var (
+	_ connector.Exportable      = &PingoneAuthorizeConnector{}
+	_ connector.Authenticatable = &PingoneAuthorizeConnector{}
+)
+
+type PingoneAuthorizeConnector struct {
+	clientInfo connector.PingOneClientInfo
+}
+
+// Utility method for creating a PingoneAuthorizeConnector
+func AuthorizeConnector(ctx context.Context, apiClient *pingoneGoClient.Client, apiClientId *string, exportEnvironmentID string) *PingoneAuthorizeConnector {
+	return &PingoneAuthorizeConnector{
+		clientInfo: connector.PingOneClientInfo{
+			Context:             ctx,
+			ApiClient:           apiClient,
+			ApiClientId:         apiClientId,
+			ExportEnvironmentID: exportEnvironmentID,
+		},
+	}
+}
+
+func (c *PingoneAuthorizeConnector) Export(format, outputDir string, overwriteExport bool) error {
+	l := logger.Get()
+
+	l.Debug().Msgf("Exporting all PingOne Authorize Resources...")
+
+	exportableResources := []connector.ExportableResource{
+		resources.AuthorizeAPIService(&c.clientInfo),
+		resources.AuthorizeAPIServiceDeployment(&c.clientInfo),
+		resources.AuthorizeAPIServiceOperation(&c.clientInfo),
+		resources.ApplicationResource(&c.clientInfo),
+		resources.AuthorizeApplicationResourcePermission(&c.clientInfo),
+		resources.AuthorizeApplicationRole(&c.clientInfo),
+		resources.AuthorizeApplicationRolePermission(&c.clientInfo),
+		resources.AuthorizeDecisionEndpoint(&c.clientInfo),
+	}
+
+	return common.WriteFiles(exportableResources, format, outputDir, overwriteExport)
+}
+
+func (c *PingoneAuthorizeConnector) ConnectorServiceName() string {
+	return serviceName
+}
+
+func (c *PingoneAuthorizeConnector) Login() error {
+	return nil
+}
+
+func (c *PingoneAuthorizeConnector) Logout() error {
+	return nil
+}
@@ -0,0 +1,59 @@
+package authorize_test
+
+import (
+	"testing"
+
+	"github.com/pingidentity/pingcli/internal/connector"
+	"github.com/pingidentity/pingcli/internal/connector/pingone/authorize/resources"
+	"github.com/pingidentity/pingcli/internal/testing/testutils"
+	"github.com/pingidentity/pingcli/internal/testing/testutils_terraform"
+)
+
+func TestAuthorizeTerraformPlan(t *testing.T) {
+	PingOneClientInfo := testutils.GetPingOneClientInfo(t)
+
+	testutils_terraform.InitPingOneTerraform(t)
+
+	testCases := []struct {
+		name          string
+		resource      connector.ExportableResource
+		ignoredErrors []string
+	}{
+		{
+			name:          "AuthorizeAPIService",
+			resource:      resources.AuthorizeAPIService(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizeAPIServiceDeployment",
+			resource:      resources.AuthorizeAPIServiceDeployment(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizeAPIServiceOperation",
+			resource:      resources.AuthorizeAPIServiceOperation(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizeApplicationRole",
+			resource:      resources.AuthorizeApplicationRole(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizeApplicationRolePermission",
+			resource:      resources.AuthorizeApplicationRolePermission(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+		{
+			name:          "AuthorizeDecisionEndpoint",
+			resource:      resources.AuthorizeDecisionEndpoint(PingOneClientInfo),
+			ignoredErrors: nil,
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			testutils_terraform.ValidateTerraformPlan(t, tc.resource, tc.ignoredErrors)
+		})
+	}
+}
@@ -0,0 +1,108 @@
+package resources
+
+import (
+	"fmt"
+
+	"github.com/patrickcping/pingone-go-sdk-v2/authorize"
+	"github.com/pingidentity/pingcli/internal/connector"
+	"github.com/pingidentity/pingcli/internal/connector/common"
+	"github.com/pingidentity/pingcli/internal/connector/pingone"
+	"github.com/pingidentity/pingcli/internal/logger"
+)
+
+// Verify that the resource satisfies the exportable resource interface
+var (
+	_ connector.ExportableResource = &PingOneApplicationResourceResource{}
+)
+
