svrakitin / terraform-provider-hydra Goto Github PK

View Code? Open in Web Editor NEW

20.0 1.0 8.0 123 KB

Terraform provider for ory/hydra

Home Page: https://registry.terraform.io/providers/svrakitin/hydra/latest

License: MIT License

Makefile 0.39% Go 99.61%

hydra ory terraform-provider terraform oauth2 jwks jwt

terraform-provider-hydra's Introduction

Terraform Hydra Provider

This provider is used to manage ory/hydra resources through Hydra Admin API.

Supported resources:

OAuth2 Clients (hydra_oauth2_client resource)
JWKS (hydra_jwks resource and data source)

See ory/hydra REST API docs for description of resources.

Example usage

terraform {
  required_providers {
    hydra = {
      source = "svrakitin/hydra"
      version = "0.5.2"
    }
  }
}

provider "hydra" {
  endpoint = "http://hydra-admin.localhost"
}

resource "hydra_jwks" "generated" {
  name = "generated"

  generator {
    alg = "RS256"
    kid = "generated"
    use = "sig"

    keepers = {
      version = 1
    }
  }
}

data "hydra_jwks" "default" {
  name = "hydra.openid.id-token"
}

resource "hydra_oauth2_client" "example" {
  client_id   = "example"
  client_name = "example"

  redirect_uris = ["http://localhost:8080/callback"]
  
  response_types             = ["code"]
  token_endpoint_auth_method = "none"
}

Authentication

Basic Auth

Support for Basic Auth on the Hydra Admin API is available.

provider "hydra" {
  endpoint = "http://hydra-admin.localhost"

  authentication {
    basic {
      username = var.hydra_admin_basic_auth_username
      password = var.hydra_admin_basic_auth_password
    }
  }
}

HTTP header

Support for auth using an arbitrary HTTP request header is available. The header name defaults to Authorization if not otherwise set.

provider "hydra" {
  endpoint = "http://hydra-admin.localhost"

  authentication {
    http_header {
      name  = var.hydra_admin_auth_http_header_name
      value = var.hydra_admin_auth_http_header_value
    }
  }
}

terraform-provider-hydra's People

Contributors

Stargazers

Watchers

Forkers

snikch bridgecrew-perf4 vdbulcke jgraeger patch0 svanharmelen metaplay-shared karsthammer

terraform-provider-hydra's Issues

Update GitHub workflow dependencies

Skip Consent flag

Hi :)

Lovely provider 🥂

Would it be possible to add the "skip_consent" flag as an option?

Just the cli for reference https://www.ory.sh/docs/hydra/cli/hydra-create-oauth2-client
And the client creation endpoint also supports the "skip_consent" flag https://www.ory.sh/docs/hydra/reference/api#tag/oAuth2/operation/createOAuth2Client

I'm really bad at golang and never got to code within a tf provider before, but would love to help out if somebody might hint me where a good starting point would be :)

Making endpoint argument optional

Heya, and really appreciate the provider!

We're facing a case where we are developing a reusable Terraform module, which conditionally would also use the provider to create Hydra OAuth2 clients, but we are facing an issue where the endpoint argument is mandatory for the provider.

Our default case is to essentially define the provider as required in the module but hide the actual resources behind feature flags, and in this default case no resources would actually be provisioned and the user of the module might not even need to be aware of the provider. In the case that the user of the module would require OAuth2 clients and indicate it with a flag, they would also then be expected to configure the provider outside of the module with the correct endpoints.

At present this does not work, but I quickly tested with a local provider changing the endpoint argument to be Optional: true, which allowed our use case to work, albeit it would require some additional sanity checks then on resource management side to more gracefully handle the misconfigured provider.

Would this type of change make sense for you or do you see any fundamental reasons this type of behavior would not be merged if we PR'd something? :)

Issue: Oauth2 client Fields jwks and jwks_uri can not both be set, you must choose one.

Description

When configuring hydra_oauth2_client with jwks_uri, the jwks is also sent with the default value {"keys":null} causing the following error from Hydra API:

{"error":"invalid_client_metadata","error_description":"The value of one of the Client Metadata fields is invalid and the server has rejected this request. Note that an Authorization Server MAY choose to substitute a valid value for any requested parameter of a Client's Metadata. Fields jwks and jwks_uri can not both be set, you must choose one."}

Workaround

Explicitly specifying jwk works.

