From 6a77dce23e3bbe3c8668545cdd699bfaf6fa9e06 Mon Sep 17 00:00:00 2001
From: Spencer Witt <spencer@fusionauth.io>
Date: Thu, 17 Oct 2024 15:23:49 -0500
Subject: [PATCH] Add login intent Id TTL to tenant configuration (#286)

add tenant.externalIdentifierConfiguration.loginIntentTimeToLiveInSeconds
---
 docs/guides/handling_default_resources.md        | 1 +
 docs/resources/tenant.md                         | 1 +
 fusionauth/resource_fusionauth_tenant.go         | 6 ++++++
 fusionauth/resource_fusionauth_tenant_helpers.go | 4 ++++
 fusionauth/resource_fusionauth_tenant_test.go    | 2 ++
 go.mod                                           | 2 +-
 go.sum                                           | 4 ++--
 7 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/docs/guides/handling_default_resources.md b/docs/guides/handling_default_resources.md
index c3292e3..2ac2ba0 100644
--- a/docs/guides/handling_default_resources.md
+++ b/docs/guides/handling_default_resources.md
@@ -48,6 +48,7 @@ resource "fusionauth_tenant" "Default" {
       type   = "randomAlphaNumeric"
     }
     external_authentication_id_time_to_live_in_seconds = 300
+    login_intent_time_to_live_in_seconds               = 1800
     one_time_password_time_to_live_in_seconds          = 60
     passwordless_login_generator {
       length = 32
diff --git a/docs/resources/tenant.md b/docs/resources/tenant.md
index 56eeb1a..5709311 100644
--- a/docs/resources/tenant.md
+++ b/docs/resources/tenant.md
@@ -302,6 +302,7 @@ resource "fusionauth_tenant" "example" {
       type   = "randomAlphaNumeric"
     }
     external_authentication_id_time_to_live_in_seconds = 300
+    login_intent_time_to_live_in_seconds               = 1800
     one_time_password_time_to_live_in_seconds          = 60
     passwordless_login_generator {
       length = 32
diff --git a/fusionauth/resource_fusionauth_tenant.go b/fusionauth/resource_fusionauth_tenant.go
index 32f07c4..0086502 100644
--- a/fusionauth/resource_fusionauth_tenant.go
+++ b/fusionauth/resource_fusionauth_tenant.go
@@ -1081,6 +1081,12 @@ func newExternalIdentifierConfiguration() *schema.Resource {
 				Description:  "The time in seconds until an external authentication Id is no longer valid and cannot be used by the Token API. Value must be greater than 0.",
 				ValidateFunc: validation.IntAtLeast(1),
 			},
+			"login_intent_time_to_live_in_seconds": {
+				Type:         schema.TypeInt,
+				Required:     true,
+				Description:  "The number of seconds before the Login Timeout identifier is no longer valid to complete post-authentication steps in the OAuth workflow. Must be greater than 0.",
+				ValidateFunc: validation.IntAtLeast(1),
+			},
 			"one_time_password_time_to_live_in_seconds": {
 				Type:         schema.TypeInt,
 				Required:     true,
diff --git a/fusionauth/resource_fusionauth_tenant_helpers.go b/fusionauth/resource_fusionauth_tenant_helpers.go
index 2410d86..7f7c5ea 100644
--- a/fusionauth/resource_fusionauth_tenant_helpers.go
+++ b/fusionauth/resource_fusionauth_tenant_helpers.go
@@ -78,6 +78,9 @@ func buildTenant(data *schema.ResourceData) (fusionauth.Tenant, diag.Diagnostics
 			ExternalAuthenticationIdTimeToLiveInSeconds: data.Get(
 				"external_identifier_configuration.0.external_authentication_id_time_to_live_in_seconds",
 			).(int),
+			LoginIntentTimeToLiveInSeconds: data.Get(
+				"external_identifier_configuration.0.login_intent_time_to_live_in_seconds",
+			).(int),
 			OneTimePasswordTimeToLiveInSeconds: data.Get(
 				"external_identifier_configuration.0.one_time_password_time_to_live_in_seconds",
 			).(int),
@@ -489,6 +492,7 @@ func buildResourceDataFromTenant(t fusionauth.Tenant, data *schema.ResourceData)
