From dc6431eed674ac3e1b38ab57607d1bc24cfcef89 Mon Sep 17 00:00:00 2001 From: Jakub Michalak Date: Tue, 21 May 2024 16:11:51 +0200 Subject: [PATCH 1/4] feat: Add Snowflake Oauth security integration to sdk --- pkg/acceptance/helpers/context_client.go | 13 + pkg/acceptance/helpers/random/certs.go | 33 +- .../snowflake_predefined_roles.go | 8 +- pkg/sdk/security_integrations_def.go | 169 +++++++- .../security_integrations_dto_builders_gen.go | 372 +++++++++++++++++ pkg/sdk/security_integrations_dto_gen.go | 125 +++++- pkg/sdk/security_integrations_gen.go | 118 ++++++ pkg/sdk/security_integrations_gen_test.go | 329 +++++++++++++++ pkg/sdk/security_integrations_impl_gen.go | 151 +++++++ .../security_integrations_validations_gen.go | 80 ++++ ...urity_integrations_gen_integration_test.go | 375 +++++++++++++++++- 11 files changed, 1745 insertions(+), 28 deletions(-) diff --git a/pkg/acceptance/helpers/context_client.go b/pkg/acceptance/helpers/context_client.go index a753263562..c3c2f2358b 100644 --- a/pkg/acceptance/helpers/context_client.go +++ b/pkg/acceptance/helpers/context_client.go @@ -2,6 +2,7 @@ package helpers import ( "context" + "fmt" "testing" "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/sdk" @@ -71,3 +72,15 @@ func (c *ContextClient) IsRoleInSession(t *testing.T, id sdk.AccountObjectIdenti return isInSession } + +// ACSURL returns Snowflake Assertion Consumer Service URL +func (c *ContextClient) ACSURL(t *testing.T) string { + t.Helper() + return fmt.Sprintf("https://%s.snowflakecomputing.com/fed/login", c.CurrentAccount(t)) +} + +// IssuerURL returns a URL containing the EntityID / Issuer for the Snowflake service provider +func (c *ContextClient) IssuerURL(t *testing.T) string { + t.Helper() + return fmt.Sprintf("https://%s.snowflakecomputing.com", c.CurrentAccount(t)) +} diff --git a/pkg/acceptance/helpers/random/certs.go b/pkg/acceptance/helpers/random/certs.go index aa23b530b4..80a53a83eb 100644 --- a/pkg/acceptance/helpers/random/certs.go +++ b/pkg/acceptance/helpers/random/certs.go @@ -7,6 +7,7 @@ import ( "crypto/x509" "crypto/x509/pkix" "encoding/pem" + "fmt" "math/big" "strings" "testing" @@ -34,14 +35,32 @@ func GenerateX509(t *testing.T) string { caBytes, err := x509.CreateCertificate(rand.Reader, ca, ca, &caPrivKey.PublicKey, caPrivKey) require.NoError(t, err) - certPEM := new(bytes.Buffer) - err = pem.Encode(certPEM, &pem.Block{ - Type: "CERTIFICATE", - Bytes: caBytes, - }) + return encode(t, "CERTIFICATE", caBytes) +} + +// GenerateRSA returns an RSA public key without BEGIN and END markers. +func GenerateRSAPublicKey(t *testing.T) string { + t.Helper() + key, err := rsa.GenerateKey(rand.Reader, 2048) require.NoError(t, err) - cert := strings.TrimPrefix(certPEM.String(), "-----BEGIN CERTIFICATE-----\n") - cert = strings.TrimSuffix(cert, "-----END CERTIFICATE-----\n") + pub := key.Public() + b, err := x509.MarshalPKIXPublicKey(pub.(*rsa.PublicKey)) + require.NoError(t, err) + return encode(t, "RSA PUBLIC KEY", b) +} + +func encode(t *testing.T, pemType string, b []byte) string { + t.Helper() + buffer := new(bytes.Buffer) + err := pem.Encode(buffer, + &pem.Block{ + Type: pemType, + Bytes: b, + }, + ) + require.NoError(t, err) + cert := strings.TrimPrefix(buffer.String(), fmt.Sprintf("-----BEGIN %s-----\n", pemType)) + cert = strings.TrimSuffix(cert, fmt.Sprintf("-----END %s-----\n", pemType)) return cert } diff --git a/pkg/internal/snowflakeroles/snowflake_predefined_roles.go b/pkg/internal/snowflakeroles/snowflake_predefined_roles.go index 067abc4fe7..f71bdef820 100644 --- a/pkg/internal/snowflakeroles/snowflake_predefined_roles.go +++ b/pkg/internal/snowflakeroles/snowflake_predefined_roles.go @@ -3,7 +3,11 @@ package snowflakeroles import "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/sdk" var ( - Orgadmin = sdk.NewAccountObjectIdentifier("ORGADMIN") - Accountadmin = sdk.NewAccountObjectIdentifier("ACCOUNTADMIN") + Orgadmin = sdk.NewAccountObjectIdentifier("ORGADMIN") + Accountadmin = sdk.NewAccountObjectIdentifier("ACCOUNTADMIN") + SecurityAdmin = sdk.NewAccountObjectIdentifier("SECURITYADMIN") + + OktaProvisioner = sdk.NewAccountObjectIdentifier("OKTA_PROVISIONER") + AadProvisioner = sdk.NewAccountObjectIdentifier("AAD_PROVISIONER") GenericScimProvisioner = sdk.NewAccountObjectIdentifier("GENERIC_SCIM_PROVISIONER") ) diff --git a/pkg/sdk/security_integrations_def.go b/pkg/sdk/security_integrations_def.go index d2b5e47e90..0b2c472f87 100644 --- a/pkg/sdk/security_integrations_def.go +++ b/pkg/sdk/security_integrations_def.go @@ -4,9 +4,31 @@ import g "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/sdk/poc/gen //go:generate go run ./poc/main.go +type OauthSecurityIntegrationUseSecondaryRolesOption string + +const ( + OauthSecurityIntegrationUseSecondaryRolesImplicit OauthSecurityIntegrationUseSecondaryRolesOption = "IMPLICIT" + OauthSecurityIntegrationUseSecondaryRolesNone OauthSecurityIntegrationUseSecondaryRolesOption = "NONE" +) + +type OauthSecurityIntegrationClientTypeOption string + +const ( + OauthSecurityIntegrationClientTypePublic OauthSecurityIntegrationClientTypeOption = "PUBLIC" + OauthSecurityIntegrationClientTypeConfidential OauthSecurityIntegrationClientTypeOption = "CONFIDENTIAL" +) + +type OauthSecurityIntegrationClientOption string + +const ( + OauthSecurityIntegrationClientLooker OauthSecurityIntegrationClientOption = "LOOKER" + OauthSecurityIntegrationClientTableauDesktop OauthSecurityIntegrationClientOption = "TABLEAU_DESKTOP" + OauthSecurityIntegrationClientTableauServer OauthSecurityIntegrationClientOption = "TABLEAU_SERVER" +) + type ScimSecurityIntegrationScimClientOption string -var ( +const ( ScimSecurityIntegrationScimClientOkta ScimSecurityIntegrationScimClientOption = "OKTA" ScimSecurityIntegrationScimClientAzure ScimSecurityIntegrationScimClientOption = "AZURE" ScimSecurityIntegrationScimClientGeneric ScimSecurityIntegrationScimClientOption = "GENERIC" @@ -14,15 +36,19 @@ var ( type ScimSecurityIntegrationRunAsRoleOption string -var ( +const ( ScimSecurityIntegrationRunAsRoleOktaProvisioner ScimSecurityIntegrationRunAsRoleOption = "OKTA_PROVISIONER" ScimSecurityIntegrationRunAsRoleAadProvisioner ScimSecurityIntegrationRunAsRoleOption = "AAD_PROVISIONER" ScimSecurityIntegrationRunAsRoleGenericScimProvisioner ScimSecurityIntegrationRunAsRoleOption = "GENERIC_SCIM_PROVISIONER" ) var ( - userDomainDef = g.NewQueryStruct("UserDomain").Text("Domain", g.KeywordOptions().SingleQuotes().Required()) - emailPatternDef = g.NewQueryStruct("EmailPattern").Text("Pattern", g.KeywordOptions().SingleQuotes().Required()) + userDomainDef = g.NewQueryStruct("UserDomain").Text("Domain", g.KeywordOptions().SingleQuotes().Required()) + emailPatternDef = g.NewQueryStruct("EmailPattern").Text("Pattern", g.KeywordOptions().SingleQuotes().Required()) + preAuthorizedRolesListDef = g.NewQueryStruct("PreAuthorizedRolesList"). + List("PreAuthorizedRolesList", "AccountObjectIdentifier", g.ListOptions().MustParentheses()) + blockedRolesListDef = g.NewQueryStruct("BlockedRolesList"). + List("BlockedRolesList", "AccountObjectIdentifier", g.ListOptions().MustParentheses()) ) func createSecurityIntegrationOperation(structName string, apply func(qs *g.QueryStruct) *g.QueryStruct) *g.QueryStruct { @@ -52,6 +78,56 @@ func alterSecurityIntegrationOperation(structName string, apply func(qs *g.Query return qs } +var snowflakeOauthPartnerIntegrationSetDef = g.NewQueryStruct("SnowflakeOauthPartnerIntegrationSet"). + OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). + OptionalTextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().SingleQuotes()). + OptionalBooleanAssignment("OAUTH_ISSUE_REFRESH_TOKENS", g.ParameterOptions()). + OptionalNumberAssignment("OAUTH_REFRESH_TOKEN_VALIDITY", g.ParameterOptions()). + OptionalAssignment( + "OAUTH_USE_SECONDARY_ROLES", + g.KindOfT[OauthSecurityIntegrationUseSecondaryRolesOption](), + g.ParameterOptions(), + ). + OptionalQueryStructField("BlockedRolesList", blockedRolesListDef, g.ParameterOptions().SQL("BLOCKED_ROLES_LIST").Parentheses()). + OptionalComment(). + WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthRedirectUri", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", + "BlockedRolesList", "Comment") + +var snowflakeOauthPartnerIntegrationUnsetDef = g.NewQueryStruct("SnowflakeOauthPartnerIntegrationUnset"). + OptionalSQL("ENABLED"). + OptionalSQL("OAUTH_USE_SECONDARY_ROLES"). + WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthUseSecondaryRoles") + +var snowflakeOauthCustomIntegrationSetDef = g.NewQueryStruct("SnowflakeOauthCustomIntegrationSet"). + OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). + OptionalTextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().SingleQuotes()). + OptionalBooleanAssignment("OAUTH_ALLOW_NON_TLS_REDIRECT_URI", g.ParameterOptions()). + OptionalBooleanAssignment("OAUTH_ENFORCE_PKCE", g.ParameterOptions()). + OptionalAssignment( + "OAUTH_USE_SECONDARY_ROLES", + g.KindOfT[OauthSecurityIntegrationUseSecondaryRolesOption](), + g.ParameterOptions(), + ). + OptionalQueryStructField("PreAuthorizedRolesList", preAuthorizedRolesListDef, g.ParameterOptions().SQL("PRE_AUTHORIZED_ROLES_LIST").Parentheses()). + OptionalQueryStructField("BlockedRolesList", blockedRolesListDef, g.ParameterOptions().SQL("BLOCKED_ROLES_LIST").Parentheses()). + OptionalBooleanAssignment("OAUTH_ISSUE_REFRESH_TOKENS", g.ParameterOptions()). + OptionalNumberAssignment("OAUTH_REFRESH_TOKEN_VALIDITY", g.ParameterOptions()). + OptionalIdentifier("NetworkPolicy", g.KindOfT[AccountObjectIdentifier](), g.IdentifierOptions().Equals().SQL("NETWORK_POLICY")). + OptionalTextAssignment("OAUTH_CLIENT_RSA_PUBLIC_KEY", g.ParameterOptions().SingleQuotes()). + OptionalTextAssignment("OAUTH_CLIENT_RSA_PUBLIC_KEY_2", g.ParameterOptions().SingleQuotes()). + OptionalComment(). + WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", "OauthEnforcePkce", "PreAuthorizedRolesList", + "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", + "OauthClientRsaPublicKey2", "Comment") + +var snowflakeOauthCustomIntegrationUnsetDef = g.NewQueryStruct("SnowflakeOauthCustomIntegrationUnset"). + OptionalSQL("ENABLED"). + OptionalSQL("OAUTH_USE_SECONDARY_ROLES"). + OptionalSQL("NETWORK_POLICY"). + OptionalSQL("OAUTH_CLIENT_RSA_PUBLIC_KEY"). + OptionalSQL("OAUTH_CLIENT_RSA_PUBLIC_KEY_2"). + WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2") + var saml2IntegrationSetDef = g.NewQueryStruct("Saml2IntegrationSet"). OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). OptionalTextAssignment("SAML2_ISSUER", g.ParameterOptions().SingleQuotes()). @@ -100,6 +176,61 @@ var SecurityIntegrationsDef = g.NewInterface( "SecurityIntegration", g.KindOfT[AccountObjectIdentifier](), ). + CustomOperation( + "CreateSnowflakeOauthPartner", + "https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake", + createSecurityIntegrationOperation("CreateSnowflakeOauthPartner", func(qs *g.QueryStruct) *g.QueryStruct { + return qs. + PredefinedQueryStructField("integrationType", "string", g.StaticOptions().SQL("TYPE = OAUTH")). + Assignment( + "OAUTH_CLIENT", + g.KindOfT[OauthSecurityIntegrationClientOption](), + g.ParameterOptions().Required(), + ). + OptionalTextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().SingleQuotes()). + OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). + OptionalBooleanAssignment("OAUTH_ISSUE_REFRESH_TOKENS", g.ParameterOptions()). + OptionalNumberAssignment("OAUTH_REFRESH_TOKEN_VALIDITY", g.ParameterOptions()). + OptionalAssignment( + "OAUTH_USE_SECONDARY_ROLES", + g.KindOfT[OauthSecurityIntegrationUseSecondaryRolesOption](), + g.ParameterOptions(), + ). + OptionalQueryStructField("BlockedRolesList", blockedRolesListDef, g.ParameterOptions().SQL("BLOCKED_ROLES_LIST").Parentheses()) + }), + preAuthorizedRolesListDef, + blockedRolesListDef, + ). + CustomOperation( + "CreateSnowflakeOauthCustom", + "https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake", + createSecurityIntegrationOperation("CreateSnowflakeOauthCustom", func(qs *g.QueryStruct) *g.QueryStruct { + return qs. + PredefinedQueryStructField("integrationType", "string", g.StaticOptions().SQL("TYPE = OAUTH")). + PredefinedQueryStructField("oauthClient", "string", g.StaticOptions().SQL("OAUTH_CLIENT = CUSTOM")). + Assignment( + "OAUTH_CLIENT_TYPE", + g.KindOfT[OauthSecurityIntegrationClientTypeOption](), + g.ParameterOptions().Required().SingleQuotes(), + ). + TextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().Required().SingleQuotes()). + OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). + OptionalBooleanAssignment("OAUTH_ALLOW_NON_TLS_REDIRECT_URI", g.ParameterOptions()). + OptionalBooleanAssignment("OAUTH_ENFORCE_PKCE", g.ParameterOptions()). + OptionalAssignment( + "OAUTH_USE_SECONDARY_ROLES", + g.KindOfT[OauthSecurityIntegrationUseSecondaryRolesOption](), + g.ParameterOptions(), + ). + OptionalQueryStructField("PreAuthorizedRolesList", preAuthorizedRolesListDef, g.ParameterOptions().SQL("PRE_AUTHORIZED_ROLES_LIST").Parentheses()). + OptionalQueryStructField("BlockedRolesList", blockedRolesListDef, g.ParameterOptions().SQL("BLOCKED_ROLES_LIST").Parentheses()). + OptionalBooleanAssignment("OAUTH_ISSUE_REFRESH_TOKENS", g.ParameterOptions()). + OptionalNumberAssignment("OAUTH_REFRESH_TOKEN_VALIDITY", g.ParameterOptions()). + OptionalIdentifier("NetworkPolicy", g.KindOfT[AccountObjectIdentifier](), g.IdentifierOptions().Equals().SQL("NETWORK_POLICY")). + OptionalTextAssignment("OAUTH_CLIENT_RSA_PUBLIC_KEY", g.ParameterOptions().SingleQuotes()). + OptionalTextAssignment("OAUTH_CLIENT_RSA_PUBLIC_KEY_2", g.ParameterOptions().SingleQuotes()) + }), + ). CustomOperation( "CreateSaml2", "https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-saml2", @@ -147,6 +278,36 @@ var SecurityIntegrationsDef = g.NewInterface( OptionalBooleanAssignment("SYNC_PASSWORD", g.ParameterOptions()) }), ). + CustomOperation( + "AlterSnowflakeOauthPartner", + "https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake", + alterSecurityIntegrationOperation("AlterSnowflakeOauthPartner", func(qs *g.QueryStruct) *g.QueryStruct { + return qs.OptionalQueryStructField( + "Set", + snowflakeOauthPartnerIntegrationSetDef, + g.ListOptions().NoParentheses().SQL("SET"), + ).OptionalQueryStructField( + "Unset", + snowflakeOauthPartnerIntegrationUnsetDef, + g.ListOptions().NoParentheses().SQL("UNSET"), + ).WithValidation(g.ExactlyOneValueSet, "Set", "Unset", "SetTags", "UnsetTags") + }), + ). + CustomOperation( + "AlterSnowflakeOauthCustom", + "https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake", + alterSecurityIntegrationOperation("AlterSnowflakeOauthCustom", func(qs *g.QueryStruct) *g.QueryStruct { + return qs.OptionalQueryStructField( + "Set", + snowflakeOauthCustomIntegrationSetDef, + g.ListOptions().NoParentheses().SQL("SET"), + ).OptionalQueryStructField( + "Unset", + snowflakeOauthCustomIntegrationUnsetDef, + g.ListOptions().NoParentheses().SQL("UNSET"), + ).WithValidation(g.ExactlyOneValueSet, "Set", "Unset", "SetTags", "UnsetTags") + }), + ). CustomOperation( "AlterSaml2", "https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-saml2", diff --git a/pkg/sdk/security_integrations_dto_builders_gen.go b/pkg/sdk/security_integrations_dto_builders_gen.go index d2a70ed326..96822ad8b0 100644 --- a/pkg/sdk/security_integrations_dto_builders_gen.go +++ b/pkg/sdk/security_integrations_dto_builders_gen.go @@ -4,6 +4,161 @@ package sdk import () +func NewCreateSnowflakeOauthPartnerSecurityIntegrationRequest( + name AccountObjectIdentifier, + OauthClient OauthSecurityIntegrationClientOption, +) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { + s := CreateSnowflakeOauthPartnerSecurityIntegrationRequest{} + s.name = name + s.OauthClient = OauthClient + return &s +} + +func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithOrReplace(OrReplace *bool) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { + s.OrReplace = OrReplace + return s +} + +func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithIfNotExists(IfNotExists *bool) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { + s.IfNotExists = IfNotExists + return s +} + +func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithOauthRedirectUri(OauthRedirectUri *string) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { + s.OauthRedirectUri = OauthRedirectUri + return s +} + +func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithEnabled(Enabled *bool) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { + s.Enabled = Enabled + return s +} + +func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { + s.OauthIssueRefreshTokens = OauthIssueRefreshTokens + return s +} + +func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { + s.OauthRefreshTokenValidity = OauthRefreshTokenValidity + return s +} + +func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { + s.OauthUseSecondaryRoles = OauthUseSecondaryRoles + return s +} + +func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { + s.BlockedRolesList = BlockedRolesList + return s +} + +func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithComment(Comment *string) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { + s.Comment = Comment + return s +} + +func NewBlockedRolesListRequest() *BlockedRolesListRequest { + return &BlockedRolesListRequest{} +} + +func (s *BlockedRolesListRequest) WithBlockedRolesList(BlockedRolesList []AccountObjectIdentifier) *BlockedRolesListRequest { + s.BlockedRolesList = BlockedRolesList + return s +} + +func NewCreateSnowflakeOauthCustomSecurityIntegrationRequest( + name AccountObjectIdentifier, + OauthClientType OauthSecurityIntegrationClientTypeOption, + OauthRedirectUri string, +) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s := CreateSnowflakeOauthCustomSecurityIntegrationRequest{} + s.name = name + s.OauthClientType = OauthClientType + s.OauthRedirectUri = OauthRedirectUri + return &s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOrReplace(OrReplace *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.OrReplace = OrReplace + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithIfNotExists(IfNotExists *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.IfNotExists = IfNotExists + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithEnabled(Enabled *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.Enabled = Enabled + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthAllowNonTlsRedirectUri(OauthAllowNonTlsRedirectUri *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.OauthAllowNonTlsRedirectUri = OauthAllowNonTlsRedirectUri + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthEnforcePkce(OauthEnforcePkce *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.OauthEnforcePkce = OauthEnforcePkce + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.OauthUseSecondaryRoles = OauthUseSecondaryRoles + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList *PreAuthorizedRolesListRequest) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.PreAuthorizedRolesList = PreAuthorizedRolesList + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.BlockedRolesList = BlockedRolesList + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.OauthIssueRefreshTokens = OauthIssueRefreshTokens + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.OauthRefreshTokenValidity = OauthRefreshTokenValidity + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithNetworkPolicy(NetworkPolicy *AccountObjectIdentifier) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.NetworkPolicy = NetworkPolicy + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *string) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.OauthClientRsaPublicKey = OauthClientRsaPublicKey + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *string) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.OauthClientRsaPublicKey2 = OauthClientRsaPublicKey2 + return s +} + +func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithComment(Comment *string) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { + s.Comment = Comment + return s +} + +func NewPreAuthorizedRolesListRequest() *PreAuthorizedRolesListRequest { + return &PreAuthorizedRolesListRequest{} +} + +func (s *PreAuthorizedRolesListRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList []AccountObjectIdentifier) *PreAuthorizedRolesListRequest { + s.PreAuthorizedRolesList = PreAuthorizedRolesList + return s +} + func NewCreateSaml2SecurityIntegrationRequest( name AccountObjectIdentifier, Enabled bool, @@ -131,6 +286,223 @@ func (s *CreateScimSecurityIntegrationRequest) WithComment(Comment *string) *Cre return s } +func NewAlterSnowflakeOauthPartnerSecurityIntegrationRequest( + name AccountObjectIdentifier, +) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { + s := AlterSnowflakeOauthPartnerSecurityIntegrationRequest{} + s.name = name + return &s +} + +func (s *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) WithIfExists(IfExists *bool) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { + s.IfExists = IfExists + return s +} + +func (s *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) WithSetTags(SetTags []TagAssociation) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { + s.SetTags = SetTags + return s +} + +func (s *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectIdentifier) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { + s.UnsetTags = UnsetTags + return s +} + +func (s *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) WithSet(Set *SnowflakeOauthPartnerIntegrationSetRequest) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { + s.Set = Set + return s +} + +func (s *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) WithUnset(Unset *SnowflakeOauthPartnerIntegrationUnsetRequest) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { + s.Unset = Unset + return s +} + +func NewSnowflakeOauthPartnerIntegrationSetRequest() *SnowflakeOauthPartnerIntegrationSetRequest { + return &SnowflakeOauthPartnerIntegrationSetRequest{} +} + +func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithEnabled(Enabled *bool) *SnowflakeOauthPartnerIntegrationSetRequest { + s.Enabled = Enabled + return s +} + +func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithOauthRedirectUri(OauthRedirectUri *string) *SnowflakeOauthPartnerIntegrationSetRequest { + s.OauthRedirectUri = OauthRedirectUri + return s +} + +func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *SnowflakeOauthPartnerIntegrationSetRequest { + s.OauthIssueRefreshTokens = OauthIssueRefreshTokens + return s +} + +func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *SnowflakeOauthPartnerIntegrationSetRequest { + s.OauthRefreshTokenValidity = OauthRefreshTokenValidity + return s +} + +func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *SnowflakeOauthPartnerIntegrationSetRequest { + s.OauthUseSecondaryRoles = OauthUseSecondaryRoles + return s +} + +func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *SnowflakeOauthPartnerIntegrationSetRequest { + s.BlockedRolesList = BlockedRolesList + return s +} + +func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithComment(Comment *string) *SnowflakeOauthPartnerIntegrationSetRequest { + s.Comment = Comment + return s +} + +func NewSnowflakeOauthPartnerIntegrationUnsetRequest() *SnowflakeOauthPartnerIntegrationUnsetRequest { + return &SnowflakeOauthPartnerIntegrationUnsetRequest{} +} + +func (s *SnowflakeOauthPartnerIntegrationUnsetRequest) WithEnabled(Enabled *bool) *SnowflakeOauthPartnerIntegrationUnsetRequest { + s.Enabled = Enabled + return s +} + +func (s *SnowflakeOauthPartnerIntegrationUnsetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *bool) *SnowflakeOauthPartnerIntegrationUnsetRequest { + s.OauthUseSecondaryRoles = OauthUseSecondaryRoles + return s +} + +func NewAlterSnowflakeOauthCustomSecurityIntegrationRequest( + name AccountObjectIdentifier, +) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { + s := AlterSnowflakeOauthCustomSecurityIntegrationRequest{} + s.name = name + return &s +} + +func (s *AlterSnowflakeOauthCustomSecurityIntegrationRequest) WithIfExists(IfExists *bool) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { + s.IfExists = IfExists + return s +} + +func (s *AlterSnowflakeOauthCustomSecurityIntegrationRequest) WithSetTags(SetTags []TagAssociation) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { + s.SetTags = SetTags + return s +} + +func (s *AlterSnowflakeOauthCustomSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectIdentifier) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { + s.UnsetTags = UnsetTags + return s +} + +func (s *AlterSnowflakeOauthCustomSecurityIntegrationRequest) WithSet(Set *SnowflakeOauthCustomIntegrationSetRequest) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { + s.Set = Set + return s +} + +func (s *AlterSnowflakeOauthCustomSecurityIntegrationRequest) WithUnset(Unset *SnowflakeOauthCustomIntegrationUnsetRequest) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { + s.Unset = Unset + return s +} + +func NewSnowflakeOauthCustomIntegrationSetRequest() *SnowflakeOauthCustomIntegrationSetRequest { + return &SnowflakeOauthCustomIntegrationSetRequest{} +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithEnabled(Enabled *bool) *SnowflakeOauthCustomIntegrationSetRequest { + s.Enabled = Enabled + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthRedirectUri(OauthRedirectUri *string) *SnowflakeOauthCustomIntegrationSetRequest { + s.OauthRedirectUri = OauthRedirectUri + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthAllowNonTlsRedirectUri(OauthAllowNonTlsRedirectUri *bool) *SnowflakeOauthCustomIntegrationSetRequest { + s.OauthAllowNonTlsRedirectUri = OauthAllowNonTlsRedirectUri + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthEnforcePkce(OauthEnforcePkce *bool) *SnowflakeOauthCustomIntegrationSetRequest { + s.OauthEnforcePkce = OauthEnforcePkce + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *SnowflakeOauthCustomIntegrationSetRequest { + s.OauthUseSecondaryRoles = OauthUseSecondaryRoles + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList *PreAuthorizedRolesListRequest) *SnowflakeOauthCustomIntegrationSetRequest { + s.PreAuthorizedRolesList = PreAuthorizedRolesList + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *SnowflakeOauthCustomIntegrationSetRequest { + s.BlockedRolesList = BlockedRolesList + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *SnowflakeOauthCustomIntegrationSetRequest { + s.OauthIssueRefreshTokens = OauthIssueRefreshTokens + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *SnowflakeOauthCustomIntegrationSetRequest { + s.OauthRefreshTokenValidity = OauthRefreshTokenValidity + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithNetworkPolicy(NetworkPolicy *AccountObjectIdentifier) *SnowflakeOauthCustomIntegrationSetRequest { + s.NetworkPolicy = NetworkPolicy + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *string) *SnowflakeOauthCustomIntegrationSetRequest { + s.OauthClientRsaPublicKey = OauthClientRsaPublicKey + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *string) *SnowflakeOauthCustomIntegrationSetRequest { + s.OauthClientRsaPublicKey2 = OauthClientRsaPublicKey2 + return s +} + +func (s *SnowflakeOauthCustomIntegrationSetRequest) WithComment(Comment *string) *SnowflakeOauthCustomIntegrationSetRequest { + s.Comment = Comment + return s +} + +func NewSnowflakeOauthCustomIntegrationUnsetRequest() *SnowflakeOauthCustomIntegrationUnsetRequest { + return &SnowflakeOauthCustomIntegrationUnsetRequest{} +} + +func (s *SnowflakeOauthCustomIntegrationUnsetRequest) WithEnabled(Enabled *bool) *SnowflakeOauthCustomIntegrationUnsetRequest { + s.Enabled = Enabled + return s +} + +func (s *SnowflakeOauthCustomIntegrationUnsetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *bool) *SnowflakeOauthCustomIntegrationUnsetRequest { + s.OauthUseSecondaryRoles = OauthUseSecondaryRoles + return s +} + +func (s *SnowflakeOauthCustomIntegrationUnsetRequest) WithNetworkPolicy(NetworkPolicy *bool) *SnowflakeOauthCustomIntegrationUnsetRequest { + s.NetworkPolicy = NetworkPolicy + return s +} + +func (s *SnowflakeOauthCustomIntegrationUnsetRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *bool) *SnowflakeOauthCustomIntegrationUnsetRequest { + s.OauthClientRsaPublicKey = OauthClientRsaPublicKey + return s +} + +func (s *SnowflakeOauthCustomIntegrationUnsetRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *bool) *SnowflakeOauthCustomIntegrationUnsetRequest { + s.OauthClientRsaPublicKey2 = OauthClientRsaPublicKey2 + return s +} + func NewAlterSaml2SecurityIntegrationRequest( name AccountObjectIdentifier, ) *AlterSaml2SecurityIntegrationRequest { diff --git a/pkg/sdk/security_integrations_dto_gen.go b/pkg/sdk/security_integrations_dto_gen.go index 41019279fc..e7a7442329 100644 --- a/pkg/sdk/security_integrations_dto_gen.go +++ b/pkg/sdk/security_integrations_dto_gen.go @@ -3,15 +3,69 @@ package sdk //go:generate go run ./dto-builder-generator/main.go var ( - _ optionsProvider[CreateSaml2SecurityIntegrationOptions] = new(CreateSaml2SecurityIntegrationRequest) - _ optionsProvider[CreateScimSecurityIntegrationOptions] = new(CreateScimSecurityIntegrationRequest) - _ optionsProvider[AlterSaml2SecurityIntegrationOptions] = new(AlterSaml2SecurityIntegrationRequest) - _ optionsProvider[AlterScimSecurityIntegrationOptions] = new(AlterScimSecurityIntegrationRequest) - _ optionsProvider[DropSecurityIntegrationOptions] = new(DropSecurityIntegrationRequest) - _ optionsProvider[DescribeSecurityIntegrationOptions] = new(DescribeSecurityIntegrationRequest) - _ optionsProvider[ShowSecurityIntegrationOptions] = new(ShowSecurityIntegrationRequest) + _ optionsProvider[CreateSnowflakeOauthPartnerSecurityIntegrationOptions] = new(CreateSnowflakeOauthPartnerSecurityIntegrationRequest) + _ optionsProvider[CreateSnowflakeOauthCustomSecurityIntegrationOptions] = new(CreateSnowflakeOauthCustomSecurityIntegrationRequest) + _ optionsProvider[CreateSaml2SecurityIntegrationOptions] = new(CreateSaml2SecurityIntegrationRequest) + _ optionsProvider[CreateScimSecurityIntegrationOptions] = new(CreateScimSecurityIntegrationRequest) + _ optionsProvider[AlterSnowflakeOauthPartnerSecurityIntegrationOptions] = new(AlterSnowflakeOauthPartnerSecurityIntegrationRequest) + _ optionsProvider[AlterSnowflakeOauthCustomSecurityIntegrationOptions] = new(AlterSnowflakeOauthCustomSecurityIntegrationRequest) + _ optionsProvider[AlterSaml2SecurityIntegrationOptions] = new(AlterSaml2SecurityIntegrationRequest) + _ optionsProvider[AlterScimSecurityIntegrationOptions] = new(AlterScimSecurityIntegrationRequest) + _ optionsProvider[DropSecurityIntegrationOptions] = new(DropSecurityIntegrationRequest) + _ optionsProvider[DescribeSecurityIntegrationOptions] = new(DescribeSecurityIntegrationRequest) + _ optionsProvider[ShowSecurityIntegrationOptions] = new(ShowSecurityIntegrationRequest) ) +type CreateSnowflakeOauthPartnerSecurityIntegrationRequest struct { + OrReplace *bool + IfNotExists *bool + name AccountObjectIdentifier // required + OauthClient OauthSecurityIntegrationClientOption // required + OauthRedirectUri *string + Enabled *bool + OauthIssueRefreshTokens *bool + OauthRefreshTokenValidity *int + OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption + BlockedRolesList *BlockedRolesListRequest + Comment *string +} + +func (r *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) GetName() AccountObjectIdentifier { + return r.name +} + +type BlockedRolesListRequest struct { + BlockedRolesList []AccountObjectIdentifier +} + +type CreateSnowflakeOauthCustomSecurityIntegrationRequest struct { + OrReplace *bool + IfNotExists *bool + name AccountObjectIdentifier // required + OauthClientType OauthSecurityIntegrationClientTypeOption // required + OauthRedirectUri string // required + Enabled *bool + OauthAllowNonTlsRedirectUri *bool + OauthEnforcePkce *bool + OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption + PreAuthorizedRolesList *PreAuthorizedRolesListRequest + BlockedRolesList *BlockedRolesListRequest + OauthIssueRefreshTokens *bool + OauthRefreshTokenValidity *int + NetworkPolicy *AccountObjectIdentifier + OauthClientRsaPublicKey *string + OauthClientRsaPublicKey2 *string + Comment *string +} + +func (r *CreateSnowflakeOauthCustomSecurityIntegrationRequest) GetName() AccountObjectIdentifier { + return r.name +} + +type PreAuthorizedRolesListRequest struct { + PreAuthorizedRolesList []AccountObjectIdentifier +} + type CreateSaml2SecurityIntegrationRequest struct { OrReplace *bool IfNotExists *bool @@ -55,6 +109,63 @@ func (r *CreateScimSecurityIntegrationRequest) GetName() AccountObjectIdentifier return r.name } +type AlterSnowflakeOauthPartnerSecurityIntegrationRequest struct { + IfExists *bool + name AccountObjectIdentifier // required + SetTags []TagAssociation + UnsetTags []ObjectIdentifier + Set *SnowflakeOauthPartnerIntegrationSetRequest + Unset *SnowflakeOauthPartnerIntegrationUnsetRequest +} + +type SnowflakeOauthPartnerIntegrationSetRequest struct { + Enabled *bool + OauthRedirectUri *string + OauthIssueRefreshTokens *bool + OauthRefreshTokenValidity *int + OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption + BlockedRolesList *BlockedRolesListRequest + Comment *string +} + +type SnowflakeOauthPartnerIntegrationUnsetRequest struct { + Enabled *bool + OauthUseSecondaryRoles *bool +} + +type AlterSnowflakeOauthCustomSecurityIntegrationRequest struct { + IfExists *bool + name AccountObjectIdentifier // required + SetTags []TagAssociation + UnsetTags []ObjectIdentifier + Set *SnowflakeOauthCustomIntegrationSetRequest + Unset *SnowflakeOauthCustomIntegrationUnsetRequest +} + +type SnowflakeOauthCustomIntegrationSetRequest struct { + Enabled *bool + OauthRedirectUri *string + OauthAllowNonTlsRedirectUri *bool + OauthEnforcePkce *bool + OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption + PreAuthorizedRolesList *PreAuthorizedRolesListRequest + BlockedRolesList *BlockedRolesListRequest + OauthIssueRefreshTokens *bool + OauthRefreshTokenValidity *int + NetworkPolicy *AccountObjectIdentifier + OauthClientRsaPublicKey *string + OauthClientRsaPublicKey2 *string + Comment *string +} + +type SnowflakeOauthCustomIntegrationUnsetRequest struct { + Enabled *bool + OauthUseSecondaryRoles *bool + NetworkPolicy *bool + OauthClientRsaPublicKey *bool + OauthClientRsaPublicKey2 *bool +} + type AlterSaml2SecurityIntegrationRequest struct { IfExists *bool name AccountObjectIdentifier // required diff --git a/pkg/sdk/security_integrations_gen.go b/pkg/sdk/security_integrations_gen.go index 6c32053016..687b906276 100644 --- a/pkg/sdk/security_integrations_gen.go +++ b/pkg/sdk/security_integrations_gen.go @@ -7,8 +7,12 @@ import ( ) type SecurityIntegrations interface { + CreateSnowflakeOauthPartner(ctx context.Context, request *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) error + CreateSnowflakeOauthCustom(ctx context.Context, request *CreateSnowflakeOauthCustomSecurityIntegrationRequest) error CreateSaml2(ctx context.Context, request *CreateSaml2SecurityIntegrationRequest) error CreateScim(ctx context.Context, request *CreateScimSecurityIntegrationRequest) error + AlterSnowflakeOauthPartner(ctx context.Context, request *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) error + AlterSnowflakeOauthCustom(ctx context.Context, request *AlterSnowflakeOauthCustomSecurityIntegrationRequest) error AlterSaml2(ctx context.Context, request *AlterSaml2SecurityIntegrationRequest) error AlterScim(ctx context.Context, request *AlterScimSecurityIntegrationRequest) error Drop(ctx context.Context, request *DropSecurityIntegrationRequest) error @@ -17,6 +21,57 @@ type SecurityIntegrations interface { ShowByID(ctx context.Context, id AccountObjectIdentifier) (*SecurityIntegration, error) } +// CreateSnowflakeOauthPartnerSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake. +type CreateSnowflakeOauthPartnerSecurityIntegrationOptions struct { + create bool `ddl:"static" sql:"CREATE"` + OrReplace *bool `ddl:"keyword" sql:"OR REPLACE"` + securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` + IfNotExists *bool `ddl:"keyword" sql:"IF NOT EXISTS"` + name AccountObjectIdentifier `ddl:"identifier"` + integrationType string `ddl:"static" sql:"TYPE = OAUTH"` + OauthClient OauthSecurityIntegrationClientOption `ddl:"parameter" sql:"OAUTH_CLIENT"` + OauthRedirectUri *string `ddl:"parameter,single_quotes" sql:"OAUTH_REDIRECT_URI"` + Enabled *bool `ddl:"parameter" sql:"ENABLED"` + OauthIssueRefreshTokens *bool `ddl:"parameter" sql:"OAUTH_ISSUE_REFRESH_TOKENS"` + OauthRefreshTokenValidity *int `ddl:"parameter" sql:"OAUTH_REFRESH_TOKEN_VALIDITY"` + OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption `ddl:"parameter" sql:"OAUTH_USE_SECONDARY_ROLES"` + BlockedRolesList *BlockedRolesList `ddl:"parameter,parentheses" sql:"BLOCKED_ROLES_LIST"` + Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` +} + +type PreAuthorizedRolesList struct { + PreAuthorizedRolesList []AccountObjectIdentifier `ddl:"list,must_parentheses"` +} + +type BlockedRolesList struct { + BlockedRolesList []AccountObjectIdentifier `ddl:"list,must_parentheses"` +} + +// CreateSnowflakeOauthCustomSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake. +type CreateSnowflakeOauthCustomSecurityIntegrationOptions struct { + create bool `ddl:"static" sql:"CREATE"` + OrReplace *bool `ddl:"keyword" sql:"OR REPLACE"` + securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` + IfNotExists *bool `ddl:"keyword" sql:"IF NOT EXISTS"` + name AccountObjectIdentifier `ddl:"identifier"` + integrationType string `ddl:"static" sql:"TYPE = OAUTH"` + oauthClient