Reproduce Issue

Hydra

Get hydra lite for in memory db (adapt binary version according to your architecture)

$ curl  -LO https://github.com/ory/hydra/releases/download/v2.0.3/hydra_2.0.3-linux_sqlite_64bit.tar.gz
$ tar xzf hydra_2.0.3-linux_sqlite_64bit.tar.gz
$ ./hydra version  
Version:    v2.0.3
Git Hash:   16831c55c41e64dd73637e8e2ca8f22202fc7d87
Build Time: 2022-12-08T11:54:38Z

Create hydra config file hydra.yaml

serve:
  cookies:
    same_site_mode: Lax


urls:
  self:
    issuer: http://127.0.0.1:4444
  consent: http://127.0.0.1:3000/consent
  login: http://127.0.0.1:3000/login
  logout: http://127.0.0.1:3000/logout

secrets:
  system:
    - youReallyNeedToChangeThis

## DB
dsn: memory

start local hydra server

./hydra serve all --config hydra.yaml --dev

Terraform

terraform {
  required_providers {
    hydra = {
      source = "svrakitin/hydra"
      version = "0.2.0"
    }
  }
}

# Configure the ORY Hydra Provider
provider "hydra" {
  endpoint = "http://localhost:4445"
}

# https://registry.terraform.io/providers/svrakitin/hydra/latest/docs/resources/oauth2_client
resource "hydra_oauth2_client" "example" {

    client_name = "example"
    client_secret  = "secret"
    metadata = {
        "first_party" = true
    }

    redirect_uris = [
        "http://127.0.0.1:5556/auth/callback"
    ]
    jwks_uri = "http://127.0.0.1:5556/jwk_uri"


    scopes         = ["offline", "openid"]
    grant_types    = ["refresh_token", "authorization_code"]
    response_types = [
        "code",
        "token", 
        "id_token"
    ]
    token_endpoint_auth_method = "client_secret_basic"

    subject_type               = "public"

}

Version

Hydra: v2.0.3
Terraform svrakitin/hydra provider : v0.2.0

client credentials

just to be sure I'm not missing anything, this provider is not enabling client_credentials grant type, is that correct?

if not that would be a relevant use case on our side

Rate-limited Hydra APIs cause breakage

We've encountered some issues when interacting with a larger number of OAuth2 clients using the provider. Specifically we're seeing the following:

The errors.As in readOAuth2ClientResource panics with a non-nil pointer.
Hydra APIs can be rate-limited (especially for Ory Network provided Hydra, https://www.ory.sh/docs/guides/rate-limits), so an optional mechanism for backing off and retrying HTTP 429 responses from Hydra SDK calls is introduced.

Both issues can be reproduced by creating a sufficient amount of Hydra OAuth2 clients[1] (e.g. 50) against a rate-limited Hydra and then refreshing the state. With the existing provider version, this should cause an error, which causes the panic[2]. After fixing the error.As issue, we then hit the 429 throttling[2], for which the only immediate recourse without touching the provider is setting Terraform parallelism to something low, which reduces the pressure on the API and avoids getting throttled, but which also then makes certain Terraform runs prohibitively length.

I've provided an example of solving these in pull request #20.

[1] Sample Terraform setup to repro with:

terraform {
  required_providers {
    hydra = {
      source = "svrakitin/hydra"
      version = "0.5.2"
    }
  }
}

provider "hydra" {
  endpoint = "https://PROJECT-SLUG.projects.oryapis.com"

  authentication {
    http_header {
      name  = "authorization"
      value = "bearer ORY_TOKEN"
    }
  }
}

resource "hydra_oauth2_client" "example" {
  count = 50

  client_id   = "test-client-${count.index}"
  client_name = "test-client-${count.index}"

  redirect_uris = ["http://localhost:8080/callback"]

  response_types             = ["code"]
  token_endpoint_auth_method = "none"
}

[2] Example of provider panic when refreshing:

