@pulumi/okta 4.9.0-alpha.1718431198 → 4.9.0-alpha.1718755579

package/policy/ruleIdpDiscovery.d.ts

@@ -2,71 +2,62 @@ import * as pulumi from "@pulumi/pulumi";
 import * as inputs from "../types/input";
 import * as outputs from "../types/output";
 /**
- * This resource allows you to create and configure an IdP Discovery Policy Rule.
+ * Creates an IdP Discovery Policy Rule.
  *
- * > If you receive the error `You do not have permission to access the feature
- * you are requesting` contact support and
- * request feature flag `ADVANCED_SSO` be applied to your org.
+ * This resource allows you to create and configure an IdP Discovery Policy Rule.
+ * > If you receive the error 'You do not have permission to access the feature
+ * you are requesting' contact support and
+ * request feature flag 'ADVANCED_SSO' be applied to your org.
  *
  * ## Example Usage
  *
- * ```typescript
- * import * as pulumi from "@pulumi/pulumi";
- * import * as okta from "@pulumi/okta";
+ * ### All Okta orgs contain only one IdP Discovery Policy
+ * data "okta.policy.getPolicy" "idpDiscoveryPolicy" {
+ *   name = "Idp Discovery Policy"
+ *   type = "IDP_DISCOVERY"
+ * }
+ *
+ * resource "okta.policy.RuleIdpDiscovery" "example" {
+ *   policyId                 = data.okta_policy.idp_discovery_policy.id
+ *   name                      = "example"
+ *   idpId                    = "<idp id>"
+ *   idpType                  = "OIDC"
+ *   networkConnection        = "ANYWHERE"
+ *   priority                  = 1
+ *   status                    = "ACTIVE"
+ *   userIdentifierType      = "ATTRIBUTE"
+ *   userIdentifierAttribute = "company"
+ *
+ *   appExclude {
+ *     id   = "<app id>"
+ *     type = "APP"
+ *   }
+ *
+ *   appExclude {
+ *     name = "yahooMail"
+ *     type = "APP_TYPE"
+ *   }
  *
- * // All Okta orgs contain only one IdP Discovery Policy
- * const idpDiscoveryPolicy = okta.policy.getPolicy({
- *     name: "Idp Discovery Policy",
- *     type: "IDP_DISCOVERY",
- * });
- * const example = new okta.policy.RuleIdpDiscovery("example", {
- *     policyId: idpDiscoveryPolicy.then(idpDiscoveryPolicy => idpDiscoveryPolicy.id),
- *     name: "example",
- *     idpId: "<idp id>",
- *     idpType: "OIDC",
- *     networkConnection: "ANYWHERE",
- *     priority: 1,
- *     status: "ACTIVE",
- *     userIdentifierType: "ATTRIBUTE",
- *     userIdentifierAttribute: "company",
- *     appExcludes: [
- *         {
- *             id: "<app id>",
- *             type: "APP",
- *         },
- *         {
- *             name: "yahoo_mail",
- *             type: "APP_TYPE",
- *         },
- *     ],
- *     appIncludes: [
- *         {
- *             id: "<app id>",
- *             type: "APP",
- *         },
- *         {
- *             name: "<app type name>",
- *             type: "APP_TYPE",
- *         },
- *     ],
- *     platformIncludes: [{
- *         type: "MOBILE",
- *         osType: "OSX",
- *     }],
- *     userIdentifierPatterns: [{
- *         matchType: "EQUALS",
- *         value: "Articulate",
- *     }],
- * });
- * ```
+ *   appInclude {
+ *     id   = "<app id>"
+ *     type = "APP"
+ *   }
  *
- * ## Import
+ *   appInclude {
+ *     name = "<app type name>"
+ *     type = "APP_TYPE"
+ *   }
  *
- * A Policy Rule can be imported via the Policy and Rule ID.
+ *   platformInclude {
+ *     type    = "MOBILE"
+ *     osType = "OSX"
+ *   }
  *
- * ```sh
- * $ pulumi import okta:policy/ruleIdpDiscovery:RuleIdpDiscovery example &#60;policy id&#62;/&#60;rule id&#62;
- * ```
+ *   userIdentifierPatterns {
+ *     matchType = "EQUALS"
+ *     value      = "Articulate"
+ *   }
+ * }
  */
 export declare class RuleIdpDiscovery extends pulumi.CustomResource {
     /**
@@ -89,7 +80,10 @@ export declare class RuleIdpDiscovery extends pulumi.CustomResource {
      */
     readonly appExcludes: pulumi.Output<outputs.policy.RuleIdpDiscoveryAppExclude[] | undefined>;
     /**
-     * Applications to include in discovery rule.