string `ddl:"static" sql:"OAUTH_CLIENT = CUSTOM"` + OauthClientType OauthSecurityIntegrationClientTypeOption `ddl:"parameter,single_quotes" sql:"OAUTH_CLIENT_TYPE"` + OauthRedirectUri string `ddl:"parameter,single_quotes" sql:"OAUTH_REDIRECT_URI"` + Enabled *bool `ddl:"parameter" sql:"ENABLED"` + OauthAllowNonTlsRedirectUri *bool `ddl:"parameter" sql:"OAUTH_ALLOW_NON_TLS_REDIRECT_URI"` + OauthEnforcePkce *bool `ddl:"parameter" sql:"OAUTH_ENFORCE_PKCE"` + OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption `ddl:"parameter" sql:"OAUTH_USE_SECONDARY_ROLES"` + PreAuthorizedRolesList *PreAuthorizedRolesList `ddl:"parameter,parentheses" sql:"PRE_AUTHORIZED_ROLES_LIST"` + BlockedRolesList *BlockedRolesList `ddl:"parameter,parentheses" sql:"BLOCKED_ROLES_LIST"` + OauthIssueRefreshTokens *bool `ddl:"parameter" sql:"OAUTH_ISSUE_REFRESH_TOKENS"` + OauthRefreshTokenValidity *int `ddl:"parameter" sql:"OAUTH_REFRESH_TOKEN_VALIDITY"` + NetworkPolicy *AccountObjectIdentifier `ddl:"identifier,equals" sql:"NETWORK_POLICY"` + OauthClientRsaPublicKey *string `ddl:"parameter,single_quotes" sql:"OAUTH_CLIENT_RSA_PUBLIC_KEY"` + OauthClientRsaPublicKey2 *string `ddl:"parameter,single_quotes" sql:"OAUTH_CLIENT_RSA_PUBLIC_KEY_2"` + Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` +} + // CreateSaml2SecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-saml2. type CreateSaml2SecurityIntegrationOptions struct { create bool `ddl:"static" sql:"CREATE"` @@ -68,6 +123,69 @@ type CreateScimSecurityIntegrationOptions struct { Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` } +// AlterSnowflakeOauthPartnerSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. +type AlterSnowflakeOauthPartnerSecurityIntegrationOptions struct { + alter bool `ddl:"static" sql:"ALTER"` + securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` + IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` + name AccountObjectIdentifier `ddl:"identifier"` + SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` + UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` + Set *SnowflakeOauthPartnerIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` + Unset *SnowflakeOauthPartnerIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` +} + +type SnowflakeOauthPartnerIntegrationSet struct { + Enabled *bool `ddl:"parameter" sql:"ENABLED"` + OauthRedirectUri *string `ddl:"parameter,single_quotes" sql:"OAUTH_REDIRECT_URI"` + OauthIssueRefreshTokens *bool `ddl:"parameter" sql:"OAUTH_ISSUE_REFRESH_TOKENS"` + OauthRefreshTokenValidity *int `ddl:"parameter" sql:"OAUTH_REFRESH_TOKEN_VALIDITY"` + OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption `ddl:"parameter" sql:"OAUTH_USE_SECONDARY_ROLES"` + BlockedRolesList *BlockedRolesList `ddl:"parameter,parentheses" sql:"BLOCKED_ROLES_LIST"` + Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` +} + +type SnowflakeOauthPartnerIntegrationUnset struct { + Enabled *bool `ddl:"keyword" sql:"ENABLED"` + OauthUseSecondaryRoles *bool `ddl:"keyword" sql:"OAUTH_USE_SECONDARY_ROLES"` +} + +// AlterSnowflakeOauthCustomSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. +type AlterSnowflakeOauthCustomSecurityIntegrationOptions struct { + alter bool `ddl:"static" sql:"ALTER"` + securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` + IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` + name AccountObjectIdentifier `ddl:"identifier"` + SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` + UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` + Set *SnowflakeOauthCustomIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` + Unset *SnowflakeOauthCustomIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` +} + +type SnowflakeOauthCustomIntegrationSet struct { + Enabled *bool `ddl:"parameter" sql:"ENABLED"` + OauthRedirectUri *string `ddl:"parameter,single_quotes" sql:"OAUTH_REDIRECT_URI"` + OauthAllowNonTlsRedirectUri *bool `ddl:"parameter" sql:"OAUTH_ALLOW_NON_TLS_REDIRECT_URI"` + OauthEnforcePkce *bool `ddl:"parameter" sql:"OAUTH_ENFORCE_PKCE"` + OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption `ddl:"parameter" sql:"OAUTH_USE_SECONDARY_ROLES"` + PreAuthorizedRolesList *PreAuthorizedRolesList `ddl:"parameter,parentheses" sql:"PRE_AUTHORIZED_ROLES_LIST"` + BlockedRolesList *BlockedRolesList `ddl:"parameter,parentheses" sql:"BLOCKED_ROLES_LIST"` + OauthIssueRefreshTokens *bool `ddl:"parameter" sql:"OAUTH_ISSUE_REFRESH_TOKENS"` + OauthRefreshTokenValidity *int `ddl:"parameter" sql:"OAUTH_REFRESH_TOKEN_VALIDITY"` + NetworkPolicy *AccountObjectIdentifier `ddl:"identifier,equals" sql:"NETWORK_POLICY"` + OauthClientRsaPublicKey *string `ddl:"parameter,single_quotes" sql:"OAUTH_CLIENT_RSA_PUBLIC_KEY"` + OauthClientRsaPublicKey2 *string `ddl:"parameter,single_quotes" sql:"OAUTH_CLIENT_RSA_PUBLIC_KEY_2"` + Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` +} + +type SnowflakeOauthCustomIntegrationUnset struct { + Enabled *bool `ddl:"keyword" sql:"ENABLED"` + OauthUseSecondaryRoles *bool `ddl:"keyword" sql:"OAUTH_USE_SECONDARY_ROLES"` + NetworkPolicy *bool `ddl:"keyword" sql:"NETWORK_POLICY"` + OauthClientRsaPublicKey *bool `ddl:"keyword" sql:"OAUTH_CLIENT_RSA_PUBLIC_KEY"` + OauthClientRsaPublicKey2 *bool `ddl:"keyword" sql:"OAUTH_CLIENT_RSA_PUBLIC_KEY_2"` +} + // AlterSaml2SecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-saml2. type AlterSaml2SecurityIntegrationOptions struct { alter bool `ddl:"static" sql:"ALTER"` diff --git a/pkg/sdk/security_integrations_gen_test.go b/pkg/sdk/security_integrations_gen_test.go index 6f0d835cef..4b4ca85cf5 100644 --- a/pkg/sdk/security_integrations_gen_test.go +++ b/pkg/sdk/security_integrations_gen_test.go @@ -4,6 +4,107 @@ import ( "testing" ) +func TestSecurityIntegrations_CreateSnowflakeOauthCustom(t *testing.T) { + id := randomAccountObjectIdentifier() + + // Minimal valid CreateSnowflakeOauthCustomSecurityIntegrationOptions + defaultOpts := func() *CreateSnowflakeOauthCustomSecurityIntegrationOptions { + return &CreateSnowflakeOauthCustomSecurityIntegrationOptions{ + name: id, + OauthClientType: OauthSecurityIntegrationClientTypePublic, + OauthRedirectUri: "uri", + } + } + + t.Run("validation: nil options", func(t *testing.T) { + var opts *CreateSnowflakeOauthPartnerSecurityIntegrationOptions = nil + assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) + }) + + t.Run("validation: conflicting fields for [opts.OrReplace opts.IfNotExists]", func(t *testing.T) { + opts := defaultOpts() + opts.OrReplace = Bool(true) + opts.IfNotExists = Bool(true) + assertOptsInvalidJoinedErrors(t, opts, errOneOf("CreateSnowflakeOauthCustomSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + }) + + t.Run("basic", func(t *testing.T) { + opts := defaultOpts() + opts.OrReplace = Bool(true) + assertOptsValidAndSQLEquals(t, opts, "CREATE OR REPLACE SECURITY INTEGRATION %s TYPE = OAUTH OAUTH_CLIENT = CUSTOM OAUTH_CLIENT_TYPE = 'PUBLIC' OAUTH_REDIRECT_URI = 'uri'", id.FullyQualifiedName()) + }) + + t.Run("all options", func(t *testing.T) { + opts := defaultOpts() + roleID, role2ID, npID := randomAccountObjectIdentifier(), randomAccountObjectIdentifier(), randomAccountObjectIdentifier() + opts.IfNotExists = Bool(true) + opts.OauthClientType = OauthSecurityIntegrationClientTypePublic + opts.OauthRedirectUri = "uri" + opts.Enabled = Pointer(true) + opts.OauthAllowNonTlsRedirectUri = Pointer(true) + opts.OauthEnforcePkce = Pointer(true) + opts.OauthUseSecondaryRoles = Pointer(OauthSecurityIntegrationUseSecondaryRolesNone) + opts.PreAuthorizedRolesList = &PreAuthorizedRolesList{PreAuthorizedRolesList: []AccountObjectIdentifier{roleID}} + opts.BlockedRolesList = &BlockedRolesList{BlockedRolesList: []AccountObjectIdentifier{role2ID}} + opts.OauthIssueRefreshTokens = Pointer(true) + opts.OauthRefreshTokenValidity = Pointer(42) + opts.NetworkPolicy = Pointer(npID) + opts.OauthClientRsaPublicKey = Pointer("key") + opts.OauthClientRsaPublicKey2 = Pointer("key2") + opts.Comment = Pointer("a") + assertOptsValidAndSQLEquals(t, opts, "CREATE SECURITY INTEGRATION IF NOT EXISTS %s TYPE = OAUTH OAUTH_CLIENT = CUSTOM OAUTH_CLIENT_TYPE = 'PUBLIC' OAUTH_REDIRECT_URI = 'uri' ENABLED = true"+ + " OAUTH_ALLOW_NON_TLS_REDIRECT_URI = true OAUTH_ENFORCE_PKCE = true OAUTH_USE_SECONDARY_ROLES = NONE PRE_AUTHORIZED_ROLES_LIST = (%s) BLOCKED_ROLES_LIST = (%s)"+ + " OAUTH_ISSUE_REFRESH_TOKENS = true OAUTH_REFRESH_TOKEN_VALIDITY = 42 NETWORK_POLICY = %s OAUTH_CLIENT_RSA_PUBLIC_KEY = 'key' OAUTH_CLIENT_RSA_PUBLIC_KEY_2 = 'key2' COMMENT = 'a'", + id.FullyQualifiedName(), roleID.FullyQualifiedName(), role2ID.FullyQualifiedName(), npID.FullyQualifiedName()) + }) +} + +func TestSecurityIntegrations_CreateSnowflakeOauthPartner(t *testing.T) { + id := randomAccountObjectIdentifier() + + // Minimal valid CreateSnowflakeOauthPartnerSecurityIntegrationOptions + defaultOpts := func() *CreateSnowflakeOauthPartnerSecurityIntegrationOptions { + return &CreateSnowflakeOauthPartnerSecurityIntegrationOptions{ + name: id, + OauthClient: "LOOKER", + } + } + + t.Run("validation: nil options", func(t *testing.T) { + var opts *CreateSnowflakeOauthPartnerSecurityIntegrationOptions = nil + assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) + }) + + t.Run("validation: conflicting fields for [opts.OrReplace opts.IfNotExists]", func(t *testing.T) { + opts := defaultOpts() + opts.OrReplace = Bool(true) + opts.IfNotExists = Bool(true) + assertOptsInvalidJoinedErrors(t, opts, errOneOf("CreateSnowflakeOauthPartnerSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + }) + + t.Run("basic", func(t *testing.T) { + opts := defaultOpts() + opts.OrReplace = Bool(true) + assertOptsValidAndSQLEquals(t, opts, "CREATE OR REPLACE SECURITY INTEGRATION %s TYPE = OAUTH OAUTH_CLIENT = LOOKER", id.FullyQualifiedName()) + }) + + t.Run("all options", func(t *testing.T) { + opts := defaultOpts() + blockedRoleID := randomAccountObjectIdentifier() + opts.IfNotExists = Bool(true) + opts.OauthClient = "LOOKER" + opts.OauthRedirectUri = Pointer("uri") + opts.Enabled = Pointer(true) + opts.OauthIssueRefreshTokens = Pointer(true) + opts.OauthRefreshTokenValidity = Pointer(42) + opts.OauthUseSecondaryRoles = Pointer(OauthSecurityIntegrationUseSecondaryRolesNone) + opts.BlockedRolesList = &BlockedRolesList{BlockedRolesList: []AccountObjectIdentifier{blockedRoleID}} + opts.Comment = Pointer("a") + assertOptsValidAndSQLEquals(t, opts, "CREATE SECURITY INTEGRATION IF NOT EXISTS %s TYPE = OAUTH OAUTH_CLIENT = LOOKER OAUTH_REDIRECT_URI = 'uri' ENABLED = true OAUTH_ISSUE_REFRESH_TOKENS = true"+ + " OAUTH_REFRESH_TOKEN_VALIDITY = 42 OAUTH_USE_SECONDARY_ROLES = NONE BLOCKED_ROLES_LIST = (%s) COMMENT = 'a'", id.FullyQualifiedName(), blockedRoleID.FullyQualifiedName()) + }) +} + func TestSecurityIntegrations_CreateSaml2(t *testing.T) { id := randomAccountObjectIdentifier() @@ -103,6 +204,234 @@ func TestSecurityIntegrations_CreateScim(t *testing.T) { }) } +func TestSecurityIntegrations_AlterSnowflakeOauthPartner(t *testing.T) { + id := randomAccountObjectIdentifier() + + // Minimal valid AlterSnowflakeOauthPartnerSecurityIntegrationOptions + defaultOpts := func() *AlterSnowflakeOauthPartnerSecurityIntegrationOptions { + return &AlterSnowflakeOauthPartnerSecurityIntegrationOptions{ + name: id, + } + } + + t.Run("validation: nil options", func(t *testing.T) { + var opts *AlterSnowflakeOauthPartnerSecurityIntegrationOptions = nil + assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) + }) + + t.Run("validation: valid identifier for [opts.name]", func(t *testing.T) { + opts := defaultOpts() + opts.Set = &SnowflakeOauthPartnerIntegrationSet{ + Enabled: Pointer(true), + } + opts.name = NewAccountObjectIdentifier("") + assertOptsInvalidJoinedErrors(t, opts, ErrInvalidObjectIdentifier) + }) + + t.Run("validation: exactly of the fields [opts.*] should be set", func(t *testing.T) { + opts := defaultOpts() + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + }) + + t.Run("validation: at least one of the fields [opts.Set.*] should be set", func(t *testing.T) { + opts := defaultOpts() + opts.Set = &SnowflakeOauthPartnerIntegrationSet{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", + "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment")) + }) + + t.Run("validation: at least one of the fields [opts.Unset.*] should be set", func(t *testing.T) { + opts := defaultOpts() + opts.Unset = &SnowflakeOauthPartnerIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions.Unset", + "Enabled", "OauthUseSecondaryRoles")) + }) + + t.Run("validation: exactly one of the fields [opts.*] should be set", func(t *testing.T) { + opts := defaultOpts() + opts.Set = &SnowflakeOauthPartnerIntegrationSet{} + opts.Unset = &SnowflakeOauthPartnerIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + }) + + t.Run("empty roles lists", func(t *testing.T) { + opts := defaultOpts() + opts.Set = &SnowflakeOauthPartnerIntegrationSet{ + BlockedRolesList: &BlockedRolesList{}, + } + assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s SET BLOCKED_ROLES_LIST = ()", id.FullyQualifiedName()) + }) + + t.Run("all options - set", func(t *testing.T) { + opts := defaultOpts() + roleID := randomAccountObjectIdentifier() + opts.Set = &SnowflakeOauthPartnerIntegrationSet{ + Enabled: Pointer(true), + OauthRedirectUri: Pointer("uri"), + OauthIssueRefreshTokens: Pointer(true), + OauthRefreshTokenValidity: Pointer(42), + OauthUseSecondaryRoles: Pointer(OauthSecurityIntegrationUseSecondaryRolesNone), + BlockedRolesList: &BlockedRolesList{BlockedRolesList: []AccountObjectIdentifier{roleID}}, + Comment: Pointer("a"), + } + assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s SET ENABLED = true, OAUTH_REDIRECT_URI = 'uri', OAUTH_ISSUE_REFRESH_TOKENS = true, OAUTH_REFRESH_TOKEN_VALIDITY = 42,"+ + " OAUTH_USE_SECONDARY_ROLES = NONE, BLOCKED_ROLES_LIST = (%s), COMMENT = 'a'", id.FullyQualifiedName(), roleID.FullyQualifiedName()) + }) + + t.Run("all options - unset", func(t *testing.T) { + opts := defaultOpts() + opts.Unset = &SnowflakeOauthPartnerIntegrationUnset{ + Enabled: Pointer(true), + OauthUseSecondaryRoles: Pointer(true), + } + assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s UNSET ENABLED, OAUTH_USE_SECONDARY_ROLES", id.FullyQualifiedName()) + }) + + t.Run("set tags", func(t *testing.T) { + opts := defaultOpts() + opts.SetTags = []TagAssociation{ + { + Name: NewAccountObjectIdentifier("name"), + Value: "value", + }, + { + Name: NewAccountObjectIdentifier("second-name"), + Value: "second-value", + }, + } + assertOptsValidAndSQLEquals(t, opts, `ALTER SECURITY INTEGRATION %s SET TAG "name" = 'value', "second-name" = 'second-value'`, id.FullyQualifiedName()) + }) + + t.Run("unset tags", func(t *testing.T) { + opts := defaultOpts() + opts.UnsetTags = []ObjectIdentifier{ + NewAccountObjectIdentifier("name"), + NewAccountObjectIdentifier("second-name"), + } + assertOptsValidAndSQLEquals(t, opts, `ALTER SECURITY INTEGRATION %s UNSET TAG "name", "second-name"`, id.FullyQualifiedName()) + }) +} + +func TestSecurityIntegrations_AlterSnowflakeOauthCustom(t *testing.T) { + id := randomAccountObjectIdentifier() + + // Minimal valid AlterSnowflakeOauthCustomSecurityIntegrationOptions + defaultOpts := func() *AlterSnowflakeOauthCustomSecurityIntegrationOptions { + return &AlterSnowflakeOauthCustomSecurityIntegrationOptions{ + name: id, + } + } + + t.Run("validation: nil options", func(t *testing.T) { + var opts *AlterSnowflakeOauthCustomSecurityIntegrationOptions = nil + assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) + }) + + t.Run("validation: valid identifier for [opts.name]", func(t *testing.T) { + opts := defaultOpts() + opts.Set = &SnowflakeOauthCustomIntegrationSet{ + Enabled: Pointer(true), + } + opts.name = NewAccountObjectIdentifier("") + assertOptsInvalidJoinedErrors(t, opts, ErrInvalidObjectIdentifier) + }) + + t.Run("validation: exactly of the fields [opts.*] should be set", func(t *testing.T) { + opts := defaultOpts() + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + }) + + t.Run("validation: at least one of the fields [opts.Set.*] should be set", func(t *testing.T) { + opts := defaultOpts() + opts.Set = &SnowflakeOauthCustomIntegrationSet{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", + "OauthEnforcePkce", "PreAuthorizedRolesList", "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", + "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment")) + }) + + t.Run("validation: at least one of the fields [opts.Unset.*] should be set", func(t *testing.T) { + opts := defaultOpts() + opts.Unset = &SnowflakeOauthCustomIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions.Unset", + "Enabled", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2")) + }) + + t.Run("validation: exactly one of the fields [opts.*] should be set", func(t *testing.T) { + opts := defaultOpts() + opts.Set = &SnowflakeOauthCustomIntegrationSet{} + opts.Unset = &SnowflakeOauthCustomIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + }) + + t.Run("empty roles lists", func(t *testing.T) { + opts := defaultOpts() + opts.Set = &SnowflakeOauthCustomIntegrationSet{ + PreAuthorizedRolesList: &PreAuthorizedRolesList{}, + BlockedRolesList: &BlockedRolesList{}, + } + assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s SET PRE_AUTHORIZED_ROLES_LIST = (), BLOCKED_ROLES_LIST = ()", id.FullyQualifiedName()) + }) + + t.Run("all options - set", func(t *testing.T) { + opts := defaultOpts() + roleID, role2ID, npID := randomAccountObjectIdentifier(), randomAccountObjectIdentifier(), randomAccountObjectIdentifier() + opts.Set = &SnowflakeOauthCustomIntegrationSet{ + Enabled: Pointer(true), + OauthRedirectUri: Pointer("uri"), + OauthAllowNonTlsRedirectUri: Pointer(true), + OauthEnforcePkce: Pointer(true), + OauthUseSecondaryRoles: Pointer(OauthSecurityIntegrationUseSecondaryRolesNone), + PreAuthorizedRolesList: &PreAuthorizedRolesList{PreAuthorizedRolesList: []AccountObjectIdentifier{roleID}}, + BlockedRolesList: &BlockedRolesList{BlockedRolesList: []AccountObjectIdentifier{role2ID}}, + OauthIssueRefreshTokens: Pointer(true), + OauthRefreshTokenValidity: Pointer(42), + NetworkPolicy: Pointer(npID), + OauthClientRsaPublicKey: Pointer("key"), + OauthClientRsaPublicKey2: Pointer("key2"), + Comment: Pointer("a"), + } + assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s SET ENABLED = true, OAUTH_REDIRECT_URI = 'uri', OAUTH_ALLOW_NON_TLS_REDIRECT_URI = true, OAUTH_ENFORCE_PKCE = true,"+ + " OAUTH_USE_SECONDARY_ROLES = NONE, PRE_AUTHORIZED_ROLES_LIST = (%s), BLOCKED_ROLES_LIST = (%s), OAUTH_ISSUE_REFRESH_TOKENS = true, OAUTH_REFRESH_TOKEN_VALIDITY = 42,"+ + " NETWORK_POLICY = %s, OAUTH_CLIENT_RSA_PUBLIC_KEY = 'key', OAUTH_CLIENT_RSA_PUBLIC_KEY_2 = 'key2', COMMENT = 'a'", id.FullyQualifiedName(), roleID.FullyQualifiedName(), role2ID.FullyQualifiedName(), npID.FullyQualifiedName()) + }) + + t.Run("all options - unset", func(t *testing.T) { + opts := defaultOpts() + opts.Unset = &SnowflakeOauthCustomIntegrationUnset{ + Enabled: Pointer(true), + OauthUseSecondaryRoles: Pointer(true), + NetworkPolicy: Pointer(true), + OauthClientRsaPublicKey: Pointer(true), + OauthClientRsaPublicKey2: Pointer(true), + } + assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s UNSET ENABLED, OAUTH_USE_SECONDARY_ROLES, NETWORK_POLICY, OAUTH_CLIENT_RSA_PUBLIC_KEY, OAUTH_CLIENT_RSA_PUBLIC_KEY_2", id.FullyQualifiedName()) + }) + + t.Run("set tags", func(t *testing.T) { + opts := defaultOpts() + opts.SetTags = []TagAssociation{ + { + Name: NewAccountObjectIdentifier("name"), + Value: "value", + }, + { + Name: NewAccountObjectIdentifier("second-name"), + Value: "second-value", + }, + } + assertOptsValidAndSQLEquals(t, opts, `ALTER SECURITY INTEGRATION %s SET TAG "name" = 'value', "second-name" = 'second-value'`, id.FullyQualifiedName()) + }) + + t.Run("unset tags", func(t *testing.T) { + opts := defaultOpts() + opts.UnsetTags = []ObjectIdentifier{ + NewAccountObjectIdentifier("name"), + NewAccountObjectIdentifier("second-name"), + } + assertOptsValidAndSQLEquals(t, opts, `ALTER SECURITY INTEGRATION %s UNSET TAG "name", "second-name"`, id.FullyQualifiedName()) + }) +} + func TestSecurityIntegrations_AlterSaml2(t *testing.T) { id := randomAccountObjectIdentifier() diff --git a/pkg/sdk/security_integrations_impl_gen.go b/pkg/sdk/security_integrations_impl_gen.go index 479af50878..c639799317 100644 --- a/pkg/sdk/security_integrations_impl_gen.go +++ b/pkg/sdk/security_integrations_impl_gen.go @@ -12,6 +12,16 @@ type securityIntegrations struct { client *Client } +func (v *securityIntegrations) CreateSnowflakeOauthPartner(ctx context.Context, request *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) error { + opts := request.toOpts() + return validateAndExec(v.client, ctx, opts) +} + +func (v *securityIntegrations) CreateSnowflakeOauthCustom(ctx context.Context, request *CreateSnowflakeOauthCustomSecurityIntegrationRequest) error { + opts := request.toOpts() + return validateAndExec(v.client, ctx, opts) +} + func (v *securityIntegrations) CreateSaml2(ctx context.Context, request *CreateSaml2SecurityIntegrationRequest) error { opts := request.toOpts() return validateAndExec(v.client, ctx, opts) @@ -22,6 +32,16 @@ func (v *securityIntegrations) CreateScim(ctx context.Context, request *CreateSc return validateAndExec(v.client, ctx, opts) } +func (v *securityIntegrations) AlterSnowflakeOauthPartner(ctx context.Context, request *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) error { + opts := request.toOpts() + return validateAndExec(v.client, ctx, opts) +} + +func (v *securityIntegrations) AlterSnowflakeOauthCustom(ctx context.Context, request *AlterSnowflakeOauthCustomSecurityIntegrationRequest) error { + opts := request.toOpts() + return validateAndExec(v.client, ctx, opts) +} + func (v *securityIntegrations) AlterSaml2(ctx context.Context, request *AlterSaml2SecurityIntegrationRequest) error { opts := request.toOpts() return validateAndExec(v.client, ctx, opts) @@ -68,6 +88,60 @@ func (v *securityIntegrations) ShowByID(ctx context.Context, id AccountObjectIde return collections.FindOne(securityIntegrations, func(r SecurityIntegration) bool { return r.Name == id.Name() }) } +func (r *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) toOpts() *CreateSnowflakeOauthPartnerSecurityIntegrationOptions { + opts := &CreateSnowflakeOauthPartnerSecurityIntegrationOptions{ + OrReplace: r.OrReplace, + IfNotExists: r.IfNotExists, + name: r.name, + OauthClient: r.OauthClient, + OauthRedirectUri: r.OauthRedirectUri, + Enabled: r.Enabled, + OauthIssueRefreshTokens: r.OauthIssueRefreshTokens, + OauthRefreshTokenValidity: r.OauthRefreshTokenValidity, + OauthUseSecondaryRoles: r.OauthUseSecondaryRoles, + + Comment: r.Comment, + } + if r.BlockedRolesList != nil { + opts.BlockedRolesList = &BlockedRolesList{ + BlockedRolesList: r.BlockedRolesList.BlockedRolesList, + } + } + return opts +} + +func (r *CreateSnowflakeOauthCustomSecurityIntegrationRequest) toOpts() *CreateSnowflakeOauthCustomSecurityIntegrationOptions { + opts := &CreateSnowflakeOauthCustomSecurityIntegrationOptions{ + OrReplace: r.OrReplace, + IfNotExists: r.IfNotExists, + name: r.name, + OauthClientType: r.OauthClientType, + OauthRedirectUri: r.OauthRedirectUri, + Enabled: r.Enabled, + OauthAllowNonTlsRedirectUri: r.OauthAllowNonTlsRedirectUri, + OauthEnforcePkce: r.OauthEnforcePkce, + OauthUseSecondaryRoles: r.OauthUseSecondaryRoles, + + OauthIssueRefreshTokens: r.OauthIssueRefreshTokens, + OauthRefreshTokenValidity: r.OauthRefreshTokenValidity, + NetworkPolicy: r.NetworkPolicy, + OauthClientRsaPublicKey: r.OauthClientRsaPublicKey, + OauthClientRsaPublicKey2: r.OauthClientRsaPublicKey2, + Comment: r.Comment, + } + if r.PreAuthorizedRolesList != nil { + opts.PreAuthorizedRolesList = &PreAuthorizedRolesList{ + PreAuthorizedRolesList: r.PreAuthorizedRolesList.PreAuthorizedRolesList, + } + } + if r.BlockedRolesList != nil { + opts.BlockedRolesList = &BlockedRolesList{ + BlockedRolesList: r.BlockedRolesList.BlockedRolesList, + } + } + return opts +} + func (r *CreateSaml2SecurityIntegrationRequest) toOpts() *CreateSaml2SecurityIntegrationOptions { opts := &CreateSaml2SecurityIntegrationOptions{ OrReplace: r.OrReplace, @@ -109,6 +183,83 @@ func (r *CreateScimSecurityIntegrationRequest) toOpts() *CreateScimSecurityInteg return opts } +func (r *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) toOpts() *AlterSnowflakeOauthPartnerSecurityIntegrationOptions { + opts := &AlterSnowflakeOauthPartnerSecurityIntegrationOptions{ + IfExists: r.IfExists, + name: r.name, + SetTags: r.SetTags, + UnsetTags: r.UnsetTags, + } + if r.Set != nil { + opts.Set = &SnowflakeOauthPartnerIntegrationSet{ + Enabled: r.Set.Enabled, + OauthRedirectUri: r.Set.OauthRedirectUri, + OauthIssueRefreshTokens: r.Set.OauthIssueRefreshTokens, + OauthRefreshTokenValidity: r.Set.OauthRefreshTokenValidity, + OauthUseSecondaryRoles: r.Set.OauthUseSecondaryRoles, + + Comment: r.Set.Comment, + } + if r.Set.BlockedRolesList != nil { + opts.Set.BlockedRolesList = &BlockedRolesList{ + BlockedRolesList: r.Set.BlockedRolesList.BlockedRolesList, + } + } + } + if r.Unset != nil { + opts.Unset = &SnowflakeOauthPartnerIntegrationUnset{ + Enabled: r.Unset.Enabled, + OauthUseSecondaryRoles: r.Unset.OauthUseSecondaryRoles, + } + } + return opts +} + +func (r *AlterSnowflakeOauthCustomSecurityIntegrationRequest) toOpts() *AlterSnowflakeOauthCustomSecurityIntegrationOptions { + opts := &AlterSnowflakeOauthCustomSecurityIntegrationOptions{ + IfExists: r.IfExists, + name: r.name, + SetTags: r.SetTags, + UnsetTags: r.UnsetTags, + } + if r.Set != nil { + opts.Set = &SnowflakeOauthCustomIntegrationSet{ + Enabled: r.Set.Enabled, + OauthRedirectUri: r.Set.OauthRedirectUri, + OauthAllowNonTlsRedirectUri: r.Set.OauthAllowNonTlsRedirectUri, + OauthEnforcePkce: r.Set.OauthEnforcePkce, + OauthUseSecondaryRoles: r.Set.OauthUseSecondaryRoles, + + OauthIssueRefreshTokens: r.Set.OauthIssueRefreshTokens, + OauthRefreshTokenValidity: r.Set.OauthRefreshTokenValidity, + NetworkPolicy: r.Set.NetworkPolicy, + OauthClientRsaPublicKey: r.Set.OauthClientRsaPublicKey, + OauthClientRsaPublicKey2: r.Set.OauthClientRsaPublicKey2, + Comment: r.Set.Comment, + } + if r.Set.PreAuthorizedRolesList != nil { + opts.Set.PreAuthorizedRolesList = &PreAuthorizedRolesList{ + PreAuthorizedRolesList: r.Set.PreAuthorizedRolesList.PreAuthorizedRolesList, + } + } + if r.Set.BlockedRolesList != nil { + opts.Set.BlockedRolesList = &BlockedRolesList{ + BlockedRolesList: r.Set.BlockedRolesList.BlockedRolesList, + } + } + } + if r.Unset != nil { + opts.Unset = &SnowflakeOauthCustomIntegrationUnset{ + Enabled: r.Unset.Enabled, + OauthUseSecondaryRoles: r.Unset.OauthUseSecondaryRoles, + NetworkPolicy: r.Unset.NetworkPolicy, + OauthClientRsaPublicKey: r.Unset.OauthClientRsaPublicKey, + OauthClientRsaPublicKey2: r.Unset.OauthClientRsaPublicKey2, + } + } + return opts +} + func (r *AlterSaml2SecurityIntegrationRequest) toOpts() *AlterSaml2SecurityIntegrationOptions { opts := &AlterSaml2SecurityIntegrationOptions{ IfExists: r.IfExists, diff --git a/pkg/sdk/security_integrations_validations_gen.go b/pkg/sdk/security_integrations_validations_gen.go index c3330209b6..2fb16ffa0c 100644 --- a/pkg/sdk/security_integrations_validations_gen.go +++ b/pkg/sdk/security_integrations_validations_gen.go @@ -1,8 +1,12 @@ package sdk var ( + _ validatable = new(CreateSnowflakeOauthPartnerSecurityIntegrationOptions) + _ validatable = new(CreateSnowflakeOauthCustomSecurityIntegrationOptions) _ validatable = new(CreateSaml2SecurityIntegrationOptions) _ validatable = new(CreateScimSecurityIntegrationOptions) + _ validatable = new(AlterSnowflakeOauthPartnerSecurityIntegrationOptions) + _ validatable = new(AlterSnowflakeOauthCustomSecurityIntegrationOptions) _ validatable = new(AlterSaml2SecurityIntegrationOptions) _ validatable = new(AlterScimSecurityIntegrationOptions) _ validatable = new(DropSecurityIntegrationOptions) @@ -10,6 +14,34 @@ var ( _ validatable = new(ShowSecurityIntegrationOptions) ) +func (opts *CreateSnowflakeOauthPartnerSecurityIntegrationOptions) validate() error { + if opts == nil { + return ErrNilOptions + } + var errs []error + if !ValidObjectIdentifier(opts.name) { + errs = append(errs, ErrInvalidObjectIdentifier) + } + if everyValueSet(opts.OrReplace, opts.IfNotExists) { + errs = append(errs, errOneOf("CreateSnowflakeOauthPartnerSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + } + return JoinErrors(errs...) +} + +func (opts *CreateSnowflakeOauthCustomSecurityIntegrationOptions) validate() error { + if opts == nil { + return ErrNilOptions + } + var errs []error + if !ValidObjectIdentifier(opts.name) { + errs = append(errs, ErrInvalidObjectIdentifier) + } + if everyValueSet(opts.OrReplace, opts.IfNotExists) { + errs = append(errs, errOneOf("CreateSnowflakeOauthCustomSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + } + return JoinErrors(errs...) +} + func (opts *CreateSaml2SecurityIntegrationOptions) validate() error { if opts == nil { return ErrNilOptions @@ -38,6 +70,54 @@ func (opts *CreateScimSecurityIntegrationOptions) validate() error { return JoinErrors(errs...) } +func (opts *AlterSnowflakeOauthPartnerSecurityIntegrationOptions) validate() error { + if opts == nil { + return ErrNilOptions + } + var errs []error + if !ValidObjectIdentifier(opts.name) { + errs = append(errs, ErrInvalidObjectIdentifier) + } + if !exactlyOneValueSet(opts.Set, opts.Unset, opts.SetTags, opts.UnsetTags) { + errs = append(errs, errExactlyOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + } + if valueSet(opts.Set) { + if !anyValueSet(opts.Set.Enabled, opts.Set.OauthRedirectUri, opts.Set.OauthIssueRefreshTokens, opts.Set.OauthRefreshTokenValidity, opts.Set.OauthUseSecondaryRoles, opts.Set.BlockedRolesList, opts.Set.Comment) { + errs = append(errs, errAtLeastOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment")) + } + } + if valueSet(opts.Unset) { + if !anyValueSet(opts.Unset.Enabled, opts.Unset.OauthUseSecondaryRoles) { + errs = append(errs, errAtLeastOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles")) + } + } + return JoinErrors(errs...) +} + +func (opts *AlterSnowflakeOauthCustomSecurityIntegrationOptions) validate() error { + if opts == nil { + return ErrNilOptions + } + var errs []error + if !ValidObjectIdentifier(opts.name) { + errs = append(errs, ErrInvalidObjectIdentifier) + } + if !exactlyOneValueSet(opts.Set, opts.Unset, opts.SetTags, opts.UnsetTags) { + errs = append(errs, errExactlyOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + } + if valueSet(opts.Set) { + if !anyValueSet(opts.Set.Enabled, opts.Set.OauthRedirectUri, opts.Set.OauthAllowNonTlsRedirectUri, opts.Set.OauthEnforcePkce, opts.Set.PreAuthorizedRolesList, opts.Set.BlockedRolesList, opts.Set.OauthIssueRefreshTokens, opts.Set.OauthRefreshTokenValidity, opts.Set.OauthUseSecondaryRoles, opts.Set.NetworkPolicy, opts.Set.OauthClientRsaPublicKey, opts.Set.OauthClientRsaPublicKey2, opts.Set.Comment) { + errs = append(errs, errAtLeastOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", "OauthEnforcePkce", "PreAuthorizedRolesList", "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment")) + } + } + if valueSet(opts.Unset) { + if !anyValueSet(opts.Unset.Enabled, opts.Unset.OauthUseSecondaryRoles, opts.Unset.NetworkPolicy, opts.Unset.OauthClientRsaPublicKey, opts.Unset.OauthClientRsaPublicKey2) { + errs = append(errs, errAtLeastOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2")) + } + } + return JoinErrors(errs...) +} + func (opts *AlterSaml2SecurityIntegrationOptions) validate() error { if opts == nil { return ErrNilOptions diff --git a/pkg/sdk/testint/security_integrations_gen_integration_test.go b/pkg/sdk/testint/security_integrations_gen_integration_test.go index 4c2a3c164f..23a0448b22 100644 --- a/pkg/sdk/testint/security_integrations_gen_integration_test.go +++ b/pkg/sdk/testint/security_integrations_gen_integration_test.go @@ -1,12 +1,13 @@ package testint import ( - "fmt" + "strings" "testing" "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/acceptance/helpers/random" "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/internal/snowflakeroles" "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/sdk" + "github.com/Snowflake-Labs/terraform-provider-snowflake/pkg/sdk/internal/collections" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -15,10 +16,11 @@ func TestInt_SecurityIntegrations(t *testing.T) { client := testClient(t) ctx := testContext(t) - // TODO: move URL to helpers - acsURL := fmt.Sprintf("https://%s.snowflakecomputing.com/fed/login", testClientHelper().Context.CurrentAccount(t)) - issuerURL := fmt.Sprintf("https://%s.snowflakecomputing.com", testClientHelper().Context.CurrentAccount(t)) + acsURL := testClientHelper().Context.ACSURL(t) + issuerURL := testClientHelper().Context.IssuerURL(t) cert := random.GenerateX509(t) + rsaKey := random.GenerateRSAPublicKey(t) + revertParameter := testClientHelper().Parameter.UpdateAccountParameterTemporarily(t, sdk.AccountParameterEnableIdentifierFirstLogin, "true") t.Cleanup(revertParameter) @@ -29,6 +31,36 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.NoError(t, err) }) } + createSnowflakeOauthCustom := func(t *testing.T, siID sdk.AccountObjectIdentifier, with func(*sdk.CreateSnowflakeOauthCustomSecurityIntegrationRequest)) *sdk.SecurityIntegration { + t.Helper() + + req := sdk.NewCreateSnowflakeOauthCustomSecurityIntegrationRequest(siID, sdk.OauthSecurityIntegrationClientTypePublic, "https://example.com") + if with != nil { + with(req) + } + err := client.SecurityIntegrations.CreateSnowflakeOauthCustom(ctx, req) + require.NoError(t, err) + cleanupSecurityIntegration(t, siID) + integration, err := client.SecurityIntegrations.ShowByID(ctx, siID) + require.NoError(t, err) + + return integration + } + createSnowflakeOauthPartner := func(t *testing.T, siID sdk.AccountObjectIdentifier, with func(*sdk.CreateSnowflakeOauthPartnerSecurityIntegrationRequest)) *sdk.SecurityIntegration { + t.Helper() + + req := sdk.NewCreateSnowflakeOauthPartnerSecurityIntegrationRequest(siID, sdk.OauthSecurityIntegrationClientLooker) + if with != nil { + with(req) + } + err := client.SecurityIntegrations.CreateSnowflakeOauthPartner(ctx, req) + require.NoError(t, err) + cleanupSecurityIntegration(t, siID) + integration, err := client.SecurityIntegrations.ShowByID(ctx, siID) + require.NoError(t, err) + + return integration + } createSAML2Integration := func(t *testing.T, siID sdk.AccountObjectIdentifier, issuer string, with func(*sdk.CreateSaml2SecurityIntegrationRequest)) *sdk.SecurityIntegration { t.Helper() @@ -73,6 +105,48 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.Equal(t, "SECURITY", si.Category) } + type snowflakeOauthPartnerDetails struct { + enabled string + oauthIssueRefreshTokens string + refreshTokenValidity string + useSecondaryRoles string + preAuthorizedRolesList string + blockedRolesList string + networkPolicy string + comment string + } + + assertSnowflakeOauthPartner := func(details []sdk.SecurityIntegrationProperty, d snowflakeOauthPartnerDetails) { + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "ENABLED", Type: "Boolean", Value: d.enabled, Default: "false"}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_ISSUE_REFRESH_TOKENS", Type: "Boolean", Value: d.oauthIssueRefreshTokens, Default: "true"}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_REFRESH_TOKEN_VALIDITY", Type: "Integer", Value: d.refreshTokenValidity, Default: "7776000"}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_USE_SECONDARY_ROLES", Type: "String", Value: d.useSecondaryRoles, Default: "NONE"}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "PRE_AUTHORIZED_ROLES_LIST", Type: "List", Value: d.preAuthorizedRolesList, Default: "[]"}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "NETWORK_POLICY", Type: "String", Value: d.networkPolicy, Default: ""}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "COMMENT", Type: "String", Value: d.comment, Default: ""}) + // Chech one-by-one because snowflake returns a few extra roles + found, err := collections.FindOne(details, func(d sdk.SecurityIntegrationProperty) bool { return d.Name == "BLOCKED_ROLES_LIST" }) + assert.NoError(t, err) + roles := strings.Split(found.Value, ",") + for _, exp := range strings.Split(d.blockedRolesList, ",") { + assert.Contains(t, roles, exp) + } + } + + assertSnowflakeOauthCustom := func(details []sdk.SecurityIntegrationProperty, d snowflakeOauthPartnerDetails, allowNonTlsRedirectUri, clientType, enforcePkce string) { + assertSnowflakeOauthPartner(details, d) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_ALLOW_NON_TLS_REDIRECT_URI", Type: "Boolean", Value: allowNonTlsRedirectUri, Default: "false"}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_CLIENT_TYPE", Type: "String", Value: clientType, Default: "CONFIDENTIAL"}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_ENFORCE_PKCE", Type: "Boolean", Value: enforcePkce, Default: "false"}) + // Keys are hashed in snowflake, so we check only if these fields are present + keys := make(map[string]struct{}) + for _, detail := range details { + keys[detail.Name] = struct{}{} + } + assert.Contains(t, keys, "OAUTH_CLIENT_RSA_PUBLIC_KEY_FP") + assert.Contains(t, keys, "OAUTH_CLIENT_RSA_PUBLIC_KEY_2_FP") + } + assertSCIMDescribe := func(details []sdk.SecurityIntegrationProperty, enabled, networkPolicy, runAsRole, syncPassword, comment string) { assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "ENABLED", Type: "Boolean", Value: enabled, Default: "false"}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "NETWORK_POLICY", Type: "String", Value: networkPolicy, Default: ""}) @@ -81,7 +155,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "COMMENT", Type: "String", Value: comment, Default: ""}) } - type saml2details struct { + type saml2Details struct { provider string enableSPInitiated string spInitiatedLoginPageLabel string @@ -98,7 +172,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { allowedEmailPatterns string } - assertSAML2Describe := func(details []sdk.SecurityIntegrationProperty, d saml2details) { + assertSAML2Describe := func(details []sdk.SecurityIntegrationProperty, d saml2Details) { assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "SAML2_X509_CERT", Type: "String", Value: cert, Default: ""}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "SAML2_PROVIDER", Type: "String", Value: d.provider, Default: ""}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "SAML2_ENABLE_SP_INITIATED", Type: "Boolean", Value: d.enableSPInitiated, Default: "false"}) @@ -118,6 +192,75 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "ALLOWED_EMAIL_PATTERNS", Type: "List", Value: d.allowedEmailPatterns, Default: "[]"}) } + t.Run("CreateSnowflakeOauthPartner", func(t *testing.T) { + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + role1, role1Cleanup := testClientHelper().Role.CreateRole(t) + t.Cleanup(role1Cleanup) + + integration := createSnowflakeOauthPartner(t, id, func(r *sdk.CreateSnowflakeOauthPartnerSecurityIntegrationRequest) { + r.WithBlockedRolesList(&sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). + WithComment(sdk.Pointer("a")). + WithEnabled(sdk.Pointer(true)). + WithOauthIssueRefreshTokens(sdk.Pointer(true)). + WithOauthRedirectUri(sdk.Pointer("http://example.com")). + WithOauthRefreshTokenValidity(sdk.Pointer(12345)). + WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)) + }) + details, err := client.SecurityIntegrations.Describe(ctx, id) + require.NoError(t, err) + + assertSnowflakeOauthPartner(details, snowflakeOauthPartnerDetails{ + enabled: "true", + oauthIssueRefreshTokens: "true", + refreshTokenValidity: "12345", + useSecondaryRoles: string(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit), + blockedRolesList: role1.Name, + comment: "a", + }) + + assertSecurityIntegration(t, integration, id, "OAUTH - LOOKER", true, "a") + }) + + t.Run("CreateSnowflakeOauthCustom", func(t *testing.T) { + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + networkPolicy, networkPolicyCleanup := testClientHelper().NetworkPolicy.CreateNetworkPolicy(t) + t.Cleanup(networkPolicyCleanup) + role1, role1Cleanup := testClientHelper().Role.CreateRole(t) + t.Cleanup(role1Cleanup) + role2, role2Cleanup := testClientHelper().Role.CreateRole(t) + t.Cleanup(role2Cleanup) + + integration := createSnowflakeOauthCustom(t, id, func(r *sdk.CreateSnowflakeOauthCustomSecurityIntegrationRequest) { + r.WithBlockedRolesList(&sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). + WithComment(sdk.Pointer("a")). + WithEnabled(sdk.Pointer(true)). + WithNetworkPolicy(sdk.Pointer(sdk.NewAccountObjectIdentifier(networkPolicy.Name))). + WithOauthAllowNonTlsRedirectUri(sdk.Pointer(true)). + WithOauthClientRsaPublicKey(sdk.Pointer(rsaKey)). + WithOauthClientRsaPublicKey2(sdk.Pointer(rsaKey)). + WithOauthEnforcePkce(sdk.Pointer(true)). + WithOauthIssueRefreshTokens(sdk.Pointer(true)). + WithOauthRefreshTokenValidity(sdk.Pointer(12345)). + WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)). + WithPreAuthorizedRolesList(&sdk.PreAuthorizedRolesListRequest{PreAuthorizedRolesList: []sdk.AccountObjectIdentifier{role2.ID()}}) + }) + details, err := client.SecurityIntegrations.Describe(ctx, id) + require.NoError(t, err) + + assertSnowflakeOauthCustom(details, snowflakeOauthPartnerDetails{ + enabled: "true", + oauthIssueRefreshTokens: "true", + refreshTokenValidity: "12345", + useSecondaryRoles: string(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit), + preAuthorizedRolesList: role2.Name, + blockedRolesList: role1.Name, + networkPolicy: networkPolicy.Name, + comment: "a", + }, "true", string(sdk.OauthSecurityIntegrationClientTypePublic), "true") + + assertSecurityIntegration(t, integration, id, "OAUTH - CUSTOM", true, "a") + }) + t.Run("CreateSaml2", func(t *testing.T) { id := testClientHelper().Ids.RandomAccountObjectIdentifier() issuer := testClientHelper().Ids.Alpha() @@ -140,7 +283,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) - assertSAML2Describe(details, saml2details{ + assertSAML2Describe(details, saml2Details{ provider: "Custom", enableSPInitiated: "true", spInitiatedLoginPageLabel: "label", @@ -182,6 +325,194 @@ func TestInt_SecurityIntegrations(t *testing.T) { assertSecurityIntegration(t, si, id, "SCIM - GENERIC", false, "a") }) + t.Run("AlterSnowflakeOauthPartner", func(t *testing.T) { + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + createSnowflakeOauthPartner(t, id, func(r *sdk.CreateSnowflakeOauthPartnerSecurityIntegrationRequest) { + r.WithOauthRedirectUri(sdk.Pointer("http://example.com")) + }) + + setRequest := sdk.NewAlterSnowflakeOauthPartnerSecurityIntegrationRequest(id). + WithSet( + sdk.NewSnowflakeOauthPartnerIntegrationSetRequest(). + WithBlockedRolesList(sdk.NewBlockedRolesListRequest()). + WithComment(sdk.Pointer("a")). + WithEnabled(sdk.Pointer(true)). + WithOauthIssueRefreshTokens(sdk.Pointer(true)). + WithOauthRedirectUri(sdk.Pointer("http://example2.com")). + WithOauthRefreshTokenValidity(sdk.Pointer(22222)). + WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)), + ) + err := client.SecurityIntegrations.AlterSnowflakeOauthPartner(ctx, setRequest) + require.NoError(t, err) + + details, err := client.SecurityIntegrations.Describe(ctx, id) + require.NoError(t, err) + + assertSnowflakeOauthPartner(details, snowflakeOauthPartnerDetails{ + enabled: "true", + oauthIssueRefreshTokens: "true", + refreshTokenValidity: "22222", + useSecondaryRoles: string(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit), + preAuthorizedRolesList: "", + blockedRolesList: "ACCOUNTADMIN,SECURITYADMIN", + networkPolicy: "", + comment: "a", + }) + + unsetRequest := sdk.NewAlterSnowflakeOauthPartnerSecurityIntegrationRequest(id). + WithUnset( + sdk.NewSnowflakeOauthPartnerIntegrationUnsetRequest(). + WithEnabled(sdk.Pointer(true)). + WithOauthUseSecondaryRoles(sdk.Pointer(true)), + ) + err = client.SecurityIntegrations.AlterSnowflakeOauthPartner(ctx, unsetRequest) + require.NoError(t, err) + + details, err = client.SecurityIntegrations.Describe(ctx, id) + require.NoError(t, err) + + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "ENABLED", Type: "Boolean", Value: "false", Default: "false"}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_USE_SECONDARY_ROLES", Type: "String", Value: "NONE", Default: "NONE"}) + }) + + t.Run("AlterSnowflakeOauthPartner - set and unset tags", func(t *testing.T) { + tag, tagCleanup := testClientHelper().Tag.CreateTag(t) + t.Cleanup(tagCleanup) + + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + createSnowflakeOauthPartner(t, id, nil) + + tagValue := "abc" + tags := []sdk.TagAssociation{ + { + Name: tag.ID(), + Value: tagValue, + }, + } + alterRequestSetTags := sdk.NewAlterSnowflakeOauthPartnerSecurityIntegrationRequest(id).WithSetTags(tags) + + err := client.SecurityIntegrations.AlterSnowflakeOauthPartner(ctx, alterRequestSetTags) + require.NoError(t, err) + + returnedTagValue, err := client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) + require.NoError(t, err) + + assert.Equal(t, tagValue, returnedTagValue) + + unsetTags := []sdk.ObjectIdentifier{ + tag.ID(), + } + alterRequestUnsetTags := sdk.NewAlterSnowflakeOauthPartnerSecurityIntegrationRequest(id).WithUnsetTags(unsetTags) + + err = client.SecurityIntegrations.AlterSnowflakeOauthPartner(ctx, alterRequestUnsetTags) + require.NoError(t, err) + + _, err = client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) + require.Error(t, err) + }) + + t.Run("AlterSnowflakeOauthCustom", func(t *testing.T) { + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + createSnowflakeOauthCustom(t, id, nil) + + networkPolicy, networkPolicyCleanup := testClientHelper().NetworkPolicy.CreateNetworkPolicy(t) + t.Cleanup(networkPolicyCleanup) + role1, role1Cleanup := testClientHelper().Role.CreateRole(t) + t.Cleanup(role1Cleanup) + role2, role2Cleanup := testClientHelper().Role.CreateRole(t) + t.Cleanup(role2Cleanup) + + setRequest := sdk.NewAlterSnowflakeOauthCustomSecurityIntegrationRequest(id). + WithSet( + sdk.NewSnowflakeOauthCustomIntegrationSetRequest(). + WithEnabled(sdk.Pointer(true)). + WithBlockedRolesList(&sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). + WithComment(sdk.Pointer("a")). + WithNetworkPolicy(sdk.Pointer(sdk.NewAccountObjectIdentifier(networkPolicy.Name))). + WithOauthAllowNonTlsRedirectUri(sdk.Pointer(true)). + WithOauthClientRsaPublicKey(sdk.Pointer(rsaKey)). + WithOauthClientRsaPublicKey2(sdk.Pointer(rsaKey)). + WithOauthEnforcePkce(sdk.Pointer(true)). + WithOauthIssueRefreshTokens(sdk.Pointer(true)). + WithOauthRedirectUri(sdk.Pointer("http://example2.com")). + WithOauthRefreshTokenValidity(sdk.Pointer(22222)). + WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)). + WithPreAuthorizedRolesList(&sdk.PreAuthorizedRolesListRequest{PreAuthorizedRolesList: []sdk.AccountObjectIdentifier{role2.ID()}}), + ) + err := client.SecurityIntegrations.AlterSnowflakeOauthCustom(ctx, setRequest) + require.NoError(t, err) + + details, err := client.SecurityIntegrations.Describe(ctx, id) + require.NoError(t, err) + + assertSnowflakeOauthCustom(details, snowflakeOauthPartnerDetails{ + enabled: "true", + oauthIssueRefreshTokens: "true", + refreshTokenValidity: "22222", + useSecondaryRoles: string(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit), + preAuthorizedRolesList: role2.Name, + blockedRolesList: role1.Name, + networkPolicy: networkPolicy.Name, + comment: "a", + }, "true", string(sdk.OauthSecurityIntegrationClientTypePublic), "true") + + unsetRequest := sdk.NewAlterSnowflakeOauthCustomSecurityIntegrationRequest(id). + WithUnset( + sdk.NewSnowflakeOauthCustomIntegrationUnsetRequest(). + WithEnabled(sdk.Bool(true)). + WithOauthUseSecondaryRoles(sdk.Bool(true)). + WithNetworkPolicy(sdk.Bool(true)). + WithOauthClientRsaPublicKey(sdk.Bool(true)). + WithOauthClientRsaPublicKey2(sdk.Bool(true)), + ) + err = client.SecurityIntegrations.AlterSnowflakeOauthCustom(ctx, unsetRequest) + require.NoError(t, err) + + details, err = client.SecurityIntegrations.Describe(ctx, id) + require.NoError(t, err) + + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "ENABLED", Type: "Boolean", Value: "false", Default: "false"}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_USE_SECONDARY_ROLES", Type: "String", Value: "NONE", Default: "NONE"}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "NETWORK_POLICY", Type: "String", Value: "", Default: ""}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_CLIENT_RSA_PUBLIC_KEY_FP", Type: "String", Value: "", Default: ""}) + assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_CLIENT_RSA_PUBLIC_KEY_2_FP", Type: "String", Value: "", Default: ""}) + }) + + t.Run("AlterSnowflakeOauthCustom - set and unset tags", func(t *testing.T) { + tag, tagCleanup := testClientHelper().Tag.CreateTag(t) + t.Cleanup(tagCleanup) + + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + createSnowflakeOauthCustom(t, id, nil) + + tagValue := "abc" + tags := []sdk.TagAssociation{ + { + Name: tag.ID(), + Value: tagValue, + }, + } + alterRequestSetTags := sdk.NewAlterSnowflakeOauthCustomSecurityIntegrationRequest(id).WithSetTags(tags) + + err := client.SecurityIntegrations.AlterSnowflakeOauthCustom(ctx, alterRequestSetTags) + require.NoError(t, err) + + returnedTagValue, err := client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) + require.NoError(t, err) + + assert.Equal(t, tagValue, returnedTagValue) + + unsetTags := []sdk.ObjectIdentifier{ + tag.ID(), + } + alterRequestUnsetTags := sdk.NewAlterSnowflakeOauthCustomSecurityIntegrationRequest(id).WithUnsetTags(unsetTags) + + err = client.SecurityIntegrations.AlterSnowflakeOauthCustom(ctx, alterRequestUnsetTags) + require.NoError(t, err) + + _, err = client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) + require.Error(t, err) + }) t.Run("AlterSAML2Integration", func(t *testing.T) { id := testClientHelper().Ids.RandomAccountObjectIdentifier() issuer := testClientHelper().Ids.Alpha() @@ -215,7 +546,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) - assertSAML2Describe(details, saml2details{ + assertSAML2Describe(details, saml2Details{ provider: "OKTA", enableSPInitiated: "true", spInitiatedLoginPageLabel: "label", @@ -414,6 +745,34 @@ func TestInt_SecurityIntegrations(t *testing.T) { assertSecurityIntegration(t, si, id, "SCIM - GENERIC", false, "") }) + t.Run("Show SnowflakeOauthPartner", func(t *testing.T) { + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + si1 := createSnowflakeOauthPartner(t, id, nil) + id2 := testClientHelper().Ids.RandomAccountObjectIdentifier() + si2 := createSnowflakeOauthPartner(t, id2, nil) + + returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(&sdk.Like{ + Pattern: sdk.Pointer(id.Name()), + })) + require.NoError(t, err) + assert.Contains(t, returnedIntegrations, *si1) + assert.NotContains(t, returnedIntegrations, *si2) + }) + + t.Run("Show SnowflakeOauthCustom", func(t *testing.T) { + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + si1 := createSnowflakeOauthCustom(t, id, nil) + id2 := testClientHelper().Ids.RandomAccountObjectIdentifier() + si2 := createSnowflakeOauthCustom(t, id2, nil) + + returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(&sdk.Like{ + Pattern: sdk.Pointer(id.Name()), + })) + require.NoError(t, err) + assert.Contains(t, returnedIntegrations, *si1) + assert.NotContains(t, returnedIntegrations, *si2) + }) + t.Run("Show SAML2", func(t *testing.T) { id := testClientHelper().Ids.RandomAccountObjectIdentifier() si1 := createSAML2Integration(t, id, testClientHelper().Ids.Alpha(), nil) From 22971e35d997ecdf0c9e072de377822777a2ff13 Mon Sep 17 00:00:00 2001 From: Jakub Michalak Date: Wed, 22 May 2024 09:56:17 +0200 Subject: [PATCH 2/4] Fix tests and rename oauth --- pkg/sdk/security_integrations_def.go | 24 +-- .../security_integrations_dto_builders_gen.go | 160 +++++++++--------- pkg/sdk/security_integrations_dto_gen.go | 36 ++-- pkg/sdk/security_integrations_gen.go | 40 ++--- pkg/sdk/security_integrations_gen_test.go | 92 +++++----- pkg/sdk/security_integrations_impl_gen.go | 32 ++-- .../security_integrations_validations_gen.go | 32 ++-- ...urity_integrations_gen_integration_test.go | 106 ++++++------ 8 files changed, 262 insertions(+), 260 deletions(-) diff --git a/pkg/sdk/security_integrations_def.go b/pkg/sdk/security_integrations_def.go index 0b2c472f87..48ad887aad 100644 --- a/pkg/sdk/security_integrations_def.go +++ b/pkg/sdk/security_integrations_def.go @@ -78,7 +78,7 @@ func alterSecurityIntegrationOperation(structName string, apply func(qs *g.Query return qs } -var snowflakeOauthPartnerIntegrationSetDef = g.NewQueryStruct("SnowflakeOauthPartnerIntegrationSet"). +var snowflakeOauthPartnerIntegrationSetDef = g.NewQueryStruct("OauthPartnerIntegrationSet"). OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). OptionalTextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().SingleQuotes()). OptionalBooleanAssignment("OAUTH_ISSUE_REFRESH_TOKENS", g.ParameterOptions()). @@ -93,12 +93,12 @@ var snowflakeOauthPartnerIntegrationSetDef = g.NewQueryStruct("SnowflakeOauthPar WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthRedirectUri", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment") -var snowflakeOauthPartnerIntegrationUnsetDef = g.NewQueryStruct("SnowflakeOauthPartnerIntegrationUnset"). +var snowflakeOauthPartnerIntegrationUnsetDef = g.NewQueryStruct("OauthPartnerIntegrationUnset"). OptionalSQL("ENABLED"). OptionalSQL("OAUTH_USE_SECONDARY_ROLES"). WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthUseSecondaryRoles") -var snowflakeOauthCustomIntegrationSetDef = g.NewQueryStruct("SnowflakeOauthCustomIntegrationSet"). +var snowflakeOauthCustomIntegrationSetDef = g.NewQueryStruct("OauthCustomIntegrationSet"). OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). OptionalTextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().SingleQuotes()). OptionalBooleanAssignment("OAUTH_ALLOW_NON_TLS_REDIRECT_URI", g.ParameterOptions()). @@ -120,7 +120,7 @@ var snowflakeOauthCustomIntegrationSetDef = g.NewQueryStruct("SnowflakeOauthCust "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment") -var snowflakeOauthCustomIntegrationUnsetDef = g.NewQueryStruct("SnowflakeOauthCustomIntegrationUnset"). +var snowflakeOauthCustomIntegrationUnsetDef = g.NewQueryStruct("OauthCustomIntegrationUnset"). OptionalSQL("ENABLED"). OptionalSQL("OAUTH_USE_SECONDARY_ROLES"). OptionalSQL("NETWORK_POLICY"). @@ -177,9 +177,9 @@ var SecurityIntegrationsDef = g.NewInterface( g.KindOfT[AccountObjectIdentifier](), ). CustomOperation( - "CreateSnowflakeOauthPartner", + "CreateOauthPartner", "https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake", - createSecurityIntegrationOperation("CreateSnowflakeOauthPartner", func(qs *g.QueryStruct) *g.QueryStruct { + createSecurityIntegrationOperation("CreateOauthPartner", func(qs *g.QueryStruct) *g.QueryStruct { return qs. PredefinedQueryStructField("integrationType", "string", g.StaticOptions().SQL("TYPE = OAUTH")). Assignment( @@ -202,9 +202,9 @@ var SecurityIntegrationsDef = g.NewInterface( blockedRolesListDef, ). CustomOperation( - "CreateSnowflakeOauthCustom", + "CreateOauthCustom", "https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake", - createSecurityIntegrationOperation("CreateSnowflakeOauthCustom", func(qs *g.QueryStruct) *g.QueryStruct { + createSecurityIntegrationOperation("CreateOauthCustom", func(qs *g.QueryStruct) *g.QueryStruct { return qs. PredefinedQueryStructField("integrationType", "string", g.StaticOptions().SQL("TYPE = OAUTH")). PredefinedQueryStructField("oauthClient", "string", g.StaticOptions().SQL("OAUTH_CLIENT = CUSTOM")). @@ -279,9 +279,9 @@ var SecurityIntegrationsDef = g.NewInterface( }), ). CustomOperation( - "AlterSnowflakeOauthPartner", + "AlterOauthPartner", "https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake", - alterSecurityIntegrationOperation("AlterSnowflakeOauthPartner", func(qs *g.QueryStruct) *g.QueryStruct { + alterSecurityIntegrationOperation("AlterOauthPartner", func(qs *g.QueryStruct) *g.QueryStruct { return qs.OptionalQueryStructField( "Set", snowflakeOauthPartnerIntegrationSetDef, @@ -294,9 +294,9 @@ var SecurityIntegrationsDef = g.NewInterface( }), ). CustomOperation( - "AlterSnowflakeOauthCustom", + "AlterOauthCustom", "https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake", - alterSecurityIntegrationOperation("AlterSnowflakeOauthCustom", func(qs *g.QueryStruct) *g.QueryStruct { + alterSecurityIntegrationOperation("AlterOauthCustom", func(qs *g.QueryStruct) *g.QueryStruct { return qs.OptionalQueryStructField( "Set", snowflakeOauthCustomIntegrationSetDef, diff --git a/pkg/sdk/security_integrations_dto_builders_gen.go b/pkg/sdk/security_integrations_dto_builders_gen.go index 96822ad8b0..163c74f8d4 100644 --- a/pkg/sdk/security_integrations_dto_builders_gen.go +++ b/pkg/sdk/security_integrations_dto_builders_gen.go @@ -4,57 +4,57 @@ package sdk import () -func NewCreateSnowflakeOauthPartnerSecurityIntegrationRequest( +func NewCreateOauthPartnerSecurityIntegrationRequest( name AccountObjectIdentifier, OauthClient OauthSecurityIntegrationClientOption, -) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { - s := CreateSnowflakeOauthPartnerSecurityIntegrationRequest{} +) *CreateOauthPartnerSecurityIntegrationRequest { + s := CreateOauthPartnerSecurityIntegrationRequest{} s.name = name s.OauthClient = OauthClient return &s } -func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithOrReplace(OrReplace *bool) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *CreateOauthPartnerSecurityIntegrationRequest) WithOrReplace(OrReplace *bool) *CreateOauthPartnerSecurityIntegrationRequest { s.OrReplace = OrReplace return s } -func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithIfNotExists(IfNotExists *bool) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *CreateOauthPartnerSecurityIntegrationRequest) WithIfNotExists(IfNotExists *bool) *CreateOauthPartnerSecurityIntegrationRequest { s.IfNotExists = IfNotExists return s } -func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithOauthRedirectUri(OauthRedirectUri *string) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *CreateOauthPartnerSecurityIntegrationRequest) WithOauthRedirectUri(OauthRedirectUri *string) *CreateOauthPartnerSecurityIntegrationRequest { s.OauthRedirectUri = OauthRedirectUri return s } -func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithEnabled(Enabled *bool) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *CreateOauthPartnerSecurityIntegrationRequest) WithEnabled(Enabled *bool) *CreateOauthPartnerSecurityIntegrationRequest { s.Enabled = Enabled return s } -func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *CreateOauthPartnerSecurityIntegrationRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *CreateOauthPartnerSecurityIntegrationRequest { s.OauthIssueRefreshTokens = OauthIssueRefreshTokens return s } -func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *CreateOauthPartnerSecurityIntegrationRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *CreateOauthPartnerSecurityIntegrationRequest { s.OauthRefreshTokenValidity = OauthRefreshTokenValidity return s } -func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *CreateOauthPartnerSecurityIntegrationRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *CreateOauthPartnerSecurityIntegrationRequest { s.OauthUseSecondaryRoles = OauthUseSecondaryRoles return s } -func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *CreateOauthPartnerSecurityIntegrationRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *CreateOauthPartnerSecurityIntegrationRequest { s.BlockedRolesList = BlockedRolesList return s } -func (s *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) WithComment(Comment *string) *CreateSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *CreateOauthPartnerSecurityIntegrationRequest) WithComment(Comment *string) *CreateOauthPartnerSecurityIntegrationRequest { s.Comment = Comment return s } @@ -68,84 +68,84 @@ func (s *BlockedRolesListRequest) WithBlockedRolesList(BlockedRolesList []Accoun return s } -func NewCreateSnowflakeOauthCustomSecurityIntegrationRequest( +func NewCreateOauthCustomSecurityIntegrationRequest( name AccountObjectIdentifier, OauthClientType OauthSecurityIntegrationClientTypeOption, OauthRedirectUri string, -) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { - s := CreateSnowflakeOauthCustomSecurityIntegrationRequest{} +) *CreateOauthCustomSecurityIntegrationRequest { + s := CreateOauthCustomSecurityIntegrationRequest{} s.name = name s.OauthClientType = OauthClientType s.OauthRedirectUri = OauthRedirectUri return &s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOrReplace(OrReplace *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithOrReplace(OrReplace *bool) *CreateOauthCustomSecurityIntegrationRequest { s.OrReplace = OrReplace return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithIfNotExists(IfNotExists *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithIfNotExists(IfNotExists *bool) *CreateOauthCustomSecurityIntegrationRequest { s.IfNotExists = IfNotExists return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithEnabled(Enabled *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithEnabled(Enabled *bool) *CreateOauthCustomSecurityIntegrationRequest { s.Enabled = Enabled return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthAllowNonTlsRedirectUri(OauthAllowNonTlsRedirectUri *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthAllowNonTlsRedirectUri(OauthAllowNonTlsRedirectUri *bool) *CreateOauthCustomSecurityIntegrationRequest { s.OauthAllowNonTlsRedirectUri = OauthAllowNonTlsRedirectUri return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthEnforcePkce(OauthEnforcePkce *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthEnforcePkce(OauthEnforcePkce *bool) *CreateOauthCustomSecurityIntegrationRequest { s.OauthEnforcePkce = OauthEnforcePkce return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *CreateOauthCustomSecurityIntegrationRequest { s.OauthUseSecondaryRoles = OauthUseSecondaryRoles return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList *PreAuthorizedRolesListRequest) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList *PreAuthorizedRolesListRequest) *CreateOauthCustomSecurityIntegrationRequest { s.PreAuthorizedRolesList = PreAuthorizedRolesList return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *CreateOauthCustomSecurityIntegrationRequest { s.BlockedRolesList = BlockedRolesList return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *CreateOauthCustomSecurityIntegrationRequest { s.OauthIssueRefreshTokens = OauthIssueRefreshTokens return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *CreateOauthCustomSecurityIntegrationRequest { s.OauthRefreshTokenValidity = OauthRefreshTokenValidity return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithNetworkPolicy(NetworkPolicy *AccountObjectIdentifier) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithNetworkPolicy(NetworkPolicy *AccountObjectIdentifier) *CreateOauthCustomSecurityIntegrationRequest { s.NetworkPolicy = NetworkPolicy return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *string) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *string) *CreateOauthCustomSecurityIntegrationRequest { s.OauthClientRsaPublicKey = OauthClientRsaPublicKey return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *string) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *string) *CreateOauthCustomSecurityIntegrationRequest { s.OauthClientRsaPublicKey2 = OauthClientRsaPublicKey2 return s } -func (s *CreateSnowflakeOauthCustomSecurityIntegrationRequest) WithComment(Comment *string) *CreateSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *CreateOauthCustomSecurityIntegrationRequest) WithComment(Comment *string) *CreateOauthCustomSecurityIntegrationRequest { s.Comment = Comment return s } @@ -286,219 +286,219 @@ func (s *CreateScimSecurityIntegrationRequest) WithComment(Comment *string) *Cre return s } -func NewAlterSnowflakeOauthPartnerSecurityIntegrationRequest( +func NewAlterOauthPartnerSecurityIntegrationRequest( name AccountObjectIdentifier, -) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { - s := AlterSnowflakeOauthPartnerSecurityIntegrationRequest{} +) *AlterOauthPartnerSecurityIntegrationRequest { + s := AlterOauthPartnerSecurityIntegrationRequest{} s.name = name return &s } -func (s *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) WithIfExists(IfExists *bool) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *AlterOauthPartnerSecurityIntegrationRequest) WithIfExists(IfExists *bool) *AlterOauthPartnerSecurityIntegrationRequest { s.IfExists = IfExists return s } -func (s *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) WithSetTags(SetTags []TagAssociation) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *AlterOauthPartnerSecurityIntegrationRequest) WithSetTags(SetTags []TagAssociation) *AlterOauthPartnerSecurityIntegrationRequest { s.SetTags = SetTags return s } -func (s *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectIdentifier) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *AlterOauthPartnerSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectIdentifier) *AlterOauthPartnerSecurityIntegrationRequest { s.UnsetTags = UnsetTags return s } -func (s *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) WithSet(Set *SnowflakeOauthPartnerIntegrationSetRequest) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *AlterOauthPartnerSecurityIntegrationRequest) WithSet(Set *OauthPartnerIntegrationSetRequest) *AlterOauthPartnerSecurityIntegrationRequest { s.Set = Set return s } -func (s *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) WithUnset(Unset *SnowflakeOauthPartnerIntegrationUnsetRequest) *AlterSnowflakeOauthPartnerSecurityIntegrationRequest { +func (s *AlterOauthPartnerSecurityIntegrationRequest) WithUnset(Unset *OauthPartnerIntegrationUnsetRequest) *AlterOauthPartnerSecurityIntegrationRequest { s.Unset = Unset return s } -func NewSnowflakeOauthPartnerIntegrationSetRequest() *SnowflakeOauthPartnerIntegrationSetRequest { - return &SnowflakeOauthPartnerIntegrationSetRequest{} +func NewOauthPartnerIntegrationSetRequest() *OauthPartnerIntegrationSetRequest { + return &OauthPartnerIntegrationSetRequest{} } -func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithEnabled(Enabled *bool) *SnowflakeOauthPartnerIntegrationSetRequest { +func (s *OauthPartnerIntegrationSetRequest) WithEnabled(Enabled *bool) *OauthPartnerIntegrationSetRequest { s.Enabled = Enabled return s } -func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithOauthRedirectUri(OauthRedirectUri *string) *SnowflakeOauthPartnerIntegrationSetRequest { +func (s *OauthPartnerIntegrationSetRequest) WithOauthRedirectUri(OauthRedirectUri *string) *OauthPartnerIntegrationSetRequest { s.OauthRedirectUri = OauthRedirectUri return s } -func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *SnowflakeOauthPartnerIntegrationSetRequest { +func (s *OauthPartnerIntegrationSetRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *OauthPartnerIntegrationSetRequest { s.OauthIssueRefreshTokens = OauthIssueRefreshTokens return s } -func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *SnowflakeOauthPartnerIntegrationSetRequest { +func (s *OauthPartnerIntegrationSetRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *OauthPartnerIntegrationSetRequest { s.OauthRefreshTokenValidity = OauthRefreshTokenValidity return s } -func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *SnowflakeOauthPartnerIntegrationSetRequest { +func (s *OauthPartnerIntegrationSetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *OauthPartnerIntegrationSetRequest { s.OauthUseSecondaryRoles = OauthUseSecondaryRoles return s } -func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *SnowflakeOauthPartnerIntegrationSetRequest { +func (s *OauthPartnerIntegrationSetRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *OauthPartnerIntegrationSetRequest { s.BlockedRolesList = BlockedRolesList return s } -func (s *SnowflakeOauthPartnerIntegrationSetRequest) WithComment(Comment *string) *SnowflakeOauthPartnerIntegrationSetRequest { +func (s *OauthPartnerIntegrationSetRequest) WithComment(Comment *string) *OauthPartnerIntegrationSetRequest { s.Comment = Comment return s } -func NewSnowflakeOauthPartnerIntegrationUnsetRequest() *SnowflakeOauthPartnerIntegrationUnsetRequest { - return &SnowflakeOauthPartnerIntegrationUnsetRequest{} +func NewOauthPartnerIntegrationUnsetRequest() *OauthPartnerIntegrationUnsetRequest { + return &OauthPartnerIntegrationUnsetRequest{} } -func (s *SnowflakeOauthPartnerIntegrationUnsetRequest) WithEnabled(Enabled *bool) *SnowflakeOauthPartnerIntegrationUnsetRequest { +func (s *OauthPartnerIntegrationUnsetRequest) WithEnabled(Enabled *bool) *OauthPartnerIntegrationUnsetRequest { s.Enabled = Enabled return s } -func (s *SnowflakeOauthPartnerIntegrationUnsetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *bool) *SnowflakeOauthPartnerIntegrationUnsetRequest { +func (s *OauthPartnerIntegrationUnsetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *bool) *OauthPartnerIntegrationUnsetRequest { s.OauthUseSecondaryRoles = OauthUseSecondaryRoles return s } -func NewAlterSnowflakeOauthCustomSecurityIntegrationRequest( +func NewAlterOauthCustomSecurityIntegrationRequest( name AccountObjectIdentifier, -) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { - s := AlterSnowflakeOauthCustomSecurityIntegrationRequest{} +) *AlterOauthCustomSecurityIntegrationRequest { + s := AlterOauthCustomSecurityIntegrationRequest{} s.name = name return &s } -func (s *AlterSnowflakeOauthCustomSecurityIntegrationRequest) WithIfExists(IfExists *bool) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *AlterOauthCustomSecurityIntegrationRequest) WithIfExists(IfExists *bool) *AlterOauthCustomSecurityIntegrationRequest { s.IfExists = IfExists return s } -func (s *AlterSnowflakeOauthCustomSecurityIntegrationRequest) WithSetTags(SetTags []TagAssociation) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *AlterOauthCustomSecurityIntegrationRequest) WithSetTags(SetTags []TagAssociation) *AlterOauthCustomSecurityIntegrationRequest { s.SetTags = SetTags return s } -func (s *AlterSnowflakeOauthCustomSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectIdentifier) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *AlterOauthCustomSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectIdentifier) *AlterOauthCustomSecurityIntegrationRequest { s.UnsetTags = UnsetTags return s } -func (s *AlterSnowflakeOauthCustomSecurityIntegrationRequest) WithSet(Set *SnowflakeOauthCustomIntegrationSetRequest) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *AlterOauthCustomSecurityIntegrationRequest) WithSet(Set *OauthCustomIntegrationSetRequest) *AlterOauthCustomSecurityIntegrationRequest { s.Set = Set return s } -func (s *AlterSnowflakeOauthCustomSecurityIntegrationRequest) WithUnset(Unset *SnowflakeOauthCustomIntegrationUnsetRequest) *AlterSnowflakeOauthCustomSecurityIntegrationRequest { +func (s *AlterOauthCustomSecurityIntegrationRequest) WithUnset(Unset *OauthCustomIntegrationUnsetRequest) *AlterOauthCustomSecurityIntegrationRequest { s.Unset = Unset return s } -func NewSnowflakeOauthCustomIntegrationSetRequest() *SnowflakeOauthCustomIntegrationSetRequest { - return &SnowflakeOauthCustomIntegrationSetRequest{} +func NewOauthCustomIntegrationSetRequest() *OauthCustomIntegrationSetRequest { + return &OauthCustomIntegrationSetRequest{} } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithEnabled(Enabled *bool) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithEnabled(Enabled *bool) *OauthCustomIntegrationSetRequest { s.Enabled = Enabled return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthRedirectUri(OauthRedirectUri *string) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithOauthRedirectUri(OauthRedirectUri *string) *OauthCustomIntegrationSetRequest { s.OauthRedirectUri = OauthRedirectUri return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthAllowNonTlsRedirectUri(OauthAllowNonTlsRedirectUri *bool) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithOauthAllowNonTlsRedirectUri(OauthAllowNonTlsRedirectUri *bool) *OauthCustomIntegrationSetRequest { s.OauthAllowNonTlsRedirectUri = OauthAllowNonTlsRedirectUri return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthEnforcePkce(OauthEnforcePkce *bool) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithOauthEnforcePkce(OauthEnforcePkce *bool) *OauthCustomIntegrationSetRequest { s.OauthEnforcePkce = OauthEnforcePkce return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *OauthCustomIntegrationSetRequest { s.OauthUseSecondaryRoles = OauthUseSecondaryRoles return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList *PreAuthorizedRolesListRequest) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList *PreAuthorizedRolesListRequest) *OauthCustomIntegrationSetRequest { s.PreAuthorizedRolesList = PreAuthorizedRolesList return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *OauthCustomIntegrationSetRequest { s.BlockedRolesList = BlockedRolesList return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *OauthCustomIntegrationSetRequest { s.OauthIssueRefreshTokens = OauthIssueRefreshTokens return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *OauthCustomIntegrationSetRequest { s.OauthRefreshTokenValidity = OauthRefreshTokenValidity return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithNetworkPolicy(NetworkPolicy *AccountObjectIdentifier) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithNetworkPolicy(NetworkPolicy *AccountObjectIdentifier) *OauthCustomIntegrationSetRequest { s.NetworkPolicy = NetworkPolicy return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *string) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *string) *OauthCustomIntegrationSetRequest { s.OauthClientRsaPublicKey = OauthClientRsaPublicKey return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *string) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *string) *OauthCustomIntegrationSetRequest { s.OauthClientRsaPublicKey2 = OauthClientRsaPublicKey2 return s } -func (s *SnowflakeOauthCustomIntegrationSetRequest) WithComment(Comment *string) *SnowflakeOauthCustomIntegrationSetRequest { +func (s *OauthCustomIntegrationSetRequest) WithComment(Comment *string) *OauthCustomIntegrationSetRequest { s.Comment = Comment return s } -func NewSnowflakeOauthCustomIntegrationUnsetRequest() *SnowflakeOauthCustomIntegrationUnsetRequest { - return &SnowflakeOauthCustomIntegrationUnsetRequest{} +func NewOauthCustomIntegrationUnsetRequest() *OauthCustomIntegrationUnsetRequest { + return &OauthCustomIntegrationUnsetRequest{} } -func (s *SnowflakeOauthCustomIntegrationUnsetRequest) WithEnabled(Enabled *bool) *SnowflakeOauthCustomIntegrationUnsetRequest { +func (s *OauthCustomIntegrationUnsetRequest) WithEnabled(Enabled *bool) *OauthCustomIntegrationUnsetRequest { s.Enabled = Enabled return s } -func (s *SnowflakeOauthCustomIntegrationUnsetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *bool) *SnowflakeOauthCustomIntegrationUnsetRequest { +func (s *OauthCustomIntegrationUnsetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *bool) *OauthCustomIntegrationUnsetRequest { s.OauthUseSecondaryRoles = OauthUseSecondaryRoles return s } -func (s *SnowflakeOauthCustomIntegrationUnsetRequest) WithNetworkPolicy(NetworkPolicy *bool) *SnowflakeOauthCustomIntegrationUnsetRequest { +func (s *OauthCustomIntegrationUnsetRequest) WithNetworkPolicy(NetworkPolicy *bool) *OauthCustomIntegrationUnsetRequest { s.NetworkPolicy = NetworkPolicy return s } -func (s *SnowflakeOauthCustomIntegrationUnsetRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *bool) *SnowflakeOauthCustomIntegrationUnsetRequest { +func (s *OauthCustomIntegrationUnsetRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *bool) *OauthCustomIntegrationUnsetRequest { s.OauthClientRsaPublicKey = OauthClientRsaPublicKey return s } -func (s *SnowflakeOauthCustomIntegrationUnsetRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *bool) *SnowflakeOauthCustomIntegrationUnsetRequest { +func (s *OauthCustomIntegrationUnsetRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *bool) *OauthCustomIntegrationUnsetRequest { s.OauthClientRsaPublicKey2 = OauthClientRsaPublicKey2 return s } diff --git a/pkg/sdk/security_integrations_dto_gen.go b/pkg/sdk/security_integrations_dto_gen.go index e7a7442329..d0254ba12a 100644 --- a/pkg/sdk/security_integrations_dto_gen.go +++ b/pkg/sdk/security_integrations_dto_gen.go @@ -3,12 +3,12 @@ package sdk //go:generate go run ./dto-builder-generator/main.go var ( - _ optionsProvider[CreateSnowflakeOauthPartnerSecurityIntegrationOptions] = new(CreateSnowflakeOauthPartnerSecurityIntegrationRequest) - _ optionsProvider[CreateSnowflakeOauthCustomSecurityIntegrationOptions] = new(CreateSnowflakeOauthCustomSecurityIntegrationRequest) + _ optionsProvider[CreateOauthPartnerSecurityIntegrationOptions] = new(CreateOauthPartnerSecurityIntegrationRequest) + _ optionsProvider[CreateOauthCustomSecurityIntegrationOptions] = new(CreateOauthCustomSecurityIntegrationRequest) _ optionsProvider[CreateSaml2SecurityIntegrationOptions] = new(CreateSaml2SecurityIntegrationRequest) _ optionsProvider[CreateScimSecurityIntegrationOptions] = new(CreateScimSecurityIntegrationRequest) - _ optionsProvider[AlterSnowflakeOauthPartnerSecurityIntegrationOptions] = new(AlterSnowflakeOauthPartnerSecurityIntegrationRequest) - _ optionsProvider[AlterSnowflakeOauthCustomSecurityIntegrationOptions] = new(AlterSnowflakeOauthCustomSecurityIntegrationRequest) + _ optionsProvider[AlterOauthPartnerSecurityIntegrationOptions] = new(AlterOauthPartnerSecurityIntegrationRequest) + _ optionsProvider[AlterOauthCustomSecurityIntegrationOptions] = new(AlterOauthCustomSecurityIntegrationRequest) _ optionsProvider[AlterSaml2SecurityIntegrationOptions] = new(AlterSaml2SecurityIntegrationRequest) _ optionsProvider[AlterScimSecurityIntegrationOptions] = new(AlterScimSecurityIntegrationRequest) _ optionsProvider[DropSecurityIntegrationOptions] = new(DropSecurityIntegrationRequest) @@ -16,7 +16,7 @@ var ( _ optionsProvider[ShowSecurityIntegrationOptions] = new(ShowSecurityIntegrationRequest) ) -type CreateSnowflakeOauthPartnerSecurityIntegrationRequest struct { +type CreateOauthPartnerSecurityIntegrationRequest struct { OrReplace *bool IfNotExists *bool name AccountObjectIdentifier // required @@ -30,7 +30,7 @@ type CreateSnowflakeOauthPartnerSecurityIntegrationRequest struct { Comment *string } -func (r *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) GetName() AccountObjectIdentifier { +func (r *CreateOauthPartnerSecurityIntegrationRequest) GetName() AccountObjectIdentifier { return r.name } @@ -38,7 +38,7 @@ type BlockedRolesListRequest struct { BlockedRolesList []AccountObjectIdentifier } -type CreateSnowflakeOauthCustomSecurityIntegrationRequest struct { +type CreateOauthCustomSecurityIntegrationRequest struct { OrReplace *bool IfNotExists *bool name AccountObjectIdentifier // required @@ -58,7 +58,7 @@ type CreateSnowflakeOauthCustomSecurityIntegrationRequest struct { Comment *string } -func (r *CreateSnowflakeOauthCustomSecurityIntegrationRequest) GetName() AccountObjectIdentifier { +func (r *CreateOauthCustomSecurityIntegrationRequest) GetName() AccountObjectIdentifier { return r.name } @@ -109,16 +109,16 @@ func (r *CreateScimSecurityIntegrationRequest) GetName() AccountObjectIdentifier return r.name } -type AlterSnowflakeOauthPartnerSecurityIntegrationRequest struct { +type AlterOauthPartnerSecurityIntegrationRequest struct { IfExists *bool name AccountObjectIdentifier // required SetTags []TagAssociation UnsetTags []ObjectIdentifier - Set *SnowflakeOauthPartnerIntegrationSetRequest - Unset *SnowflakeOauthPartnerIntegrationUnsetRequest + Set *OauthPartnerIntegrationSetRequest + Unset *OauthPartnerIntegrationUnsetRequest } -type SnowflakeOauthPartnerIntegrationSetRequest struct { +type OauthPartnerIntegrationSetRequest struct { Enabled *bool OauthRedirectUri *string OauthIssueRefreshTokens *bool @@ -128,21 +128,21 @@ type SnowflakeOauthPartnerIntegrationSetRequest struct { Comment *string } -type SnowflakeOauthPartnerIntegrationUnsetRequest struct { +type OauthPartnerIntegrationUnsetRequest struct { Enabled *bool OauthUseSecondaryRoles *bool } -type AlterSnowflakeOauthCustomSecurityIntegrationRequest struct { +type AlterOauthCustomSecurityIntegrationRequest struct { IfExists *bool name AccountObjectIdentifier // required SetTags []TagAssociation UnsetTags []ObjectIdentifier - Set *SnowflakeOauthCustomIntegrationSetRequest - Unset *SnowflakeOauthCustomIntegrationUnsetRequest + Set *OauthCustomIntegrationSetRequest + Unset *OauthCustomIntegrationUnsetRequest } -type SnowflakeOauthCustomIntegrationSetRequest struct { +type OauthCustomIntegrationSetRequest struct { Enabled *bool OauthRedirectUri *string OauthAllowNonTlsRedirectUri *bool @@ -158,7 +158,7 @@ type SnowflakeOauthCustomIntegrationSetRequest struct { Comment *string } -type SnowflakeOauthCustomIntegrationUnsetRequest struct { +type OauthCustomIntegrationUnsetRequest struct { Enabled *bool OauthUseSecondaryRoles *bool NetworkPolicy *bool diff --git a/pkg/sdk/security_integrations_gen.go b/pkg/sdk/security_integrations_gen.go index 687b906276..cd9856fb70 100644 --- a/pkg/sdk/security_integrations_gen.go +++ b/pkg/sdk/security_integrations_gen.go @@ -7,12 +7,12 @@ import ( ) type SecurityIntegrations interface { - CreateSnowflakeOauthPartner(ctx context.Context, request *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) error - CreateSnowflakeOauthCustom(ctx context.Context, request *CreateSnowflakeOauthCustomSecurityIntegrationRequest) error + CreateOauthPartner(ctx context.Context, request *CreateOauthPartnerSecurityIntegrationRequest) error + CreateOauthCustom(ctx context.Context, request *CreateOauthCustomSecurityIntegrationRequest) error CreateSaml2(ctx context.Context, request *CreateSaml2SecurityIntegrationRequest) error CreateScim(ctx context.Context, request *CreateScimSecurityIntegrationRequest) error - AlterSnowflakeOauthPartner(ctx context.Context, request *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) error - AlterSnowflakeOauthCustom(ctx context.Context, request *AlterSnowflakeOauthCustomSecurityIntegrationRequest) error + AlterOauthPartner(ctx context.Context, request *AlterOauthPartnerSecurityIntegrationRequest) error + AlterOauthCustom(ctx context.Context, request *AlterOauthCustomSecurityIntegrationRequest) error AlterSaml2(ctx context.Context, request *AlterSaml2SecurityIntegrationRequest) error AlterScim(ctx context.Context, request *AlterScimSecurityIntegrationRequest) error Drop(ctx context.Context, request *DropSecurityIntegrationRequest) error @@ -21,8 +21,8 @@ type SecurityIntegrations interface { ShowByID(ctx context.Context, id AccountObjectIdentifier) (*SecurityIntegration, error) } -// CreateSnowflakeOauthPartnerSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake. -type CreateSnowflakeOauthPartnerSecurityIntegrationOptions struct { +// CreateOauthPartnerSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake. +type CreateOauthPartnerSecurityIntegrationOptions struct { create bool `ddl:"static" sql:"CREATE"` OrReplace *bool `ddl:"keyword" sql:"OR REPLACE"` securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` @@ -47,8 +47,8 @@ type BlockedRolesList struct { BlockedRolesList []AccountObjectIdentifier `ddl:"list,must_parentheses"` } -// CreateSnowflakeOauthCustomSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake. -type CreateSnowflakeOauthCustomSecurityIntegrationOptions struct { +// CreateOauthCustomSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake. +type CreateOauthCustomSecurityIntegrationOptions struct { create bool `ddl:"static" sql:"CREATE"` OrReplace *bool `ddl:"keyword" sql:"OR REPLACE"` securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` @@ -123,19 +123,19 @@ type CreateScimSecurityIntegrationOptions struct { Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` } -// AlterSnowflakeOauthPartnerSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. -type AlterSnowflakeOauthPartnerSecurityIntegrationOptions struct { +// AlterOauthPartnerSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. +type AlterOauthPartnerSecurityIntegrationOptions struct { alter bool `ddl:"static" sql:"ALTER"` securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` name AccountObjectIdentifier `ddl:"identifier"` SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` - Set *SnowflakeOauthPartnerIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` - Unset *SnowflakeOauthPartnerIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` + Set *OauthPartnerIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` + Unset *OauthPartnerIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` } -type SnowflakeOauthPartnerIntegrationSet struct { +type OauthPartnerIntegrationSet struct { Enabled *bool `ddl:"parameter" sql:"ENABLED"` OauthRedirectUri *string `ddl:"parameter,single_quotes" sql:"OAUTH_REDIRECT_URI"` OauthIssueRefreshTokens *bool `ddl:"parameter" sql:"OAUTH_ISSUE_REFRESH_TOKENS"` @@ -145,24 +145,24 @@ type SnowflakeOauthPartnerIntegrationSet struct { Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` } -type SnowflakeOauthPartnerIntegrationUnset struct { +type OauthPartnerIntegrationUnset struct { Enabled *bool `ddl:"keyword" sql:"ENABLED"` OauthUseSecondaryRoles *bool `ddl:"keyword" sql:"OAUTH_USE_SECONDARY_ROLES"` } -// AlterSnowflakeOauthCustomSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. -type AlterSnowflakeOauthCustomSecurityIntegrationOptions struct { +// AlterOauthCustomSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. +type AlterOauthCustomSecurityIntegrationOptions struct { alter bool `ddl:"static" sql:"ALTER"` securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` name AccountObjectIdentifier `ddl:"identifier"` SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` - Set *SnowflakeOauthCustomIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` - Unset *SnowflakeOauthCustomIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` + Set *OauthCustomIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` + Unset *OauthCustomIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` } -type SnowflakeOauthCustomIntegrationSet struct { +type OauthCustomIntegrationSet struct { Enabled *bool `ddl:"parameter" sql:"ENABLED"` OauthRedirectUri *string `ddl:"parameter,single_quotes" sql:"OAUTH_REDIRECT_URI"` OauthAllowNonTlsRedirectUri *bool `ddl:"parameter" sql:"OAUTH_ALLOW_NON_TLS_REDIRECT_URI"` @@ -178,7 +178,7 @@ type SnowflakeOauthCustomIntegrationSet struct { Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` } -type SnowflakeOauthCustomIntegrationUnset struct { +type OauthCustomIntegrationUnset struct { Enabled *bool `ddl:"keyword" sql:"ENABLED"` OauthUseSecondaryRoles *bool `ddl:"keyword" sql:"OAUTH_USE_SECONDARY_ROLES"` NetworkPolicy *bool `ddl:"keyword" sql:"NETWORK_POLICY"` diff --git a/pkg/sdk/security_integrations_gen_test.go b/pkg/sdk/security_integrations_gen_test.go index 4b4ca85cf5..b4d1229591 100644 --- a/pkg/sdk/security_integrations_gen_test.go +++ b/pkg/sdk/security_integrations_gen_test.go @@ -4,12 +4,12 @@ import ( "testing" ) -func TestSecurityIntegrations_CreateSnowflakeOauthCustom(t *testing.T) { +func TestSecurityIntegrations_CreateOauthCustom(t *testing.T) { id := randomAccountObjectIdentifier() - // Minimal valid CreateSnowflakeOauthCustomSecurityIntegrationOptions - defaultOpts := func() *CreateSnowflakeOauthCustomSecurityIntegrationOptions { - return &CreateSnowflakeOauthCustomSecurityIntegrationOptions{ + // Minimal valid CreateOauthCustomSecurityIntegrationOptions + defaultOpts := func() *CreateOauthCustomSecurityIntegrationOptions { + return &CreateOauthCustomSecurityIntegrationOptions{ name: id, OauthClientType: OauthSecurityIntegrationClientTypePublic, OauthRedirectUri: "uri", @@ -17,7 +17,7 @@ func TestSecurityIntegrations_CreateSnowflakeOauthCustom(t *testing.T) { } t.Run("validation: nil options", func(t *testing.T) { - var opts *CreateSnowflakeOauthPartnerSecurityIntegrationOptions = nil + var opts *CreateOauthPartnerSecurityIntegrationOptions = nil assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) }) @@ -25,7 +25,7 @@ func TestSecurityIntegrations_CreateSnowflakeOauthCustom(t *testing.T) { opts := defaultOpts() opts.OrReplace = Bool(true) opts.IfNotExists = Bool(true) - assertOptsInvalidJoinedErrors(t, opts, errOneOf("CreateSnowflakeOauthCustomSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + assertOptsInvalidJoinedErrors(t, opts, errOneOf("CreateOauthCustomSecurityIntegrationOptions", "OrReplace", "IfNotExists")) }) t.Run("basic", func(t *testing.T) { @@ -59,19 +59,19 @@ func TestSecurityIntegrations_CreateSnowflakeOauthCustom(t *testing.T) { }) } -func TestSecurityIntegrations_CreateSnowflakeOauthPartner(t *testing.T) { +func TestSecurityIntegrations_CreateOauthPartner(t *testing.T) { id := randomAccountObjectIdentifier() - // Minimal valid CreateSnowflakeOauthPartnerSecurityIntegrationOptions - defaultOpts := func() *CreateSnowflakeOauthPartnerSecurityIntegrationOptions { - return &CreateSnowflakeOauthPartnerSecurityIntegrationOptions{ + // Minimal valid CreateOauthPartnerSecurityIntegrationOptions + defaultOpts := func() *CreateOauthPartnerSecurityIntegrationOptions { + return &CreateOauthPartnerSecurityIntegrationOptions{ name: id, OauthClient: "LOOKER", } } t.Run("validation: nil options", func(t *testing.T) { - var opts *CreateSnowflakeOauthPartnerSecurityIntegrationOptions = nil + var opts *CreateOauthPartnerSecurityIntegrationOptions = nil assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) }) @@ -79,7 +79,7 @@ func TestSecurityIntegrations_CreateSnowflakeOauthPartner(t *testing.T) { opts := defaultOpts() opts.OrReplace = Bool(true) opts.IfNotExists = Bool(true) - assertOptsInvalidJoinedErrors(t, opts, errOneOf("CreateSnowflakeOauthPartnerSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + assertOptsInvalidJoinedErrors(t, opts, errOneOf("CreateOauthPartnerSecurityIntegrationOptions", "OrReplace", "IfNotExists")) }) t.Run("basic", func(t *testing.T) { @@ -204,24 +204,24 @@ func TestSecurityIntegrations_CreateScim(t *testing.T) { }) } -func TestSecurityIntegrations_AlterSnowflakeOauthPartner(t *testing.T) { +func TestSecurityIntegrations_AlterOauthPartner(t *testing.T) { id := randomAccountObjectIdentifier() - // Minimal valid AlterSnowflakeOauthPartnerSecurityIntegrationOptions - defaultOpts := func() *AlterSnowflakeOauthPartnerSecurityIntegrationOptions { - return &AlterSnowflakeOauthPartnerSecurityIntegrationOptions{ + // Minimal valid AlterOauthPartnerSecurityIntegrationOptions + defaultOpts := func() *AlterOauthPartnerSecurityIntegrationOptions { + return &AlterOauthPartnerSecurityIntegrationOptions{ name: id, } } t.Run("validation: nil options", func(t *testing.T) { - var opts *AlterSnowflakeOauthPartnerSecurityIntegrationOptions = nil + var opts *AlterOauthPartnerSecurityIntegrationOptions = nil assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) }) t.Run("validation: valid identifier for [opts.name]", func(t *testing.T) { opts := defaultOpts() - opts.Set = &SnowflakeOauthPartnerIntegrationSet{ + opts.Set = &OauthPartnerIntegrationSet{ Enabled: Pointer(true), } opts.name = NewAccountObjectIdentifier("") @@ -230,33 +230,33 @@ func TestSecurityIntegrations_AlterSnowflakeOauthPartner(t *testing.T) { t.Run("validation: exactly of the fields [opts.*] should be set", func(t *testing.T) { opts := defaultOpts() - assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) }) t.Run("validation: at least one of the fields [opts.Set.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Set = &SnowflakeOauthPartnerIntegrationSet{} - assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", + opts.Set = &OauthPartnerIntegrationSet{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthPartnerSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment")) }) t.Run("validation: at least one of the fields [opts.Unset.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Unset = &SnowflakeOauthPartnerIntegrationUnset{} - assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions.Unset", + opts.Unset = &OauthPartnerIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthPartnerSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles")) }) t.Run("validation: exactly one of the fields [opts.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Set = &SnowflakeOauthPartnerIntegrationSet{} - opts.Unset = &SnowflakeOauthPartnerIntegrationUnset{} - assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + opts.Set = &OauthPartnerIntegrationSet{} + opts.Unset = &OauthPartnerIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) }) t.Run("empty roles lists", func(t *testing.T) { opts := defaultOpts() - opts.Set = &SnowflakeOauthPartnerIntegrationSet{ + opts.Set = &OauthPartnerIntegrationSet{ BlockedRolesList: &BlockedRolesList{}, } assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s SET BLOCKED_ROLES_LIST = ()", id.FullyQualifiedName()) @@ -265,7 +265,7 @@ func TestSecurityIntegrations_AlterSnowflakeOauthPartner(t *testing.T) { t.Run("all options - set", func(t *testing.T) { opts := defaultOpts() roleID := randomAccountObjectIdentifier() - opts.Set = &SnowflakeOauthPartnerIntegrationSet{ + opts.Set = &OauthPartnerIntegrationSet{ Enabled: Pointer(true), OauthRedirectUri: Pointer("uri"), OauthIssueRefreshTokens: Pointer(true), @@ -280,7 +280,7 @@ func TestSecurityIntegrations_AlterSnowflakeOauthPartner(t *testing.T) { t.Run("all options - unset", func(t *testing.T) { opts := defaultOpts() - opts.Unset = &SnowflakeOauthPartnerIntegrationUnset{ + opts.Unset = &OauthPartnerIntegrationUnset{ Enabled: Pointer(true), OauthUseSecondaryRoles: Pointer(true), } @@ -312,24 +312,24 @@ func TestSecurityIntegrations_AlterSnowflakeOauthPartner(t *testing.T) { }) } -func TestSecurityIntegrations_AlterSnowflakeOauthCustom(t *testing.T) { +func TestSecurityIntegrations_AlterOauthCustom(t *testing.T) { id := randomAccountObjectIdentifier() - // Minimal valid AlterSnowflakeOauthCustomSecurityIntegrationOptions - defaultOpts := func() *AlterSnowflakeOauthCustomSecurityIntegrationOptions { - return &AlterSnowflakeOauthCustomSecurityIntegrationOptions{ + // Minimal valid AlterOauthCustomSecurityIntegrationOptions + defaultOpts := func() *AlterOauthCustomSecurityIntegrationOptions { + return &AlterOauthCustomSecurityIntegrationOptions{ name: id, } } t.Run("validation: nil options", func(t *testing.T) { - var opts *AlterSnowflakeOauthCustomSecurityIntegrationOptions = nil + var opts *AlterOauthCustomSecurityIntegrationOptions = nil assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) }) t.Run("validation: valid identifier for [opts.name]", func(t *testing.T) { opts := defaultOpts() - opts.Set = &SnowflakeOauthCustomIntegrationSet{ + opts.Set = &OauthCustomIntegrationSet{ Enabled: Pointer(true), } opts.name = NewAccountObjectIdentifier("") @@ -338,34 +338,34 @@ func TestSecurityIntegrations_AlterSnowflakeOauthCustom(t *testing.T) { t.Run("validation: exactly of the fields [opts.*] should be set", func(t *testing.T) { opts := defaultOpts() - assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) }) t.Run("validation: at least one of the fields [opts.Set.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Set = &SnowflakeOauthCustomIntegrationSet{} - assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", + opts.Set = &OauthCustomIntegrationSet{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthCustomSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", "OauthEnforcePkce", "PreAuthorizedRolesList", "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment")) }) t.Run("validation: at least one of the fields [opts.Unset.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Unset = &SnowflakeOauthCustomIntegrationUnset{} - assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions.Unset", + opts.Unset = &OauthCustomIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthCustomSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2")) }) t.Run("validation: exactly one of the fields [opts.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Set = &SnowflakeOauthCustomIntegrationSet{} - opts.Unset = &SnowflakeOauthCustomIntegrationUnset{} - assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + opts.Set = &OauthCustomIntegrationSet{} + opts.Unset = &OauthCustomIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) }) t.Run("empty roles lists", func(t *testing.T) { opts := defaultOpts() - opts.Set = &SnowflakeOauthCustomIntegrationSet{ + opts.Set = &OauthCustomIntegrationSet{ PreAuthorizedRolesList: &PreAuthorizedRolesList{}, BlockedRolesList: &BlockedRolesList{}, } @@ -375,7 +375,7 @@ func TestSecurityIntegrations_AlterSnowflakeOauthCustom(t *testing.T) { t.Run("all options - set", func(t *testing.T) { opts := defaultOpts() roleID, role2ID, npID := randomAccountObjectIdentifier(), randomAccountObjectIdentifier(), randomAccountObjectIdentifier() - opts.Set = &SnowflakeOauthCustomIntegrationSet{ + opts.Set = &OauthCustomIntegrationSet{ Enabled: Pointer(true), OauthRedirectUri: Pointer("uri"), OauthAllowNonTlsRedirectUri: Pointer(true), @@ -397,7 +397,7 @@ func TestSecurityIntegrations_AlterSnowflakeOauthCustom(t *testing.T) { t.Run("all options - unset", func(t *testing.T) { opts := defaultOpts() - opts.Unset = &SnowflakeOauthCustomIntegrationUnset{ + opts.Unset = &OauthCustomIntegrationUnset{ Enabled: Pointer(true), OauthUseSecondaryRoles: Pointer(true), NetworkPolicy: Pointer(true), diff --git a/pkg/sdk/security_integrations_impl_gen.go b/pkg/sdk/security_integrations_impl_gen.go index c639799317..4e6f3bca8d 100644 --- a/pkg/sdk/security_integrations_impl_gen.go +++ b/pkg/sdk/security_integrations_impl_gen.go @@ -12,12 +12,12 @@ type securityIntegrations struct { client *Client } -func (v *securityIntegrations) CreateSnowflakeOauthPartner(ctx context.Context, request *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) error { +func (v *securityIntegrations) CreateOauthPartner(ctx context.Context, request *CreateOauthPartnerSecurityIntegrationRequest) error { opts := request.toOpts() return validateAndExec(v.client, ctx, opts) } -func (v *securityIntegrations) CreateSnowflakeOauthCustom(ctx context.Context, request *CreateSnowflakeOauthCustomSecurityIntegrationRequest) error { +func (v *securityIntegrations) CreateOauthCustom(ctx context.Context, request *CreateOauthCustomSecurityIntegrationRequest) error { opts := request.toOpts() return validateAndExec(v.client, ctx, opts) } @@ -32,12 +32,12 @@ func (v *securityIntegrations) CreateScim(ctx context.Context, request *CreateSc return validateAndExec(v.client, ctx, opts) } -func (v *securityIntegrations) AlterSnowflakeOauthPartner(ctx context.Context, request *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) error { +func (v *securityIntegrations) AlterOauthPartner(ctx context.Context, request *AlterOauthPartnerSecurityIntegrationRequest) error { opts := request.toOpts() return validateAndExec(v.client, ctx, opts) } -func (v *securityIntegrations) AlterSnowflakeOauthCustom(ctx context.Context, request *AlterSnowflakeOauthCustomSecurityIntegrationRequest) error { +func (v *securityIntegrations) AlterOauthCustom(ctx context.Context, request *AlterOauthCustomSecurityIntegrationRequest) error { opts := request.toOpts() return validateAndExec(v.client, ctx, opts) } @@ -88,8 +88,8 @@ func (v *securityIntegrations) ShowByID(ctx context.Context, id AccountObjectIde return collections.FindOne(securityIntegrations, func(r SecurityIntegration) bool { return r.Name == id.Name() }) } -func (r *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) toOpts() *CreateSnowflakeOauthPartnerSecurityIntegrationOptions { - opts := &CreateSnowflakeOauthPartnerSecurityIntegrationOptions{ +func (r *CreateOauthPartnerSecurityIntegrationRequest) toOpts() *CreateOauthPartnerSecurityIntegrationOptions { + opts := &CreateOauthPartnerSecurityIntegrationOptions{ OrReplace: r.OrReplace, IfNotExists: r.IfNotExists, name: r.name, @@ -110,8 +110,8 @@ func (r *CreateSnowflakeOauthPartnerSecurityIntegrationRequest) toOpts() *Create return opts } -func (r *CreateSnowflakeOauthCustomSecurityIntegrationRequest) toOpts() *CreateSnowflakeOauthCustomSecurityIntegrationOptions { - opts := &CreateSnowflakeOauthCustomSecurityIntegrationOptions{ +func (r *CreateOauthCustomSecurityIntegrationRequest) toOpts() *CreateOauthCustomSecurityIntegrationOptions { + opts := &CreateOauthCustomSecurityIntegrationOptions{ OrReplace: r.OrReplace, IfNotExists: r.IfNotExists, name: r.name, @@ -183,15 +183,15 @@ func (r *CreateScimSecurityIntegrationRequest) toOpts() *CreateScimSecurityInteg return opts } -func (r *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) toOpts() *AlterSnowflakeOauthPartnerSecurityIntegrationOptions { - opts := &AlterSnowflakeOauthPartnerSecurityIntegrationOptions{ +func (r *AlterOauthPartnerSecurityIntegrationRequest) toOpts() *AlterOauthPartnerSecurityIntegrationOptions { + opts := &AlterOauthPartnerSecurityIntegrationOptions{ IfExists: r.IfExists, name: r.name, SetTags: r.SetTags, UnsetTags: r.UnsetTags, } if r.Set != nil { - opts.Set = &SnowflakeOauthPartnerIntegrationSet{ + opts.Set = &OauthPartnerIntegrationSet{ Enabled: r.Set.Enabled, OauthRedirectUri: r.Set.OauthRedirectUri, OauthIssueRefreshTokens: r.Set.OauthIssueRefreshTokens, @@ -207,7 +207,7 @@ func (r *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) toOpts() *AlterSn } } if r.Unset != nil { - opts.Unset = &SnowflakeOauthPartnerIntegrationUnset{ + opts.Unset = &OauthPartnerIntegrationUnset{ Enabled: r.Unset.Enabled, OauthUseSecondaryRoles: r.Unset.OauthUseSecondaryRoles, } @@ -215,15 +215,15 @@ func (r *AlterSnowflakeOauthPartnerSecurityIntegrationRequest) toOpts() *AlterSn return opts } -func (r *AlterSnowflakeOauthCustomSecurityIntegrationRequest) toOpts() *AlterSnowflakeOauthCustomSecurityIntegrationOptions { - opts := &AlterSnowflakeOauthCustomSecurityIntegrationOptions{ +func (r *AlterOauthCustomSecurityIntegrationRequest) toOpts() *AlterOauthCustomSecurityIntegrationOptions { + opts := &AlterOauthCustomSecurityIntegrationOptions{ IfExists: r.IfExists, name: r.name, SetTags: r.SetTags, UnsetTags: r.UnsetTags, } if r.Set != nil { - opts.Set = &SnowflakeOauthCustomIntegrationSet{ + opts.Set = &OauthCustomIntegrationSet{ Enabled: r.Set.Enabled, OauthRedirectUri: r.Set.OauthRedirectUri, OauthAllowNonTlsRedirectUri: r.Set.OauthAllowNonTlsRedirectUri, @@ -249,7 +249,7 @@ func (r *AlterSnowflakeOauthCustomSecurityIntegrationRequest) toOpts() *AlterSno } } if r.Unset != nil { - opts.Unset = &SnowflakeOauthCustomIntegrationUnset{ + opts.Unset = &OauthCustomIntegrationUnset{ Enabled: r.Unset.Enabled, OauthUseSecondaryRoles: r.Unset.OauthUseSecondaryRoles, NetworkPolicy: r.Unset.NetworkPolicy, diff --git a/pkg/sdk/security_integrations_validations_gen.go b/pkg/sdk/security_integrations_validations_gen.go index 2fb16ffa0c..1b16967410 100644 --- a/pkg/sdk/security_integrations_validations_gen.go +++ b/pkg/sdk/security_integrations_validations_gen.go @@ -1,12 +1,12 @@ package sdk var ( - _ validatable = new(CreateSnowflakeOauthPartnerSecurityIntegrationOptions) - _ validatable = new(CreateSnowflakeOauthCustomSecurityIntegrationOptions) + _ validatable = new(CreateOauthPartnerSecurityIntegrationOptions) + _ validatable = new(CreateOauthCustomSecurityIntegrationOptions) _ validatable = new(CreateSaml2SecurityIntegrationOptions) _ validatable = new(CreateScimSecurityIntegrationOptions) - _ validatable = new(AlterSnowflakeOauthPartnerSecurityIntegrationOptions) - _ validatable = new(AlterSnowflakeOauthCustomSecurityIntegrationOptions) + _ validatable = new(AlterOauthPartnerSecurityIntegrationOptions) + _ validatable = new(AlterOauthCustomSecurityIntegrationOptions) _ validatable = new(AlterSaml2SecurityIntegrationOptions) _ validatable = new(AlterScimSecurityIntegrationOptions) _ validatable = new(DropSecurityIntegrationOptions) @@ -14,7 +14,7 @@ var ( _ validatable = new(ShowSecurityIntegrationOptions) ) -func (opts *CreateSnowflakeOauthPartnerSecurityIntegrationOptions) validate() error { +func (opts *CreateOauthPartnerSecurityIntegrationOptions) validate() error { if opts == nil { return ErrNilOptions } @@ -23,12 +23,12 @@ func (opts *CreateSnowflakeOauthPartnerSecurityIntegrationOptions) validate() er errs = append(errs, ErrInvalidObjectIdentifier) } if everyValueSet(opts.OrReplace, opts.IfNotExists) { - errs = append(errs, errOneOf("CreateSnowflakeOauthPartnerSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + errs = append(errs, errOneOf("CreateOauthPartnerSecurityIntegrationOptions", "OrReplace", "IfNotExists")) } return JoinErrors(errs...) } -func (opts *CreateSnowflakeOauthCustomSecurityIntegrationOptions) validate() error { +func (opts *CreateOauthCustomSecurityIntegrationOptions) validate() error { if opts == nil { return ErrNilOptions } @@ -37,7 +37,7 @@ func (opts *CreateSnowflakeOauthCustomSecurityIntegrationOptions) validate() err errs = append(errs, ErrInvalidObjectIdentifier) } if everyValueSet(opts.OrReplace, opts.IfNotExists) { - errs = append(errs, errOneOf("CreateSnowflakeOauthCustomSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + errs = append(errs, errOneOf("CreateOauthCustomSecurityIntegrationOptions", "OrReplace", "IfNotExists")) } return JoinErrors(errs...) } @@ -70,7 +70,7 @@ func (opts *CreateScimSecurityIntegrationOptions) validate() error { return JoinErrors(errs...) } -func (opts *AlterSnowflakeOauthPartnerSecurityIntegrationOptions) validate() error { +func (opts *AlterOauthPartnerSecurityIntegrationOptions) validate() error { if opts == nil { return ErrNilOptions } @@ -79,22 +79,22 @@ func (opts *AlterSnowflakeOauthPartnerSecurityIntegrationOptions) validate() err errs = append(errs, ErrInvalidObjectIdentifier) } if !exactlyOneValueSet(opts.Set, opts.Unset, opts.SetTags, opts.UnsetTags) { - errs = append(errs, errExactlyOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + errs = append(errs, errExactlyOneOf("AlterOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) } if valueSet(opts.Set) { if !anyValueSet(opts.Set.Enabled, opts.Set.OauthRedirectUri, opts.Set.OauthIssueRefreshTokens, opts.Set.OauthRefreshTokenValidity, opts.Set.OauthUseSecondaryRoles, opts.Set.BlockedRolesList, opts.Set.Comment) { - errs = append(errs, errAtLeastOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment")) + errs = append(errs, errAtLeastOneOf("AlterOauthPartnerSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment")) } } if valueSet(opts.Unset) { if !anyValueSet(opts.Unset.Enabled, opts.Unset.OauthUseSecondaryRoles) { - errs = append(errs, errAtLeastOneOf("AlterSnowflakeOauthPartnerSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles")) + errs = append(errs, errAtLeastOneOf("AlterOauthPartnerSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles")) } } return JoinErrors(errs...) } -func (opts *AlterSnowflakeOauthCustomSecurityIntegrationOptions) validate() error { +func (opts *AlterOauthCustomSecurityIntegrationOptions) validate() error { if opts == nil { return ErrNilOptions } @@ -103,16 +103,16 @@ func (opts *AlterSnowflakeOauthCustomSecurityIntegrationOptions) validate() erro errs = append(errs, ErrInvalidObjectIdentifier) } if !exactlyOneValueSet(opts.Set, opts.Unset, opts.SetTags, opts.UnsetTags) { - errs = append(errs, errExactlyOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + errs = append(errs, errExactlyOneOf("AlterOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) } if valueSet(opts.Set) { if !anyValueSet(opts.Set.Enabled, opts.Set.OauthRedirectUri, opts.Set.OauthAllowNonTlsRedirectUri, opts.Set.OauthEnforcePkce, opts.Set.PreAuthorizedRolesList, opts.Set.BlockedRolesList, opts.Set.OauthIssueRefreshTokens, opts.Set.OauthRefreshTokenValidity, opts.Set.OauthUseSecondaryRoles, opts.Set.NetworkPolicy, opts.Set.OauthClientRsaPublicKey, opts.Set.OauthClientRsaPublicKey2, opts.Set.Comment) { - errs = append(errs, errAtLeastOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", "OauthEnforcePkce", "PreAuthorizedRolesList", "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment")) + errs = append(errs, errAtLeastOneOf("AlterOauthCustomSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", "OauthEnforcePkce", "PreAuthorizedRolesList", "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment")) } } if valueSet(opts.Unset) { if !anyValueSet(opts.Unset.Enabled, opts.Unset.OauthUseSecondaryRoles, opts.Unset.NetworkPolicy, opts.Unset.OauthClientRsaPublicKey, opts.Unset.OauthClientRsaPublicKey2) { - errs = append(errs, errAtLeastOneOf("AlterSnowflakeOauthCustomSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2")) + errs = append(errs, errAtLeastOneOf("AlterOauthCustomSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2")) } } return JoinErrors(errs...) diff --git a/pkg/sdk/testint/security_integrations_gen_integration_test.go b/pkg/sdk/testint/security_integrations_gen_integration_test.go index 23a0448b22..8fa73e9752 100644 --- a/pkg/sdk/testint/security_integrations_gen_integration_test.go +++ b/pkg/sdk/testint/security_integrations_gen_integration_test.go @@ -31,14 +31,14 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.NoError(t, err) }) } - createSnowflakeOauthCustom := func(t *testing.T, siID sdk.AccountObjectIdentifier, with func(*sdk.CreateSnowflakeOauthCustomSecurityIntegrationRequest)) *sdk.SecurityIntegration { + createOauthCustom := func(t *testing.T, siID sdk.AccountObjectIdentifier, with func(*sdk.CreateOauthCustomSecurityIntegrationRequest)) *sdk.SecurityIntegration { t.Helper() - req := sdk.NewCreateSnowflakeOauthCustomSecurityIntegrationRequest(siID, sdk.OauthSecurityIntegrationClientTypePublic, "https://example.com") + req := sdk.NewCreateOauthCustomSecurityIntegrationRequest(siID, sdk.OauthSecurityIntegrationClientTypePublic, "https://example.com") if with != nil { with(req) } - err := client.SecurityIntegrations.CreateSnowflakeOauthCustom(ctx, req) + err := client.SecurityIntegrations.CreateOauthCustom(ctx, req) require.NoError(t, err) cleanupSecurityIntegration(t, siID) integration, err := client.SecurityIntegrations.ShowByID(ctx, siID) @@ -46,14 +46,16 @@ func TestInt_SecurityIntegrations(t *testing.T) { return integration } - createSnowflakeOauthPartner := func(t *testing.T, siID sdk.AccountObjectIdentifier, with func(*sdk.CreateSnowflakeOauthPartnerSecurityIntegrationRequest)) *sdk.SecurityIntegration { + createOauthPartner := func(t *testing.T, siID sdk.AccountObjectIdentifier, with func(*sdk.CreateOauthPartnerSecurityIntegrationRequest)) *sdk.SecurityIntegration { t.Helper() - req := sdk.NewCreateSnowflakeOauthPartnerSecurityIntegrationRequest(siID, sdk.OauthSecurityIntegrationClientLooker) + req := sdk.NewCreateOauthPartnerSecurityIntegrationRequest(siID, sdk.OauthSecurityIntegrationClientLooker). + WithOauthRedirectUri(sdk.Pointer("http://example.com")) + if with != nil { with(req) } - err := client.SecurityIntegrations.CreateSnowflakeOauthPartner(ctx, req) + err := client.SecurityIntegrations.CreateOauthPartner(ctx, req) require.NoError(t, err) cleanupSecurityIntegration(t, siID) integration, err := client.SecurityIntegrations.ShowByID(ctx, siID) @@ -116,7 +118,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { comment string } - assertSnowflakeOauthPartner := func(details []sdk.SecurityIntegrationProperty, d snowflakeOauthPartnerDetails) { + assertOauthPartner := func(details []sdk.SecurityIntegrationProperty, d snowflakeOauthPartnerDetails) { assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "ENABLED", Type: "Boolean", Value: d.enabled, Default: "false"}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_ISSUE_REFRESH_TOKENS", Type: "Boolean", Value: d.oauthIssueRefreshTokens, Default: "true"}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_REFRESH_TOKEN_VALIDITY", Type: "Integer", Value: d.refreshTokenValidity, Default: "7776000"}) @@ -133,8 +135,8 @@ func TestInt_SecurityIntegrations(t *testing.T) { } } - assertSnowflakeOauthCustom := func(details []sdk.SecurityIntegrationProperty, d snowflakeOauthPartnerDetails, allowNonTlsRedirectUri, clientType, enforcePkce string) { - assertSnowflakeOauthPartner(details, d) + assertOauthCustom := func(details []sdk.SecurityIntegrationProperty, d snowflakeOauthPartnerDetails, allowNonTlsRedirectUri, clientType, enforcePkce string) { + assertOauthPartner(details, d) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_ALLOW_NON_TLS_REDIRECT_URI", Type: "Boolean", Value: allowNonTlsRedirectUri, Default: "false"}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_CLIENT_TYPE", Type: "String", Value: clientType, Default: "CONFIDENTIAL"}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_ENFORCE_PKCE", Type: "Boolean", Value: enforcePkce, Default: "false"}) @@ -192,24 +194,23 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "ALLOWED_EMAIL_PATTERNS", Type: "List", Value: d.allowedEmailPatterns, Default: "[]"}) } - t.Run("CreateSnowflakeOauthPartner", func(t *testing.T) { + t.Run("CreateOauthPartner", func(t *testing.T) { id := testClientHelper().Ids.RandomAccountObjectIdentifier() role1, role1Cleanup := testClientHelper().Role.CreateRole(t) t.Cleanup(role1Cleanup) - integration := createSnowflakeOauthPartner(t, id, func(r *sdk.CreateSnowflakeOauthPartnerSecurityIntegrationRequest) { + integration := createOauthPartner(t, id, func(r *sdk.CreateOauthPartnerSecurityIntegrationRequest) { r.WithBlockedRolesList(&sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). WithComment(sdk.Pointer("a")). WithEnabled(sdk.Pointer(true)). WithOauthIssueRefreshTokens(sdk.Pointer(true)). - WithOauthRedirectUri(sdk.Pointer("http://example.com")). WithOauthRefreshTokenValidity(sdk.Pointer(12345)). WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)) }) details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) - assertSnowflakeOauthPartner(details, snowflakeOauthPartnerDetails{ + assertOauthPartner(details, snowflakeOauthPartnerDetails{ enabled: "true", oauthIssueRefreshTokens: "true", refreshTokenValidity: "12345", @@ -221,7 +222,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { assertSecurityIntegration(t, integration, id, "OAUTH - LOOKER", true, "a") }) - t.Run("CreateSnowflakeOauthCustom", func(t *testing.T) { + t.Run("CreateOauthCustom", func(t *testing.T) { id := testClientHelper().Ids.RandomAccountObjectIdentifier() networkPolicy, networkPolicyCleanup := testClientHelper().NetworkPolicy.CreateNetworkPolicy(t) t.Cleanup(networkPolicyCleanup) @@ -230,7 +231,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { role2, role2Cleanup := testClientHelper().Role.CreateRole(t) t.Cleanup(role2Cleanup) - integration := createSnowflakeOauthCustom(t, id, func(r *sdk.CreateSnowflakeOauthCustomSecurityIntegrationRequest) { + integration := createOauthCustom(t, id, func(r *sdk.CreateOauthCustomSecurityIntegrationRequest) { r.WithBlockedRolesList(&sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). WithComment(sdk.Pointer("a")). WithEnabled(sdk.Pointer(true)). @@ -247,7 +248,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) - assertSnowflakeOauthCustom(details, snowflakeOauthPartnerDetails{ + assertOauthCustom(details, snowflakeOauthPartnerDetails{ enabled: "true", oauthIssueRefreshTokens: "true", refreshTokenValidity: "12345", @@ -325,15 +326,15 @@ func TestInt_SecurityIntegrations(t *testing.T) { assertSecurityIntegration(t, si, id, "SCIM - GENERIC", false, "a") }) - t.Run("AlterSnowflakeOauthPartner", func(t *testing.T) { + t.Run("AlterOauthPartner", func(t *testing.T) { id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createSnowflakeOauthPartner(t, id, func(r *sdk.CreateSnowflakeOauthPartnerSecurityIntegrationRequest) { + createOauthPartner(t, id, func(r *sdk.CreateOauthPartnerSecurityIntegrationRequest) { r.WithOauthRedirectUri(sdk.Pointer("http://example.com")) }) - setRequest := sdk.NewAlterSnowflakeOauthPartnerSecurityIntegrationRequest(id). + setRequest := sdk.NewAlterOauthPartnerSecurityIntegrationRequest(id). WithSet( - sdk.NewSnowflakeOauthPartnerIntegrationSetRequest(). + sdk.NewOauthPartnerIntegrationSetRequest(). WithBlockedRolesList(sdk.NewBlockedRolesListRequest()). WithComment(sdk.Pointer("a")). WithEnabled(sdk.Pointer(true)). @@ -342,13 +343,13 @@ func TestInt_SecurityIntegrations(t *testing.T) { WithOauthRefreshTokenValidity(sdk.Pointer(22222)). WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)), ) - err := client.SecurityIntegrations.AlterSnowflakeOauthPartner(ctx, setRequest) + err := client.SecurityIntegrations.AlterOauthPartner(ctx, setRequest) require.NoError(t, err) details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) - assertSnowflakeOauthPartner(details, snowflakeOauthPartnerDetails{ + assertOauthPartner(details, snowflakeOauthPartnerDetails{ enabled: "true", oauthIssueRefreshTokens: "true", refreshTokenValidity: "22222", @@ -359,13 +360,13 @@ func TestInt_SecurityIntegrations(t *testing.T) { comment: "a", }) - unsetRequest := sdk.NewAlterSnowflakeOauthPartnerSecurityIntegrationRequest(id). + unsetRequest := sdk.NewAlterOauthPartnerSecurityIntegrationRequest(id). WithUnset( - sdk.NewSnowflakeOauthPartnerIntegrationUnsetRequest(). + sdk.NewOauthPartnerIntegrationUnsetRequest(). WithEnabled(sdk.Pointer(true)). WithOauthUseSecondaryRoles(sdk.Pointer(true)), ) - err = client.SecurityIntegrations.AlterSnowflakeOauthPartner(ctx, unsetRequest) + err = client.SecurityIntegrations.AlterOauthPartner(ctx, unsetRequest) require.NoError(t, err) details, err = client.SecurityIntegrations.Describe(ctx, id) @@ -375,12 +376,12 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_USE_SECONDARY_ROLES", Type: "String", Value: "NONE", Default: "NONE"}) }) - t.Run("AlterSnowflakeOauthPartner - set and unset tags", func(t *testing.T) { + t.Run("AlterOauthPartner - set and unset tags", func(t *testing.T) { tag, tagCleanup := testClientHelper().Tag.CreateTag(t) t.Cleanup(tagCleanup) id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createSnowflakeOauthPartner(t, id, nil) + createOauthPartner(t, id, nil) tagValue := "abc" tags := []sdk.TagAssociation{ @@ -389,9 +390,9 @@ func TestInt_SecurityIntegrations(t *testing.T) { Value: tagValue, }, } - alterRequestSetTags := sdk.NewAlterSnowflakeOauthPartnerSecurityIntegrationRequest(id).WithSetTags(tags) + alterRequestSetTags := sdk.NewAlterOauthPartnerSecurityIntegrationRequest(id).WithSetTags(tags) - err := client.SecurityIntegrations.AlterSnowflakeOauthPartner(ctx, alterRequestSetTags) + err := client.SecurityIntegrations.AlterOauthPartner(ctx, alterRequestSetTags) require.NoError(t, err) returnedTagValue, err := client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) @@ -402,18 +403,18 @@ func TestInt_SecurityIntegrations(t *testing.T) { unsetTags := []sdk.ObjectIdentifier{ tag.ID(), } - alterRequestUnsetTags := sdk.NewAlterSnowflakeOauthPartnerSecurityIntegrationRequest(id).WithUnsetTags(unsetTags) + alterRequestUnsetTags := sdk.NewAlterOauthPartnerSecurityIntegrationRequest(id).WithUnsetTags(unsetTags) - err = client.SecurityIntegrations.AlterSnowflakeOauthPartner(ctx, alterRequestUnsetTags) + err = client.SecurityIntegrations.AlterOauthPartner(ctx, alterRequestUnsetTags) require.NoError(t, err) _, err = client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) require.Error(t, err) }) - t.Run("AlterSnowflakeOauthCustom", func(t *testing.T) { + t.Run("AlterOauthCustom", func(t *testing.T) { id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createSnowflakeOauthCustom(t, id, nil) + createOauthCustom(t, id, nil) networkPolicy, networkPolicyCleanup := testClientHelper().NetworkPolicy.CreateNetworkPolicy(t) t.Cleanup(networkPolicyCleanup) @@ -422,9 +423,9 @@ func TestInt_SecurityIntegrations(t *testing.T) { role2, role2Cleanup := testClientHelper().Role.CreateRole(t) t.Cleanup(role2Cleanup) - setRequest := sdk.NewAlterSnowflakeOauthCustomSecurityIntegrationRequest(id). + setRequest := sdk.NewAlterOauthCustomSecurityIntegrationRequest(id). WithSet( - sdk.NewSnowflakeOauthCustomIntegrationSetRequest(). + sdk.NewOauthCustomIntegrationSetRequest(). WithEnabled(sdk.Pointer(true)). WithBlockedRolesList(&sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). WithComment(sdk.Pointer("a")). @@ -439,13 +440,13 @@ func TestInt_SecurityIntegrations(t *testing.T) { WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)). WithPreAuthorizedRolesList(&sdk.PreAuthorizedRolesListRequest{PreAuthorizedRolesList: []sdk.AccountObjectIdentifier{role2.ID()}}), ) - err := client.SecurityIntegrations.AlterSnowflakeOauthCustom(ctx, setRequest) + err := client.SecurityIntegrations.AlterOauthCustom(ctx, setRequest) require.NoError(t, err) details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) - assertSnowflakeOauthCustom(details, snowflakeOauthPartnerDetails{ + assertOauthCustom(details, snowflakeOauthPartnerDetails{ enabled: "true", oauthIssueRefreshTokens: "true", refreshTokenValidity: "22222", @@ -456,16 +457,16 @@ func TestInt_SecurityIntegrations(t *testing.T) { comment: "a", }, "true", string(sdk.OauthSecurityIntegrationClientTypePublic), "true") - unsetRequest := sdk.NewAlterSnowflakeOauthCustomSecurityIntegrationRequest(id). + unsetRequest := sdk.NewAlterOauthCustomSecurityIntegrationRequest(id). WithUnset( - sdk.NewSnowflakeOauthCustomIntegrationUnsetRequest(). + sdk.NewOauthCustomIntegrationUnsetRequest(). WithEnabled(sdk.Bool(true)). WithOauthUseSecondaryRoles(sdk.Bool(true)). WithNetworkPolicy(sdk.Bool(true)). WithOauthClientRsaPublicKey(sdk.Bool(true)). WithOauthClientRsaPublicKey2(sdk.Bool(true)), ) - err = client.SecurityIntegrations.AlterSnowflakeOauthCustom(ctx, unsetRequest) + err = client.SecurityIntegrations.AlterOauthCustom(ctx, unsetRequest) require.NoError(t, err) details, err = client.SecurityIntegrations.Describe(ctx, id) @@ -478,12 +479,12 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_CLIENT_RSA_PUBLIC_KEY_2_FP", Type: "String", Value: "", Default: ""}) }) - t.Run("AlterSnowflakeOauthCustom - set and unset tags", func(t *testing.T) { + t.Run("AlterOauthCustom - set and unset tags", func(t *testing.T) { tag, tagCleanup := testClientHelper().Tag.CreateTag(t) t.Cleanup(tagCleanup) id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createSnowflakeOauthCustom(t, id, nil) + createOauthCustom(t, id, nil) tagValue := "abc" tags := []sdk.TagAssociation{ @@ -492,9 +493,9 @@ func TestInt_SecurityIntegrations(t *testing.T) { Value: tagValue, }, } - alterRequestSetTags := sdk.NewAlterSnowflakeOauthCustomSecurityIntegrationRequest(id).WithSetTags(tags) + alterRequestSetTags := sdk.NewAlterOauthCustomSecurityIntegrationRequest(id).WithSetTags(tags) - err := client.SecurityIntegrations.AlterSnowflakeOauthCustom(ctx, alterRequestSetTags) + err := client.SecurityIntegrations.AlterOauthCustom(ctx, alterRequestSetTags) require.NoError(t, err) returnedTagValue, err := client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) @@ -505,9 +506,9 @@ func TestInt_SecurityIntegrations(t *testing.T) { unsetTags := []sdk.ObjectIdentifier{ tag.ID(), } - alterRequestUnsetTags := sdk.NewAlterSnowflakeOauthCustomSecurityIntegrationRequest(id).WithUnsetTags(unsetTags) + alterRequestUnsetTags := sdk.NewAlterOauthCustomSecurityIntegrationRequest(id).WithUnsetTags(unsetTags) - err = client.SecurityIntegrations.AlterSnowflakeOauthCustom(ctx, alterRequestUnsetTags) + err = client.SecurityIntegrations.AlterOauthCustom(ctx, alterRequestUnsetTags) require.NoError(t, err) _, err = client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) @@ -745,11 +746,12 @@ func TestInt_SecurityIntegrations(t *testing.T) { assertSecurityIntegration(t, si, id, "SCIM - GENERIC", false, "") }) - t.Run("Show SnowflakeOauthPartner", func(t *testing.T) { + t.Run("Show OauthPartner", func(t *testing.T) { id := testClientHelper().Ids.RandomAccountObjectIdentifier() - si1 := createSnowflakeOauthPartner(t, id, nil) + si1 := createOauthPartner(t, id, nil) id2 := testClientHelper().Ids.RandomAccountObjectIdentifier() - si2 := createSnowflakeOauthPartner(t, id2, nil) + // more than one oauth partner integration is not allowed, create a custom one + si2 := createOauthCustom(t, id2, nil) returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(&sdk.Like{ Pattern: sdk.Pointer(id.Name()), @@ -759,11 +761,11 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.NotContains(t, returnedIntegrations, *si2) }) - t.Run("Show SnowflakeOauthCustom", func(t *testing.T) { + t.Run("Show OauthCustom", func(t *testing.T) { id := testClientHelper().Ids.RandomAccountObjectIdentifier() - si1 := createSnowflakeOauthCustom(t, id, nil) + si1 := createOauthCustom(t, id, nil) id2 := testClientHelper().Ids.RandomAccountObjectIdentifier() - si2 := createSnowflakeOauthCustom(t, id2, nil) + si2 := createOauthCustom(t, id2, nil) returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(&sdk.Like{ Pattern: sdk.Pointer(id.Name()), From a1b3413ce24f05973451d3e3ddf6fbd00db10c82 Mon Sep 17 00:00:00 2001 From: Jakub Michalak Date: Wed, 22 May 2024 10:01:06 +0200 Subject: [PATCH 3/4] Fix --- pkg/sdk/security_integrations_def.go | 16 ++++++------- pkg/sdk/security_integrations_dto_gen.go | 14 +++++------ pkg/sdk/security_integrations_gen.go | 24 +++++++++---------- ...urity_integrations_gen_integration_test.go | 14 +++++------ 4 files changed, 34 insertions(+), 34 deletions(-) diff --git a/pkg/sdk/security_integrations_def.go b/pkg/sdk/security_integrations_def.go index 48ad887aad..fa82901986 100644 --- a/pkg/sdk/security_integrations_def.go +++ b/pkg/sdk/security_integrations_def.go @@ -78,7 +78,7 @@ func alterSecurityIntegrationOperation(structName string, apply func(qs *g.Query return qs } -var snowflakeOauthPartnerIntegrationSetDef = g.NewQueryStruct("OauthPartnerIntegrationSet"). +var oauthPartnerIntegrationSetDef = g.NewQueryStruct("OauthPartnerIntegrationSet"). OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). OptionalTextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().SingleQuotes()). OptionalBooleanAssignment("OAUTH_ISSUE_REFRESH_TOKENS", g.ParameterOptions()). @@ -93,12 +93,12 @@ var snowflakeOauthPartnerIntegrationSetDef = g.NewQueryStruct("OauthPartnerInteg WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthRedirectUri", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment") -var snowflakeOauthPartnerIntegrationUnsetDef = g.NewQueryStruct("OauthPartnerIntegrationUnset"). +var oauthPartnerIntegrationUnsetDef = g.NewQueryStruct("OauthPartnerIntegrationUnset"). OptionalSQL("ENABLED"). OptionalSQL("OAUTH_USE_SECONDARY_ROLES"). WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthUseSecondaryRoles") -var snowflakeOauthCustomIntegrationSetDef = g.NewQueryStruct("OauthCustomIntegrationSet"). +var oauthCustomIntegrationSetDef = g.NewQueryStruct("OauthCustomIntegrationSet"). OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). OptionalTextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().SingleQuotes()). OptionalBooleanAssignment("OAUTH_ALLOW_NON_TLS_REDIRECT_URI", g.ParameterOptions()). @@ -120,7 +120,7 @@ var snowflakeOauthCustomIntegrationSetDef = g.NewQueryStruct("OauthCustomIntegra "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment") -var snowflakeOauthCustomIntegrationUnsetDef = g.NewQueryStruct("OauthCustomIntegrationUnset"). +var oauthCustomIntegrationUnsetDef = g.NewQueryStruct("OauthCustomIntegrationUnset"). OptionalSQL("ENABLED"). OptionalSQL("OAUTH_USE_SECONDARY_ROLES"). OptionalSQL("NETWORK_POLICY"). @@ -284,11 +284,11 @@ var SecurityIntegrationsDef = g.NewInterface( alterSecurityIntegrationOperation("AlterOauthPartner", func(qs *g.QueryStruct) *g.QueryStruct { return qs.OptionalQueryStructField( "Set", - snowflakeOauthPartnerIntegrationSetDef, + oauthPartnerIntegrationSetDef, g.ListOptions().NoParentheses().SQL("SET"), ).OptionalQueryStructField( "Unset", - snowflakeOauthPartnerIntegrationUnsetDef, + oauthPartnerIntegrationUnsetDef, g.ListOptions().NoParentheses().SQL("UNSET"), ).WithValidation(g.ExactlyOneValueSet, "Set", "Unset", "SetTags", "UnsetTags") }), @@ -299,11 +299,11 @@ var SecurityIntegrationsDef = g.NewInterface( alterSecurityIntegrationOperation("AlterOauthCustom", func(qs *g.QueryStruct) *g.QueryStruct { return qs.OptionalQueryStructField( "Set", - snowflakeOauthCustomIntegrationSetDef, + oauthCustomIntegrationSetDef, g.ListOptions().NoParentheses().SQL("SET"), ).OptionalQueryStructField( "Unset", - snowflakeOauthCustomIntegrationUnsetDef, + oauthCustomIntegrationUnsetDef, g.ListOptions().NoParentheses().SQL("UNSET"), ).WithValidation(g.ExactlyOneValueSet, "Set", "Unset", "SetTags", "UnsetTags") }), diff --git a/pkg/sdk/security_integrations_dto_gen.go b/pkg/sdk/security_integrations_dto_gen.go index d0254ba12a..c177fd6c47 100644 --- a/pkg/sdk/security_integrations_dto_gen.go +++ b/pkg/sdk/security_integrations_dto_gen.go @@ -5,15 +5,15 @@ package sdk var ( _ optionsProvider[CreateOauthPartnerSecurityIntegrationOptions] = new(CreateOauthPartnerSecurityIntegrationRequest) _ optionsProvider[CreateOauthCustomSecurityIntegrationOptions] = new(CreateOauthCustomSecurityIntegrationRequest) - _ optionsProvider[CreateSaml2SecurityIntegrationOptions] = new(CreateSaml2SecurityIntegrationRequest) - _ optionsProvider[CreateScimSecurityIntegrationOptions] = new(CreateScimSecurityIntegrationRequest) + _ optionsProvider[CreateSaml2SecurityIntegrationOptions] = new(CreateSaml2SecurityIntegrationRequest) + _ optionsProvider[CreateScimSecurityIntegrationOptions] = new(CreateScimSecurityIntegrationRequest) _ optionsProvider[AlterOauthPartnerSecurityIntegrationOptions] = new(AlterOauthPartnerSecurityIntegrationRequest) _ optionsProvider[AlterOauthCustomSecurityIntegrationOptions] = new(AlterOauthCustomSecurityIntegrationRequest) - _ optionsProvider[AlterSaml2SecurityIntegrationOptions] = new(AlterSaml2SecurityIntegrationRequest) - _ optionsProvider[AlterScimSecurityIntegrationOptions] = new(AlterScimSecurityIntegrationRequest) - _ optionsProvider[DropSecurityIntegrationOptions] = new(DropSecurityIntegrationRequest) - _ optionsProvider[DescribeSecurityIntegrationOptions] = new(DescribeSecurityIntegrationRequest) - _ optionsProvider[ShowSecurityIntegrationOptions] = new(ShowSecurityIntegrationRequest) + _ optionsProvider[AlterSaml2SecurityIntegrationOptions] = new(AlterSaml2SecurityIntegrationRequest) + _ optionsProvider[AlterScimSecurityIntegrationOptions] = new(AlterScimSecurityIntegrationRequest) + _ optionsProvider[DropSecurityIntegrationOptions] = new(DropSecurityIntegrationRequest) + _ optionsProvider[DescribeSecurityIntegrationOptions] = new(DescribeSecurityIntegrationRequest) + _ optionsProvider[ShowSecurityIntegrationOptions] = new(ShowSecurityIntegrationRequest) ) type CreateOauthPartnerSecurityIntegrationRequest struct { diff --git a/pkg/sdk/security_integrations_gen.go b/pkg/sdk/security_integrations_gen.go index cd9856fb70..fda4a3be15 100644 --- a/pkg/sdk/security_integrations_gen.go +++ b/pkg/sdk/security_integrations_gen.go @@ -125,12 +125,12 @@ type CreateScimSecurityIntegrationOptions struct { // AlterOauthPartnerSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. type AlterOauthPartnerSecurityIntegrationOptions struct { - alter bool `ddl:"static" sql:"ALTER"` - securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` - IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` - name AccountObjectIdentifier `ddl:"identifier"` - SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` - UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` + alter bool `ddl:"static" sql:"ALTER"` + securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` + IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` + name AccountObjectIdentifier `ddl:"identifier"` + SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` + UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` Set *OauthPartnerIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` Unset *OauthPartnerIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` } @@ -152,12 +152,12 @@ type OauthPartnerIntegrationUnset struct { // AlterOauthCustomSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. type AlterOauthCustomSecurityIntegrationOptions struct { - alter bool `ddl:"static" sql:"ALTER"` - securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` - IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` - name AccountObjectIdentifier `ddl:"identifier"` - SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` - UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` + alter bool `ddl:"static" sql:"ALTER"` + securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` + IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` + name AccountObjectIdentifier `ddl:"identifier"` + SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` + UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` Set *OauthCustomIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` Unset *OauthCustomIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` } diff --git a/pkg/sdk/testint/security_integrations_gen_integration_test.go b/pkg/sdk/testint/security_integrations_gen_integration_test.go index 8fa73e9752..efab867862 100644 --- a/pkg/sdk/testint/security_integrations_gen_integration_test.go +++ b/pkg/sdk/testint/security_integrations_gen_integration_test.go @@ -107,7 +107,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.Equal(t, "SECURITY", si.Category) } - type snowflakeOauthPartnerDetails struct { + type oauthPartnerDetails struct { enabled string oauthIssueRefreshTokens string refreshTokenValidity string @@ -118,7 +118,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { comment string } - assertOauthPartner := func(details []sdk.SecurityIntegrationProperty, d snowflakeOauthPartnerDetails) { + assertOauthPartner := func(details []sdk.SecurityIntegrationProperty, d oauthPartnerDetails) { assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "ENABLED", Type: "Boolean", Value: d.enabled, Default: "false"}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_ISSUE_REFRESH_TOKENS", Type: "Boolean", Value: d.oauthIssueRefreshTokens, Default: "true"}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_REFRESH_TOKEN_VALIDITY", Type: "Integer", Value: d.refreshTokenValidity, Default: "7776000"}) @@ -135,7 +135,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { } } - assertOauthCustom := func(details []sdk.SecurityIntegrationProperty, d snowflakeOauthPartnerDetails, allowNonTlsRedirectUri, clientType, enforcePkce string) { + assertOauthCustom := func(details []sdk.SecurityIntegrationProperty, d oauthPartnerDetails, allowNonTlsRedirectUri, clientType, enforcePkce string) { assertOauthPartner(details, d) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_ALLOW_NON_TLS_REDIRECT_URI", Type: "Boolean", Value: allowNonTlsRedirectUri, Default: "false"}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "OAUTH_CLIENT_TYPE", Type: "String", Value: clientType, Default: "CONFIDENTIAL"}) @@ -210,7 +210,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) - assertOauthPartner(details, snowflakeOauthPartnerDetails{ + assertOauthPartner(details, oauthPartnerDetails{ enabled: "true", oauthIssueRefreshTokens: "true", refreshTokenValidity: "12345", @@ -248,7 +248,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) - assertOauthCustom(details, snowflakeOauthPartnerDetails{ + assertOauthCustom(details, oauthPartnerDetails{ enabled: "true", oauthIssueRefreshTokens: "true", refreshTokenValidity: "12345", @@ -349,7 +349,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) - assertOauthPartner(details, snowflakeOauthPartnerDetails{ + assertOauthPartner(details, oauthPartnerDetails{ enabled: "true", oauthIssueRefreshTokens: "true", refreshTokenValidity: "22222", @@ -446,7 +446,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) - assertOauthCustom(details, snowflakeOauthPartnerDetails{ + assertOauthCustom(details, oauthPartnerDetails{ enabled: "true", oauthIssueRefreshTokens: "true", refreshTokenValidity: "22222", From 8b48c4048f2bfb4d9e56cda9bd3e532de1a58bde Mon Sep 17 00:00:00 2001 From: Jakub Michalak Date: Thu, 23 May 2024 14:41:31 +0200 Subject: [PATCH 4/4] Fixes --- .../helpers/security_integration_client.go | 2 +- pkg/sdk/security_integrations_def.go | 56 +- .../security_integrations_dto_builders_gen.go | 484 +++++++++--------- pkg/sdk/security_integrations_dto_gen.go | 56 +- pkg/sdk/security_integrations_gen.go | 70 +-- pkg/sdk/security_integrations_gen_test.go | 108 ++-- pkg/sdk/security_integrations_impl_gen.go | 40 +- .../security_integrations_validations_gen.go | 39 +- ...urity_integrations_gen_integration_test.go | 367 +++++++------ 9 files changed, 604 insertions(+), 618 deletions(-) diff --git a/pkg/acceptance/helpers/security_integration_client.go b/pkg/acceptance/helpers/security_integration_client.go index 0c37b0b48d..1b47feaaa6 100644 --- a/pkg/acceptance/helpers/security_integration_client.go +++ b/pkg/acceptance/helpers/security_integration_client.go @@ -66,7 +66,7 @@ func (c *SecurityIntegrationClient) DropSecurityIntegrationFunc(t *testing.T, id ctx := context.Background() return func() { - err := c.client().Drop(ctx, sdk.NewDropSecurityIntegrationRequest(id).WithIfExists(sdk.Bool(true))) + err := c.client().Drop(ctx, sdk.NewDropSecurityIntegrationRequest(id).WithIfExists(true)) require.NoError(t, err) } } diff --git a/pkg/sdk/security_integrations_def.go b/pkg/sdk/security_integrations_def.go index fa82901986..eb543cc08c 100644 --- a/pkg/sdk/security_integrations_def.go +++ b/pkg/sdk/security_integrations_def.go @@ -51,21 +51,21 @@ var ( List("BlockedRolesList", "AccountObjectIdentifier", g.ListOptions().MustParentheses()) ) -func createSecurityIntegrationOperation(structName string, apply func(qs *g.QueryStruct) *g.QueryStruct) *g.QueryStruct { +func createSecurityIntegrationOperation(structName string, opts func(qs *g.QueryStruct) *g.QueryStruct) *g.QueryStruct { qs := g.NewQueryStruct(structName). Create(). OrReplace(). SQL("SECURITY INTEGRATION"). IfNotExists(). Name() - qs = apply(qs) + qs = opts(qs) return qs. OptionalComment(). WithValidation(g.ValidIdentifier, "name"). WithValidation(g.ConflictingFields, "OrReplace", "IfNotExists") } -func alterSecurityIntegrationOperation(structName string, apply func(qs *g.QueryStruct) *g.QueryStruct) *g.QueryStruct { +func alterSecurityIntegrationOperation(structName string, opts func(qs *g.QueryStruct) *g.QueryStruct) *g.QueryStruct { qs := g.NewQueryStruct(structName). Alter(). SQL("SECURITY INTEGRATION"). @@ -74,14 +74,14 @@ func alterSecurityIntegrationOperation(structName string, apply func(qs *g.Query OptionalSetTags(). OptionalUnsetTags(). WithValidation(g.ValidIdentifier, "name") - qs = apply(qs) + qs = opts(qs) return qs } -var oauthPartnerIntegrationSetDef = g.NewQueryStruct("OauthPartnerIntegrationSet"). +var oauthForPartnerApplicationsIntegrationSetDef = g.NewQueryStruct("OauthForPartnerApplicationsIntegrationSet"). OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). - OptionalTextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().SingleQuotes()). OptionalBooleanAssignment("OAUTH_ISSUE_REFRESH_TOKENS", g.ParameterOptions()). + OptionalTextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().SingleQuotes()). OptionalNumberAssignment("OAUTH_REFRESH_TOKEN_VALIDITY", g.ParameterOptions()). OptionalAssignment( "OAUTH_USE_SECONDARY_ROLES", @@ -90,28 +90,28 @@ var oauthPartnerIntegrationSetDef = g.NewQueryStruct("OauthPartnerIntegrationSet ). OptionalQueryStructField("BlockedRolesList", blockedRolesListDef, g.ParameterOptions().SQL("BLOCKED_ROLES_LIST").Parentheses()). OptionalComment(). - WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthRedirectUri", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", + WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthIssueRefreshTokens", "OauthRedirectUri", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment") -var oauthPartnerIntegrationUnsetDef = g.NewQueryStruct("OauthPartnerIntegrationUnset"). +var oauthForPartnerApplicationsIntegrationUnsetDef = g.NewQueryStruct("OauthForPartnerApplicationsIntegrationUnset"). OptionalSQL("ENABLED"). OptionalSQL("OAUTH_USE_SECONDARY_ROLES"). WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthUseSecondaryRoles") -var oauthCustomIntegrationSetDef = g.NewQueryStruct("OauthCustomIntegrationSet"). +var oauthForCustomClientsIntegrationSetDef = g.NewQueryStruct("OauthForCustomClientsIntegrationSet"). OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). OptionalTextAssignment("OAUTH_REDIRECT_URI", g.ParameterOptions().SingleQuotes()). OptionalBooleanAssignment("OAUTH_ALLOW_NON_TLS_REDIRECT_URI", g.ParameterOptions()). OptionalBooleanAssignment("OAUTH_ENFORCE_PKCE", g.ParameterOptions()). + OptionalQueryStructField("PreAuthorizedRolesList", preAuthorizedRolesListDef, g.ParameterOptions().SQL("PRE_AUTHORIZED_ROLES_LIST").Parentheses()). + OptionalQueryStructField("BlockedRolesList", blockedRolesListDef, g.ParameterOptions().SQL("BLOCKED_ROLES_LIST").Parentheses()). + OptionalBooleanAssignment("OAUTH_ISSUE_REFRESH_TOKENS", g.ParameterOptions()). + OptionalNumberAssignment("OAUTH_REFRESH_TOKEN_VALIDITY", g.ParameterOptions()). OptionalAssignment( "OAUTH_USE_SECONDARY_ROLES", g.KindOfT[OauthSecurityIntegrationUseSecondaryRolesOption](), g.ParameterOptions(), ). - OptionalQueryStructField("PreAuthorizedRolesList", preAuthorizedRolesListDef, g.ParameterOptions().SQL("PRE_AUTHORIZED_ROLES_LIST").Parentheses()). - OptionalQueryStructField("BlockedRolesList", blockedRolesListDef, g.ParameterOptions().SQL("BLOCKED_ROLES_LIST").Parentheses()). - OptionalBooleanAssignment("OAUTH_ISSUE_REFRESH_TOKENS", g.ParameterOptions()). - OptionalNumberAssignment("OAUTH_REFRESH_TOKEN_VALIDITY", g.ParameterOptions()). OptionalIdentifier("NetworkPolicy", g.KindOfT[AccountObjectIdentifier](), g.IdentifierOptions().Equals().SQL("NETWORK_POLICY")). OptionalTextAssignment("OAUTH_CLIENT_RSA_PUBLIC_KEY", g.ParameterOptions().SingleQuotes()). OptionalTextAssignment("OAUTH_CLIENT_RSA_PUBLIC_KEY_2", g.ParameterOptions().SingleQuotes()). @@ -120,13 +120,13 @@ var oauthCustomIntegrationSetDef = g.NewQueryStruct("OauthCustomIntegrationSet") "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment") -var oauthCustomIntegrationUnsetDef = g.NewQueryStruct("OauthCustomIntegrationUnset"). +var oauthForCustomClientsIntegrationUnsetDef = g.NewQueryStruct("OauthForCustomClientsIntegrationUnset"). OptionalSQL("ENABLED"). - OptionalSQL("OAUTH_USE_SECONDARY_ROLES"). OptionalSQL("NETWORK_POLICY"). OptionalSQL("OAUTH_CLIENT_RSA_PUBLIC_KEY"). OptionalSQL("OAUTH_CLIENT_RSA_PUBLIC_KEY_2"). - WithValidation(g.AtLeastOneValueSet, "Enabled", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2") + OptionalSQL("OAUTH_USE_SECONDARY_ROLES"). + WithValidation(g.AtLeastOneValueSet, "Enabled", "NetworkPolicy", "OauthUseSecondaryRoles", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2") var saml2IntegrationSetDef = g.NewQueryStruct("Saml2IntegrationSet"). OptionalBooleanAssignment("ENABLED", g.ParameterOptions()). @@ -177,9 +177,9 @@ var SecurityIntegrationsDef = g.NewInterface( g.KindOfT[AccountObjectIdentifier](), ). CustomOperation( - "CreateOauthPartner", + "CreateOauthForPartnerApplications", "https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake", - createSecurityIntegrationOperation("CreateOauthPartner", func(qs *g.QueryStruct) *g.QueryStruct { + createSecurityIntegrationOperation("CreateOauthForPartnerApplications", func(qs *g.QueryStruct) *g.QueryStruct { return qs. PredefinedQueryStructField("integrationType", "string", g.StaticOptions().SQL("TYPE = OAUTH")). Assignment( @@ -202,9 +202,9 @@ var SecurityIntegrationsDef = g.NewInterface( blockedRolesListDef, ). CustomOperation( - "CreateOauthCustom", + "CreateOauthForCustomClients", "https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake", - createSecurityIntegrationOperation("CreateOauthCustom", func(qs *g.QueryStruct) *g.QueryStruct { + createSecurityIntegrationOperation("CreateOauthForCustomClients", func(qs *g.QueryStruct) *g.QueryStruct { return qs. PredefinedQueryStructField("integrationType", "string", g.StaticOptions().SQL("TYPE = OAUTH")). PredefinedQueryStructField("oauthClient", "string", g.StaticOptions().SQL("OAUTH_CLIENT = CUSTOM")). @@ -279,31 +279,31 @@ var SecurityIntegrationsDef = g.NewInterface( }), ). CustomOperation( - "AlterOauthPartner", + "AlterOauthForPartnerApplications", "https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake", - alterSecurityIntegrationOperation("AlterOauthPartner", func(qs *g.QueryStruct) *g.QueryStruct { + alterSecurityIntegrationOperation("AlterOauthForPartnerApplications", func(qs *g.QueryStruct) *g.QueryStruct { return qs.OptionalQueryStructField( "Set", - oauthPartnerIntegrationSetDef, + oauthForPartnerApplicationsIntegrationSetDef, g.ListOptions().NoParentheses().SQL("SET"), ).OptionalQueryStructField( "Unset", - oauthPartnerIntegrationUnsetDef, + oauthForPartnerApplicationsIntegrationUnsetDef, g.ListOptions().NoParentheses().SQL("UNSET"), ).WithValidation(g.ExactlyOneValueSet, "Set", "Unset", "SetTags", "UnsetTags") }), ). CustomOperation( - "AlterOauthCustom", + "AlterOauthForCustomClients", "https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake", - alterSecurityIntegrationOperation("AlterOauthCustom", func(qs *g.QueryStruct) *g.QueryStruct { + alterSecurityIntegrationOperation("AlterOauthForCustomClients", func(qs *g.QueryStruct) *g.QueryStruct { return qs.OptionalQueryStructField( "Set", - oauthCustomIntegrationSetDef, + oauthForCustomClientsIntegrationSetDef, g.ListOptions().NoParentheses().SQL("SET"), ).OptionalQueryStructField( "Unset", - oauthCustomIntegrationUnsetDef, + oauthForCustomClientsIntegrationUnsetDef, g.ListOptions().NoParentheses().SQL("UNSET"), ).WithValidation(g.ExactlyOneValueSet, "Set", "Unset", "SetTags", "UnsetTags") }), diff --git a/pkg/sdk/security_integrations_dto_builders_gen.go b/pkg/sdk/security_integrations_dto_builders_gen.go index 163c74f8d4..baed7353ef 100644 --- a/pkg/sdk/security_integrations_dto_builders_gen.go +++ b/pkg/sdk/security_integrations_dto_builders_gen.go @@ -4,58 +4,58 @@ package sdk import () -func NewCreateOauthPartnerSecurityIntegrationRequest( +func NewCreateOauthForPartnerApplicationsSecurityIntegrationRequest( name AccountObjectIdentifier, OauthClient OauthSecurityIntegrationClientOption, -) *CreateOauthPartnerSecurityIntegrationRequest { - s := CreateOauthPartnerSecurityIntegrationRequest{} +) *CreateOauthForPartnerApplicationsSecurityIntegrationRequest { + s := CreateOauthForPartnerApplicationsSecurityIntegrationRequest{} s.name = name s.OauthClient = OauthClient return &s } -func (s *CreateOauthPartnerSecurityIntegrationRequest) WithOrReplace(OrReplace *bool) *CreateOauthPartnerSecurityIntegrationRequest { - s.OrReplace = OrReplace +func (s *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) WithOrReplace(OrReplace bool) *CreateOauthForPartnerApplicationsSecurityIntegrationRequest { + s.OrReplace = &OrReplace return s } -func (s *CreateOauthPartnerSecurityIntegrationRequest) WithIfNotExists(IfNotExists *bool) *CreateOauthPartnerSecurityIntegrationRequest { - s.IfNotExists = IfNotExists +func (s *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) WithIfNotExists(IfNotExists bool) *CreateOauthForPartnerApplicationsSecurityIntegrationRequest { + s.IfNotExists = &IfNotExists return s } -func (s *CreateOauthPartnerSecurityIntegrationRequest) WithOauthRedirectUri(OauthRedirectUri *string) *CreateOauthPartnerSecurityIntegrationRequest { - s.OauthRedirectUri = OauthRedirectUri +func (s *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) WithOauthRedirectUri(OauthRedirectUri string) *CreateOauthForPartnerApplicationsSecurityIntegrationRequest { + s.OauthRedirectUri = &OauthRedirectUri return s } -func (s *CreateOauthPartnerSecurityIntegrationRequest) WithEnabled(Enabled *bool) *CreateOauthPartnerSecurityIntegrationRequest { - s.Enabled = Enabled +func (s *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) WithEnabled(Enabled bool) *CreateOauthForPartnerApplicationsSecurityIntegrationRequest { + s.Enabled = &Enabled return s } -func (s *CreateOauthPartnerSecurityIntegrationRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *CreateOauthPartnerSecurityIntegrationRequest { - s.OauthIssueRefreshTokens = OauthIssueRefreshTokens +func (s *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens bool) *CreateOauthForPartnerApplicationsSecurityIntegrationRequest { + s.OauthIssueRefreshTokens = &OauthIssueRefreshTokens return s } -func (s *CreateOauthPartnerSecurityIntegrationRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *CreateOauthPartnerSecurityIntegrationRequest { - s.OauthRefreshTokenValidity = OauthRefreshTokenValidity +func (s *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity int) *CreateOauthForPartnerApplicationsSecurityIntegrationRequest { + s.OauthRefreshTokenValidity = &OauthRefreshTokenValidity return s } -func (s *CreateOauthPartnerSecurityIntegrationRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *CreateOauthPartnerSecurityIntegrationRequest { - s.OauthUseSecondaryRoles = OauthUseSecondaryRoles +func (s *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles OauthSecurityIntegrationUseSecondaryRolesOption) *CreateOauthForPartnerApplicationsSecurityIntegrationRequest { + s.OauthUseSecondaryRoles = &OauthUseSecondaryRoles return s } -func (s *CreateOauthPartnerSecurityIntegrationRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *CreateOauthPartnerSecurityIntegrationRequest { - s.BlockedRolesList = BlockedRolesList +func (s *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) WithBlockedRolesList(BlockedRolesList BlockedRolesListRequest) *CreateOauthForPartnerApplicationsSecurityIntegrationRequest { + s.BlockedRolesList = &BlockedRolesList return s } -func (s *CreateOauthPartnerSecurityIntegrationRequest) WithComment(Comment *string) *CreateOauthPartnerSecurityIntegrationRequest { - s.Comment = Comment +func (s *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) WithComment(Comment string) *CreateOauthForPartnerApplicationsSecurityIntegrationRequest { + s.Comment = &Comment return s } @@ -68,85 +68,85 @@ func (s *BlockedRolesListRequest) WithBlockedRolesList(BlockedRolesList []Accoun return s } -func NewCreateOauthCustomSecurityIntegrationRequest( +func NewCreateOauthForCustomClientsSecurityIntegrationRequest( name AccountObjectIdentifier, OauthClientType