SolaceProducts · bczoma · Mar 1, 2024 · Feb 29, 2024 · Feb 29, 2024 · Mar 1, 2024
diff --git a/.github/workflows/module-test-pipeline.yml b/.github/workflows/module-test-pipeline.yml
@@ -36,6 +36,5 @@ jobs:
       - name: Test examples
         run: |
           shopt -s extglob
-          for d in examples/!(adding-headers|adding-oauth-jwt-claims-workaround)/; do (ci/scripts/test-module.sh "$d"); done
+          for d in examples/!(adding-headers)/; do (ci/scripts/test-module.sh "$d"); done
           ci/scripts/test-module.sh examples/adding-headers/ -var-file=secret.tfvars
-          ci/scripts/test-module.sh examples/adding-oauth-jwt-claims-workaround/ -var="enabled=false"
diff --git a/README.md b/README.md
@@ -6,23 +6,27 @@ Given a queue on the broker, as a destination for messages to be forwarded to a
 
 Specific use case details are provided in the [Examples](#examples).
 
+## Limitations
+
+This module only supports one queue binding per REST delivery point. Configure a new REST delivery point using the module for an additional queue.
+
+Adding extra OAuth JWT claims to the REST consumer is not supported in the current module. Support will be added in a later release.
+
 ## Module input variables
 
 ### Required
 
 * `msg_vpn_name` - REST delivery points are specific to a Message VPN on the broker.
 * `rest_delivery_point_name` - The name of the REST delivery point to be created.
-* `url` - The REST consumer destination URL including base URL and endpoint path. The path portion of the URL may contain [substitution expressions](https://docs.solace.com/Messaging/Substitution-Expressions-Overview.htm).
+* `url` - The REST consumer destination URL including base URL and endpoint path. The path portion of the URL may contain [substitution expressions](https://docs.solace.com/Messaging/Substitution-Expressions-Overview.htm). To specify an IPv6 address with port, the required format is the address to be [enclosed in square brackets](https://www.rfc-editor.org/rfc/rfc3986.html#section-3.2.2).
 * `queue_name` - The name of the queue to bind to.
 
 Important: The REST delivery point must have permission to consume messages from the queue — to achieve this, the queue’s owner must be set to `#rdp/<rest_delivery_point_name>` or the queue’s permissions for non-owner clients must be set to at least `consume` level access. Queue ingress and egress must also be enabled.
 
-
 ### Optional
 
 * `request_headers` - A set of request headers to be added to the HTTP request
 * `protected_request_headers` - A set of protected request headers with sensitive value to be added to the HTTP request
-* `oauth_jwt_claims` - A set of additional claims to be added to the JWT sent to the OAuth token request endpoint
 * `rest_consumer_name` - The name of the REST consumer to be created. The default is `consumer`.
 
 Additional optional module variables names are the same as the underlying resource attributes. The recommended approach to determine variable name mappings is to look up the resource's documentation for matching attribute names:
@@ -34,7 +38,6 @@ Additional optional module variables names are the same as the underlying resour
 |[solacebroker_msg_vpn_rest_delivery_point_queue_binding](https://registry.terraform.io/providers/SolaceProducts/solacebroker/latest/docs/resources/msg_vpn_rest_delivery_point_queue_binding#optional)|
 |[solacebroker_msg_vpn_rest_delivery_point_queue_binding_request_header](https://registry.terraform.io/providers/SolaceProducts/solacebroker/latest/docs/resources/msg_vpn_rest_delivery_point_queue_binding_request_header#optional)|
 |[solacebroker_msg_vpn_rest_delivery_point_queue_binding_protected_request_header](https://registry.terraform.io/providers/SolaceProducts/solacebroker/latest/docs/resources/msg_vpn_rest_delivery_point_queue_binding_protected_request_header#optional)|
-|[solacebroker_msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim](https://registry.terraform.io/providers/SolaceProducts/solacebroker/latest/docs/resources/msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim#optional)|
 
 Most optional variables' default value is `null`, meaning that if not provided then the resource default value will be provisioned on the broker.
 