% terraform apply
hydra_oauth2_client.example[19]: Refreshing state... [id=test-client-19]
hydra_oauth2_client.example[17]: Refreshing state... [id=test-client-17]
hydra_oauth2_client.example[25]: Refreshing state... [id=test-client-25]
hydra_oauth2_client.example[3]: Refreshing state... [id=test-client-3]
hydra_oauth2_client.example[42]: Refreshing state... [id=test-client-42]
hydra_oauth2_client.example[8]: Refreshing state... [id=test-client-8]
hydra_oauth2_client.example[1]: Refreshing state... [id=test-client-1]
hydra_oauth2_client.example[29]: Refreshing state... [id=test-client-29]
hydra_oauth2_client.example[5]: Refreshing state... [id=test-client-5]
hydra_oauth2_client.example[40]: Refreshing state... [id=test-client-40]
hydra_oauth2_client.example[35]: Refreshing state... [id=test-client-35]
hydra_oauth2_client.example[23]: Refreshing state... [id=test-client-23]
hydra_oauth2_client.example[2]: Refreshing state... [id=test-client-2]
hydra_oauth2_client.example[27]: Refreshing state... [id=test-client-27]
hydra_oauth2_client.example[22]: Refreshing state... [id=test-client-22]
hydra_oauth2_client.example[13]: Refreshing state... [id=test-client-13]
hydra_oauth2_client.example[28]: Refreshing state... [id=test-client-28]
hydra_oauth2_client.example[46]: Refreshing state... [id=test-client-46]
hydra_oauth2_client.example[31]: Refreshing state... [id=test-client-31]
hydra_oauth2_client.example[0]: Refreshing state... [id=test-client-0]
hydra_oauth2_client.example[4]: Refreshing state... [id=test-client-4]
hydra_oauth2_client.example[14]: Refreshing state... [id=test-client-14]
hydra_oauth2_client.example[48]: Refreshing state... [id=test-client-48]
hydra_oauth2_client.example[26]: Refreshing state... [id=test-client-26]
hydra_oauth2_client.example[21]: Refreshing state... [id=test-client-21]
hydra_oauth2_client.example[38]: Refreshing state... [id=test-client-38]
hydra_oauth2_client.example[49]: Refreshing state... [id=test-client-49]
hydra_oauth2_client.example[39]: Refreshing state... [id=test-client-39]
hydra_oauth2_client.example[11]: Refreshing state... [id=test-client-11]
hydra_oauth2_client.example[33]: Refreshing state... [id=test-client-33]
hydra_oauth2_client.example[47]: Refreshing state... [id=test-client-47]
hydra_oauth2_client.example[18]: Refreshing state... [id=test-client-18]
hydra_oauth2_client.example[32]: Refreshing state... [id=test-client-32]
hydra_oauth2_client.example[12]: Refreshing state... [id=test-client-12]
hydra_oauth2_client.example[7]: Refreshing state... [id=test-client-7]
hydra_oauth2_client.example[37]: Refreshing state... [id=test-client-37]
hydra_oauth2_client.example[44]: Refreshing state... [id=test-client-44]
hydra_oauth2_client.example[15]: Refreshing state... [id=test-client-15]
hydra_oauth2_client.example[20]: Refreshing state... [id=test-client-20]
hydra_oauth2_client.example[45]: Refreshing state... [id=test-client-45]
hydra_oauth2_client.example[41]: Refreshing state... [id=test-client-41]
hydra_oauth2_client.example[10]: Refreshing state... [id=test-client-10]
hydra_oauth2_client.example[34]: Refreshing state... [id=test-client-34]
hydra_oauth2_client.example[36]: Refreshing state... [id=test-client-36]
hydra_oauth2_client.example[24]: Refreshing state... [id=test-client-24]
hydra_oauth2_client.example[9]: Refreshing state... [id=test-client-9]
hydra_oauth2_client.example[43]: Refreshing state... [id=test-client-43]
hydra_oauth2_client.example[6]: Refreshing state... [id=test-client-6]
hydra_oauth2_client.example[30]: Refreshing state... [id=test-client-30]
hydra_oauth2_client.example[16]: Refreshing state... [id=test-client-16]

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: Plugin did not respond
│
│   with hydra_oauth2_client.example[6],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The
│ plugin logs may contain more details.
╵
╷
│ Error: Plugin did not respond
│
│   with hydra_oauth2_client.example[24],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The
│ plugin logs may contain more details.
╵
╷
│ Error: Plugin did not respond
│
│   with hydra_oauth2_client.example[43],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The
│ plugin logs may contain more details.
╵
╷
│ Error: Plugin did not respond
│
│   with hydra_oauth2_client.example[16],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The
│ plugin logs may contain more details.
╵
╷
│ Error: Plugin did not respond
│
│   with hydra_oauth2_client.example[34],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The
│ plugin logs may contain more details.
╵
╷
│ Error: Plugin did not respond
│
│   with hydra_oauth2_client.example[9],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The
│ plugin logs may contain more details.
╵
╷
│ Error: Plugin did not respond
│
│   with hydra_oauth2_client.example[30],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The
│ plugin logs may contain more details.
╵
╷
│ Error: Plugin did not respond
│
│   with hydra_oauth2_client.example[36],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The
│ plugin logs may contain more details.
╵

