Removed OAuth JWT Claims support. Added validation for "url" variable.

.github/workflows/module-test-pipeline.yml

@@ -36,6 +36,5 @@ jobs:
       - name: Test examples
         run: |
           shopt -s extglob
-          for d in examples/!(adding-headers|adding-oauth-jwt-claims-workaround)/; do (ci/scripts/test-module.sh "$d"); done
+          for d in examples/!(adding-headers)/; do (ci/scripts/test-module.sh "$d"); done
           ci/scripts/test-module.sh examples/adding-headers/ -var-file=secret.tfvars
-          ci/scripts/test-module.sh examples/adding-oauth-jwt-claims-workaround/ -var="enabled=false"

README.md

@@ -17,12 +17,10 @@ Specific use case details are provided in the [Examples](#examples).
 
 Important: The REST delivery point must have permission to consume messages from the queue — to achieve this, the queue’s owner must be set to `#rdp/<rest_delivery_point_name>` or the queue’s permissions for non-owner clients must be set to at least `consume` level access. Queue ingress and egress must also be enabled.
 
-
 ### Optional
 
 * `request_headers` - A set of request headers to be added to the HTTP request
 * `protected_request_headers` - A set of protected request headers with sensitive value to be added to the HTTP request
-* `oauth_jwt_claims` - A set of additional claims to be added to the JWT sent to the OAuth token request endpoint
 * `rest_consumer_name` - The name of the REST consumer to be created. The default is `consumer`.
 
 Additional optional module variables names are the same as the underlying resource attributes. The recommended approach to determine variable name mappings is to look up the resource's documentation for matching attribute names:
@@ -34,12 +32,13 @@ Additional optional module variables names are the same as the underlying resour
 |[solacebroker_msg_vpn_rest_delivery_point_queue_binding](https://registry.terraform.io/providers/SolaceProducts/solacebroker/latest/docs/resources/msg_vpn_rest_delivery_point_queue_binding#optional)|
 |[solacebroker_msg_vpn_rest_delivery_point_queue_binding_request_header](https://registry.terraform.io/providers/SolaceProducts/solacebroker/latest/docs/resources/msg_vpn_rest_delivery_point_queue_binding_request_header#optional)|
 |[solacebroker_msg_vpn_rest_delivery_point_queue_binding_protected_request_header](https://registry.terraform.io/providers/SolaceProducts/solacebroker/latest/docs/resources/msg_vpn_rest_delivery_point_queue_binding_protected_request_header#optional)|
-|[solacebroker_msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim](https://registry.terraform.io/providers/SolaceProducts/solacebroker/latest/docs/resources/msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim#optional)|
 
 Most optional variables' default value is `null`, meaning that if not provided then the resource default value will be provisioned on the broker.
 
 -> The module default for the `enabled` optional variable is `true`, which differ from the resource attribute default.
 
+Note: extra claims to be added to the JWT sent to the OAuth token request endpoint, are not supported in the current module. Support will be added in a future release.
+
 ## Module outputs
 
 [Module outputs](https://developer.hashicorp.com/terraform/language/values/outputs) provide reference to created resources. Any reference to a resource that has not been created will be set to `(null)`.
@@ -63,7 +62,6 @@ The following table shows the resources created. "X" denotes a resource always c
 | solacebroker_msg_vpn_rest_delivery_point_queue_binding | X |
 | solacebroker_msg_vpn_rest_delivery_point_queue_binding_request_header | O |
 | solacebroker_msg_vpn_rest_delivery_point_queue_binding_protected_request_header | O |
-| solacebroker_msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim | O |
 
 ## Examples
 
@@ -72,11 +70,7 @@ Refer to the following configuration examples:
 - [Basic](examples/basic)
 - [Substitution Expressions](examples/using-substitution-expressions)
 - [Adding headers](examples/adding-headers)
-- [Adding JWT claims (workaround)](examples/adding-oauth-jwt-claims-workaround)
 - [Multiple queue bindings](examples/multiple-queue-bindings)
-- [Amazon AWS consumer](examples/aws)
-- [Microsoft Azure consumer](examples/azure)
-- [Google Cloud consumer](examples/gcp)
 