@@ -63,20 +66,14 @@ The following table shows the resources created. "X" denotes a resource always c
 | solacebroker_msg_vpn_rest_delivery_point_queue_binding | X |
 | solacebroker_msg_vpn_rest_delivery_point_queue_binding_request_header | O |
 | solacebroker_msg_vpn_rest_delivery_point_queue_binding_protected_request_header | O |
-| solacebroker_msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim | O |
 
 ## Examples
 
 Refer to the following configuration examples:
 
 - [Basic](examples/basic)
-- [Substitution Expressions](examples/using-substitution-expressions)
+- [Substitution expressions](examples/using-substitution-expressions)
 - [Adding headers](examples/adding-headers)
-- [Adding JWT claims (workaround)](examples/adding-oauth-jwt-claims-workaround)
-- [Multiple queue bindings](examples/multiple-queue-bindings)
-- [Amazon AWS consumer](examples/aws)
-- [Microsoft Azure consumer](examples/azure)
-- [Google Cloud consumer](examples/gcp)
 
 ## Module use recommendations
 

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-0.1.0-rc.1
+0.1.0-rc.2
diff --git a/ci/module-test/main.tf b/ci/module-test/main.tf
@@ -15,9 +15,10 @@ module "testrdp" {
 
   msg_vpn_name             = "default"
   queue_name               = solacebroker_msg_vpn_queue.myqueue.queue_name
-  url                      = "http://example.com/$${msgId()}"
+  url                      = "https://example.com"
   rest_delivery_point_name = "my_rdp"
   enabled                  = false
+  client_profile_name      = "default"
   request_headers = [
     {
       header_name  = "header1"
@@ -38,24 +39,6 @@ module "testrdp" {
       header_value = "protected_value2"
     }
   ]
-  oauth_jwt_claims = [
-    {
-      oauth_jwt_claim_name  = "scope"
-      oauth_jwt_claim_value = "\"https://www.googleapis.com/auth/pubsub\""
-    },
-    {
-      oauth_jwt_claim_name  = "aud"
-      oauth_jwt_claim_value = "\"https://www.googleapis.com/oauth2/v4/token\""
-    },
-    {
-      oauth_jwt_claim_name  = "iss"
-      oauth_jwt_claim_value = "\"111400995554822290197\""
-    },
-    {
-      oauth_jwt_claim_name  = "sub"
-      oauth_jwt_claim_value = "\"111400995554822290197\""
-    }
-  ]
 }
 
 output "rdp" {
@@ -80,16 +63,12 @@ output "protected_request_headers" {
   sensitive = true
 }
 
-output "oauth_jwt_claims" {
-  value = module.testrdp.oauth_jwt_claims
-}
-
 module "testrdp2" {
   source = "../../internal/gen-template"
 
   msg_vpn_name              = "default"
   queue_name                = solacebroker_msg_vpn_queue.myqueue.queue_name
-  url                       = "http://example.com/$${msgId()}"
+  url                       = "http://[2001:db8:3333:4444:5555:6666:7777:8888]:12345/$${msgId()}"
   rest_delivery_point_name  = "my_rdp2"
   request_headers           = module.testrdp.request_headers
   protected_request_headers = module.testrdp.protected_request_headers

diff --git a/ci/template-test/main.tf b/ci/template-test/main.tf
@@ -15,7 +15,7 @@ module "testrdp" {
 
   msg_vpn_name             = "default"
   queue_name               = solacebroker_msg_vpn_queue.myqueue.queue_name
-  url                      = "http://example.com/$${msgId()}"
+  url                      = "https://example.com"
   rest_delivery_point_name = "my_rdp"
   enabled                  = false
   request_headers = [
@@ -38,24 +38,6 @@ module "testrdp" {
       header_value = "protected_value2"
     }
   ]
-  oauth_jwt_claims = [
-    {
-      oauth_jwt_claim_name  = "scope"
-      oauth_jwt_claim_value = "\"https://www.googleapis.com/auth/pubsub\""
-    },
-    {
-      oauth_jwt_claim_name  = "aud"
-      oauth_jwt_claim_value = "\"https://www.googleapis.com/oauth2/v4/token\""
-    },
-    {
-      oauth_jwt_claim_name  = "iss"
-      oauth_jwt_claim_value = "\"111400995554822290197\""
-    },
-    {
-      oauth_jwt_claim_name  = "sub"
-      oauth_jwt_claim_value = "\"111400995554822290197\""
-    }
-  ]
 }
 
 output "rdp" {
@@ -80,16 +62,12 @@ output "protected_request_headers" {
   sensitive = true
 }
 
