Skip to content

[Don't merge] feat: Support for Multiple Custom Domains #1113

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
+324 −35
Open

[Don't merge] feat: Support for Multiple Custom Domains #1113

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
4c073f3
feat: add deprecation warnings for custom domain fields and enhance s…
kushalshit27 Jun 16, 2025
b2c007b
feat: remove deprecation warning for verification_method field in cus…
kushalshit27 Jun 16, 2025
3088a68
feat: add deprecation warning for verification_method field in custom…
kushalshit27 Jun 16, 2025
bd88d81
feat: add custom domains configuration with auth0 managed certificates
kushalshit27 Jun 16, 2025
d841edb
Fix comment formatting and add update tests for customDomains handler
kushalshit27 Jun 16, 2025
a2f0531
Merge branch 'master' into DXCDT-1075-mcd-ea-support
kushalshit27 Jun 17, 2025
dfc1b66
feat: add tls_policy to custom domains configuration
kushalshit27 Jun 18, 2025
0e4939b
Merge branch 'master' into DXCDT-1075-mcd-ea-support
kushalshit27 Jun 18, 2025
c4804b3
Merge branch 'DXCDT-1075-mcd-ea-support' of https://github.com/auth0/…
kushalshit27 Jun 18, 2025
069b11e
Merge branch 'master' into DXCDT-1075-mcd-ea-support
kushalshit27 Jun 18, 2025
1e33910
feat: add verification_method to custom domains schema
kushalshit27 Jun 18, 2025
0a92dfc
Merge branch 'master' into DXCDT-1075-mcd-ea-support
kushalshit27 Jun 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions examples/directory/custom-domains/custom-domains.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
[
{
"domain": "my_domain.com",
"type": "auth0_managed_certs",
"tls_policy": "recommended",
"domain_metadata": {
"myKey": "value"
}
}
]
8 changes: 8 additions & 0 deletions examples/yaml/tenant.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -272,3 +272,11 @@ networkACLs:
scope: 'authentication'
match:
geo_country_codes: ['US', 'CA']

customDomains:
- domain: my_domain.com
type: auth0_managed_certs
tls_policy: 'recommended'
domain_metadata:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we include tls_policy too..?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated

myKey: value

68 changes: 44 additions & 24 deletions src/tools/auth0/handlers/customDomains.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import { CustomDomain } from 'auth0';
import DefaultAPIHandler, { order } from './default';
import { Asset, Assets } from '../../../types';
import log from '../../../logger';

export const schema = {
type: 'array',
Expand All @@ -18,6 +19,22 @@ export const schema = {
status: { type: 'string', enum: ['pending_verification', 'ready', 'disabled', 'pending'] },
type: { type: 'string', enum: ['auth0_managed_certs', 'self_managed_certs'] },
verification: { type: 'object' },
tls_policy: {
type: 'string',
description: 'Custom domain TLS policy. Must be `recommended`, includes TLS 1.2.',
defaultValue: 'recommended',
},
domain_metadata: {
type: 'object',
description: 'Domain metadata associated with the custom domain.',
defaultValue: undefined,
maxProperties: 10,
},
verification_method: {
type: 'string',
description: 'Custom domain verification method. Must be `txt`.',
defaultValue: 'txt',
},
},
required: ['domain', 'type'],
},
Expand All @@ -31,10 +48,21 @@ export default class CustomDomainsHadnler extends DefaultAPIHandler {
...config,
type: 'customDomains',
id: 'custom_domain_id',
identifiers: ['domain'],
stripCreateFields: ['status', 'primary', 'verification'],
identifiers: ['custom_domain_id', 'domain'],
stripCreateFields: ['status', 'primary', 'verification', 'certificate'],
stripUpdateFields: [
'status',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also see another field name certificate(read-only field similar to verification) in tf-provider PR, Any reason on not including in deploy-cli..?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, this was not added in the previous implementation, but we can add it now.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I saw it being added in the stripUpdateFields , but not in the schema

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, because the schema is used for input validation, certificate does not need validation.

'primary',
'verification',
'type',
'domain',
'verification_method',
'certificate',
],
functions: {
delete: (args) => this.client.customDomains.delete({ id: args.custom_domain_id }),
update: (args, data) =>
this.client.customDomains.update({ id: args.custom_domain_id }, data),
},
});
}
Expand Down Expand Up @@ -71,29 +99,21 @@ export default class CustomDomainsHadnler extends DefaultAPIHandler {
const { customDomains } = assets;

if (!customDomains) return;
const changes = await this.calcChanges(assets).then((changes) => {
const changesWithoutUpdates = {
...changes,
create: changes.create.map((customDomainToCreate) => {
const newCustomDomain = { ...customDomainToCreate };
if (customDomainToCreate.custom_client_ip_header === null) {
delete newCustomDomain.custom_client_ip_header;
}

return newCustomDomain;
}),
delete: changes.del.map((deleteToMake) => {
const deleteWithSDKCompatibleID = {
...deleteToMake,
id: deleteToMake.custom_domain_id,
};
delete deleteWithSDKCompatibleID['custom_domain_id'];
return deleteWithSDKCompatibleID;
}),
update: [], //Do not perform custom domain updates because not supported by SDK
};
return changesWithoutUpdates;
});
// Deprecation warnings for custom domains
if (customDomains.some((customDomain) => customDomain.primary != null)) {
log.warn(
'The "primary" field is deprecated and may be removed in future versions for "customDomains"'
);
}

if (customDomains.some((customDomain) => 'verification_method' in customDomain)) {
log.warn(
'The "verification_method" field is deprecated and may be removed in future versions for "customDomains"'
);
}

const changes = await this.calcChanges(assets);

await super.processChanges(assets, changes);
}
Expand Down
Loading