 ## Module use recommendations
 

ci/module-test/main.tf

@@ -38,24 +38,6 @@ module "testrdp" {
       header_value = "protected_value2"
     }
   ]
-  oauth_jwt_claims = [
-    {
-      oauth_jwt_claim_name  = "scope"
-      oauth_jwt_claim_value = "\"https://www.googleapis.com/auth/pubsub\""
-    },
-    {
-      oauth_jwt_claim_name  = "aud"
-      oauth_jwt_claim_value = "\"https://www.googleapis.com/oauth2/v4/token\""
-    },
-    {
-      oauth_jwt_claim_name  = "iss"
-      oauth_jwt_claim_value = "\"111400995554822290197\""
-    },
-    {
-      oauth_jwt_claim_name  = "sub"
-      oauth_jwt_claim_value = "\"111400995554822290197\""
-    }
-  ]
 }
 
 output "rdp" {

ci/template-test/main.tf

@@ -15,7 +15,7 @@ module "testrdp" {
 
   msg_vpn_name             = "default"
   queue_name               = solacebroker_msg_vpn_queue.myqueue.queue_name
-  url                      = "http://example.com/$${msgId()}"
+  url                      = "https://example.com"
   rest_delivery_point_name = "my_rdp"
   enabled                  = false
   request_headers = [
@@ -38,24 +38,6 @@ module "testrdp" {
       header_value = "protected_value2"
     }
   ]
-  oauth_jwt_claims = [
-    {
-      oauth_jwt_claim_name  = "scope"
-      oauth_jwt_claim_value = "\"https://www.googleapis.com/auth/pubsub\""
-    },
-    {
-      oauth_jwt_claim_name  = "aud"
-      oauth_jwt_claim_value = "\"https://www.googleapis.com/oauth2/v4/token\""
-    },
-    {
-      oauth_jwt_claim_name  = "iss"
-      oauth_jwt_claim_value = "\"111400995554822290197\""
-    },
-    {
-      oauth_jwt_claim_name  = "sub"
-      oauth_jwt_claim_value = "\"111400995554822290197\""
-    }
-  ]
 }
 
 output "rdp" {

internal/gen-template/main.tf

@@ -59,14 +59,3 @@ resource "solacebroker_msg_vpn_rest_delivery_point_queue_binding_protected_reque
   header_name  = local.protected_headers_list[count.index].header_name
   header_value = local.protected_headers_list[count.index].header_value
 }
-
-resource "solacebroker_msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim" "main" {
-  for_each = { for v in var.oauth_jwt_claims : v.oauth_jwt_claim_name => v }
-
-  msg_vpn_name             = solacebroker_msg_vpn_rest_delivery_point.main.msg_vpn_name
-  rest_delivery_point_name = solacebroker_msg_vpn_rest_delivery_point.main.rest_delivery_point_name
-  rest_consumer_name       = solacebroker_msg_vpn_rest_delivery_point_rest_consumer.main.rest_consumer_name
-
-  oauth_jwt_claim_name  = each.value.oauth_jwt_claim_name
-  oauth_jwt_claim_value = each.value.oauth_jwt_claim_value
-}

internal/gen-template/outputs.tf

@@ -21,7 +21,3 @@ output "protected_request_headers" {
   value     = try(solacebroker_msg_vpn_rest_delivery_point_queue_binding_protected_request_header.main, null)
   sensitive = true
 }
-
-output "oauth_jwt_claims" {
-  value = try(solacebroker_msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim.main, null)
-}

internal/gen-template/variables.tf

@@ -10,6 +10,10 @@ variable "msg_vpn_name" {
 variable "url" {
   description = "The URL that the messages should be delivered to. The path portion of the URL may contain substitution expressions"
   type        = string
+  validation {
+    condition     = can(regex("https?://.*", var.url))
+    error_message = "The URL must be a valid URL"
+  }
 }
 
 variable "rest_delivery_point_name" {
@@ -25,7 +29,7 @@ variable "queue_name" {
 # Optional variables
 
 variable "enabled" {
-  description = "Enable or disable the REST Delivery Point and the underlying REST Consumer."
+  description = "Enable or disable the REST Delivery Point and the underlying REST Consumer"
   type        = bool
   default     = true
 }
@@ -56,12 +60,3 @@ variable "protected_request_headers" {
   default   = []
   sensitive = true
 }
-
-variable "oauth_jwt_claims" {
-  description = "Additional claims to be added to the JWT sent to the OAuth token request endpoint"
-  type = set(object({
-    oauth_jwt_claim_name  = string
-    oauth_jwt_claim_value = string
-  }))
-  default = []
-}

main.tf

@@ -102,14 +102,3 @@ resource "solacebroker_msg_vpn_rest_delivery_point_queue_binding_protected_reque
   header_value = local.protected_headers_list[count.index].header_value
 }
 
-resource "solacebroker_msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim" "main" {
-  for_each = { for v in var.oauth_jwt_claims : v.oauth_jwt_claim_name => v }
-
-  msg_vpn_name             = solacebroker_msg_vpn_rest_delivery_point.main.msg_vpn_name
-  rest_delivery_point_name = solacebroker_msg_vpn_rest_delivery_point.main.rest_delivery_point_name
-  rest_consumer_name       = solacebroker_msg_vpn_rest_delivery_point_rest_consumer.main.rest_consumer_name
-
-  oauth_jwt_claim_name  = each.value.oauth_jwt_claim_name
-  oauth_jwt_claim_value = each.value.oauth_jwt_claim_value
-}
-