Parse teams with saml configs containing access group objects as role values (#264)

Author: jarneson

client/team.go

@@ -2,6 +2,7 @@ package client
 
 import (
 	"context"
+	"encoding/json"
 	"fmt"
 
 	"github.com/hashicorp/terraform-plugin-log/tflog"
@@ -14,9 +15,51 @@ type TeamCreateRequest struct {
 	Plan string `json:"plan"`
 }
 
+type SamlRoleAccessGroupID struct {
+	AccessGroupID string `json:"accessGroupId"`
+}
+
+type SamlRole struct {
+	Role          *string
+	AccessGroupID *SamlRoleAccessGroupID
+}
+
+func (f *SamlRole) UnmarshalJSON(data []byte) error {
+	var role string
+	if err := json.Unmarshal(data, &role); err == nil {
+		f.Role = &role
+		return nil
+	}
+	var ag SamlRoleAccessGroupID
+	if err := json.Unmarshal(data, &ag); err == nil {
+		f.AccessGroupID = &ag
+		return nil
+	}
+	return fmt.Errorf("received json is neither Role string nor AccessGroupID map")
+}
+
+type SamlRoles map[string]string
+
+func (f *SamlRoles) UnmarshalJSON(data []byte) error {
+	var result map[string]SamlRole
+	if err := json.Unmarshal(data, &result); err != nil {
+		return err
+	}
+	tmp := make(SamlRoles)
+	for k, v := range result {
+		k := k
+		v := v
+		if v.Role != nil {
+			tmp[k] = *(v.Role)
+		}
+	}
+	*f = tmp
+	return nil
+}
+
 type SamlConfig struct {
-	Enforced bool              `json:"enforced,omitempty"`
-	Roles    map[string]string `json:"roles,omitempty"`
+	Enforced bool      `json:"enforced,omitempty"`
+	Roles    SamlRoles `json:"roles,omitempty"`
 }
 
 type TaxID struct {

client/team_test.go

@@ -0,0 +1,35 @@
+package client
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func TestGetTeam(t *testing.T) {
+	type TestCase struct {
+		Name         string
+		ResponseJSON string
+	}
+
+	for _, tc := range []TestCase{
+		{
+			Name:         "SAML",
+			ResponseJSON: `{ "saml": { "roles": { "A": "OWNER", "B": { "accessGroupId": "foo" } } } }`,
+		},
+	} {
+		t.Run(tc.Name, func(t *testing.T) {
+			h := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
+				fmt.Fprintln(w, tc.ResponseJSON)
+			}))
+			cl := New("INVALID")
+			cl.baseURL = fmt.Sprintf("http://%s", h.Listener.Addr().String())
+			_, err := cl.GetTeam(context.Background(), "INVALID")
+			if err != nil {
+				t.Error(err)
+			}
+		})
+	}
+}