pulumi-fusionauth/fusionAuthIdpExternalJwt.js

A Pulumi package for managing FusionAuth instances.

"use strict";
// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
Object.defineProperty(exports, "__esModule", { value: true });
exports.FusionAuthIdpExternalJwt = void 0;
const pulumi = require("@pulumi/pulumi");
const utilities = require("./utilities");
/**
 * ## # External JWT Identity Provider Resource
 *
 * This is a special type of identity provider that is only used via the JWT Reconcile API. This identity provider defines the claims inside the incoming JWT and how they map to fields in the FusionAuth User object.
 *
 * In order for this identity provider to use the JWT, it also needs the public key or HMAC secret that the JWT was signed with. FusionAuth will verify that the JWT is valid and has not expired. Once the JWT has been validated, FusionAuth will reconcile it to ensure that the User exists and is up-to-date.
 *
 * [External JWT Identity Providers API](https://fusionauth.io/docs/v1/tech/apis/identity-providers/external-jwt/)
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as fusionauth from "pulumi-fusionauth";
 *
 * const jwt = new fusionauth.FusionAuthIdpExternalJwt("jwt", {
 *     claimMap: {
 *         dept: "RegistrationData",
 *         first_name: "firstName",
 *         last_name: "lastName",
 *     },
 *     debug: false,
 *     enabled: true,
 *     headerKeyParameter: "kid",
 *     oauth2AuthorizationEndpoint: "https://acme.com/adfs/oauth2/authorize?client_id=cf3b00da-9551-460a-ad18-33232e6cbff0&response_type=code&redirect_uri=https://acme.com/oauth2/redirect",
 *     oauth2TokenEndpoint: "https://acme.com/adfs/oauth2/token",
 *     uniqueIdentityClaim: "email",
 * });
 * ```
 */
class FusionAuthIdpExternalJwt extends pulumi.CustomResource {
    /**
     * Get an existing FusionAuthIdpExternalJwt resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name, id, state, opts) {
        return new FusionAuthIdpExternalJwt(name, state, Object.assign(Object.assign({}, opts), { id: id }));
    }
    /**
     * Returns true if the given object is an instance of FusionAuthIdpExternalJwt.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj) {
        if (obj === undefined || obj === null) {
            return false;
        }
        return obj['__pulumiType'] === FusionAuthIdpExternalJwt.__pulumiType;
    }
    constructor(name, argsOrState, opts) {
        let resourceInputs = {};
        opts = opts || {};
        if (opts.id) {
            const state = argsOrState;
            resourceInputs["applicationConfigurations"] = state ? state.applicationConfigurations : undefined;
            resourceInputs["claimMap"] = state ? state.claimMap : undefined;
            resourceInputs["debug"] = state ? state.debug : undefined;
            resourceInputs["defaultKeyId"] = state ? state.defaultKeyId : undefined;
            resourceInputs["domains"] = state ? state.domains : undefined;
            resourceInputs["enabled"] = state ? state.enabled : undefined;
            resourceInputs["headerKeyParameter"] = state ? state.headerKeyParameter : undefined;
            resourceInputs["idpId"] = state ? state.idpId : undefined;
            resourceInputs["lambdaReconcileId"] = state ? state.lambdaReconcileId : undefined;
            resourceInputs["linkingStrategy"] = state ? state.linkingStrategy : undefined;
            resourceInputs["name"] = state ? state.name : undefined;
            resourceInputs["oauth2AuthorizationEndpoint"] = state ? state.oauth2AuthorizationEndpoint : undefined;
            resourceInputs["oauth2EmailClaim"] = state ? state.oauth2EmailClaim : undefined;
            resourceInputs["oauth2EmailVerifiedClaim"] = state ? state.oauth2EmailVerifiedClaim : undefined;
            resourceInputs["oauth2TokenEndpoint"] = state ? state.oauth2TokenEndpoint : undefined;
            resourceInputs["oauth2UniqueIdClaim"] = state ? state.oauth2UniqueIdClaim : undefined;
            resourceInputs["oauth2UsernameClaim"] = state ? state.oauth2UsernameClaim : undefined;
            resourceInputs["tenantConfigurations"] = state ? state.tenantConfigurations : undefined;
            resourceInputs["uniqueIdentityClaim"] = state ? state.uniqueIdentityClaim : undefined;
        }
        else {
            const args = argsOrState;
            if ((!args || args.headerKeyParameter === undefined) && !opts.urn) {
                throw new Error("Missing required property 'headerKeyParameter'");
            }
            resourceInputs["applicationConfigurations"] = args ? args.applicationConfigurations : undefined;
            resourceInputs["claimMap"] = args ? args.claimMap : undefined;
            resourceInputs["debug"] = args ? args.debug : undefined;
            resourceInputs["defaultKeyId"] = args ? args.defaultKeyId : undefined;
            resourceInputs["domains"] = args ? args.domains : undefined;
            resourceInputs["enabled"] = args ? args.enabled : undefined;
            resourceInputs["headerKeyParameter"] = args ? args.headerKeyParameter : undefined;
            resourceInputs["idpId"] = args ? args.idpId : undefined;
            resourceInputs["lambdaReconcileId"] = args ? args.lambdaReconcileId : undefined;
            resourceInputs["linkingStrategy"] = args ? args.linkingStrategy : undefined;
            resourceInputs["name"] = args ? args.name : undefined;
            resourceInputs["oauth2AuthorizationEndpoint"] = args ? args.oauth2AuthorizationEndpoint : undefined;
            resourceInputs["oauth2EmailClaim"] = args ? args.oauth2EmailClaim : undefined;
            resourceInputs["oauth2EmailVerifiedClaim"] = args ? args.oauth2EmailVerifiedClaim : undefined;
            resourceInputs["oauth2TokenEndpoint"] = args ? args.oauth2TokenEndpoint : undefined;
            resourceInputs["oauth2UniqueIdClaim"] = args ? args.oauth2UniqueIdClaim : undefined;
            resourceInputs["oauth2UsernameClaim"] = args ? args.oauth2UsernameClaim : undefined;
            resourceInputs["tenantConfigurations"] = args ? args.tenantConfigurations : undefined;
            resourceInputs["uniqueIdentityClaim"] = args ? args.uniqueIdentityClaim : undefined;
        }
        opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
        super(FusionAuthIdpExternalJwt.__pulumiType, name, resourceInputs, opts);
    }
}
exports.FusionAuthIdpExternalJwt = FusionAuthIdpExternalJwt;
/** @internal */
FusionAuthIdpExternalJwt.__pulumiType = 'fusionauth:index/fusionAuthIdpExternalJwt:FusionAuthIdpExternalJwt';
//# sourceMappingURL=fusionAuthIdpExternalJwt.js.map