 			}},
 			"email_verification_id_time_to_live_in_seconds":      t.ExternalIdentifierConfiguration.EmailVerificationIdTimeToLiveInSeconds,
 			"external_authentication_id_time_to_live_in_seconds": t.ExternalIdentifierConfiguration.ExternalAuthenticationIdTimeToLiveInSeconds,
+			"login_intent_time_to_live_in_seconds":               t.ExternalIdentifierConfiguration.LoginIntentTimeToLiveInSeconds,
 			"one_time_password_time_to_live_in_seconds":          t.ExternalIdentifierConfiguration.OneTimePasswordTimeToLiveInSeconds,
 			"passwordless_login_generator": []map[string]interface{}{{
 				"length": t.ExternalIdentifierConfiguration.PasswordlessLoginGenerator.Length,
diff --git a/fusionauth/resource_fusionauth_tenant_test.go b/fusionauth/resource_fusionauth_tenant_test.go
index c7d845e..b8efbd8 100644
--- a/fusionauth/resource_fusionauth_tenant_test.go
+++ b/fusionauth/resource_fusionauth_tenant_test.go
@@ -148,6 +148,7 @@ func testTenantAccTestCheckFuncs(
 		resource.TestCheckResourceAttr(tfResourcePath, "external_identifier_configuration.0.email_verification_one_time_code_generator.0.type", "randomAlphaNumeric"),
 		resource.TestCheckResourceAttr(tfResourcePath, "external_identifier_configuration.0.email_verification_id_time_to_live_in_seconds", "86400"),
 		resource.TestCheckResourceAttr(tfResourcePath, "external_identifier_configuration.0.external_authentication_id_time_to_live_in_seconds", "300"),
+		resource.TestCheckResourceAttr(tfResourcePath, "external_identifier_configuration.0.login_intent_time_to_live_in_seconds", "3600"),
 		resource.TestCheckResourceAttr(tfResourcePath, "external_identifier_configuration.0.one_time_password_time_to_live_in_seconds", "60"),
 		resource.TestCheckResourceAttr(tfResourcePath, "external_identifier_configuration.0.passwordless_login_generator.0.length", "32"),
 		resource.TestCheckResourceAttr(tfResourcePath, "external_identifier_configuration.0.passwordless_login_generator.0.type", "randomBytes"),
@@ -534,6 +535,7 @@ resource "fusionauth_tenant" "test_%[1]s" {
     }
     email_verification_id_time_to_live_in_seconds      = 86400
     external_authentication_id_time_to_live_in_seconds = 300
+    login_intent_time_to_live_in_seconds               = 3600
     one_time_password_time_to_live_in_seconds          = 60
     passwordless_login_generator {
       length = 32
diff --git a/go.mod b/go.mod
index e3e5ee6..477e745 100644
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,7 @@ module github.com/gpsinsight/terraform-provider-fusionauth
 go 1.20
 
 require (
-	github.com/FusionAuth/go-client v0.0.0-20240425220342-2317e10dfcf5
+	github.com/FusionAuth/go-client v0.0.0-20240912225700-ce40548e5bef
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/go-uuid v1.0.3
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0
diff --git a/go.sum b/go.sum
index 44ef9bf..00927e7 100644
--- a/go.sum
+++ b/go.sum
@@ -1,6 +1,6 @@
 dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk=
-github.com/FusionAuth/go-client v0.0.0-20240425220342-2317e10dfcf5 h1:GGDFaOr/r7FTXZj4wrgtW4LlXeTFuBVoWgzuW4cbQ+s=
-github.com/FusionAuth/go-client v0.0.0-20240425220342-2317e10dfcf5/go.mod h1:SyRrXMJAzMVQLiJjKfQUR59dRI3jPyZv+BXIZ//HwE4=
+github.com/FusionAuth/go-client v0.0.0-20240912225700-ce40548e5bef h1:BRn4829CZpFBMp9afGlru7+9p/4U1m7ELhghd6vcRWg=
+github.com/FusionAuth/go-client v0.0.0-20240912225700-ce40548e5bef/go.mod h1:SyRrXMJAzMVQLiJjKfQUR59dRI3jPyZv+BXIZ//HwE4=
 github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
 github.com/ProtonMail/go-crypto v1.1.0-alpha.2 h1:bkyFVUP+ROOARdgCiJzNQo2V2kiB97LyUpzH9P6Hrlg=
 github.com/ProtonMail/go-crypto v1.1.0-alpha.2/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=