Enabling "Bearer" as an additional AuthorizationMode

[outofjungle]

Summary

• Added Bearer as an authorization mode in addition to SWSS and PrivateKey
• Fixed unit tests

Fixes #

• N/A

• Type of PR

• [ ] Bug Fix (non-breaking fixes to existing functionality)
• [X] New Feature (non-breaking changes that add new functionality)
• [ ] Documentation update
• [X] Test Updates
• [ ] Other (Please describe the type)

Test Information

• [X] My PR required test updates The fresh checkout of the code from master did not pass many tests. I was able to fix the unit tests, however I didn't have time to fix the integration tests.

Go Version: go version go1.18 darwin/amd64 Os Version: Darwin Kernel Version 21.5.0: Tue Apr 26 21:08:22 PDT 2022; root:xnu-8020.121.3~4/RELEASE_X86_64 x86_64 OpenAPI Spec Version:

Signoff

• [X] I have submitted a CLA for this PR
• [X] Each commit message explains what the commit does
• [ ] I have updated documentation to explain what my PR does
• [ ] My code is covered by tests if required
• [ ] I ran make fmt on my code
• [X] I did not edit any automatically generated files

[arvindkrishnakumar-okta]

@outofjungle Thanks for the PR!

Someone from our team will review this soon.

cc: @monde @bretterer

[monde]

@outofjungle I thought about this further. Bearer token is for OAuth which is specific to Okta applications. okta-sdk-golang is oriented to the management SDK. So if the SDK is put into Bearer token mode much of the rest of the sdk will get 401 /you do not have permission to access the feature you are requesting. Specifically the app associated with the token will only have access to these endpoints assuming it is also granted the scope for those endponts https://developer.okta.com/docs/guides/implement-oauth-for-okta/main/#scopes-and-supported-endpoints . This behavior should be documented in the README and part of your PR. Correct me if I'm misunderstanding your intent with this PR.

One other ask, we'd need you to submit a Okta Individual Contributor License Agreement https://developer.okta.com/cla/ as this is new behavior being added to the SDK.

[outofjungle]

@monde Yes, your assumptions are correct. This is a new feature where I'm using an out-of-band logic to get a Bearer token for a user via scoped app. I will update the documentation and update the PR. I also emailed my signed CLA just now.

I will revert the test changes. Looks like I can't set them up correctly on my laptop and get them to pass.

[monde]

Awesome @outofjungle , thanks. Can you revert the make fmt changes, I know the PR template asks for it, but I'd prefer this PR not be cluttered with white space noise. I'm going to catch the make fmt changes in another PR.

[outofjungle]

@monde Updated the README with a section for Bearer token. As many types of apps mint bearer token, I tried my best to document all that i'm aware of. Let me know if the documentation is acceptable.

[monde]

@outofjungle I have to create a PR from the otka/okta-sdk-golang repo itself and cherry pick in your work due to the security we have on our CI runs. This will be released in v2.13.0 but I don't think that will happen until next week we have a couple of PRs in our api spec that are being worked through

• https://github.com/okta/okta-management-openapi-spec/pull/133
• https://github.com/okta/okta-management-openapi-spec/pull/134

[outofjungle]

@monde Thanks for the approval and your update. Next week is totally fine with me :)

[monde]

This was released in v2.13.0 https://github.com/okta/okta-sdk-golang/releases/tag/v2.13.0