Improve documentation of okta_inline_hook

[richard-collette-precisely]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

  ---

Description

The inline hook resource has two properties, auth and channel, that are of type map and therefore do not provide strict typing or documentation of the properties to be used when configuring:

• HTTP
• OAUTH/client_secret_post
• OAUTH/private_key_jwt

Further hindering the ability to determine proper configuration, is the fact that the structure of the underlying API that is used:https://developer.okta.com/docs/api/openapi/okta-management/management/tag/InlineHook/#tag/InlineHook/operation/createInlineHook

does not match the structure used for the inline hook resource definition.

New or Affected Resource(s)

• okta_inline_hook

Non-working Terraform Configuration

The following configuration generated from Terraform CDK

    "okta_inline_hook": {
      "idty-test-oauth-hook-inline-hook_InlineHook_00149B4D": {
        "//": {
          "metadata": {
            "path": "normal-preview-dev/idty-test-oauth-hook-inline-hook/InlineHook",
            "uniqueId": "idty-test-oauth-hook-inline-hook_InlineHook_00149B4D"
          }
        },
        "channel": {
          "authType": "client_secret_post",
          "clientId": "test-client-id",
          "clientSecret": "test",
          "method": "POST",
          "scope": "test",
          "tokenUrl": "https://acme.com/token",
          "type": "OAUTH",
          "uri": "https://acme.com",
          "version": "1.0.0"
        },
        "name": "IDTY-test-oauth-hook-dev",
        "status": "ACTIVE",
        "type": "com.okta.oauth2.tokens.transform",
        "version": "1.0.0"
      }
    }

results in the following http request, which is missing channel.config values for many of the OAuth related properties such as clientId, clientSecret, etc.

                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: ---[ REQUEST ]---------------------------------------
                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: POST /api/v1/inlineHooks HTTP/1.1
                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Host: sso.precisely.services
                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: User-Agent: local-v2-sdk/0.0.0 golang/go1.21.13 darwin/arm64 okta-terraform/4.11.1
                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Content-Length: 242
                    2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Accept: application/json
normal-preview-dev  2024-10-30T14:23:04.729-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Authorization: Bearer redacted
normal-preview-dev  2024-10-30T14:23:04.731-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Content-Type: application/json
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: Accept-Encoding: gzip
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: {
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  "channel": {
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:   "config": {
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:    "authScheme": {
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:     "type": "HEADER"
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:    },
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:    "method": "POST",
                    2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:    "uri": "https://acme.com"
normal-preview-dev  2024-10-30T14:23:04.733-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:   },
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:   "type": "OAUTH",
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:   "version": "1.0.0"
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  },
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  "name": "IDTY-test-oauth-hook-dev",
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  "status": "ACTIVE",
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  "type": "com.okta.oauth2.tokens.transform",
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1:  "version": "1.0.0"
                    2024-10-30T14:23:04.735-0400 [DEBUG] provider.terraform-provider-okta_v4.11.1: }

[richard-collette-precisely]

This example of an OAuth inline hook seems to be completely inaccurate because it does not include clientId, clientSecret, etc.

[richard-collette-precisely]

It appears as there are no OAUTH tests

https://github.com/okta/terraform-provider-okta/blob/d4a299ce2ca641e9060696132f40561159ec8f86/okta/resource_okta_inline_hook_test.go#L104

[stuxboulot]

I think that before update the documentation the OAUTH2 configuration need to be implemented in the provider. Actually, there are no capability to define secret information with the oAuth2 type.

[duytiennguyen-okta]

OKTA internal reference https://oktainc.atlassian.net/browse/OKTA-826990