OauthSecurityIntegrationClientTypeOption, OauthRedirectUri string, -) *CreateOauthCustomSecurityIntegrationRequest { - s := CreateOauthCustomSecurityIntegrationRequest{} +) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s := CreateOauthForCustomClientsSecurityIntegrationRequest{} s.name = name s.OauthClientType = OauthClientType s.OauthRedirectUri = OauthRedirectUri return &s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithOrReplace(OrReplace *bool) *CreateOauthCustomSecurityIntegrationRequest { - s.OrReplace = OrReplace +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithOrReplace(OrReplace bool) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.OrReplace = &OrReplace return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithIfNotExists(IfNotExists *bool) *CreateOauthCustomSecurityIntegrationRequest { - s.IfNotExists = IfNotExists +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithIfNotExists(IfNotExists bool) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.IfNotExists = &IfNotExists return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithEnabled(Enabled *bool) *CreateOauthCustomSecurityIntegrationRequest { - s.Enabled = Enabled +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithEnabled(Enabled bool) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.Enabled = &Enabled return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthAllowNonTlsRedirectUri(OauthAllowNonTlsRedirectUri *bool) *CreateOauthCustomSecurityIntegrationRequest { - s.OauthAllowNonTlsRedirectUri = OauthAllowNonTlsRedirectUri +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithOauthAllowNonTlsRedirectUri(OauthAllowNonTlsRedirectUri bool) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.OauthAllowNonTlsRedirectUri = &OauthAllowNonTlsRedirectUri return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthEnforcePkce(OauthEnforcePkce *bool) *CreateOauthCustomSecurityIntegrationRequest { - s.OauthEnforcePkce = OauthEnforcePkce +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithOauthEnforcePkce(OauthEnforcePkce bool) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.OauthEnforcePkce = &OauthEnforcePkce return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *CreateOauthCustomSecurityIntegrationRequest { - s.OauthUseSecondaryRoles = OauthUseSecondaryRoles +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles OauthSecurityIntegrationUseSecondaryRolesOption) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.OauthUseSecondaryRoles = &OauthUseSecondaryRoles return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList *PreAuthorizedRolesListRequest) *CreateOauthCustomSecurityIntegrationRequest { - s.PreAuthorizedRolesList = PreAuthorizedRolesList +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList PreAuthorizedRolesListRequest) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.PreAuthorizedRolesList = &PreAuthorizedRolesList return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *CreateOauthCustomSecurityIntegrationRequest { - s.BlockedRolesList = BlockedRolesList +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithBlockedRolesList(BlockedRolesList BlockedRolesListRequest) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.BlockedRolesList = &BlockedRolesList return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *CreateOauthCustomSecurityIntegrationRequest { - s.OauthIssueRefreshTokens = OauthIssueRefreshTokens +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens bool) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.OauthIssueRefreshTokens = &OauthIssueRefreshTokens return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *CreateOauthCustomSecurityIntegrationRequest { - s.OauthRefreshTokenValidity = OauthRefreshTokenValidity +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity int) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.OauthRefreshTokenValidity = &OauthRefreshTokenValidity return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithNetworkPolicy(NetworkPolicy *AccountObjectIdentifier) *CreateOauthCustomSecurityIntegrationRequest { - s.NetworkPolicy = NetworkPolicy +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithNetworkPolicy(NetworkPolicy AccountObjectIdentifier) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.NetworkPolicy = &NetworkPolicy return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *string) *CreateOauthCustomSecurityIntegrationRequest { - s.OauthClientRsaPublicKey = OauthClientRsaPublicKey +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey string) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.OauthClientRsaPublicKey = &OauthClientRsaPublicKey return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *string) *CreateOauthCustomSecurityIntegrationRequest { - s.OauthClientRsaPublicKey2 = OauthClientRsaPublicKey2 +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 string) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.OauthClientRsaPublicKey2 = &OauthClientRsaPublicKey2 return s } -func (s *CreateOauthCustomSecurityIntegrationRequest) WithComment(Comment *string) *CreateOauthCustomSecurityIntegrationRequest { - s.Comment = Comment +func (s *CreateOauthForCustomClientsSecurityIntegrationRequest) WithComment(Comment string) *CreateOauthForCustomClientsSecurityIntegrationRequest { + s.Comment = &Comment return s } @@ -177,13 +177,13 @@ func NewCreateSaml2SecurityIntegrationRequest( return &s } -func (s *CreateSaml2SecurityIntegrationRequest) WithOrReplace(OrReplace *bool) *CreateSaml2SecurityIntegrationRequest { - s.OrReplace = OrReplace +func (s *CreateSaml2SecurityIntegrationRequest) WithOrReplace(OrReplace bool) *CreateSaml2SecurityIntegrationRequest { + s.OrReplace = &OrReplace return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithIfNotExists(IfNotExists *bool) *CreateSaml2SecurityIntegrationRequest { - s.IfNotExists = IfNotExists +func (s *CreateSaml2SecurityIntegrationRequest) WithIfNotExists(IfNotExists bool) *CreateSaml2SecurityIntegrationRequest { + s.IfNotExists = &IfNotExists return s } @@ -197,53 +197,53 @@ func (s *CreateSaml2SecurityIntegrationRequest) WithAllowedEmailPatterns(Allowed return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2SpInitiatedLoginPageLabel(Saml2SpInitiatedLoginPageLabel *string) *CreateSaml2SecurityIntegrationRequest { - s.Saml2SpInitiatedLoginPageLabel = Saml2SpInitiatedLoginPageLabel +func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2SpInitiatedLoginPageLabel(Saml2SpInitiatedLoginPageLabel string) *CreateSaml2SecurityIntegrationRequest { + s.Saml2SpInitiatedLoginPageLabel = &Saml2SpInitiatedLoginPageLabel return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2EnableSpInitiated(Saml2EnableSpInitiated *bool) *CreateSaml2SecurityIntegrationRequest { - s.Saml2EnableSpInitiated = Saml2EnableSpInitiated +func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2EnableSpInitiated(Saml2EnableSpInitiated bool) *CreateSaml2SecurityIntegrationRequest { + s.Saml2EnableSpInitiated = &Saml2EnableSpInitiated return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2SnowflakeX509Cert(Saml2SnowflakeX509Cert *string) *CreateSaml2SecurityIntegrationRequest { - s.Saml2SnowflakeX509Cert = Saml2SnowflakeX509Cert +func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2SnowflakeX509Cert(Saml2SnowflakeX509Cert string) *CreateSaml2SecurityIntegrationRequest { + s.Saml2SnowflakeX509Cert = &Saml2SnowflakeX509Cert return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2SignRequest(Saml2SignRequest *bool) *CreateSaml2SecurityIntegrationRequest { - s.Saml2SignRequest = Saml2SignRequest +func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2SignRequest(Saml2SignRequest bool) *CreateSaml2SecurityIntegrationRequest { + s.Saml2SignRequest = &Saml2SignRequest return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2RequestedNameidFormat(Saml2RequestedNameidFormat *string) *CreateSaml2SecurityIntegrationRequest { - s.Saml2RequestedNameidFormat = Saml2RequestedNameidFormat +func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2RequestedNameidFormat(Saml2RequestedNameidFormat string) *CreateSaml2SecurityIntegrationRequest { + s.Saml2RequestedNameidFormat = &Saml2RequestedNameidFormat return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2PostLogoutRedirectUrl(Saml2PostLogoutRedirectUrl *string) *CreateSaml2SecurityIntegrationRequest { - s.Saml2PostLogoutRedirectUrl = Saml2PostLogoutRedirectUrl +func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2PostLogoutRedirectUrl(Saml2PostLogoutRedirectUrl string) *CreateSaml2SecurityIntegrationRequest { + s.Saml2PostLogoutRedirectUrl = &Saml2PostLogoutRedirectUrl return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2ForceAuthn(Saml2ForceAuthn *bool) *CreateSaml2SecurityIntegrationRequest { - s.Saml2ForceAuthn = Saml2ForceAuthn +func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2ForceAuthn(Saml2ForceAuthn bool) *CreateSaml2SecurityIntegrationRequest { + s.Saml2ForceAuthn = &Saml2ForceAuthn return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2SnowflakeIssuerUrl(Saml2SnowflakeIssuerUrl *string) *CreateSaml2SecurityIntegrationRequest { - s.Saml2SnowflakeIssuerUrl = Saml2SnowflakeIssuerUrl +func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2SnowflakeIssuerUrl(Saml2SnowflakeIssuerUrl string) *CreateSaml2SecurityIntegrationRequest { + s.Saml2SnowflakeIssuerUrl = &Saml2SnowflakeIssuerUrl return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2SnowflakeAcsUrl(Saml2SnowflakeAcsUrl *string) *CreateSaml2SecurityIntegrationRequest { - s.Saml2SnowflakeAcsUrl = Saml2SnowflakeAcsUrl +func (s *CreateSaml2SecurityIntegrationRequest) WithSaml2SnowflakeAcsUrl(Saml2SnowflakeAcsUrl string) *CreateSaml2SecurityIntegrationRequest { + s.Saml2SnowflakeAcsUrl = &Saml2SnowflakeAcsUrl return s } -func (s *CreateSaml2SecurityIntegrationRequest) WithComment(Comment *string) *CreateSaml2SecurityIntegrationRequest { - s.Comment = Comment +func (s *CreateSaml2SecurityIntegrationRequest) WithComment(Comment string) *CreateSaml2SecurityIntegrationRequest { + s.Comment = &Comment return s } @@ -261,245 +261,245 @@ func NewCreateScimSecurityIntegrationRequest( return &s } -func (s *CreateScimSecurityIntegrationRequest) WithOrReplace(OrReplace *bool) *CreateScimSecurityIntegrationRequest { - s.OrReplace = OrReplace +func (s *CreateScimSecurityIntegrationRequest) WithOrReplace(OrReplace bool) *CreateScimSecurityIntegrationRequest { + s.OrReplace = &OrReplace return s } -func (s *CreateScimSecurityIntegrationRequest) WithIfNotExists(IfNotExists *bool) *CreateScimSecurityIntegrationRequest { - s.IfNotExists = IfNotExists +func (s *CreateScimSecurityIntegrationRequest) WithIfNotExists(IfNotExists bool) *CreateScimSecurityIntegrationRequest { + s.IfNotExists = &IfNotExists return s } -func (s *CreateScimSecurityIntegrationRequest) WithNetworkPolicy(NetworkPolicy *AccountObjectIdentifier) *CreateScimSecurityIntegrationRequest { - s.NetworkPolicy = NetworkPolicy +func (s *CreateScimSecurityIntegrationRequest) WithNetworkPolicy(NetworkPolicy AccountObjectIdentifier) *CreateScimSecurityIntegrationRequest { + s.NetworkPolicy = &NetworkPolicy return s } -func (s *CreateScimSecurityIntegrationRequest) WithSyncPassword(SyncPassword *bool) *CreateScimSecurityIntegrationRequest { - s.SyncPassword = SyncPassword +func (s *CreateScimSecurityIntegrationRequest) WithSyncPassword(SyncPassword bool) *CreateScimSecurityIntegrationRequest { + s.SyncPassword = &SyncPassword return s } -func (s *CreateScimSecurityIntegrationRequest) WithComment(Comment *string) *CreateScimSecurityIntegrationRequest { - s.Comment = Comment +func (s *CreateScimSecurityIntegrationRequest) WithComment(Comment string) *CreateScimSecurityIntegrationRequest { + s.Comment = &Comment return s } -func NewAlterOauthPartnerSecurityIntegrationRequest( +func NewAlterOauthForPartnerApplicationsSecurityIntegrationRequest( name AccountObjectIdentifier, -) *AlterOauthPartnerSecurityIntegrationRequest { - s := AlterOauthPartnerSecurityIntegrationRequest{} +) *AlterOauthForPartnerApplicationsSecurityIntegrationRequest { + s := AlterOauthForPartnerApplicationsSecurityIntegrationRequest{} s.name = name return &s } -func (s *AlterOauthPartnerSecurityIntegrationRequest) WithIfExists(IfExists *bool) *AlterOauthPartnerSecurityIntegrationRequest { - s.IfExists = IfExists +func (s *AlterOauthForPartnerApplicationsSecurityIntegrationRequest) WithIfExists(IfExists bool) *AlterOauthForPartnerApplicationsSecurityIntegrationRequest { + s.IfExists = &IfExists return s } -func (s *AlterOauthPartnerSecurityIntegrationRequest) WithSetTags(SetTags []TagAssociation) *AlterOauthPartnerSecurityIntegrationRequest { +func (s *AlterOauthForPartnerApplicationsSecurityIntegrationRequest) WithSetTags(SetTags []TagAssociation) *AlterOauthForPartnerApplicationsSecurityIntegrationRequest { s.SetTags = SetTags return s } -func (s *AlterOauthPartnerSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectIdentifier) *AlterOauthPartnerSecurityIntegrationRequest { +func (s *AlterOauthForPartnerApplicationsSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectIdentifier) *AlterOauthForPartnerApplicationsSecurityIntegrationRequest { s.UnsetTags = UnsetTags return s } -func (s *AlterOauthPartnerSecurityIntegrationRequest) WithSet(Set *OauthPartnerIntegrationSetRequest) *AlterOauthPartnerSecurityIntegrationRequest { - s.Set = Set +func (s *AlterOauthForPartnerApplicationsSecurityIntegrationRequest) WithSet(Set OauthForPartnerApplicationsIntegrationSetRequest) *AlterOauthForPartnerApplicationsSecurityIntegrationRequest { + s.Set = &Set return s } -func (s *AlterOauthPartnerSecurityIntegrationRequest) WithUnset(Unset *OauthPartnerIntegrationUnsetRequest) *AlterOauthPartnerSecurityIntegrationRequest { - s.Unset = Unset +func (s *AlterOauthForPartnerApplicationsSecurityIntegrationRequest) WithUnset(Unset OauthForPartnerApplicationsIntegrationUnsetRequest) *AlterOauthForPartnerApplicationsSecurityIntegrationRequest { + s.Unset = &Unset return s } -func NewOauthPartnerIntegrationSetRequest() *OauthPartnerIntegrationSetRequest { - return &OauthPartnerIntegrationSetRequest{} +func NewOauthForPartnerApplicationsIntegrationSetRequest() *OauthForPartnerApplicationsIntegrationSetRequest { + return &OauthForPartnerApplicationsIntegrationSetRequest{} } -func (s *OauthPartnerIntegrationSetRequest) WithEnabled(Enabled *bool) *OauthPartnerIntegrationSetRequest { - s.Enabled = Enabled +func (s *OauthForPartnerApplicationsIntegrationSetRequest) WithEnabled(Enabled bool) *OauthForPartnerApplicationsIntegrationSetRequest { + s.Enabled = &Enabled return s } -func (s *OauthPartnerIntegrationSetRequest) WithOauthRedirectUri(OauthRedirectUri *string) *OauthPartnerIntegrationSetRequest { - s.OauthRedirectUri = OauthRedirectUri +func (s *OauthForPartnerApplicationsIntegrationSetRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens bool) *OauthForPartnerApplicationsIntegrationSetRequest { + s.OauthIssueRefreshTokens = &OauthIssueRefreshTokens return s } -func (s *OauthPartnerIntegrationSetRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *OauthPartnerIntegrationSetRequest { - s.OauthIssueRefreshTokens = OauthIssueRefreshTokens +func (s *OauthForPartnerApplicationsIntegrationSetRequest) WithOauthRedirectUri(OauthRedirectUri string) *OauthForPartnerApplicationsIntegrationSetRequest { + s.OauthRedirectUri = &OauthRedirectUri return s } -func (s *OauthPartnerIntegrationSetRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *OauthPartnerIntegrationSetRequest { - s.OauthRefreshTokenValidity = OauthRefreshTokenValidity +func (s *OauthForPartnerApplicationsIntegrationSetRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity int) *OauthForPartnerApplicationsIntegrationSetRequest { + s.OauthRefreshTokenValidity = &OauthRefreshTokenValidity return s } -func (s *OauthPartnerIntegrationSetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *OauthPartnerIntegrationSetRequest { - s.OauthUseSecondaryRoles = OauthUseSecondaryRoles +func (s *OauthForPartnerApplicationsIntegrationSetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles OauthSecurityIntegrationUseSecondaryRolesOption) *OauthForPartnerApplicationsIntegrationSetRequest { + s.OauthUseSecondaryRoles = &OauthUseSecondaryRoles return s } -func (s *OauthPartnerIntegrationSetRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *OauthPartnerIntegrationSetRequest { - s.BlockedRolesList = BlockedRolesList +func (s *OauthForPartnerApplicationsIntegrationSetRequest) WithBlockedRolesList(BlockedRolesList BlockedRolesListRequest) *OauthForPartnerApplicationsIntegrationSetRequest { + s.BlockedRolesList = &BlockedRolesList return s } -func (s *OauthPartnerIntegrationSetRequest) WithComment(Comment *string) *OauthPartnerIntegrationSetRequest { - s.Comment = Comment +func (s *OauthForPartnerApplicationsIntegrationSetRequest) WithComment(Comment string) *OauthForPartnerApplicationsIntegrationSetRequest { + s.Comment = &Comment return s } -func NewOauthPartnerIntegrationUnsetRequest() *OauthPartnerIntegrationUnsetRequest { - return &OauthPartnerIntegrationUnsetRequest{} +func NewOauthForPartnerApplicationsIntegrationUnsetRequest() *OauthForPartnerApplicationsIntegrationUnsetRequest { + return &OauthForPartnerApplicationsIntegrationUnsetRequest{} } -func (s *OauthPartnerIntegrationUnsetRequest) WithEnabled(Enabled *bool) *OauthPartnerIntegrationUnsetRequest { - s.Enabled = Enabled +func (s *OauthForPartnerApplicationsIntegrationUnsetRequest) WithEnabled(Enabled bool) *OauthForPartnerApplicationsIntegrationUnsetRequest { + s.Enabled = &Enabled return s } -func (s *OauthPartnerIntegrationUnsetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *bool) *OauthPartnerIntegrationUnsetRequest { - s.OauthUseSecondaryRoles = OauthUseSecondaryRoles +func (s *OauthForPartnerApplicationsIntegrationUnsetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles bool) *OauthForPartnerApplicationsIntegrationUnsetRequest { + s.OauthUseSecondaryRoles = &OauthUseSecondaryRoles return s } -func NewAlterOauthCustomSecurityIntegrationRequest( +func NewAlterOauthForCustomClientsSecurityIntegrationRequest( name AccountObjectIdentifier, -) *AlterOauthCustomSecurityIntegrationRequest { - s := AlterOauthCustomSecurityIntegrationRequest{} +) *AlterOauthForCustomClientsSecurityIntegrationRequest { + s := AlterOauthForCustomClientsSecurityIntegrationRequest{} s.name = name return &s } -func (s *AlterOauthCustomSecurityIntegrationRequest) WithIfExists(IfExists *bool) *AlterOauthCustomSecurityIntegrationRequest { - s.IfExists = IfExists +func (s *AlterOauthForCustomClientsSecurityIntegrationRequest) WithIfExists(IfExists bool) *AlterOauthForCustomClientsSecurityIntegrationRequest { + s.IfExists = &IfExists return s } -func (s *AlterOauthCustomSecurityIntegrationRequest) WithSetTags(SetTags []TagAssociation) *AlterOauthCustomSecurityIntegrationRequest { +func (s *AlterOauthForCustomClientsSecurityIntegrationRequest) WithSetTags(SetTags []TagAssociation) *AlterOauthForCustomClientsSecurityIntegrationRequest { s.SetTags = SetTags return s } -func (s *AlterOauthCustomSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectIdentifier) *AlterOauthCustomSecurityIntegrationRequest { +func (s *AlterOauthForCustomClientsSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectIdentifier) *AlterOauthForCustomClientsSecurityIntegrationRequest { s.UnsetTags = UnsetTags return s } -func (s *AlterOauthCustomSecurityIntegrationRequest) WithSet(Set *OauthCustomIntegrationSetRequest) *AlterOauthCustomSecurityIntegrationRequest { - s.Set = Set +func (s *AlterOauthForCustomClientsSecurityIntegrationRequest) WithSet(Set OauthForCustomClientsIntegrationSetRequest) *AlterOauthForCustomClientsSecurityIntegrationRequest { + s.Set = &Set return s } -func (s *AlterOauthCustomSecurityIntegrationRequest) WithUnset(Unset *OauthCustomIntegrationUnsetRequest) *AlterOauthCustomSecurityIntegrationRequest { - s.Unset = Unset +func (s *AlterOauthForCustomClientsSecurityIntegrationRequest) WithUnset(Unset OauthForCustomClientsIntegrationUnsetRequest) *AlterOauthForCustomClientsSecurityIntegrationRequest { + s.Unset = &Unset return s } -func NewOauthCustomIntegrationSetRequest() *OauthCustomIntegrationSetRequest { - return &OauthCustomIntegrationSetRequest{} +func NewOauthForCustomClientsIntegrationSetRequest() *OauthForCustomClientsIntegrationSetRequest { + return &OauthForCustomClientsIntegrationSetRequest{} } -func (s *OauthCustomIntegrationSetRequest) WithEnabled(Enabled *bool) *OauthCustomIntegrationSetRequest { - s.Enabled = Enabled +func (s *OauthForCustomClientsIntegrationSetRequest) WithEnabled(Enabled bool) *OauthForCustomClientsIntegrationSetRequest { + s.Enabled = &Enabled return s } -func (s *OauthCustomIntegrationSetRequest) WithOauthRedirectUri(OauthRedirectUri *string) *OauthCustomIntegrationSetRequest { - s.OauthRedirectUri = OauthRedirectUri +func (s *OauthForCustomClientsIntegrationSetRequest) WithOauthRedirectUri(OauthRedirectUri string) *OauthForCustomClientsIntegrationSetRequest { + s.OauthRedirectUri = &OauthRedirectUri return s } -func (s *OauthCustomIntegrationSetRequest) WithOauthAllowNonTlsRedirectUri(OauthAllowNonTlsRedirectUri *bool) *OauthCustomIntegrationSetRequest { - s.OauthAllowNonTlsRedirectUri = OauthAllowNonTlsRedirectUri +func (s *OauthForCustomClientsIntegrationSetRequest) WithOauthAllowNonTlsRedirectUri(OauthAllowNonTlsRedirectUri bool) *OauthForCustomClientsIntegrationSetRequest { + s.OauthAllowNonTlsRedirectUri = &OauthAllowNonTlsRedirectUri return s } -func (s *OauthCustomIntegrationSetRequest) WithOauthEnforcePkce(OauthEnforcePkce *bool) *OauthCustomIntegrationSetRequest { - s.OauthEnforcePkce = OauthEnforcePkce +func (s *OauthForCustomClientsIntegrationSetRequest) WithOauthEnforcePkce(OauthEnforcePkce bool) *OauthForCustomClientsIntegrationSetRequest { + s.OauthEnforcePkce = &OauthEnforcePkce return s } -func (s *OauthCustomIntegrationSetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption) *OauthCustomIntegrationSetRequest { - s.OauthUseSecondaryRoles = OauthUseSecondaryRoles +func (s *OauthForCustomClientsIntegrationSetRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList PreAuthorizedRolesListRequest) *OauthForCustomClientsIntegrationSetRequest { + s.PreAuthorizedRolesList = &PreAuthorizedRolesList return s } -func (s *OauthCustomIntegrationSetRequest) WithPreAuthorizedRolesList(PreAuthorizedRolesList *PreAuthorizedRolesListRequest) *OauthCustomIntegrationSetRequest { - s.PreAuthorizedRolesList = PreAuthorizedRolesList +func (s *OauthForCustomClientsIntegrationSetRequest) WithBlockedRolesList(BlockedRolesList BlockedRolesListRequest) *OauthForCustomClientsIntegrationSetRequest { + s.BlockedRolesList = &BlockedRolesList return s } -func (s *OauthCustomIntegrationSetRequest) WithBlockedRolesList(BlockedRolesList *BlockedRolesListRequest) *OauthCustomIntegrationSetRequest { - s.BlockedRolesList = BlockedRolesList +func (s *OauthForCustomClientsIntegrationSetRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens bool) *OauthForCustomClientsIntegrationSetRequest { + s.OauthIssueRefreshTokens = &OauthIssueRefreshTokens return s } -func (s *OauthCustomIntegrationSetRequest) WithOauthIssueRefreshTokens(OauthIssueRefreshTokens *bool) *OauthCustomIntegrationSetRequest { - s.OauthIssueRefreshTokens = OauthIssueRefreshTokens +func (s *OauthForCustomClientsIntegrationSetRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity int) *OauthForCustomClientsIntegrationSetRequest { + s.OauthRefreshTokenValidity = &OauthRefreshTokenValidity return s } -func (s *OauthCustomIntegrationSetRequest) WithOauthRefreshTokenValidity(OauthRefreshTokenValidity *int) *OauthCustomIntegrationSetRequest { - s.OauthRefreshTokenValidity = OauthRefreshTokenValidity +func (s *OauthForCustomClientsIntegrationSetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles OauthSecurityIntegrationUseSecondaryRolesOption) *OauthForCustomClientsIntegrationSetRequest { + s.OauthUseSecondaryRoles = &OauthUseSecondaryRoles return s } -func (s *OauthCustomIntegrationSetRequest) WithNetworkPolicy(NetworkPolicy *AccountObjectIdentifier) *OauthCustomIntegrationSetRequest { - s.NetworkPolicy = NetworkPolicy +func (s *OauthForCustomClientsIntegrationSetRequest) WithNetworkPolicy(NetworkPolicy AccountObjectIdentifier) *OauthForCustomClientsIntegrationSetRequest { + s.NetworkPolicy = &NetworkPolicy return s } -func (s *OauthCustomIntegrationSetRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *string) *OauthCustomIntegrationSetRequest { - s.OauthClientRsaPublicKey = OauthClientRsaPublicKey +func (s *OauthForCustomClientsIntegrationSetRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey string) *OauthForCustomClientsIntegrationSetRequest { + s.OauthClientRsaPublicKey = &OauthClientRsaPublicKey return s } -func (s *OauthCustomIntegrationSetRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *string) *OauthCustomIntegrationSetRequest { - s.OauthClientRsaPublicKey2 = OauthClientRsaPublicKey2 +func (s *OauthForCustomClientsIntegrationSetRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 string) *OauthForCustomClientsIntegrationSetRequest { + s.OauthClientRsaPublicKey2 = &OauthClientRsaPublicKey2 return s } -func (s *OauthCustomIntegrationSetRequest) WithComment(Comment *string) *OauthCustomIntegrationSetRequest { - s.Comment = Comment +func (s *OauthForCustomClientsIntegrationSetRequest) WithComment(Comment string) *OauthForCustomClientsIntegrationSetRequest { + s.Comment = &Comment return s } -func NewOauthCustomIntegrationUnsetRequest() *OauthCustomIntegrationUnsetRequest { - return &OauthCustomIntegrationUnsetRequest{} +func NewOauthForCustomClientsIntegrationUnsetRequest() *OauthForCustomClientsIntegrationUnsetRequest { + return &OauthForCustomClientsIntegrationUnsetRequest{} } -func (s *OauthCustomIntegrationUnsetRequest) WithEnabled(Enabled *bool) *OauthCustomIntegrationUnsetRequest { - s.Enabled = Enabled +func (s *OauthForCustomClientsIntegrationUnsetRequest) WithEnabled(Enabled bool) *OauthForCustomClientsIntegrationUnsetRequest { + s.Enabled = &Enabled return s } -func (s *OauthCustomIntegrationUnsetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles *bool) *OauthCustomIntegrationUnsetRequest { - s.OauthUseSecondaryRoles = OauthUseSecondaryRoles +func (s *OauthForCustomClientsIntegrationUnsetRequest) WithNetworkPolicy(NetworkPolicy bool) *OauthForCustomClientsIntegrationUnsetRequest { + s.NetworkPolicy = &NetworkPolicy return s } -func (s *OauthCustomIntegrationUnsetRequest) WithNetworkPolicy(NetworkPolicy *bool) *OauthCustomIntegrationUnsetRequest { - s.NetworkPolicy = NetworkPolicy +func (s *OauthForCustomClientsIntegrationUnsetRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey bool) *OauthForCustomClientsIntegrationUnsetRequest { + s.OauthClientRsaPublicKey = &OauthClientRsaPublicKey return s } -func (s *OauthCustomIntegrationUnsetRequest) WithOauthClientRsaPublicKey(OauthClientRsaPublicKey *bool) *OauthCustomIntegrationUnsetRequest { - s.OauthClientRsaPublicKey = OauthClientRsaPublicKey +func (s *OauthForCustomClientsIntegrationUnsetRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 bool) *OauthForCustomClientsIntegrationUnsetRequest { + s.OauthClientRsaPublicKey2 = &OauthClientRsaPublicKey2 return s } -func (s *OauthCustomIntegrationUnsetRequest) WithOauthClientRsaPublicKey2(OauthClientRsaPublicKey2 *bool) *OauthCustomIntegrationUnsetRequest { - s.OauthClientRsaPublicKey2 = OauthClientRsaPublicKey2 +func (s *OauthForCustomClientsIntegrationUnsetRequest) WithOauthUseSecondaryRoles(OauthUseSecondaryRoles bool) *OauthForCustomClientsIntegrationUnsetRequest { + s.OauthUseSecondaryRoles = &OauthUseSecondaryRoles return s } @@ -511,8 +511,8 @@ func NewAlterSaml2SecurityIntegrationRequest( return &s } -func (s *AlterSaml2SecurityIntegrationRequest) WithIfExists(IfExists *bool) *AlterSaml2SecurityIntegrationRequest { - s.IfExists = IfExists +func (s *AlterSaml2SecurityIntegrationRequest) WithIfExists(IfExists bool) *AlterSaml2SecurityIntegrationRequest { + s.IfExists = &IfExists return s } @@ -526,18 +526,18 @@ func (s *AlterSaml2SecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectI return s } -func (s *AlterSaml2SecurityIntegrationRequest) WithSet(Set *Saml2IntegrationSetRequest) *AlterSaml2SecurityIntegrationRequest { - s.Set = Set +func (s *AlterSaml2SecurityIntegrationRequest) WithSet(Set Saml2IntegrationSetRequest) *AlterSaml2SecurityIntegrationRequest { + s.Set = &Set return s } -func (s *AlterSaml2SecurityIntegrationRequest) WithUnset(Unset *Saml2IntegrationUnsetRequest) *AlterSaml2SecurityIntegrationRequest { - s.Unset = Unset +func (s *AlterSaml2SecurityIntegrationRequest) WithUnset(Unset Saml2IntegrationUnsetRequest) *AlterSaml2SecurityIntegrationRequest { + s.Unset = &Unset return s } -func (s *AlterSaml2SecurityIntegrationRequest) WithRefreshSaml2SnowflakePrivateKey(RefreshSaml2SnowflakePrivateKey *bool) *AlterSaml2SecurityIntegrationRequest { - s.RefreshSaml2SnowflakePrivateKey = RefreshSaml2SnowflakePrivateKey +func (s *AlterSaml2SecurityIntegrationRequest) WithRefreshSaml2SnowflakePrivateKey(RefreshSaml2SnowflakePrivateKey bool) *AlterSaml2SecurityIntegrationRequest { + s.RefreshSaml2SnowflakePrivateKey = &RefreshSaml2SnowflakePrivateKey return s } @@ -545,28 +545,28 @@ func NewSaml2IntegrationSetRequest() *Saml2IntegrationSetRequest { return &Saml2IntegrationSetRequest{} } -func (s *Saml2IntegrationSetRequest) WithEnabled(Enabled *bool) *Saml2IntegrationSetRequest { - s.Enabled = Enabled +func (s *Saml2IntegrationSetRequest) WithEnabled(Enabled bool) *Saml2IntegrationSetRequest { + s.Enabled = &Enabled return s } -func (s *Saml2IntegrationSetRequest) WithSaml2Issuer(Saml2Issuer *string) *Saml2IntegrationSetRequest { - s.Saml2Issuer = Saml2Issuer +func (s *Saml2IntegrationSetRequest) WithSaml2Issuer(Saml2Issuer string) *Saml2IntegrationSetRequest { + s.Saml2Issuer = &Saml2Issuer return s } -func (s *Saml2IntegrationSetRequest) WithSaml2SsoUrl(Saml2SsoUrl *string) *Saml2IntegrationSetRequest { - s.Saml2SsoUrl = Saml2SsoUrl +func (s *Saml2IntegrationSetRequest) WithSaml2SsoUrl(Saml2SsoUrl string) *Saml2IntegrationSetRequest { + s.Saml2SsoUrl = &Saml2SsoUrl return s } -func (s *Saml2IntegrationSetRequest) WithSaml2Provider(Saml2Provider *string) *Saml2IntegrationSetRequest { - s.Saml2Provider = Saml2Provider +func (s *Saml2IntegrationSetRequest) WithSaml2Provider(Saml2Provider string) *Saml2IntegrationSetRequest { + s.Saml2Provider = &Saml2Provider return s } -func (s *Saml2IntegrationSetRequest) WithSaml2X509Cert(Saml2X509Cert *string) *Saml2IntegrationSetRequest { - s.Saml2X509Cert = Saml2X509Cert +func (s *Saml2IntegrationSetRequest) WithSaml2X509Cert(Saml2X509Cert string) *Saml2IntegrationSetRequest { + s.Saml2X509Cert = &Saml2X509Cert return s } @@ -580,53 +580,53 @@ func (s *Saml2IntegrationSetRequest) WithAllowedEmailPatterns(AllowedEmailPatter return s } -func (s *Saml2IntegrationSetRequest) WithSaml2SpInitiatedLoginPageLabel(Saml2SpInitiatedLoginPageLabel *string) *Saml2IntegrationSetRequest { - s.Saml2SpInitiatedLoginPageLabel = Saml2SpInitiatedLoginPageLabel +func (s *Saml2IntegrationSetRequest) WithSaml2SpInitiatedLoginPageLabel(Saml2SpInitiatedLoginPageLabel string) *Saml2IntegrationSetRequest { + s.Saml2SpInitiatedLoginPageLabel = &Saml2SpInitiatedLoginPageLabel return s } -func (s *Saml2IntegrationSetRequest) WithSaml2EnableSpInitiated(Saml2EnableSpInitiated *bool) *Saml2IntegrationSetRequest { - s.Saml2EnableSpInitiated = Saml2EnableSpInitiated +func (s *Saml2IntegrationSetRequest) WithSaml2EnableSpInitiated(Saml2EnableSpInitiated bool) *Saml2IntegrationSetRequest { + s.Saml2EnableSpInitiated = &Saml2EnableSpInitiated return s } -func (s *Saml2IntegrationSetRequest) WithSaml2SnowflakeX509Cert(Saml2SnowflakeX509Cert *string) *Saml2IntegrationSetRequest { - s.Saml2SnowflakeX509Cert = Saml2SnowflakeX509Cert +func (s *Saml2IntegrationSetRequest) WithSaml2SnowflakeX509Cert(Saml2SnowflakeX509Cert string) *Saml2IntegrationSetRequest { + s.Saml2SnowflakeX509Cert = &Saml2SnowflakeX509Cert return s } -func (s *Saml2IntegrationSetRequest) WithSaml2SignRequest(Saml2SignRequest *bool) *Saml2IntegrationSetRequest { - s.Saml2SignRequest = Saml2SignRequest +func (s *Saml2IntegrationSetRequest) WithSaml2SignRequest(Saml2SignRequest bool) *Saml2IntegrationSetRequest { + s.Saml2SignRequest = &Saml2SignRequest return s } -func (s *Saml2IntegrationSetRequest) WithSaml2RequestedNameidFormat(Saml2RequestedNameidFormat *string) *Saml2IntegrationSetRequest { - s.Saml2RequestedNameidFormat = Saml2RequestedNameidFormat +func (s *Saml2IntegrationSetRequest) WithSaml2RequestedNameidFormat(Saml2RequestedNameidFormat string) *Saml2IntegrationSetRequest { + s.Saml2RequestedNameidFormat = &Saml2RequestedNameidFormat return s } -func (s *Saml2IntegrationSetRequest) WithSaml2PostLogoutRedirectUrl(Saml2PostLogoutRedirectUrl *string) *Saml2IntegrationSetRequest { - s.Saml2PostLogoutRedirectUrl = Saml2PostLogoutRedirectUrl +func (s *Saml2IntegrationSetRequest) WithSaml2PostLogoutRedirectUrl(Saml2PostLogoutRedirectUrl string) *Saml2IntegrationSetRequest { + s.Saml2PostLogoutRedirectUrl = &Saml2PostLogoutRedirectUrl return s } -func (s *Saml2IntegrationSetRequest) WithSaml2ForceAuthn(Saml2ForceAuthn *bool) *Saml2IntegrationSetRequest { - s.Saml2ForceAuthn = Saml2ForceAuthn +func (s *Saml2IntegrationSetRequest) WithSaml2ForceAuthn(Saml2ForceAuthn bool) *Saml2IntegrationSetRequest { + s.Saml2ForceAuthn = &Saml2ForceAuthn return s } -func (s *Saml2IntegrationSetRequest) WithSaml2SnowflakeIssuerUrl(Saml2SnowflakeIssuerUrl *string) *Saml2IntegrationSetRequest { - s.Saml2SnowflakeIssuerUrl = Saml2SnowflakeIssuerUrl +func (s *Saml2IntegrationSetRequest) WithSaml2SnowflakeIssuerUrl(Saml2SnowflakeIssuerUrl string) *Saml2IntegrationSetRequest { + s.Saml2SnowflakeIssuerUrl = &Saml2SnowflakeIssuerUrl return s } -func (s *Saml2IntegrationSetRequest) WithSaml2SnowflakeAcsUrl(Saml2SnowflakeAcsUrl *string) *Saml2IntegrationSetRequest { - s.Saml2SnowflakeAcsUrl = Saml2SnowflakeAcsUrl +func (s *Saml2IntegrationSetRequest) WithSaml2SnowflakeAcsUrl(Saml2SnowflakeAcsUrl string) *Saml2IntegrationSetRequest { + s.Saml2SnowflakeAcsUrl = &Saml2SnowflakeAcsUrl return s } -func (s *Saml2IntegrationSetRequest) WithComment(Comment *string) *Saml2IntegrationSetRequest { - s.Comment = Comment +func (s *Saml2IntegrationSetRequest) WithComment(Comment string) *Saml2IntegrationSetRequest { + s.Comment = &Comment return s } @@ -634,23 +634,23 @@ func NewSaml2IntegrationUnsetRequest() *Saml2IntegrationUnsetRequest { return &Saml2IntegrationUnsetRequest{} } -func (s *Saml2IntegrationUnsetRequest) WithSaml2ForceAuthn(Saml2ForceAuthn *bool) *Saml2IntegrationUnsetRequest { - s.Saml2ForceAuthn = Saml2ForceAuthn +func (s *Saml2IntegrationUnsetRequest) WithSaml2ForceAuthn(Saml2ForceAuthn bool) *Saml2IntegrationUnsetRequest { + s.Saml2ForceAuthn = &Saml2ForceAuthn return s } -func (s *Saml2IntegrationUnsetRequest) WithSaml2RequestedNameidFormat(Saml2RequestedNameidFormat *bool) *Saml2IntegrationUnsetRequest { - s.Saml2RequestedNameidFormat = Saml2RequestedNameidFormat +func (s *Saml2IntegrationUnsetRequest) WithSaml2RequestedNameidFormat(Saml2RequestedNameidFormat bool) *Saml2IntegrationUnsetRequest { + s.Saml2RequestedNameidFormat = &Saml2RequestedNameidFormat return s } -func (s *Saml2IntegrationUnsetRequest) WithSaml2PostLogoutRedirectUrl(Saml2PostLogoutRedirectUrl *bool) *Saml2IntegrationUnsetRequest { - s.Saml2PostLogoutRedirectUrl = Saml2PostLogoutRedirectUrl +func (s *Saml2IntegrationUnsetRequest) WithSaml2PostLogoutRedirectUrl(Saml2PostLogoutRedirectUrl bool) *Saml2IntegrationUnsetRequest { + s.Saml2PostLogoutRedirectUrl = &Saml2PostLogoutRedirectUrl return s } -func (s *Saml2IntegrationUnsetRequest) WithComment(Comment *bool) *Saml2IntegrationUnsetRequest { - s.Comment = Comment +func (s *Saml2IntegrationUnsetRequest) WithComment(Comment bool) *Saml2IntegrationUnsetRequest { + s.Comment = &Comment return s } @@ -662,8 +662,8 @@ func NewAlterScimSecurityIntegrationRequest( return &s } -func (s *AlterScimSecurityIntegrationRequest) WithIfExists(IfExists *bool) *AlterScimSecurityIntegrationRequest { - s.IfExists = IfExists +func (s *AlterScimSecurityIntegrationRequest) WithIfExists(IfExists bool) *AlterScimSecurityIntegrationRequest { + s.IfExists = &IfExists return s } @@ -677,13 +677,13 @@ func (s *AlterScimSecurityIntegrationRequest) WithUnsetTags(UnsetTags []ObjectId return s } -func (s *AlterScimSecurityIntegrationRequest) WithSet(Set *ScimIntegrationSetRequest) *AlterScimSecurityIntegrationRequest { - s.Set = Set +func (s *AlterScimSecurityIntegrationRequest) WithSet(Set ScimIntegrationSetRequest) *AlterScimSecurityIntegrationRequest { + s.Set = &Set return s } -func (s *AlterScimSecurityIntegrationRequest) WithUnset(Unset *ScimIntegrationUnsetRequest) *AlterScimSecurityIntegrationRequest { - s.Unset = Unset +func (s *AlterScimSecurityIntegrationRequest) WithUnset(Unset ScimIntegrationUnsetRequest) *AlterScimSecurityIntegrationRequest { + s.Unset = &Unset return s } @@ -691,23 +691,23 @@ func NewScimIntegrationSetRequest() *ScimIntegrationSetRequest { return &ScimIntegrationSetRequest{} } -func (s *ScimIntegrationSetRequest) WithEnabled(Enabled *bool) *ScimIntegrationSetRequest { - s.Enabled = Enabled +func (s *ScimIntegrationSetRequest) WithEnabled(Enabled bool) *ScimIntegrationSetRequest { + s.Enabled = &Enabled return s } -func (s *ScimIntegrationSetRequest) WithNetworkPolicy(NetworkPolicy *AccountObjectIdentifier) *ScimIntegrationSetRequest { - s.NetworkPolicy = NetworkPolicy +func (s *ScimIntegrationSetRequest) WithNetworkPolicy(NetworkPolicy