Stack trace from the terraform-provider-hydra_v0.5.2 plugin:

panic: errors: target must be a non-nil pointer

goroutine 138 [running]:
errors.As({0x1053c5cd8, 0x1400052f700}, {0x1052f36c0?, 0x0})
	errors/wrap.go:103 +0x470
github.com/svrakitin/terraform-provider-hydra/internal/provider.readOAuth2ClientResource({0x1053cccb0, 0x1400062eee0}, 0x14000510c80, {0x105307720?, 0x1400050f260})
	github.com/svrakitin/terraform-provider-hydra/internal/provider/resource_oauth2_client.go:343 +0x188
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).read(0x140000e4c40, {0x1053ccc08, 0x14000739620}, 0xd?, {0x105307720, 0x1400050f260})
	github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:795 +0xe8
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).RefreshWithoutUpgrade(0x140000e4c40, {0x1053ccc08, 0x14000739620}, 0x14000a8cea0, {0x105307720, 0x1400050f260})
	github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/resource.go:1089 +0x430
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ReadResource(0x14000371bc0, {0x1053ccc08?, 0x140007dfef0?}, 0x1400052eb00)
	github.com/hashicorp/terraform-plugin-sdk/[email protected]/helper/schema/grpc_provider.go:649 +0x3e4
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ReadResource(0x14000255b80, {0x1053ccc08?, 0x140007df710?}, 0x140003b3560)
	github.com/hashicorp/[email protected]/tfprotov5/tf5server/server.go:789 +0x390
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ReadResource_Handler({0x105392aa0?, 0x14000255b80}, {0x1053ccc08, 0x140007df710}, 0x14000510980, 0x0)
	github.com/hashicorp/[email protected]/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:431 +0x164
google.golang.org/grpc.(*Server).processUnaryRPC(0x1400024a1e0, {0x1053ccc08, 0x140007df5f0}, {0x1053d0db8, 0x1400025d860}, 0x14000566120, 0x14000383980, 0x1058ed9a8, 0x0)
	google.golang.org/[email protected]/server.go:1343 +0xb8c
google.golang.org/grpc.(*Server).handleStream(0x1400024a1e0, {0x1053d0db8, 0x1400025d860}, 0x14000566120)
	google.golang.org/[email protected]/server.go:1737 +0x990
google.golang.org/grpc.(*Server).serveStreams.func1.1()
	google.golang.org/[email protected]/server.go:986 +0x88
created by google.golang.org/grpc.(*Server).serveStreams.func1 in goroutine 13
	google.golang.org/[email protected]/server.go:997 +0x160

Error: The terraform-provider-hydra_v0.5.2 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.

[3] Example of 429 rate-limiting:

% terraform apply
╷
│ Warning: Provider development overrides are in effect
│
│ The following provider development overrides are set in the CLI configuration:
│  - svrakitin/hydra in /Users/ttj/projects/metaplay/terraform-provider-hydra
│
│ The behavior may therefore not match any released version of the provider and applying changes may cause the state
│ to become incompatible with published releases.
╵
hydra_oauth2_client.example[27]: Refreshing state... [id=test-client-27]
hydra_oauth2_client.example[39]: Refreshing state... [id=test-client-39]
hydra_oauth2_client.example[6]: Refreshing state... [id=test-client-6]
hydra_oauth2_client.example[38]: Refreshing state... [id=test-client-38]
hydra_oauth2_client.example[19]: Refreshing state... [id=test-client-19]
hydra_oauth2_client.example[17]: Refreshing state... [id=test-client-17]
hydra_oauth2_client.example[32]: Refreshing state... [id=test-client-32]
hydra_oauth2_client.example[46]: Refreshing state... [id=test-client-46]
hydra_oauth2_client.example[22]: Refreshing state... [id=test-client-22]
hydra_oauth2_client.example[48]: Refreshing state... [id=test-client-48]
hydra_oauth2_client.example[33]: Refreshing state... [id=test-client-33]
hydra_oauth2_client.example[34]: Refreshing state... [id=test-client-34]
hydra_oauth2_client.example[18]: Refreshing state... [id=test-client-18]
hydra_oauth2_client.example[12]: Refreshing state... [id=test-client-12]
hydra_oauth2_client.example[45]: Refreshing state... [id=test-client-45]
hydra_oauth2_client.example[49]: Refreshing state... [id=test-client-49]
hydra_oauth2_client.example[20]: Refreshing state... [id=test-client-20]
hydra_oauth2_client.example[37]: Refreshing state... [id=test-client-37]
hydra_oauth2_client.example[5]: Refreshing state... [id=test-client-5]
hydra_oauth2_client.example[9]: Refreshing state... [id=test-client-9]
hydra_oauth2_client.example[29]: Refreshing state... [id=test-client-29]
hydra_oauth2_client.example[0]: Refreshing state... [id=test-client-0]
hydra_oauth2_client.example[47]: Refreshing state... [id=test-client-47]
hydra_oauth2_client.example[42]: Refreshing state... [id=test-client-42]
hydra_oauth2_client.example[25]: Refreshing state... [id=test-client-25]
hydra_oauth2_client.example[2]: Refreshing state... [id=test-client-2]
hydra_oauth2_client.example[4]: Refreshing state... [id=test-client-4]
hydra_oauth2_client.example[13]: Refreshing state... [id=test-client-13]
hydra_oauth2_client.example[23]: Refreshing state... [id=test-client-23]
hydra_oauth2_client.example[40]: Refreshing state... [id=test-client-40]
hydra_oauth2_client.example[8]: Refreshing state... [id=test-client-8]
hydra_oauth2_client.example[43]: Refreshing state... [id=test-client-43]
hydra_oauth2_client.example[31]: Refreshing state... [id=test-client-31]
hydra_oauth2_client.example[10]: Refreshing state... [id=test-client-10]
hydra_oauth2_client.example[36]: Refreshing state... [id=test-client-36]
hydra_oauth2_client.example[44]: Refreshing state... [id=test-client-44]
hydra_oauth2_client.example[28]: Refreshing state... [id=test-client-28]
hydra_oauth2_client.example[11]: Refreshing state... [id=test-client-11]
hydra_oauth2_client.example[26]: Refreshing state... [id=test-client-26]
hydra_oauth2_client.example[7]: Refreshing state... [id=test-client-7]
hydra_oauth2_client.example[14]: Refreshing state... [id=test-client-14]
hydra_oauth2_client.example[16]: Refreshing state... [id=test-client-16]
hydra_oauth2_client.example[15]: Refreshing state... [id=test-client-15]
hydra_oauth2_client.example[24]: Refreshing state... [id=test-client-24]
hydra_oauth2_client.example[1]: Refreshing state... [id=test-client-1]
hydra_oauth2_client.example[30]: Refreshing state... [id=test-client-30]
hydra_oauth2_client.example[21]: Refreshing state... [id=test-client-21]
hydra_oauth2_client.example[41]: Refreshing state... [id=test-client-41]
hydra_oauth2_client.example[35]: Refreshing state... [id=test-client-35]
hydra_oauth2_client.example[3]: Refreshing state... [id=test-client-3]

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: 429 Too Many Requests
│
│   with hydra_oauth2_client.example[14],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
╵
╷
│ Error: 429 Too Many Requests
│
│   with hydra_oauth2_client.example[16],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
╵
╷
│ Error: 429 Too Many Requests
│
│   with hydra_oauth2_client.example[35],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
╵
╷
│ Error: 429 Too Many Requests
│
│   with hydra_oauth2_client.example[30],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
╵
╷
│ Error: 429 Too Many Requests
│
│   with hydra_oauth2_client.example[41],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
╵
╷
│ Error: 429 Too Many Requests
│
│   with hydra_oauth2_client.example[3],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
╵
╷
│ Error: 429 Too Many Requests
│
│   with hydra_oauth2_client.example[1],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
╵
╷
│ Error: 429 Too Many Requests
│
│   with hydra_oauth2_client.example[24],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
╵
╷
│ Error: 429 Too Many Requests
│
│   with hydra_oauth2_client.example[15],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
╵
╷
│ Error: 429 Too Many Requests
│
│   with hydra_oauth2_client.example[21],
│   on test.tf line 21, in resource "hydra_oauth2_client" "example":
│   21: resource "hydra_oauth2_client" "example" {
│
╵

Upgrade dependencies

Authentication

Hi there,

I'm looking at using your provider (thank you for building it). One of our requirements is to be able to run it from Terraform Cloud. There's no security mechanism built into the ORY Admin API, which rightfully belongs at the reverse proxy layer. We were hoping to add a basic Bearer token to the requests that are sent to the admin API.

Would you be amenable to me creating a pull request which adds an optional configuration / environment variable for setting a Bearer token that would be added to outgoing requests? I'd likely add this as a custom transport provided to the Hydra client.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.