From e31a9497081a7623e49d4f9046280b35134d1f69 Mon Sep 17 00:00:00 2001
From: Dom Del Nano <ddelnano@gmail.com>
Date: Tue, 12 Mar 2024 14:12:51 -0700
Subject: [PATCH] Add token argument to provider to facilitate token based auth

Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
---
 client/client.go     | 37 +++++++++++++++++++++++++++++--------
 docs/index.md        | 10 ++++------
 xoa/provider.go      | 29 +++++++++++++++++++++--------
 xoa/provider_test.go | 13 ++++++++-----
 4 files changed, 62 insertions(+), 27 deletions(-)

diff --git a/client/client.go b/client/client.go
index 36af7e40..928e115d 100644
--- a/client/client.go
+++ b/client/client.go
@@ -143,6 +143,7 @@ type Config struct {
 	Url                string
 	Username           string
 	Password           string
+	Token              string
 	InsecureSkipVerify bool
 	RetryMode          RetryMode
 	RetryMaxTime       time.Duration
@@ -164,6 +165,7 @@ func GetConfigFromEnv() Config {
 	var wsURL string
 	var username string
 	var password string
+	var token string
 	insecure := false
 	retryMode := None
 	retryMaxTime := 5 * time.Minute
@@ -176,6 +178,9 @@ func GetConfigFromEnv() Config {
 	if v := os.Getenv("XOA_PASSWORD"); v != "" {
 		password = v
 	}
+	if v := os.Getenv("XOA_TOKEN"); v != "" {
+		token = v
+	}
 	if v := os.Getenv("XOA_INSECURE"); v != "" {
 		insecure = true
 	}
@@ -199,6 +204,7 @@ func GetConfigFromEnv() Config {
 		Url:                wsURL,
 		Username:           username,
 		Password:           password,
+		Token:              token,
 		InsecureSkipVerify: insecure,
 		RetryMode:          retryMode,
 		RetryMaxTime:       retryMaxTime,
@@ -209,6 +215,16 @@ func NewClient(config Config) (XOClient, error) {
 	wsURL := config.Url
 	username := config.Username
 	password := config.Password
+	token := config.Token
+
+	if token == "" && (username == "" || password == "") {
+		return nil, fmt.Errorf("One of the following environment variable(s) must be set: XOA_USER and XOA_PASSWORD or XOA_TOKEN")
+	}
+
+	useTokenAuth := false
+	if token != "" {
+		useTokenAuth = true
+	}
 
 	tlsConfig := &tls.Config{
 		InsecureSkipVerify: config.InsecureSkipVerify,
@@ -226,20 +242,25 @@ func NewClient(config Config) (XOClient, error) {
 	h = &handler{}
 	c := jsonrpc2.NewConn(context.Background(), objStream, h)
 
-	reqParams := map[string]interface{}{
-		"email":    username,
-		"password": password,
+	reqParams := map[string]interface{}{}
+	if useTokenAuth {
+		reqParams["token"] = token
+	} else {
+
+		reqParams["email"] = username
+		reqParams["password"] = password
 	}
 	var reply signInResponse
-	err = c.Call(context.Background(), "session.signInWithPassword", reqParams, &reply)
+	err = c.Call(context.Background(), "session.signIn", reqParams, &reply)
 	if err != nil {
 		return nil, err
 	}
 
-	var token string
-	err = c.Call(context.Background(), "token.create", map[string]interface{}{}, &token)
-	if err != nil {
-		return nil, err
+	if !useTokenAuth {
+		err = c.Call(context.Background(), "token.create", map[string]interface{}{}, &token)
+		if err != nil {
+			return nil, err
+		}
 	}
 
 	jar, err := cookiejar.New(&cookiejar.Options{})
diff --git a/docs/index.md b/docs/index.md
index 5f40d4de..0bd73399 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -46,14 +46,12 @@ provider "xenorchestra" {
 <!-- schema generated by tfplugindocs -->
 ## Schema
 
-### Required
-
-- `password` (String) Password for xoa api. Can be set via the XOA_PASSWORD environment variable.
-- `url` (String) Hostname of the xoa router. Can be set via the XOA_URL environment variable.
-- `username` (String) User account for xoa api. Can be set via the XOA_USER environment variable.
-
 ### Optional
 