AccountObjectIdentifier) *ScimIntegrationSetRequest { + s.NetworkPolicy = &NetworkPolicy return s } -func (s *ScimIntegrationSetRequest) WithSyncPassword(SyncPassword *bool) *ScimIntegrationSetRequest { - s.SyncPassword = SyncPassword +func (s *ScimIntegrationSetRequest) WithSyncPassword(SyncPassword bool) *ScimIntegrationSetRequest { + s.SyncPassword = &SyncPassword return s } -func (s *ScimIntegrationSetRequest) WithComment(Comment *string) *ScimIntegrationSetRequest { - s.Comment = Comment +func (s *ScimIntegrationSetRequest) WithComment(Comment string) *ScimIntegrationSetRequest { + s.Comment = &Comment return s } @@ -715,23 +715,23 @@ func NewScimIntegrationUnsetRequest() *ScimIntegrationUnsetRequest { return &ScimIntegrationUnsetRequest{} } -func (s *ScimIntegrationUnsetRequest) WithEnabled(Enabled *bool) *ScimIntegrationUnsetRequest { - s.Enabled = Enabled +func (s *ScimIntegrationUnsetRequest) WithEnabled(Enabled bool) *ScimIntegrationUnsetRequest { + s.Enabled = &Enabled return s } -func (s *ScimIntegrationUnsetRequest) WithNetworkPolicy(NetworkPolicy *bool) *ScimIntegrationUnsetRequest { - s.NetworkPolicy = NetworkPolicy +func (s *ScimIntegrationUnsetRequest) WithNetworkPolicy(NetworkPolicy bool) *ScimIntegrationUnsetRequest { + s.NetworkPolicy = &NetworkPolicy return s } -func (s *ScimIntegrationUnsetRequest) WithSyncPassword(SyncPassword *bool) *ScimIntegrationUnsetRequest { - s.SyncPassword = SyncPassword +func (s *ScimIntegrationUnsetRequest) WithSyncPassword(SyncPassword bool) *ScimIntegrationUnsetRequest { + s.SyncPassword = &SyncPassword return s } -func (s *ScimIntegrationUnsetRequest) WithComment(Comment *bool) *ScimIntegrationUnsetRequest { - s.Comment = Comment +func (s *ScimIntegrationUnsetRequest) WithComment(Comment bool) *ScimIntegrationUnsetRequest { + s.Comment = &Comment return s } @@ -743,8 +743,8 @@ func NewDropSecurityIntegrationRequest( return &s } -func (s *DropSecurityIntegrationRequest) WithIfExists(IfExists *bool) *DropSecurityIntegrationRequest { - s.IfExists = IfExists +func (s *DropSecurityIntegrationRequest) WithIfExists(IfExists bool) *DropSecurityIntegrationRequest { + s.IfExists = &IfExists return s } @@ -760,7 +760,7 @@ func NewShowSecurityIntegrationRequest() *ShowSecurityIntegrationRequest { return &ShowSecurityIntegrationRequest{} } -func (s *ShowSecurityIntegrationRequest) WithLike(Like *Like) *ShowSecurityIntegrationRequest { - s.Like = Like +func (s *ShowSecurityIntegrationRequest) WithLike(Like Like) *ShowSecurityIntegrationRequest { + s.Like = &Like return s } diff --git a/pkg/sdk/security_integrations_dto_gen.go b/pkg/sdk/security_integrations_dto_gen.go index c177fd6c47..7d119a3c10 100644 --- a/pkg/sdk/security_integrations_dto_gen.go +++ b/pkg/sdk/security_integrations_dto_gen.go @@ -3,20 +3,20 @@ package sdk //go:generate go run ./dto-builder-generator/main.go var ( - _ optionsProvider[CreateOauthPartnerSecurityIntegrationOptions] = new(CreateOauthPartnerSecurityIntegrationRequest) - _ optionsProvider[CreateOauthCustomSecurityIntegrationOptions] = new(CreateOauthCustomSecurityIntegrationRequest) - _ optionsProvider[CreateSaml2SecurityIntegrationOptions] = new(CreateSaml2SecurityIntegrationRequest) - _ optionsProvider[CreateScimSecurityIntegrationOptions] = new(CreateScimSecurityIntegrationRequest) - _ optionsProvider[AlterOauthPartnerSecurityIntegrationOptions] = new(AlterOauthPartnerSecurityIntegrationRequest) - _ optionsProvider[AlterOauthCustomSecurityIntegrationOptions] = new(AlterOauthCustomSecurityIntegrationRequest) - _ optionsProvider[AlterSaml2SecurityIntegrationOptions] = new(AlterSaml2SecurityIntegrationRequest) - _ optionsProvider[AlterScimSecurityIntegrationOptions] = new(AlterScimSecurityIntegrationRequest) - _ optionsProvider[DropSecurityIntegrationOptions] = new(DropSecurityIntegrationRequest) - _ optionsProvider[DescribeSecurityIntegrationOptions] = new(DescribeSecurityIntegrationRequest) - _ optionsProvider[ShowSecurityIntegrationOptions] = new(ShowSecurityIntegrationRequest) + _ optionsProvider[CreateOauthForPartnerApplicationsSecurityIntegrationOptions] = new(CreateOauthForPartnerApplicationsSecurityIntegrationRequest) + _ optionsProvider[CreateOauthForCustomClientsSecurityIntegrationOptions] = new(CreateOauthForCustomClientsSecurityIntegrationRequest) + _ optionsProvider[CreateSaml2SecurityIntegrationOptions] = new(CreateSaml2SecurityIntegrationRequest) + _ optionsProvider[CreateScimSecurityIntegrationOptions] = new(CreateScimSecurityIntegrationRequest) + _ optionsProvider[AlterOauthForPartnerApplicationsSecurityIntegrationOptions] = new(AlterOauthForPartnerApplicationsSecurityIntegrationRequest) + _ optionsProvider[AlterOauthForCustomClientsSecurityIntegrationOptions] = new(AlterOauthForCustomClientsSecurityIntegrationRequest) + _ optionsProvider[AlterSaml2SecurityIntegrationOptions] = new(AlterSaml2SecurityIntegrationRequest) + _ optionsProvider[AlterScimSecurityIntegrationOptions] = new(AlterScimSecurityIntegrationRequest) + _ optionsProvider[DropSecurityIntegrationOptions] = new(DropSecurityIntegrationRequest) + _ optionsProvider[DescribeSecurityIntegrationOptions] = new(DescribeSecurityIntegrationRequest) + _ optionsProvider[ShowSecurityIntegrationOptions] = new(ShowSecurityIntegrationRequest) ) -type CreateOauthPartnerSecurityIntegrationRequest struct { +type CreateOauthForPartnerApplicationsSecurityIntegrationRequest struct { OrReplace *bool IfNotExists *bool name AccountObjectIdentifier // required @@ -30,7 +30,7 @@ type CreateOauthPartnerSecurityIntegrationRequest struct { Comment *string } -func (r *CreateOauthPartnerSecurityIntegrationRequest) GetName() AccountObjectIdentifier { +func (r *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) GetName() AccountObjectIdentifier { return r.name } @@ -38,7 +38,7 @@ type BlockedRolesListRequest struct { BlockedRolesList []AccountObjectIdentifier } -type CreateOauthCustomSecurityIntegrationRequest struct { +type CreateOauthForCustomClientsSecurityIntegrationRequest struct { OrReplace *bool IfNotExists *bool name AccountObjectIdentifier // required @@ -58,7 +58,7 @@ type CreateOauthCustomSecurityIntegrationRequest struct { Comment *string } -func (r *CreateOauthCustomSecurityIntegrationRequest) GetName() AccountObjectIdentifier { +func (r *CreateOauthForCustomClientsSecurityIntegrationRequest) GetName() AccountObjectIdentifier { return r.name } @@ -109,59 +109,59 @@ func (r *CreateScimSecurityIntegrationRequest) GetName() AccountObjectIdentifier return r.name } -type AlterOauthPartnerSecurityIntegrationRequest struct { +type AlterOauthForPartnerApplicationsSecurityIntegrationRequest struct { IfExists *bool name AccountObjectIdentifier // required SetTags []TagAssociation UnsetTags []ObjectIdentifier - Set *OauthPartnerIntegrationSetRequest - Unset *OauthPartnerIntegrationUnsetRequest + Set *OauthForPartnerApplicationsIntegrationSetRequest + Unset *OauthForPartnerApplicationsIntegrationUnsetRequest } -type OauthPartnerIntegrationSetRequest struct { +type OauthForPartnerApplicationsIntegrationSetRequest struct { Enabled *bool - OauthRedirectUri *string OauthIssueRefreshTokens *bool + OauthRedirectUri *string OauthRefreshTokenValidity *int OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption BlockedRolesList *BlockedRolesListRequest Comment *string } -type OauthPartnerIntegrationUnsetRequest struct { +type OauthForPartnerApplicationsIntegrationUnsetRequest struct { Enabled *bool OauthUseSecondaryRoles *bool } -type AlterOauthCustomSecurityIntegrationRequest struct { +type AlterOauthForCustomClientsSecurityIntegrationRequest struct { IfExists *bool name AccountObjectIdentifier // required SetTags []TagAssociation UnsetTags []ObjectIdentifier - Set *OauthCustomIntegrationSetRequest - Unset *OauthCustomIntegrationUnsetRequest + Set *OauthForCustomClientsIntegrationSetRequest + Unset *OauthForCustomClientsIntegrationUnsetRequest } -type OauthCustomIntegrationSetRequest struct { +type OauthForCustomClientsIntegrationSetRequest struct { Enabled *bool OauthRedirectUri *string OauthAllowNonTlsRedirectUri *bool OauthEnforcePkce *bool - OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption PreAuthorizedRolesList *PreAuthorizedRolesListRequest BlockedRolesList *BlockedRolesListRequest OauthIssueRefreshTokens *bool OauthRefreshTokenValidity *int + OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption NetworkPolicy *AccountObjectIdentifier OauthClientRsaPublicKey *string OauthClientRsaPublicKey2 *string Comment *string } -type OauthCustomIntegrationUnsetRequest struct { +type OauthForCustomClientsIntegrationUnsetRequest struct { Enabled *bool - OauthUseSecondaryRoles *bool NetworkPolicy *bool + OauthUseSecondaryRoles *bool OauthClientRsaPublicKey *bool OauthClientRsaPublicKey2 *bool } diff --git a/pkg/sdk/security_integrations_gen.go b/pkg/sdk/security_integrations_gen.go index fda4a3be15..0bbc0017d8 100644 --- a/pkg/sdk/security_integrations_gen.go +++ b/pkg/sdk/security_integrations_gen.go @@ -7,12 +7,12 @@ import ( ) type SecurityIntegrations interface { - CreateOauthPartner(ctx context.Context, request *CreateOauthPartnerSecurityIntegrationRequest) error - CreateOauthCustom(ctx context.Context, request *CreateOauthCustomSecurityIntegrationRequest) error + CreateOauthForPartnerApplications(ctx context.Context, request *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) error + CreateOauthForCustomClients(ctx context.Context, request *CreateOauthForCustomClientsSecurityIntegrationRequest) error CreateSaml2(ctx context.Context, request *CreateSaml2SecurityIntegrationRequest) error CreateScim(ctx context.Context, request *CreateScimSecurityIntegrationRequest) error - AlterOauthPartner(ctx context.Context, request *AlterOauthPartnerSecurityIntegrationRequest) error - AlterOauthCustom(ctx context.Context, request *AlterOauthCustomSecurityIntegrationRequest) error + AlterOauthForPartnerApplications(ctx context.Context, request *AlterOauthForPartnerApplicationsSecurityIntegrationRequest) error + AlterOauthForCustomClients(ctx context.Context, request *AlterOauthForCustomClientsSecurityIntegrationRequest) error AlterSaml2(ctx context.Context, request *AlterSaml2SecurityIntegrationRequest) error AlterScim(ctx context.Context, request *AlterScimSecurityIntegrationRequest) error Drop(ctx context.Context, request *DropSecurityIntegrationRequest) error @@ -21,8 +21,8 @@ type SecurityIntegrations interface { ShowByID(ctx context.Context, id AccountObjectIdentifier) (*SecurityIntegration, error) } -// CreateOauthPartnerSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake. -type CreateOauthPartnerSecurityIntegrationOptions struct { +// CreateOauthForPartnerApplicationsSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake. +type CreateOauthForPartnerApplicationsSecurityIntegrationOptions struct { create bool `ddl:"static" sql:"CREATE"` OrReplace *bool `ddl:"keyword" sql:"OR REPLACE"` securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` @@ -47,8 +47,8 @@ type BlockedRolesList struct { BlockedRolesList []AccountObjectIdentifier `ddl:"list,must_parentheses"` } -// CreateOauthCustomSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake. -type CreateOauthCustomSecurityIntegrationOptions struct { +// CreateOauthForCustomClientsSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/create-security-integration-oauth-snowflake. +type CreateOauthForCustomClientsSecurityIntegrationOptions struct { create bool `ddl:"static" sql:"CREATE"` OrReplace *bool `ddl:"keyword" sql:"OR REPLACE"` securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` @@ -123,67 +123,67 @@ type CreateScimSecurityIntegrationOptions struct { Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` } -// AlterOauthPartnerSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. -type AlterOauthPartnerSecurityIntegrationOptions struct { - alter bool `ddl:"static" sql:"ALTER"` - securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` - IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` - name AccountObjectIdentifier `ddl:"identifier"` - SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` - UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` - Set *OauthPartnerIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` - Unset *OauthPartnerIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` +// AlterOauthForPartnerApplicationsSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. +type AlterOauthForPartnerApplicationsSecurityIntegrationOptions struct { + alter bool `ddl:"static" sql:"ALTER"` + securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` + IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` + name AccountObjectIdentifier `ddl:"identifier"` + SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` + UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` + Set *OauthForPartnerApplicationsIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` + Unset *OauthForPartnerApplicationsIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` } -type OauthPartnerIntegrationSet struct { +type OauthForPartnerApplicationsIntegrationSet struct { Enabled *bool `ddl:"parameter" sql:"ENABLED"` - OauthRedirectUri *string `ddl:"parameter,single_quotes" sql:"OAUTH_REDIRECT_URI"` OauthIssueRefreshTokens *bool `ddl:"parameter" sql:"OAUTH_ISSUE_REFRESH_TOKENS"` + OauthRedirectUri *string `ddl:"parameter,single_quotes" sql:"OAUTH_REDIRECT_URI"` OauthRefreshTokenValidity *int `ddl:"parameter" sql:"OAUTH_REFRESH_TOKEN_VALIDITY"` OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption `ddl:"parameter" sql:"OAUTH_USE_SECONDARY_ROLES"` BlockedRolesList *BlockedRolesList `ddl:"parameter,parentheses" sql:"BLOCKED_ROLES_LIST"` Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` } -type OauthPartnerIntegrationUnset struct { +type OauthForPartnerApplicationsIntegrationUnset struct { Enabled *bool `ddl:"keyword" sql:"ENABLED"` OauthUseSecondaryRoles *bool `ddl:"keyword" sql:"OAUTH_USE_SECONDARY_ROLES"` } -// AlterOauthCustomSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. -type AlterOauthCustomSecurityIntegrationOptions struct { - alter bool `ddl:"static" sql:"ALTER"` - securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` - IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` - name AccountObjectIdentifier `ddl:"identifier"` - SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` - UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` - Set *OauthCustomIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` - Unset *OauthCustomIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` +// AlterOauthForCustomClientsSecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-oauth-snowflake. +type AlterOauthForCustomClientsSecurityIntegrationOptions struct { + alter bool `ddl:"static" sql:"ALTER"` + securityIntegration bool `ddl:"static" sql:"SECURITY INTEGRATION"` + IfExists *bool `ddl:"keyword" sql:"IF EXISTS"` + name AccountObjectIdentifier `ddl:"identifier"` + SetTags []TagAssociation `ddl:"keyword" sql:"SET TAG"` + UnsetTags []ObjectIdentifier `ddl:"keyword" sql:"UNSET TAG"` + Set *OauthForCustomClientsIntegrationSet `ddl:"list,no_parentheses" sql:"SET"` + Unset *OauthForCustomClientsIntegrationUnset `ddl:"list,no_parentheses" sql:"UNSET"` } -type OauthCustomIntegrationSet struct { +type OauthForCustomClientsIntegrationSet struct { Enabled *bool `ddl:"parameter" sql:"ENABLED"` OauthRedirectUri *string `ddl:"parameter,single_quotes" sql:"OAUTH_REDIRECT_URI"` OauthAllowNonTlsRedirectUri *bool `ddl:"parameter" sql:"OAUTH_ALLOW_NON_TLS_REDIRECT_URI"` OauthEnforcePkce *bool `ddl:"parameter" sql:"OAUTH_ENFORCE_PKCE"` - OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption `ddl:"parameter" sql:"OAUTH_USE_SECONDARY_ROLES"` PreAuthorizedRolesList *PreAuthorizedRolesList `ddl:"parameter,parentheses" sql:"PRE_AUTHORIZED_ROLES_LIST"` BlockedRolesList *BlockedRolesList `ddl:"parameter,parentheses" sql:"BLOCKED_ROLES_LIST"` OauthIssueRefreshTokens *bool `ddl:"parameter" sql:"OAUTH_ISSUE_REFRESH_TOKENS"` OauthRefreshTokenValidity *int `ddl:"parameter" sql:"OAUTH_REFRESH_TOKEN_VALIDITY"` + OauthUseSecondaryRoles *OauthSecurityIntegrationUseSecondaryRolesOption `ddl:"parameter" sql:"OAUTH_USE_SECONDARY_ROLES"` NetworkPolicy *AccountObjectIdentifier `ddl:"identifier,equals" sql:"NETWORK_POLICY"` OauthClientRsaPublicKey *string `ddl:"parameter,single_quotes" sql:"OAUTH_CLIENT_RSA_PUBLIC_KEY"` OauthClientRsaPublicKey2 *string `ddl:"parameter,single_quotes" sql:"OAUTH_CLIENT_RSA_PUBLIC_KEY_2"` Comment *string `ddl:"parameter,single_quotes" sql:"COMMENT"` } -type OauthCustomIntegrationUnset struct { +type OauthForCustomClientsIntegrationUnset struct { Enabled *bool `ddl:"keyword" sql:"ENABLED"` - OauthUseSecondaryRoles *bool `ddl:"keyword" sql:"OAUTH_USE_SECONDARY_ROLES"` NetworkPolicy *bool `ddl:"keyword" sql:"NETWORK_POLICY"` OauthClientRsaPublicKey *bool `ddl:"keyword" sql:"OAUTH_CLIENT_RSA_PUBLIC_KEY"` OauthClientRsaPublicKey2 *bool `ddl:"keyword" sql:"OAUTH_CLIENT_RSA_PUBLIC_KEY_2"` + OauthUseSecondaryRoles *bool `ddl:"keyword" sql:"OAUTH_USE_SECONDARY_ROLES"` } // AlterSaml2SecurityIntegrationOptions is based on https://docs.snowflake.com/en/sql-reference/sql/alter-security-integration-saml2. diff --git a/pkg/sdk/security_integrations_gen_test.go b/pkg/sdk/security_integrations_gen_test.go index b4d1229591..d22e3c5234 100644 --- a/pkg/sdk/security_integrations_gen_test.go +++ b/pkg/sdk/security_integrations_gen_test.go @@ -7,9 +7,9 @@ import ( func TestSecurityIntegrations_CreateOauthCustom(t *testing.T) { id := randomAccountObjectIdentifier() - // Minimal valid CreateOauthCustomSecurityIntegrationOptions - defaultOpts := func() *CreateOauthCustomSecurityIntegrationOptions { - return &CreateOauthCustomSecurityIntegrationOptions{ + // Minimal valid CreateOauthForCustomClientsSecurityIntegrationOptions + defaultOpts := func() *CreateOauthForCustomClientsSecurityIntegrationOptions { + return &CreateOauthForCustomClientsSecurityIntegrationOptions{ name: id, OauthClientType: OauthSecurityIntegrationClientTypePublic, OauthRedirectUri: "uri", @@ -17,7 +17,7 @@ func TestSecurityIntegrations_CreateOauthCustom(t *testing.T) { } t.Run("validation: nil options", func(t *testing.T) { - var opts *CreateOauthPartnerSecurityIntegrationOptions = nil + var opts *CreateOauthForCustomClientsSecurityIntegrationOptions = nil assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) }) @@ -25,7 +25,7 @@ func TestSecurityIntegrations_CreateOauthCustom(t *testing.T) { opts := defaultOpts() opts.OrReplace = Bool(true) opts.IfNotExists = Bool(true) - assertOptsInvalidJoinedErrors(t, opts, errOneOf("CreateOauthCustomSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + assertOptsInvalidJoinedErrors(t, opts, errOneOf("CreateOauthForCustomClientsSecurityIntegrationOptions", "OrReplace", "IfNotExists")) }) t.Run("basic", func(t *testing.T) { @@ -62,16 +62,16 @@ func TestSecurityIntegrations_CreateOauthCustom(t *testing.T) { func TestSecurityIntegrations_CreateOauthPartner(t *testing.T) { id := randomAccountObjectIdentifier() - // Minimal valid CreateOauthPartnerSecurityIntegrationOptions - defaultOpts := func() *CreateOauthPartnerSecurityIntegrationOptions { - return &CreateOauthPartnerSecurityIntegrationOptions{ + // Minimal valid CreateOauthForPartnerApplicationsSecurityIntegrationOptions + defaultOpts := func() *CreateOauthForPartnerApplicationsSecurityIntegrationOptions { + return &CreateOauthForPartnerApplicationsSecurityIntegrationOptions{ name: id, - OauthClient: "LOOKER", + OauthClient: OauthSecurityIntegrationClientTableauDesktop, } } t.Run("validation: nil options", func(t *testing.T) { - var opts *CreateOauthPartnerSecurityIntegrationOptions = nil + var opts *CreateOauthForPartnerApplicationsSecurityIntegrationOptions = nil assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) }) @@ -79,20 +79,28 @@ func TestSecurityIntegrations_CreateOauthPartner(t *testing.T) { opts := defaultOpts() opts.OrReplace = Bool(true) opts.IfNotExists = Bool(true) - assertOptsInvalidJoinedErrors(t, opts, errOneOf("CreateOauthPartnerSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + assertOptsInvalidJoinedErrors(t, opts, errOneOf("CreateOauthForPartnerApplicationsSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + }) + + t.Run("validation: OAUTH_REDIRECT_URI is required when OAUTH_CLIENT=LOOKER", func(t *testing.T) { + opts := &CreateOauthForPartnerApplicationsSecurityIntegrationOptions{ + name: id, + OauthClient: OauthSecurityIntegrationClientLooker, + } + assertOptsInvalidJoinedErrors(t, opts, NewError("OauthRedirectUri is required when OauthClient is LOOKER")) }) t.Run("basic", func(t *testing.T) { opts := defaultOpts() opts.OrReplace = Bool(true) - assertOptsValidAndSQLEquals(t, opts, "CREATE OR REPLACE SECURITY INTEGRATION %s TYPE = OAUTH OAUTH_CLIENT = LOOKER", id.FullyQualifiedName()) + assertOptsValidAndSQLEquals(t, opts, "CREATE OR REPLACE SECURITY INTEGRATION %s TYPE = OAUTH OAUTH_CLIENT = TABLEAU_DESKTOP", id.FullyQualifiedName()) }) t.Run("all options", func(t *testing.T) { opts := defaultOpts() blockedRoleID := randomAccountObjectIdentifier() opts.IfNotExists = Bool(true) - opts.OauthClient = "LOOKER" + opts.OauthClient = OauthSecurityIntegrationClientLooker opts.OauthRedirectUri = Pointer("uri") opts.Enabled = Pointer(true) opts.OauthIssueRefreshTokens = Pointer(true) @@ -207,21 +215,21 @@ func TestSecurityIntegrations_CreateScim(t *testing.T) { func TestSecurityIntegrations_AlterOauthPartner(t *testing.T) { id := randomAccountObjectIdentifier() - // Minimal valid AlterOauthPartnerSecurityIntegrationOptions - defaultOpts := func() *AlterOauthPartnerSecurityIntegrationOptions { - return &AlterOauthPartnerSecurityIntegrationOptions{ + // Minimal valid AlterOauthForPartnerApplicationsSecurityIntegrationOptions + defaultOpts := func() *AlterOauthForPartnerApplicationsSecurityIntegrationOptions { + return &AlterOauthForPartnerApplicationsSecurityIntegrationOptions{ name: id, } } t.Run("validation: nil options", func(t *testing.T) { - var opts *AlterOauthPartnerSecurityIntegrationOptions = nil + var opts *AlterOauthForPartnerApplicationsSecurityIntegrationOptions = nil assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) }) t.Run("validation: valid identifier for [opts.name]", func(t *testing.T) { opts := defaultOpts() - opts.Set = &OauthPartnerIntegrationSet{ + opts.Set = &OauthForPartnerApplicationsIntegrationSet{ Enabled: Pointer(true), } opts.name = NewAccountObjectIdentifier("") @@ -230,33 +238,33 @@ func TestSecurityIntegrations_AlterOauthPartner(t *testing.T) { t.Run("validation: exactly of the fields [opts.*] should be set", func(t *testing.T) { opts := defaultOpts() - assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthForPartnerApplicationsSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) }) t.Run("validation: at least one of the fields [opts.Set.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Set = &OauthPartnerIntegrationSet{} - assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthPartnerSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", - "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment")) + opts.Set = &OauthForPartnerApplicationsIntegrationSet{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthForPartnerApplicationsSecurityIntegrationOptions.Set", "Enabled", "OauthIssueRefreshTokens", + "OauthRedirectUri", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment")) }) t.Run("validation: at least one of the fields [opts.Unset.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Unset = &OauthPartnerIntegrationUnset{} - assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthPartnerSecurityIntegrationOptions.Unset", + opts.Unset = &OauthForPartnerApplicationsIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthForPartnerApplicationsSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles")) }) t.Run("validation: exactly one of the fields [opts.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Set = &OauthPartnerIntegrationSet{} - opts.Unset = &OauthPartnerIntegrationUnset{} - assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + opts.Set = &OauthForPartnerApplicationsIntegrationSet{} + opts.Unset = &OauthForPartnerApplicationsIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthForPartnerApplicationsSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) }) t.Run("empty roles lists", func(t *testing.T) { opts := defaultOpts() - opts.Set = &OauthPartnerIntegrationSet{ + opts.Set = &OauthForPartnerApplicationsIntegrationSet{ BlockedRolesList: &BlockedRolesList{}, } assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s SET BLOCKED_ROLES_LIST = ()", id.FullyQualifiedName()) @@ -265,7 +273,7 @@ func TestSecurityIntegrations_AlterOauthPartner(t *testing.T) { t.Run("all options - set", func(t *testing.T) { opts := defaultOpts() roleID := randomAccountObjectIdentifier() - opts.Set = &OauthPartnerIntegrationSet{ + opts.Set = &OauthForPartnerApplicationsIntegrationSet{ Enabled: Pointer(true), OauthRedirectUri: Pointer("uri"), OauthIssueRefreshTokens: Pointer(true), @@ -274,13 +282,13 @@ func TestSecurityIntegrations_AlterOauthPartner(t *testing.T) { BlockedRolesList: &BlockedRolesList{BlockedRolesList: []AccountObjectIdentifier{roleID}}, Comment: Pointer("a"), } - assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s SET ENABLED = true, OAUTH_REDIRECT_URI = 'uri', OAUTH_ISSUE_REFRESH_TOKENS = true, OAUTH_REFRESH_TOKEN_VALIDITY = 42,"+ + assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s SET ENABLED = true, OAUTH_ISSUE_REFRESH_TOKENS = true, OAUTH_REDIRECT_URI = 'uri', OAUTH_REFRESH_TOKEN_VALIDITY = 42,"+ " OAUTH_USE_SECONDARY_ROLES = NONE, BLOCKED_ROLES_LIST = (%s), COMMENT = 'a'", id.FullyQualifiedName(), roleID.FullyQualifiedName()) }) t.Run("all options - unset", func(t *testing.T) { opts := defaultOpts() - opts.Unset = &OauthPartnerIntegrationUnset{ + opts.Unset = &OauthForPartnerApplicationsIntegrationUnset{ Enabled: Pointer(true), OauthUseSecondaryRoles: Pointer(true), } @@ -315,21 +323,21 @@ func TestSecurityIntegrations_AlterOauthPartner(t *testing.T) { func TestSecurityIntegrations_AlterOauthCustom(t *testing.T) { id := randomAccountObjectIdentifier() - // Minimal valid AlterOauthCustomSecurityIntegrationOptions - defaultOpts := func() *AlterOauthCustomSecurityIntegrationOptions { - return &AlterOauthCustomSecurityIntegrationOptions{ + // Minimal valid AlterOauthForCustomClientsSecurityIntegrationOptions + defaultOpts := func() *AlterOauthForCustomClientsSecurityIntegrationOptions { + return &AlterOauthForCustomClientsSecurityIntegrationOptions{ name: id, } } t.Run("validation: nil options", func(t *testing.T) { - var opts *AlterOauthCustomSecurityIntegrationOptions = nil + var opts *AlterOauthForCustomClientsSecurityIntegrationOptions = nil assertOptsInvalidJoinedErrors(t, opts, ErrNilOptions) }) t.Run("validation: valid identifier for [opts.name]", func(t *testing.T) { opts := defaultOpts() - opts.Set = &OauthCustomIntegrationSet{ + opts.Set = &OauthForCustomClientsIntegrationSet{ Enabled: Pointer(true), } opts.name = NewAccountObjectIdentifier("") @@ -338,34 +346,34 @@ func TestSecurityIntegrations_AlterOauthCustom(t *testing.T) { t.Run("validation: exactly of the fields [opts.*] should be set", func(t *testing.T) { opts := defaultOpts() - assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthForCustomClientsSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) }) t.Run("validation: at least one of the fields [opts.Set.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Set = &OauthCustomIntegrationSet{} - assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthCustomSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", + opts.Set = &OauthForCustomClientsIntegrationSet{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthForCustomClientsSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", "OauthEnforcePkce", "PreAuthorizedRolesList", "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment")) }) t.Run("validation: at least one of the fields [opts.Unset.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Unset = &OauthCustomIntegrationUnset{} - assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthCustomSecurityIntegrationOptions.Unset", - "Enabled", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2")) + opts.Unset = &OauthForCustomClientsIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errAtLeastOneOf("AlterOauthForCustomClientsSecurityIntegrationOptions.Unset", + "Enabled", "NetworkPolicy", "OauthUseSecondaryRoles", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2")) }) t.Run("validation: exactly one of the fields [opts.*] should be set", func(t *testing.T) { opts := defaultOpts() - opts.Set = &OauthCustomIntegrationSet{} - opts.Unset = &OauthCustomIntegrationUnset{} - assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + opts.Set = &OauthForCustomClientsIntegrationSet{} + opts.Unset = &OauthForCustomClientsIntegrationUnset{} + assertOptsInvalidJoinedErrors(t, opts, errExactlyOneOf("AlterOauthForCustomClientsSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) }) t.Run("empty roles lists", func(t *testing.T) { opts := defaultOpts() - opts.Set = &OauthCustomIntegrationSet{ + opts.Set = &OauthForCustomClientsIntegrationSet{ PreAuthorizedRolesList: &PreAuthorizedRolesList{}, BlockedRolesList: &BlockedRolesList{}, } @@ -375,7 +383,7 @@ func TestSecurityIntegrations_AlterOauthCustom(t *testing.T) { t.Run("all options - set", func(t *testing.T) { opts := defaultOpts() roleID, role2ID, npID := randomAccountObjectIdentifier(), randomAccountObjectIdentifier(), randomAccountObjectIdentifier() - opts.Set = &OauthCustomIntegrationSet{ + opts.Set = &OauthForCustomClientsIntegrationSet{ Enabled: Pointer(true), OauthRedirectUri: Pointer("uri"), OauthAllowNonTlsRedirectUri: Pointer(true), @@ -391,20 +399,20 @@ func TestSecurityIntegrations_AlterOauthCustom(t *testing.T) { Comment: Pointer("a"), } assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s SET ENABLED = true, OAUTH_REDIRECT_URI = 'uri', OAUTH_ALLOW_NON_TLS_REDIRECT_URI = true, OAUTH_ENFORCE_PKCE = true,"+ - " OAUTH_USE_SECONDARY_ROLES = NONE, PRE_AUTHORIZED_ROLES_LIST = (%s), BLOCKED_ROLES_LIST = (%s), OAUTH_ISSUE_REFRESH_TOKENS = true, OAUTH_REFRESH_TOKEN_VALIDITY = 42,"+ + " PRE_AUTHORIZED_ROLES_LIST = (%s), BLOCKED_ROLES_LIST = (%s), OAUTH_ISSUE_REFRESH_TOKENS = true, OAUTH_REFRESH_TOKEN_VALIDITY = 42, OAUTH_USE_SECONDARY_ROLES = NONE,"+ " NETWORK_POLICY = %s, OAUTH_CLIENT_RSA_PUBLIC_KEY = 'key', OAUTH_CLIENT_RSA_PUBLIC_KEY_2 = 'key2', COMMENT = 'a'", id.FullyQualifiedName(), roleID.FullyQualifiedName(), role2ID.FullyQualifiedName(), npID.FullyQualifiedName()) }) t.Run("all options - unset", func(t *testing.T) { opts := defaultOpts() - opts.Unset = &OauthCustomIntegrationUnset{ + opts.Unset = &OauthForCustomClientsIntegrationUnset{ Enabled: Pointer(true), OauthUseSecondaryRoles: Pointer(true), NetworkPolicy: Pointer(true), OauthClientRsaPublicKey: Pointer(true), OauthClientRsaPublicKey2: Pointer(true), } - assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s UNSET ENABLED, OAUTH_USE_SECONDARY_ROLES, NETWORK_POLICY, OAUTH_CLIENT_RSA_PUBLIC_KEY, OAUTH_CLIENT_RSA_PUBLIC_KEY_2", id.FullyQualifiedName()) + assertOptsValidAndSQLEquals(t, opts, "ALTER SECURITY INTEGRATION %s UNSET ENABLED, NETWORK_POLICY, OAUTH_CLIENT_RSA_PUBLIC_KEY, OAUTH_CLIENT_RSA_PUBLIC_KEY_2, OAUTH_USE_SECONDARY_ROLES", id.FullyQualifiedName()) }) t.Run("set tags", func(t *testing.T) { diff --git a/pkg/sdk/security_integrations_impl_gen.go b/pkg/sdk/security_integrations_impl_gen.go index 4e6f3bca8d..ac29b7722c 100644 --- a/pkg/sdk/security_integrations_impl_gen.go +++ b/pkg/sdk/security_integrations_impl_gen.go @@ -12,12 +12,12 @@ type securityIntegrations struct { client *Client } -func (v *securityIntegrations) CreateOauthPartner(ctx context.Context, request *CreateOauthPartnerSecurityIntegrationRequest) error { +func (v *securityIntegrations) CreateOauthForPartnerApplications(ctx context.Context, request *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) error { opts := request.toOpts() return validateAndExec(v.client, ctx, opts) } -func (v *securityIntegrations) CreateOauthCustom(ctx context.Context, request *CreateOauthCustomSecurityIntegrationRequest) error { +func (v *securityIntegrations) CreateOauthForCustomClients(ctx context.Context, request *CreateOauthForCustomClientsSecurityIntegrationRequest) error { opts := request.toOpts() return validateAndExec(v.client, ctx, opts) } @@ -32,12 +32,12 @@ func (v *securityIntegrations) CreateScim(ctx context.Context, request *CreateSc return validateAndExec(v.client, ctx, opts) } -func (v *securityIntegrations) AlterOauthPartner(ctx context.Context, request *AlterOauthPartnerSecurityIntegrationRequest) error { +func (v *securityIntegrations) AlterOauthForPartnerApplications(ctx context.Context, request *AlterOauthForPartnerApplicationsSecurityIntegrationRequest) error { opts := request.toOpts() return validateAndExec(v.client, ctx, opts) } -func (v *securityIntegrations) AlterOauthCustom(ctx context.Context, request *AlterOauthCustomSecurityIntegrationRequest) error { +func (v *securityIntegrations) AlterOauthForCustomClients(ctx context.Context, request *AlterOauthForCustomClientsSecurityIntegrationRequest) error { opts := request.toOpts() return validateAndExec(v.client, ctx, opts) } @@ -79,7 +79,7 @@ func (v *securityIntegrations) Show(ctx context.Context, request *ShowSecurityIn } func (v *securityIntegrations) ShowByID(ctx context.Context, id AccountObjectIdentifier) (*SecurityIntegration, error) { - securityIntegrations, err := v.Show(ctx, NewShowSecurityIntegrationRequest().WithLike(&Like{ + securityIntegrations, err := v.Show(ctx, NewShowSecurityIntegrationRequest().WithLike(Like{ Pattern: String(id.Name()), })) if err != nil { @@ -88,8 +88,8 @@ func (v *securityIntegrations) ShowByID(ctx context.Context, id AccountObjectIde return collections.FindOne(securityIntegrations, func(r SecurityIntegration) bool { return r.Name == id.Name() }) } -func (r *CreateOauthPartnerSecurityIntegrationRequest) toOpts() *CreateOauthPartnerSecurityIntegrationOptions { - opts := &CreateOauthPartnerSecurityIntegrationOptions{ +func (r *CreateOauthForPartnerApplicationsSecurityIntegrationRequest) toOpts() *CreateOauthForPartnerApplicationsSecurityIntegrationOptions { + opts := &CreateOauthForPartnerApplicationsSecurityIntegrationOptions{ OrReplace: r.OrReplace, IfNotExists: r.IfNotExists, name: r.name, @@ -110,8 +110,8 @@ func (r *CreateOauthPartnerSecurityIntegrationRequest) toOpts() *CreateOauthPart return opts } -func (r *CreateOauthCustomSecurityIntegrationRequest) toOpts() *CreateOauthCustomSecurityIntegrationOptions { - opts := &CreateOauthCustomSecurityIntegrationOptions{ +func (r *CreateOauthForCustomClientsSecurityIntegrationRequest) toOpts() *CreateOauthForCustomClientsSecurityIntegrationOptions { + opts := &CreateOauthForCustomClientsSecurityIntegrationOptions{ OrReplace: r.OrReplace, IfNotExists: r.IfNotExists, name: r.name, @@ -183,18 +183,18 @@ func (r *CreateScimSecurityIntegrationRequest) toOpts() *CreateScimSecurityInteg return opts } -func (r *AlterOauthPartnerSecurityIntegrationRequest) toOpts() *AlterOauthPartnerSecurityIntegrationOptions { - opts := &AlterOauthPartnerSecurityIntegrationOptions{ +func (r *AlterOauthForPartnerApplicationsSecurityIntegrationRequest) toOpts() *AlterOauthForPartnerApplicationsSecurityIntegrationOptions { + opts := &AlterOauthForPartnerApplicationsSecurityIntegrationOptions{ IfExists: r.IfExists, name: r.name, SetTags: r.SetTags, UnsetTags: r.UnsetTags, } if r.Set != nil { - opts.Set = &OauthPartnerIntegrationSet{ + opts.Set = &OauthForPartnerApplicationsIntegrationSet{ Enabled: r.Set.Enabled, - OauthRedirectUri: r.Set.OauthRedirectUri, OauthIssueRefreshTokens: r.Set.OauthIssueRefreshTokens, + OauthRedirectUri: r.Set.OauthRedirectUri, OauthRefreshTokenValidity: r.Set.OauthRefreshTokenValidity, OauthUseSecondaryRoles: r.Set.OauthUseSecondaryRoles, @@ -207,7 +207,7 @@ func (r *AlterOauthPartnerSecurityIntegrationRequest) toOpts() *AlterOauthPartne } } if r.Unset != nil { - opts.Unset = &OauthPartnerIntegrationUnset{ + opts.Unset = &OauthForPartnerApplicationsIntegrationUnset{ Enabled: r.Unset.Enabled, OauthUseSecondaryRoles: r.Unset.OauthUseSecondaryRoles, } @@ -215,23 +215,23 @@ func (r *AlterOauthPartnerSecurityIntegrationRequest) toOpts() *AlterOauthPartne return opts } -func (r *AlterOauthCustomSecurityIntegrationRequest) toOpts() *AlterOauthCustomSecurityIntegrationOptions { - opts := &AlterOauthCustomSecurityIntegrationOptions{ +func (r *AlterOauthForCustomClientsSecurityIntegrationRequest) toOpts() *AlterOauthForCustomClientsSecurityIntegrationOptions { + opts := &AlterOauthForCustomClientsSecurityIntegrationOptions{ IfExists: r.IfExists, name: r.name, SetTags: r.SetTags, UnsetTags: r.UnsetTags, } if r.Set != nil { - opts.Set = &OauthCustomIntegrationSet{ + opts.Set = &OauthForCustomClientsIntegrationSet{ Enabled: r.Set.Enabled, OauthRedirectUri: r.Set.OauthRedirectUri, OauthAllowNonTlsRedirectUri: r.Set.OauthAllowNonTlsRedirectUri, OauthEnforcePkce: r.Set.OauthEnforcePkce, - OauthUseSecondaryRoles: r.Set.OauthUseSecondaryRoles, OauthIssueRefreshTokens: r.Set.OauthIssueRefreshTokens, OauthRefreshTokenValidity: r.Set.OauthRefreshTokenValidity, + OauthUseSecondaryRoles: r.Set.OauthUseSecondaryRoles, NetworkPolicy: r.Set.NetworkPolicy, OauthClientRsaPublicKey: r.Set.OauthClientRsaPublicKey, OauthClientRsaPublicKey2: r.Set.OauthClientRsaPublicKey2, @@ -249,12 +249,12 @@ func (r *AlterOauthCustomSecurityIntegrationRequest) toOpts() *AlterOauthCustomS } } if r.Unset != nil { - opts.Unset = &OauthCustomIntegrationUnset{ + opts.Unset = &OauthForCustomClientsIntegrationUnset{ Enabled: r.Unset.Enabled, - OauthUseSecondaryRoles: r.Unset.OauthUseSecondaryRoles, NetworkPolicy: r.Unset.NetworkPolicy, OauthClientRsaPublicKey: r.Unset.OauthClientRsaPublicKey, OauthClientRsaPublicKey2: r.Unset.OauthClientRsaPublicKey2, + OauthUseSecondaryRoles: r.Unset.OauthUseSecondaryRoles, } } return opts diff --git a/pkg/sdk/security_integrations_validations_gen.go b/pkg/sdk/security_integrations_validations_gen.go index 1b16967410..b7b4d37d2d 100644 --- a/pkg/sdk/security_integrations_validations_gen.go +++ b/pkg/sdk/security_integrations_validations_gen.go @@ -1,12 +1,12 @@ package sdk var ( - _ validatable = new(CreateOauthPartnerSecurityIntegrationOptions) - _ validatable = new(CreateOauthCustomSecurityIntegrationOptions) + _ validatable = new(CreateOauthForPartnerApplicationsSecurityIntegrationOptions) + _ validatable = new(CreateOauthForCustomClientsSecurityIntegrationOptions) _ validatable = new(CreateSaml2SecurityIntegrationOptions) _ validatable = new(CreateScimSecurityIntegrationOptions) - _ validatable = new(AlterOauthPartnerSecurityIntegrationOptions) - _ validatable = new(AlterOauthCustomSecurityIntegrationOptions) + _ validatable = new(AlterOauthForPartnerApplicationsSecurityIntegrationOptions) + _ validatable = new(AlterOauthForCustomClientsSecurityIntegrationOptions) _ validatable = new(AlterSaml2SecurityIntegrationOptions) _ validatable = new(AlterScimSecurityIntegrationOptions) _ validatable = new(DropSecurityIntegrationOptions) @@ -14,7 +14,7 @@ var ( _ validatable = new(ShowSecurityIntegrationOptions) ) -func (opts *CreateOauthPartnerSecurityIntegrationOptions) validate() error { +func (opts *CreateOauthForPartnerApplicationsSecurityIntegrationOptions) validate() error { if opts == nil { return ErrNilOptions } @@ -23,12 +23,15 @@ func (opts *CreateOauthPartnerSecurityIntegrationOptions) validate() error { errs = append(errs, ErrInvalidObjectIdentifier) } if everyValueSet(opts.OrReplace, opts.IfNotExists) { - errs = append(errs, errOneOf("CreateOauthPartnerSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + errs = append(errs, errOneOf("CreateOauthForPartnerApplicationsSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + } + if opts.OauthClient == OauthSecurityIntegrationClientLooker && opts.OauthRedirectUri == nil { + errs = append(errs, NewError("OauthRedirectUri is required when OauthClient is LOOKER")) } return JoinErrors(errs...) } -func (opts *CreateOauthCustomSecurityIntegrationOptions) validate() error { +func (opts *CreateOauthForCustomClientsSecurityIntegrationOptions) validate() error { if opts == nil { return ErrNilOptions } @@ -37,7 +40,7 @@ func (opts *CreateOauthCustomSecurityIntegrationOptions) validate() error { errs = append(errs, ErrInvalidObjectIdentifier) } if everyValueSet(opts.OrReplace, opts.IfNotExists) { - errs = append(errs, errOneOf("CreateOauthCustomSecurityIntegrationOptions", "OrReplace", "IfNotExists")) + errs = append(errs, errOneOf("CreateOauthForCustomClientsSecurityIntegrationOptions", "OrReplace", "IfNotExists")) } return JoinErrors(errs...) } @@ -70,7 +73,7 @@ func (opts *CreateScimSecurityIntegrationOptions) validate() error { return JoinErrors(errs...) } -func (opts *AlterOauthPartnerSecurityIntegrationOptions) validate() error { +func (opts *AlterOauthForPartnerApplicationsSecurityIntegrationOptions) validate() error { if opts == nil { return ErrNilOptions } @@ -79,22 +82,22 @@ func (opts *AlterOauthPartnerSecurityIntegrationOptions) validate() error { errs = append(errs, ErrInvalidObjectIdentifier) } if !exactlyOneValueSet(opts.Set, opts.Unset, opts.SetTags, opts.UnsetTags) { - errs = append(errs, errExactlyOneOf("AlterOauthPartnerSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + errs = append(errs, errExactlyOneOf("AlterOauthForPartnerApplicationsSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) } if valueSet(opts.Set) { - if !anyValueSet(opts.Set.Enabled, opts.Set.OauthRedirectUri, opts.Set.OauthIssueRefreshTokens, opts.Set.OauthRefreshTokenValidity, opts.Set.OauthUseSecondaryRoles, opts.Set.BlockedRolesList, opts.Set.Comment) { - errs = append(errs, errAtLeastOneOf("AlterOauthPartnerSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment")) + if !anyValueSet(opts.Set.Enabled, opts.Set.OauthIssueRefreshTokens, opts.Set.OauthRedirectUri, opts.Set.OauthRefreshTokenValidity, opts.Set.OauthUseSecondaryRoles, opts.Set.BlockedRolesList, opts.Set.Comment) { + errs = append(errs, errAtLeastOneOf("AlterOauthForPartnerApplicationsSecurityIntegrationOptions.Set", "Enabled", "OauthIssueRefreshTokens", "OauthRedirectUri", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "BlockedRolesList", "Comment")) } } if valueSet(opts.Unset) { if !anyValueSet(opts.Unset.Enabled, opts.Unset.OauthUseSecondaryRoles) { - errs = append(errs, errAtLeastOneOf("AlterOauthPartnerSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles")) + errs = append(errs, errAtLeastOneOf("AlterOauthForPartnerApplicationsSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles")) } } return JoinErrors(errs...) } -func (opts *AlterOauthCustomSecurityIntegrationOptions) validate() error { +func (opts *AlterOauthForCustomClientsSecurityIntegrationOptions) validate() error { if opts == nil { return ErrNilOptions } @@ -103,16 +106,16 @@ func (opts *AlterOauthCustomSecurityIntegrationOptions) validate() error { errs = append(errs, ErrInvalidObjectIdentifier) } if !exactlyOneValueSet(opts.Set, opts.Unset, opts.SetTags, opts.UnsetTags) { - errs = append(errs, errExactlyOneOf("AlterOauthCustomSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) + errs = append(errs, errExactlyOneOf("AlterOauthForCustomClientsSecurityIntegrationOptions", "Set", "Unset", "SetTags", "UnsetTags")) } if valueSet(opts.Set) { if !anyValueSet(opts.Set.Enabled, opts.Set.OauthRedirectUri, opts.Set.OauthAllowNonTlsRedirectUri, opts.Set.OauthEnforcePkce, opts.Set.PreAuthorizedRolesList, opts.Set.BlockedRolesList, opts.Set.OauthIssueRefreshTokens, opts.Set.OauthRefreshTokenValidity, opts.Set.OauthUseSecondaryRoles, opts.Set.NetworkPolicy, opts.Set.OauthClientRsaPublicKey, opts.Set.OauthClientRsaPublicKey2, opts.Set.Comment) { - errs = append(errs, errAtLeastOneOf("AlterOauthCustomSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", "OauthEnforcePkce", "PreAuthorizedRolesList", "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment")) + errs = append(errs, errAtLeastOneOf("AlterOauthForCustomClientsSecurityIntegrationOptions.Set", "Enabled", "OauthRedirectUri", "OauthAllowNonTlsRedirectUri", "OauthEnforcePkce", "PreAuthorizedRolesList", "BlockedRolesList", "OauthIssueRefreshTokens", "OauthRefreshTokenValidity", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2", "Comment")) } } if valueSet(opts.Unset) { - if !anyValueSet(opts.Unset.Enabled, opts.Unset.OauthUseSecondaryRoles, opts.Unset.NetworkPolicy, opts.Unset.OauthClientRsaPublicKey, opts.Unset.OauthClientRsaPublicKey2) { - errs = append(errs, errAtLeastOneOf("AlterOauthCustomSecurityIntegrationOptions.Unset", "Enabled", "OauthUseSecondaryRoles", "NetworkPolicy", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2")) + if !anyValueSet(opts.Unset.Enabled, opts.Unset.NetworkPolicy, opts.Unset.OauthUseSecondaryRoles, opts.Unset.OauthClientRsaPublicKey, opts.Unset.OauthClientRsaPublicKey2) { + errs = append(errs, errAtLeastOneOf("AlterOauthForCustomClientsSecurityIntegrationOptions.Unset", "Enabled", "NetworkPolicy", "OauthUseSecondaryRoles", "OauthClientRsaPublicKey", "OauthClientRsaPublicKey2")) } } return JoinErrors(errs...) diff --git a/pkg/sdk/testint/security_integrations_gen_integration_test.go b/pkg/sdk/testint/security_integrations_gen_integration_test.go index efab867862..1971bded6a 100644 --- a/pkg/sdk/testint/security_integrations_gen_integration_test.go +++ b/pkg/sdk/testint/security_integrations_gen_integration_test.go @@ -27,75 +27,77 @@ func TestInt_SecurityIntegrations(t *testing.T) { cleanupSecurityIntegration := func(t *testing.T, id sdk.AccountObjectIdentifier) { t.Helper() t.Cleanup(func() { - err := client.SecurityIntegrations.Drop(ctx, sdk.NewDropSecurityIntegrationRequest(id).WithIfExists(sdk.Pointer(true))) + err := client.SecurityIntegrations.Drop(ctx, sdk.NewDropSecurityIntegrationRequest(id).WithIfExists(true)) assert.NoError(t, err) }) } - createOauthCustom := func(t *testing.T, siID sdk.AccountObjectIdentifier, with func(*sdk.CreateOauthCustomSecurityIntegrationRequest)) *sdk.SecurityIntegration { + createOauthCustom := func(t *testing.T, with func(*sdk.CreateOauthForCustomClientsSecurityIntegrationRequest)) (*sdk.SecurityIntegration, sdk.AccountObjectIdentifier) { t.Helper() - - req := sdk.NewCreateOauthCustomSecurityIntegrationRequest(siID, sdk.OauthSecurityIntegrationClientTypePublic, "https://example.com") + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + req := sdk.NewCreateOauthForCustomClientsSecurityIntegrationRequest(id, sdk.OauthSecurityIntegrationClientTypePublic, "https://example.com") if with != nil { with(req) } - err := client.SecurityIntegrations.CreateOauthCustom(ctx, req) + err := client.SecurityIntegrations.CreateOauthForCustomClients(ctx, req) require.NoError(t, err) - cleanupSecurityIntegration(t, siID) - integration, err := client.SecurityIntegrations.ShowByID(ctx, siID) + cleanupSecurityIntegration(t, id) + integration, err := client.SecurityIntegrations.ShowByID(ctx, id) require.NoError(t, err) - return integration + return integration, id } - createOauthPartner := func(t *testing.T, siID sdk.AccountObjectIdentifier, with func(*sdk.CreateOauthPartnerSecurityIntegrationRequest)) *sdk.SecurityIntegration { + createOauthPartner := func(t *testing.T, with func(*sdk.CreateOauthForPartnerApplicationsSecurityIntegrationRequest)) (*sdk.SecurityIntegration, sdk.AccountObjectIdentifier) { t.Helper() - - req := sdk.NewCreateOauthPartnerSecurityIntegrationRequest(siID, sdk.OauthSecurityIntegrationClientLooker). - WithOauthRedirectUri(sdk.Pointer("http://example.com")) + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + req := sdk.NewCreateOauthForPartnerApplicationsSecurityIntegrationRequest(id, sdk.OauthSecurityIntegrationClientLooker). + WithOauthRedirectUri("http://example.com") if with != nil { with(req) } - err := client.SecurityIntegrations.CreateOauthPartner(ctx, req) + err := client.SecurityIntegrations.CreateOauthForPartnerApplications(ctx, req) require.NoError(t, err) - cleanupSecurityIntegration(t, siID) - integration, err := client.SecurityIntegrations.ShowByID(ctx, siID) + cleanupSecurityIntegration(t, id) + integration, err := client.SecurityIntegrations.ShowByID(ctx, id) require.NoError(t, err) - return integration + return integration, id } - createSAML2Integration := func(t *testing.T, siID sdk.AccountObjectIdentifier, issuer string, with func(*sdk.CreateSaml2SecurityIntegrationRequest)) *sdk.SecurityIntegration { + createSAML2Integration := func(t *testing.T, with func(*sdk.CreateSaml2SecurityIntegrationRequest)) (*sdk.SecurityIntegration, sdk.AccountObjectIdentifier, string) { t.Helper() - - saml2Req := sdk.NewCreateSaml2SecurityIntegrationRequest(siID, false, issuer, "https://example.com", "Custom", cert) + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + issuer := testClientHelper().Ids.Alpha() + saml2Req := sdk.NewCreateSaml2SecurityIntegrationRequest(id, false, issuer, "https://example.com", "Custom", cert) if with != nil { with(saml2Req) } err := client.SecurityIntegrations.CreateSaml2(ctx, saml2Req) require.NoError(t, err) - cleanupSecurityIntegration(t, siID) - integration, err := client.SecurityIntegrations.ShowByID(ctx, siID) + cleanupSecurityIntegration(t, id) + integration, err := client.SecurityIntegrations.ShowByID(ctx, id) require.NoError(t, err) - return integration + return integration, id, issuer } - createSCIMIntegration := func(t *testing.T, siID sdk.AccountObjectIdentifier, with func(*sdk.CreateScimSecurityIntegrationRequest)) *sdk.SecurityIntegration { + createSCIMIntegration := func(t *testing.T, with func(*sdk.CreateScimSecurityIntegrationRequest)) (*sdk.SecurityIntegration, sdk.AccountObjectIdentifier) { t.Helper() role, roleCleanup := testClientHelper().Role.CreateRoleWithRequest(t, sdk.NewCreateRoleRequest(snowflakeroles.GenericScimProvisioner).WithOrReplace(true)) t.Cleanup(roleCleanup) testClientHelper().Role.GrantRoleToCurrentRole(t, role.ID()) - scimReq := sdk.NewCreateScimSecurityIntegrationRequest(siID, false, sdk.ScimSecurityIntegrationScimClientGeneric, sdk.ScimSecurityIntegrationRunAsRoleGenericScimProvisioner) + id := testClientHelper().Ids.RandomAccountObjectIdentifier() + scimReq := sdk.NewCreateScimSecurityIntegrationRequest(id, false, sdk.ScimSecurityIntegrationScimClientGeneric, sdk.ScimSecurityIntegrationRunAsRoleGenericScimProvisioner) if with != nil { with(scimReq) } err := client.SecurityIntegrations.CreateScim(ctx, scimReq) require.NoError(t, err) - cleanupSecurityIntegration(t, siID) - integration, err := client.SecurityIntegrations.ShowByID(ctx, siID) + cleanupSecurityIntegration(t, id) + integration, err := client.SecurityIntegrations.ShowByID(ctx, id) require.NoError(t, err) - return integration + return integration, id } assertSecurityIntegration := func(t *testing.T, si *sdk.SecurityIntegration, id sdk.AccountObjectIdentifier, siType string, enabled bool, comment string) { @@ -126,7 +128,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "PRE_AUTHORIZED_ROLES_LIST", Type: "List", Value: d.preAuthorizedRolesList, Default: "[]"}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "NETWORK_POLICY", Type: "String", Value: d.networkPolicy, Default: ""}) assert.Contains(t, details, sdk.SecurityIntegrationProperty{Name: "COMMENT", Type: "String", Value: d.comment, Default: ""}) - // Chech one-by-one because snowflake returns a few extra roles + // Check one-by-one because snowflake returns a few extra roles found, err := collections.FindOne(details, func(d sdk.SecurityIntegrationProperty) bool { return d.Name == "BLOCKED_ROLES_LIST" }) assert.NoError(t, err) roles := strings.Split(found.Value, ",") @@ -195,17 +197,16 @@ func TestInt_SecurityIntegrations(t *testing.T) { } t.Run("CreateOauthPartner", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() role1, role1Cleanup := testClientHelper().Role.CreateRole(t) t.Cleanup(role1Cleanup) - integration := createOauthPartner(t, id, func(r *sdk.CreateOauthPartnerSecurityIntegrationRequest) { - r.WithBlockedRolesList(&sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). - WithComment(sdk.Pointer("a")). - WithEnabled(sdk.Pointer(true)). - WithOauthIssueRefreshTokens(sdk.Pointer(true)). - WithOauthRefreshTokenValidity(sdk.Pointer(12345)). - WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)) + integration, id := createOauthPartner(t, func(r *sdk.CreateOauthForPartnerApplicationsSecurityIntegrationRequest) { + r.WithBlockedRolesList(sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). + WithComment("a"). + WithEnabled(true). + WithOauthIssueRefreshTokens(true). + WithOauthRefreshTokenValidity(12345). + WithOauthUseSecondaryRoles(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit) }) details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) @@ -223,7 +224,6 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("CreateOauthCustom", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() networkPolicy, networkPolicyCleanup := testClientHelper().NetworkPolicy.CreateNetworkPolicy(t) t.Cleanup(networkPolicyCleanup) role1, role1Cleanup := testClientHelper().Role.CreateRole(t) @@ -231,19 +231,19 @@ func TestInt_SecurityIntegrations(t *testing.T) { role2, role2Cleanup := testClientHelper().Role.CreateRole(t) t.Cleanup(role2Cleanup) - integration := createOauthCustom(t, id, func(r *sdk.CreateOauthCustomSecurityIntegrationRequest) { - r.WithBlockedRolesList(&sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). - WithComment(sdk.Pointer("a")). - WithEnabled(sdk.Pointer(true)). - WithNetworkPolicy(sdk.Pointer(sdk.NewAccountObjectIdentifier(networkPolicy.Name))). - WithOauthAllowNonTlsRedirectUri(sdk.Pointer(true)). - WithOauthClientRsaPublicKey(sdk.Pointer(rsaKey)). - WithOauthClientRsaPublicKey2(sdk.Pointer(rsaKey)). - WithOauthEnforcePkce(sdk.Pointer(true)). - WithOauthIssueRefreshTokens(sdk.Pointer(true)). - WithOauthRefreshTokenValidity(sdk.Pointer(12345)). - WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)). - WithPreAuthorizedRolesList(&sdk.PreAuthorizedRolesListRequest{PreAuthorizedRolesList: []sdk.AccountObjectIdentifier{role2.ID()}}) + integration, id := createOauthCustom(t, func(r *sdk.CreateOauthForCustomClientsSecurityIntegrationRequest) { + r.WithBlockedRolesList(sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). + WithComment("a"). + WithEnabled(true). + WithNetworkPolicy(sdk.NewAccountObjectIdentifier(networkPolicy.Name)). + WithOauthAllowNonTlsRedirectUri(true). + WithOauthClientRsaPublicKey(rsaKey). + WithOauthClientRsaPublicKey2(rsaKey). + WithOauthEnforcePkce(true). + WithOauthIssueRefreshTokens(true). + WithOauthRefreshTokenValidity(12345). + WithOauthUseSecondaryRoles(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit). + WithPreAuthorizedRolesList(sdk.PreAuthorizedRolesListRequest{PreAuthorizedRolesList: []sdk.AccountObjectIdentifier{role2.ID()}}) }) details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) @@ -263,21 +263,18 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("CreateSaml2", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - issuer := testClientHelper().Ids.Alpha() - - createSAML2Integration(t, id, issuer, func(r *sdk.CreateSaml2SecurityIntegrationRequest) { + _, id, issuer := createSAML2Integration(t, func(r *sdk.CreateSaml2SecurityIntegrationRequest) { r.WithAllowedEmailPatterns([]sdk.EmailPattern{{Pattern: "^(.+dev)@example.com$"}}). WithAllowedUserDomains([]sdk.UserDomain{{Domain: "example.com"}}). - WithComment(sdk.Pointer("a")). - WithSaml2EnableSpInitiated(sdk.Pointer(true)). - WithSaml2ForceAuthn(sdk.Pointer(true)). - WithSaml2PostLogoutRedirectUrl(sdk.Pointer("http://example.com/logout")). - WithSaml2RequestedNameidFormat(sdk.Pointer("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified")). - WithSaml2SignRequest(sdk.Pointer(true)). - WithSaml2SnowflakeAcsUrl(&acsURL). - WithSaml2SnowflakeIssuerUrl(&issuerURL). - WithSaml2SpInitiatedLoginPageLabel(sdk.Pointer("label")) + WithComment("a"). + WithSaml2EnableSpInitiated(true). + WithSaml2ForceAuthn(true). + WithSaml2PostLogoutRedirectUrl("http://example.com/logout"). + WithSaml2RequestedNameidFormat("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"). + WithSaml2SignRequest(true). + WithSaml2SnowflakeAcsUrl(acsURL). + WithSaml2SnowflakeIssuerUrl(issuerURL). + WithSaml2SpInitiatedLoginPageLabel("label") // TODO: fix after format clarification // WithSaml2SnowflakeX509Cert(sdk.Pointer(x509)) }) @@ -310,11 +307,10 @@ func TestInt_SecurityIntegrations(t *testing.T) { networkPolicy, networkPolicyCleanup := testClientHelper().NetworkPolicy.CreateNetworkPolicy(t) t.Cleanup(networkPolicyCleanup) - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createSCIMIntegration(t, id, func(r *sdk.CreateScimSecurityIntegrationRequest) { - r.WithComment(sdk.Pointer("a")). - WithNetworkPolicy(sdk.Pointer(sdk.NewAccountObjectIdentifier(networkPolicy.Name))). - WithSyncPassword(sdk.Pointer(false)) + _, id := createSCIMIntegration(t, func(r *sdk.CreateScimSecurityIntegrationRequest) { + r.WithComment("a"). + WithNetworkPolicy(sdk.NewAccountObjectIdentifier(networkPolicy.Name)). + WithSyncPassword(false) }) details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) @@ -327,23 +323,24 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("AlterOauthPartner", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createOauthPartner(t, id, func(r *sdk.CreateOauthPartnerSecurityIntegrationRequest) { - r.WithOauthRedirectUri(sdk.Pointer("http://example.com")) + _, id := createOauthPartner(t, func(r *sdk.CreateOauthForPartnerApplicationsSecurityIntegrationRequest) { + r.WithOauthRedirectUri("http://example.com") }) + role1, role1Cleanup := testClientHelper().Role.CreateRole(t) + t.Cleanup(role1Cleanup) - setRequest := sdk.NewAlterOauthPartnerSecurityIntegrationRequest(id). + setRequest := sdk.NewAlterOauthForPartnerApplicationsSecurityIntegrationRequest(id). WithSet( - sdk.NewOauthPartnerIntegrationSetRequest(). - WithBlockedRolesList(sdk.NewBlockedRolesListRequest()). - WithComment(sdk.Pointer("a")). - WithEnabled(sdk.Pointer(true)). - WithOauthIssueRefreshTokens(sdk.Pointer(true)). - WithOauthRedirectUri(sdk.Pointer("http://example2.com")). - WithOauthRefreshTokenValidity(sdk.Pointer(22222)). - WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)), + *sdk.NewOauthForPartnerApplicationsIntegrationSetRequest(). + WithBlockedRolesList(*sdk.NewBlockedRolesListRequest().WithBlockedRolesList([]sdk.AccountObjectIdentifier{role1.ID()})). + WithComment("a"). + WithEnabled(true). + WithOauthIssueRefreshTokens(true). + WithOauthRedirectUri("http://example2.com"). + WithOauthRefreshTokenValidity(22222). + WithOauthUseSecondaryRoles(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit), ) - err := client.SecurityIntegrations.AlterOauthPartner(ctx, setRequest) + err := client.SecurityIntegrations.AlterOauthForPartnerApplications(ctx, setRequest) require.NoError(t, err) details, err := client.SecurityIntegrations.Describe(ctx, id) @@ -360,13 +357,13 @@ func TestInt_SecurityIntegrations(t *testing.T) { comment: "a", }) - unsetRequest := sdk.NewAlterOauthPartnerSecurityIntegrationRequest(id). + unsetRequest := sdk.NewAlterOauthForPartnerApplicationsSecurityIntegrationRequest(id). WithUnset( - sdk.NewOauthPartnerIntegrationUnsetRequest(). - WithEnabled(sdk.Pointer(true)). - WithOauthUseSecondaryRoles(sdk.Pointer(true)), + *sdk.NewOauthForPartnerApplicationsIntegrationUnsetRequest(). + WithEnabled(true). + WithOauthUseSecondaryRoles(true), ) - err = client.SecurityIntegrations.AlterOauthPartner(ctx, unsetRequest) + err = client.SecurityIntegrations.AlterOauthForPartnerApplications(ctx, unsetRequest) require.NoError(t, err) details, err = client.SecurityIntegrations.Describe(ctx, id) @@ -380,8 +377,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { tag, tagCleanup := testClientHelper().Tag.CreateTag(t) t.Cleanup(tagCleanup) - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createOauthPartner(t, id, nil) + _, id := createOauthPartner(t, nil) tagValue := "abc" tags := []sdk.TagAssociation{ @@ -390,9 +386,9 @@ func TestInt_SecurityIntegrations(t *testing.T) { Value: tagValue, }, } - alterRequestSetTags := sdk.NewAlterOauthPartnerSecurityIntegrationRequest(id).WithSetTags(tags) + alterRequestSetTags := sdk.NewAlterOauthForPartnerApplicationsSecurityIntegrationRequest(id).WithSetTags(tags) - err := client.SecurityIntegrations.AlterOauthPartner(ctx, alterRequestSetTags) + err := client.SecurityIntegrations.AlterOauthForPartnerApplications(ctx, alterRequestSetTags) require.NoError(t, err) returnedTagValue, err := client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) @@ -403,9 +399,9 @@ func TestInt_SecurityIntegrations(t *testing.T) { unsetTags := []sdk.ObjectIdentifier{ tag.ID(), } - alterRequestUnsetTags := sdk.NewAlterOauthPartnerSecurityIntegrationRequest(id).WithUnsetTags(unsetTags) + alterRequestUnsetTags := sdk.NewAlterOauthForPartnerApplicationsSecurityIntegrationRequest(id).WithUnsetTags(unsetTags) - err = client.SecurityIntegrations.AlterOauthPartner(ctx, alterRequestUnsetTags) + err = client.SecurityIntegrations.AlterOauthForPartnerApplications(ctx, alterRequestUnsetTags) require.NoError(t, err) _, err = client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) @@ -413,8 +409,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("AlterOauthCustom", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createOauthCustom(t, id, nil) + _, id := createOauthCustom(t, nil) networkPolicy, networkPolicyCleanup := testClientHelper().NetworkPolicy.CreateNetworkPolicy(t) t.Cleanup(networkPolicyCleanup) @@ -423,24 +418,24 @@ func TestInt_SecurityIntegrations(t *testing.T) { role2, role2Cleanup := testClientHelper().Role.CreateRole(t) t.Cleanup(role2Cleanup) - setRequest := sdk.NewAlterOauthCustomSecurityIntegrationRequest(id). + setRequest := sdk.NewAlterOauthForCustomClientsSecurityIntegrationRequest(id). WithSet( - sdk.NewOauthCustomIntegrationSetRequest(). - WithEnabled(sdk.Pointer(true)). - WithBlockedRolesList(&sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). - WithComment(sdk.Pointer("a")). - WithNetworkPolicy(sdk.Pointer(sdk.NewAccountObjectIdentifier(networkPolicy.Name))). - WithOauthAllowNonTlsRedirectUri(sdk.Pointer(true)). - WithOauthClientRsaPublicKey(sdk.Pointer(rsaKey)). - WithOauthClientRsaPublicKey2(sdk.Pointer(rsaKey)). - WithOauthEnforcePkce(sdk.Pointer(true)). - WithOauthIssueRefreshTokens(sdk.Pointer(true)). - WithOauthRedirectUri(sdk.Pointer("http://example2.com")). - WithOauthRefreshTokenValidity(sdk.Pointer(22222)). - WithOauthUseSecondaryRoles(sdk.Pointer(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit)). - WithPreAuthorizedRolesList(&sdk.PreAuthorizedRolesListRequest{PreAuthorizedRolesList: []sdk.AccountObjectIdentifier{role2.ID()}}), + *sdk.NewOauthForCustomClientsIntegrationSetRequest(). + WithEnabled(true). + WithBlockedRolesList(sdk.BlockedRolesListRequest{BlockedRolesList: []sdk.AccountObjectIdentifier{role1.ID()}}). + WithComment("a"). + WithNetworkPolicy(sdk.NewAccountObjectIdentifier(networkPolicy.Name)). + WithOauthAllowNonTlsRedirectUri(true). + WithOauthClientRsaPublicKey(rsaKey). + WithOauthClientRsaPublicKey2(rsaKey). + WithOauthEnforcePkce(true). + WithOauthIssueRefreshTokens(true). + WithOauthRedirectUri("http://example2.com"). + WithOauthRefreshTokenValidity(22222). + WithOauthUseSecondaryRoles(sdk.OauthSecurityIntegrationUseSecondaryRolesImplicit). + WithPreAuthorizedRolesList(sdk.PreAuthorizedRolesListRequest{PreAuthorizedRolesList: []sdk.AccountObjectIdentifier{role2.ID()}}), ) - err := client.SecurityIntegrations.AlterOauthCustom(ctx, setRequest) + err := client.SecurityIntegrations.AlterOauthForCustomClients(ctx, setRequest) require.NoError(t, err) details, err := client.SecurityIntegrations.Describe(ctx, id) @@ -457,16 +452,16 @@ func TestInt_SecurityIntegrations(t *testing.T) { comment: "a", }, "true", string(sdk.OauthSecurityIntegrationClientTypePublic), "true") - unsetRequest := sdk.NewAlterOauthCustomSecurityIntegrationRequest(id). + unsetRequest := sdk.NewAlterOauthForCustomClientsSecurityIntegrationRequest(id). WithUnset( - sdk.NewOauthCustomIntegrationUnsetRequest(). - WithEnabled(sdk.Bool(true)). - WithOauthUseSecondaryRoles(sdk.Bool(true)). - WithNetworkPolicy(sdk.Bool(true)). - WithOauthClientRsaPublicKey(sdk.Bool(true)). - WithOauthClientRsaPublicKey2(sdk.Bool(true)), + *sdk.NewOauthForCustomClientsIntegrationUnsetRequest(). + WithEnabled(true). + WithOauthUseSecondaryRoles(true). + WithNetworkPolicy(true). + WithOauthClientRsaPublicKey(true). + WithOauthClientRsaPublicKey2(true), ) - err = client.SecurityIntegrations.AlterOauthCustom(ctx, unsetRequest) + err = client.SecurityIntegrations.AlterOauthForCustomClients(ctx, unsetRequest) require.NoError(t, err) details, err = client.SecurityIntegrations.Describe(ctx, id) @@ -483,8 +478,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { tag, tagCleanup := testClientHelper().Tag.CreateTag(t) t.Cleanup(tagCleanup) - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createOauthCustom(t, id, nil) + _, id := createOauthCustom(t, nil) tagValue := "abc" tags := []sdk.TagAssociation{ @@ -493,9 +487,9 @@ func TestInt_SecurityIntegrations(t *testing.T) { Value: tagValue, }, } - alterRequestSetTags := sdk.NewAlterOauthCustomSecurityIntegrationRequest(id).WithSetTags(tags) + alterRequestSetTags := sdk.NewAlterOauthForCustomClientsSecurityIntegrationRequest(id).WithSetTags(tags) - err := client.SecurityIntegrations.AlterOauthCustom(ctx, alterRequestSetTags) + err := client.SecurityIntegrations.AlterOauthForCustomClients(ctx, alterRequestSetTags) require.NoError(t, err) returnedTagValue, err := client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) @@ -506,36 +500,34 @@ func TestInt_SecurityIntegrations(t *testing.T) { unsetTags := []sdk.ObjectIdentifier{ tag.ID(), } - alterRequestUnsetTags := sdk.NewAlterOauthCustomSecurityIntegrationRequest(id).WithUnsetTags(unsetTags) + alterRequestUnsetTags := sdk.NewAlterOauthForCustomClientsSecurityIntegrationRequest(id).WithUnsetTags(unsetTags) - err = client.SecurityIntegrations.AlterOauthCustom(ctx, alterRequestUnsetTags) + err = client.SecurityIntegrations.AlterOauthForCustomClients(ctx, alterRequestUnsetTags) require.NoError(t, err) _, err = client.SystemFunctions.GetTag(ctx, tag.ID(), id, sdk.ObjectTypeIntegration) require.Error(t, err) }) t.Run("AlterSAML2Integration", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - issuer := testClientHelper().Ids.Alpha() - createSAML2Integration(t, id, issuer, nil) + _, id, issuer := createSAML2Integration(t, nil) setRequest := sdk.NewAlterSaml2SecurityIntegrationRequest(id). WithSet( - sdk.NewSaml2IntegrationSetRequest(). - WithEnabled(sdk.Pointer(true)). - WithSaml2Issuer(sdk.Pointer(issuer)). - WithSaml2SsoUrl(sdk.Pointer("http://example.com")). - WithSaml2Provider(sdk.Pointer("OKTA")). - WithSaml2X509Cert(sdk.Pointer(cert)). - WithComment(sdk.Pointer("a")). - WithSaml2EnableSpInitiated(sdk.Pointer(true)). - WithSaml2ForceAuthn(sdk.Pointer(true)). - WithSaml2PostLogoutRedirectUrl(sdk.Pointer("http://example.com/logout")). - WithSaml2RequestedNameidFormat(sdk.Pointer("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified")). - WithSaml2SignRequest(sdk.Pointer(true)). - WithSaml2SnowflakeAcsUrl(&acsURL). - WithSaml2SnowflakeIssuerUrl(&issuerURL). - WithSaml2SpInitiatedLoginPageLabel(sdk.Pointer("label")). + *sdk.NewSaml2IntegrationSetRequest(). + WithEnabled(true). + WithSaml2Issuer(issuer). + WithSaml2SsoUrl("http://example.com"). + WithSaml2Provider("OKTA"). + WithSaml2X509Cert(cert). + WithComment("a"). + WithSaml2EnableSpInitiated(true). + WithSaml2ForceAuthn(true). + WithSaml2PostLogoutRedirectUrl("http://example.com/logout"). + WithSaml2RequestedNameidFormat("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"). + WithSaml2SignRequest(true). + WithSaml2SnowflakeAcsUrl(acsURL). + WithSaml2SnowflakeIssuerUrl(issuerURL). + WithSaml2SpInitiatedLoginPageLabel("label"). WithAllowedEmailPatterns([]sdk.EmailPattern{{Pattern: "^(.+dev)@example.com$"}}). WithAllowedUserDomains([]sdk.UserDomain{{Domain: "example.com"}}), // TODO: fix after format clarification @@ -566,11 +558,11 @@ func TestInt_SecurityIntegrations(t *testing.T) { unsetRequest := sdk.NewAlterSaml2SecurityIntegrationRequest(id). WithUnset( - sdk.NewSaml2IntegrationUnsetRequest(). - WithSaml2ForceAuthn(sdk.Pointer(true)). - WithSaml2RequestedNameidFormat(sdk.Pointer(true)). - WithSaml2PostLogoutRedirectUrl(sdk.Pointer(true)). - WithComment(sdk.Pointer(true)), + *sdk.NewSaml2IntegrationUnsetRequest(). + WithSaml2ForceAuthn(true). + WithSaml2RequestedNameidFormat(true). + WithSaml2PostLogoutRedirectUrl(true). + WithComment(true), ) err = client.SecurityIntegrations.AlterSaml2(ctx, unsetRequest) require.NoError(t, err) @@ -584,11 +576,9 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("AlterSAML2Integration - REFRESH SAML2_SNOWFLAKE_PRIVATE_KEY", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - issuer := testClientHelper().Ids.Alpha() - createSAML2Integration(t, id, issuer, nil) + _, id, _ := createSAML2Integration(t, nil) - setRequest := sdk.NewAlterSaml2SecurityIntegrationRequest(id).WithRefreshSaml2SnowflakePrivateKey(sdk.Pointer(true)) + setRequest := sdk.NewAlterSaml2SecurityIntegrationRequest(id).WithRefreshSaml2SnowflakePrivateKey(true) err := client.SecurityIntegrations.AlterSaml2(ctx, setRequest) require.NoError(t, err) }) @@ -597,9 +587,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { tag, tagCleanup := testClientHelper().Tag.CreateTag(t) t.Cleanup(tagCleanup) - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - issuer := testClientHelper().Ids.Alpha() - createSAML2Integration(t, id, issuer, nil) + _, id, _ := createSAML2Integration(t, nil) tagValue := "abc" tags := []sdk.TagAssociation{ @@ -631,19 +619,18 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("AlterSCIMIntegration", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createSCIMIntegration(t, id, nil) + _, id := createSCIMIntegration(t, nil) networkPolicy, networkPolicyCleanup := testClientHelper().NetworkPolicy.CreateNetworkPolicy(t) t.Cleanup(networkPolicyCleanup) setRequest := sdk.NewAlterScimSecurityIntegrationRequest(id). WithSet( - sdk.NewScimIntegrationSetRequest(). - WithNetworkPolicy(sdk.Pointer(sdk.NewAccountObjectIdentifier(networkPolicy.Name))). - WithEnabled(sdk.Bool(true)). - WithSyncPassword(sdk.Bool(false)). - WithComment(sdk.String("altered")), + *sdk.NewScimIntegrationSetRequest(). + WithNetworkPolicy(sdk.NewAccountObjectIdentifier(networkPolicy.Name)). + WithEnabled(true). + WithSyncPassword(false). + WithComment("altered"), ) err := client.SecurityIntegrations.AlterScim(ctx, setRequest) require.NoError(t, err) @@ -655,9 +642,9 @@ func TestInt_SecurityIntegrations(t *testing.T) { unsetRequest := sdk.NewAlterScimSecurityIntegrationRequest(id). WithUnset( - sdk.NewScimIntegrationUnsetRequest(). - WithNetworkPolicy(sdk.Bool(true)). - WithSyncPassword(sdk.Bool(true)), + *sdk.NewScimIntegrationUnsetRequest(). + WithNetworkPolicy(true). + WithSyncPassword(true), ) err = client.SecurityIntegrations.AlterScim(ctx, unsetRequest) require.NoError(t, err) @@ -672,8 +659,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { tag, tagCleanup := testClientHelper().Tag.CreateTag(t) t.Cleanup(tagCleanup) - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createSCIMIntegration(t, id, nil) + _, id := createSCIMIntegration(t, nil) tagValue := "abc" tags := []sdk.TagAssociation{ @@ -705,8 +691,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("Drop", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createSCIMIntegration(t, id, nil) + _, id := createSCIMIntegration(t, nil) si, err := client.SecurityIntegrations.ShowByID(ctx, id) require.NotNil(t, si) @@ -728,8 +713,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("Describe", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createSCIMIntegration(t, id, nil) + _, id := createSCIMIntegration(t, nil) details, err := client.SecurityIntegrations.Describe(ctx, id) require.NoError(t, err) @@ -738,8 +722,7 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("ShowByID", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - createSCIMIntegration(t, id, nil) + _, id := createSCIMIntegration(t, nil) si, err := client.SecurityIntegrations.ShowByID(ctx, id) require.NoError(t, err) @@ -747,14 +730,12 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("Show OauthPartner", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - si1 := createOauthPartner(t, id, nil) - id2 := testClientHelper().Ids.RandomAccountObjectIdentifier() + si1, id1 := createOauthPartner(t, nil) // more than one oauth partner integration is not allowed, create a custom one - si2 := createOauthCustom(t, id2, nil) + si2, _ := createOauthCustom(t, nil) - returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(&sdk.Like{ - Pattern: sdk.Pointer(id.Name()), + returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(sdk.Like{ + Pattern: sdk.Pointer(id1.Name()), })) require.NoError(t, err) assert.Contains(t, returnedIntegrations, *si1) @@ -762,13 +743,11 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("Show OauthCustom", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - si1 := createOauthCustom(t, id, nil) - id2 := testClientHelper().Ids.RandomAccountObjectIdentifier() - si2 := createOauthCustom(t, id2, nil) + si1, id1 := createOauthCustom(t, nil) + si2, _ := createOauthCustom(t, nil) - returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(&sdk.Like{ - Pattern: sdk.Pointer(id.Name()), + returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(sdk.Like{ + Pattern: sdk.Pointer(id1.Name()), })) require.NoError(t, err) assert.Contains(t, returnedIntegrations, *si1) @@ -776,13 +755,11 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("Show SAML2", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - si1 := createSAML2Integration(t, id, testClientHelper().Ids.Alpha(), nil) - id2 := testClientHelper().Ids.RandomAccountObjectIdentifier() - si2 := createSAML2Integration(t, id2, testClientHelper().Ids.Alpha(), nil) + si1, id1, _ := createSAML2Integration(t, nil) + si2, _, _ := createSAML2Integration(t, nil) - returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(&sdk.Like{ - Pattern: sdk.Pointer(id.Name()), + returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(sdk.Like{ + Pattern: sdk.Pointer(id1.Name()), })) require.NoError(t, err) assert.Contains(t, returnedIntegrations, *si1) @@ -790,13 +767,11 @@ func TestInt_SecurityIntegrations(t *testing.T) { }) t.Run("Show SCIM", func(t *testing.T) { - id := testClientHelper().Ids.RandomAccountObjectIdentifier() - si1 := createSCIMIntegration(t, id, nil) - id2 := testClientHelper().Ids.RandomAccountObjectIdentifier() - si2 := createSCIMIntegration(t, id2, nil) + si1, id1 := createSCIMIntegration(t, nil) + si2, _ := createSCIMIntegration(t, nil) - returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(&sdk.Like{ - Pattern: sdk.Pointer(id.Name()), + returnedIntegrations, err := client.SecurityIntegrations.Show(ctx, sdk.NewShowSecurityIntegrationRequest().WithLike(sdk.Like{ + Pattern: sdk.Pointer(id1.Name()), })) require.NoError(t, err) assert.Contains(t, returnedIntegrations, *si1)