+type PingOneApplicationResourceResource struct {
+	clientInfo *connector.PingOneClientInfo
+}
+
+// Utility method for creating a PingOneApplicationResourceResource
+func ApplicationResource(clientInfo *connector.PingOneClientInfo) *PingOneApplicationResourceResource {
+	return &PingOneApplicationResourceResource{
+		clientInfo: clientInfo,
+	}
+}
+
+func (r *PingOneApplicationResourceResource) ResourceType() string {
+	return "pingone_application_resource"
+}
+
+type applicationResourceObj struct {
+	applicationResourceName string
+	resourceId              string
+	resourceName            string
+}
+
+func (r *PingOneApplicationResourceResource) ExportAll() (*[]connector.ImportBlock, error) {
+	l := logger.Get()
+	l.Debug().Msgf("Exporting all '%s' Resources...", r.ResourceType())
+
+	importBlocks := []connector.ImportBlock{}
+
+	applicationResourceData, err := r.getApplicationResourceData()
+	if err != nil {
+		return nil, err
+	}
+
+	for applicationResourceId, applicationResourceObj := range applicationResourceData {
+		commentData := map[string]string{
+			"PingOne Resource ID":       applicationResourceObj.resourceId,
+			"PingOne Resource Name":     applicationResourceObj.resourceName,
+			"Application Resource ID":   applicationResourceId,
+			"Application Resource Name": applicationResourceObj.applicationResourceName,
+			"Export Environment ID":     r.clientInfo.ExportEnvironmentID,
+			"Resource Type":             r.ResourceType(),
+		}
+
+		importBlock := connector.ImportBlock{
+			ResourceType:       r.ResourceType(),
+			ResourceName:       fmt.Sprintf("%s_%s", applicationResourceObj.resourceName, applicationResourceObj.applicationResourceName),
+			ResourceID:         fmt.Sprintf("%s/%s/%s", r.clientInfo.ExportEnvironmentID, applicationResourceObj.resourceId, applicationResourceId),
+			CommentInformation: common.GenerateCommentInformation(commentData),
+		}
+
+		importBlocks = append(importBlocks, importBlock)
+	}
+
+	return &importBlocks, nil
+}
+
+func (r *PingOneApplicationResourceResource) getApplicationResourceData() (map[string]applicationResourceObj, error) {
+	applicationResourceData := make(map[string]applicationResourceObj)
+
+	iter := r.clientInfo.ApiClient.AuthorizeAPIClient.ApplicationResourcesApi.ReadApplicationResources(r.clientInfo.Context, r.clientInfo.ExportEnvironmentID).Execute()
+	applicationResources, err := pingone.GetAuthorizeAPIObjectsFromIterator[authorize.ApplicationResource](iter, "ReadApplicationResources", "GetResources", r.ResourceType())
+	if err != nil {
+		return nil, err
+	}
+
+	for _, applicationResource := range applicationResources {
+		applicationResourceId, applicationResourceIdOk := applicationResource.GetIdOk()
+		applicationResourceName, applicationResourceNameOk := applicationResource.GetNameOk()
+		resourceId, resourceIdOk := applicationResource.Parent.GetIdOk()
+
+		if applicationResourceIdOk && applicationResourceNameOk && resourceIdOk {
+
+			resourceObj, httpResponse, err := r.clientInfo.ApiClient.ManagementAPIClient.ResourcesApi.ReadOneResource(r.clientInfo.Context, r.clientInfo.ExportEnvironmentID, *resourceId).Execute()
+			ok, err := common.HandleClientResponse(httpResponse, err, "ReadOneResource", r.ResourceType())
+			if err != nil {
+				return nil, err
+			}
+			// A warning was given when handling the client response. Return nil apiObjects to skip export of resource
+			if !ok {
+				return nil, nil
+			}
+
+			applicationResourceData[*applicationResourceId] = applicationResourceObj{
+				applicationResourceName: *applicationResourceName,
+				resourceId:              *resourceId,
+				resourceName:            resourceObj.GetName(),
+			}
+		}
+	}
+
+	return applicationResourceData, nil
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -5,4 +5,5 @@ go.work @@
     go.work.sum
     export
     vendor
-    env*.sh
+    env*.sh
+    .env