-output "oauth_jwt_claims" {
-  value = module.testrdp.oauth_jwt_claims
-}
-
 module "testrdp2" {
   source = "../../internal/gen-template"
 
   msg_vpn_name              = "default"
   queue_name                = solacebroker_msg_vpn_queue.myqueue.queue_name
-  url                       = "http://example.com/$${msgId()}"
+  url                       = "http://[2001:db8:3333:4444:5555:6666:7777:8888]:12345/$${msgId()}"
   rest_delivery_point_name  = "my_rdp2"
   request_headers           = module.testrdp.request_headers
   protected_request_headers = module.testrdp.protected_request_headers

diff --git a/examples/adding-oauth-jwt-claims-workaround/README.md b/examples/adding-oauth-jwt-claims-workaround/README.md
diff --git a/examples/adding-oauth-jwt-claims-workaround/main.tf b/examples/adding-oauth-jwt-claims-workaround/main.tf
diff --git a/examples/adding-oauth-jwt-claims-workaround/providers.tf b/examples/adding-oauth-jwt-claims-workaround/providers.tf
diff --git a/examples/adding-oauth-jwt-claims-workaround/variables.tf b/examples/adding-oauth-jwt-claims-workaround/variables.tf
diff --git a/internal/gen-template/main.tf b/internal/gen-template/main.tf
@@ -1,8 +1,9 @@
 locals {
   tls                    = startswith(lower(var.url), "https:")
   slashSplit             = split("/", var.url)
-  hostPortSplit          = split(":", local.slashSplit[2])
-  host                   = local.hostPortSplit[0]
+  isIpV6HostPort         = length(split("]", local.slashSplit[2])) == 2
+  hostPortSplit          = local.isIpV6HostPort ? split("]:", trimprefix(local.slashSplit[2], "[")) : split(":", local.slashSplit[2])
+  host                   = trimsuffix(local.hostPortSplit[0], "]")
   port                   = length(local.hostPortSplit) == 2 ? tonumber(local.hostPortSplit[1]) : (local.tls ? 443 : 80)
   path                   = "/${join("/", slice(local.slashSplit, 3, length(local.slashSplit)))}"
   headers_list           = tolist(var.request_headers)
@@ -59,14 +60,3 @@ resource "solacebroker_msg_vpn_rest_delivery_point_queue_binding_protected_reque
   header_name  = local.protected_headers_list[count.index].header_name
   header_value = local.protected_headers_list[count.index].header_value
 }
-
-resource "solacebroker_msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim" "main" {
-  for_each = { for v in var.oauth_jwt_claims : v.oauth_jwt_claim_name => v }
-
-  msg_vpn_name             = solacebroker_msg_vpn_rest_delivery_point.main.msg_vpn_name
-  rest_delivery_point_name = solacebroker_msg_vpn_rest_delivery_point.main.rest_delivery_point_name
-  rest_consumer_name       = solacebroker_msg_vpn_rest_delivery_point_rest_consumer.main.rest_consumer_name
-
-  oauth_jwt_claim_name  = each.value.oauth_jwt_claim_name
-  oauth_jwt_claim_value = each.value.oauth_jwt_claim_value
-}
diff --git a/internal/gen-template/outputs.tf b/internal/gen-template/outputs.tf
@@ -21,7 +21,3 @@ output "protected_request_headers" {
   value     = try(solacebroker_msg_vpn_rest_delivery_point_queue_binding_protected_request_header.main, null)
   sensitive = true
 }
-
-output "oauth_jwt_claims" {
-  value = try(solacebroker_msg_vpn_rest_delivery_point_rest_consumer_oauth_jwt_claim.main, null)
-}