 - `insecure` (Boolean) Whether SSL should be verified or not. Can be set via the XOA_INSECURE environment variable.
+- `password` (String) Password for xoa api. Can be set via the XOA_PASSWORD environment variable.
 - `retry_max_time` (String) If `retry_mode` is set, this specifies the duration for which the backoff method will continue retries. Can be set via the `XOA_RETRY_MAX_TIME` environment variable
 - `retry_mode` (String) Specifies if retries should be attempted for requests that require eventual . Can be set via the XOA_RETRY_MODE environment variable.
+- `token` (String) Password for xoa api. Can be set via the XOA_TOKEN environment variable.
+- `url` (String) Hostname of the xoa router. Can be set via the XOA_URL environment variable.
+- `username` (String) User account for xoa api. Can be set via the XOA_USER environment variable.
diff --git a/xoa/provider.go b/xoa/provider.go
index 87e22baf..3840b531 100644
--- a/xoa/provider.go
+++ b/xoa/provider.go
@@ -28,16 +28,27 @@ func Provider() *schema.Provider {
 				Description: "Hostname of the xoa router. Can be set via the XOA_URL environment variable.",
 			},
 			"username": &schema.Schema{
-				Type:        schema.TypeString,
-				Required:    true,
-				DefaultFunc: schema.EnvDefaultFunc("XOA_USER", nil),
-				Description: "User account for xoa api. Can be set via the XOA_USER environment variable.",
+				Type:          schema.TypeString,
+				Optional:      true,
+				DefaultFunc:   schema.EnvDefaultFunc("XOA_USER", nil),
+				Description:   "User account for xoa api. Can be set via the XOA_USER environment variable.",
+				RequiredWith:  []string{"password"},
+				ConflictsWith: []string{"token"},
 			},
 			"password": &schema.Schema{
-				Type:        schema.TypeString,
-				Required:    true,
-				DefaultFunc: schema.EnvDefaultFunc("XOA_PASSWORD", nil),
-				Description: "Password for xoa api. Can be set via the XOA_PASSWORD environment variable.",
+				Type:          schema.TypeString,
+				Optional:      true,
+				DefaultFunc:   schema.EnvDefaultFunc("XOA_PASSWORD", nil),
+				Description:   "Password for xoa api. Can be set via the XOA_PASSWORD environment variable.",
+				RequiredWith:  []string{"username"},
+				ConflictsWith: []string{"token"},
+			},
+			"token": &schema.Schema{
+				Type:          schema.TypeString,
+				Optional:      true,
+				DefaultFunc:   schema.EnvDefaultFunc("XOA_TOKEN", nil),
+				Description:   "Password for xoa api. Can be set via the XOA_TOKEN environment variable.",
+				ConflictsWith: []string{"username", "password"},
 			},
 			"insecure": &schema.Schema{
 				Type:        schema.TypeBool,
@@ -92,6 +103,7 @@ func xoaConfigure(d *schema.ResourceData) (interface{}, error) {
 	url := d.Get("url").(string)
 	username := d.Get("username").(string)
 	password := d.Get("password").(string)
+	token := d.Get("token").(string)
 	insecure := d.Get("insecure").(bool)
 	retryMode := d.Get("retry_mode").(string)
 	retryMaxTime := d.Get("retry_max_time").(string)
@@ -110,6 +122,7 @@ func xoaConfigure(d *schema.ResourceData) (interface{}, error) {
 		Url:                url,
 		Username:           username,
 		Password:           password,
+		Token:              token,
 		InsecureSkipVerify: insecure,
 		RetryMode:          retry,
 		RetryMaxTime:       duration,
diff --git a/xoa/provider_test.go b/xoa/provider_test.go
index dcf84371..252ac173 100644
--- a/xoa/provider_test.go
+++ b/xoa/provider_test.go
@@ -38,12 +38,15 @@ func testAccPreCheck(t *testing.T) {
 	if v := os.Getenv("XOA_URL"); v == "" {
 		t.Fatal("The XOA_URL environment variable must be set")
 	}
-	if v := os.Getenv("XOA_USER"); v == "" {
-		t.Fatal("The XOA_USER environment variable must be set")
-	}
-	if v := os.Getenv("XOA_PASSWORD"); v == "" {
-		t.Fatal("The XOA_PASSWORD environment variable must be set")
+
+	user := os.Getenv("XOA_USER")
+	password := os.Getenv("XOA_PASSWORD")
+	token := os.Getenv("XOA_TOKEN")
+
+	if token == "" && (user == "" || password == "") {
+		t.Fatal("One of the following environment variable(s) must be set: XOA_USER and XOA_PASSWORD or XOA_TOKEN")
 	}
+
 	if v := os.Getenv("XOA_POOL"); v == "" {
 		t.Fatal("The XOA_POOL environment variable must be set")
 	}