+     * Applications to include in discovery rule. - 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to
+     * include. - 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in
+     * instances where an entire group (i.e. 'yahoo_mail') of applications should be included. - 'type' - (Required) One of:
+     * 'APP', 'APP_TYPE'
      */
     readonly appIncludes: pulumi.Output<outputs.policy.RuleIdpDiscoveryAppInclude[] | undefined>;
     /**
@@ -97,23 +91,24 @@ export declare class RuleIdpDiscovery extends pulumi.CustomResource {
      */
     readonly idpId: pulumi.Output<string | undefined>;
     /**
-     * Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"`
+     * Type of Idp. One of: `SAML2`, `IWA`, `AgentlessDSSO`, `X509`, `FACEBOOK`, `GOOGLE`, `LINKEDIN`, `MICROSOFT`, `OIDC`.
+     * Default: `OKTA`
      */
     readonly idpType: pulumi.Output<string | undefined>;
     /**
-     * Policy rule name.
+     * Policy Rule Name
      */
     readonly name: pulumi.Output<string>;
     /**
-     * The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`.
+     * Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`
      */
     readonly networkConnection: pulumi.Output<string | undefined>;
     /**
-     * Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude.
+     * Required if `networkConnection` = `ZONE`. Indicates the network zones to exclude.
      */
     readonly networkExcludes: pulumi.Output<string[] | undefined>;
     /**
-     * Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include.
+     * Required if `networkConnection` = `ZONE`. Indicates the network zones to include.
      */
     readonly networkIncludes: pulumi.Output<string[] | undefined>;
     /**
@@ -123,27 +118,32 @@ export declare class RuleIdpDiscovery extends pulumi.CustomResource {
      */
     readonly platformIncludes: pulumi.Output<outputs.policy.RuleIdpDiscoveryPlatformInclude[] | undefined>;
     /**
-     * Policy ID.
+     * Policy ID of the Rule
      */
     readonly policyId: pulumi.Output<string | undefined>;
     /**
-     * Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
+     * Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if
+     * an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
      */
     readonly priority: pulumi.Output<number | undefined>;
     /**
-     * Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`.
+     * Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`
      */
     readonly status: pulumi.Output<string | undefined>;
     /**
-     * Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against.
+     * Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This
+     * is the attribute or identifier that the `userIdentifierPatterns` are checked against.
      */
     readonly userIdentifierAttribute: pulumi.Output<string | undefined>;
     /**
-     * Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.
+     * Specifies a User Identifier pattern condition to match against. If 'match_type' of 'EXPRESSION' is used, only a *single*
+     * element can be set, otherwise multiple elements of matching patterns may be provided. - 'match_type' - (Optional) The
+     * kind of pattern. For regex, use 'EXPRESSION'. For simple string matches, use one of the following: 'SUFFIX', 'EQUALS',
+     * 'STARTS_WITH', 'CONTAINS' - 'value' - (Optional) The regex or simple match string to match against.
      */
     readonly userIdentifierPatterns: pulumi.Output<outputs.policy.RuleIdpDiscoveryUserIdentifierPattern[] | undefined>;
     /**
-     * One of: `"IDENTIFIER"`, `"ATTRIBUTE"`
+     * One of: `IDENTIFIER`, `ATTRIBUTE`
      */
     readonly userIdentifierType: pulumi.Output<string | undefined>;
     /**
@@ -164,7 +164,10 @@ export interface RuleIdpDiscoveryState {
      */
     appExcludes?: pulumi.Input<pulumi.Input<inputs.policy.RuleIdpDiscoveryAppExclude>[]>;
     /**
-     * Applications to include in discovery rule.
+     * Applications to include in discovery rule. - 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to
+     * include. - 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in
+     * instances where an entire group (i.e. 'yahoo_mail') of applications should be included. - 'type' - (Required) One of:
+     * 'APP', 'APP_TYPE'
      */
     appIncludes?: pulumi.Input<pulumi.Input<inputs.policy.RuleIdpDiscoveryAppInclude>[]>;
     /**
@@ -172,23 +175,24 @@ export interface RuleIdpDiscoveryState {
      */
     idpId?: pulumi.Input<string>;
     /**
-     * Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"`
+     * Type of Idp. One of: `SAML2`, `IWA`, `AgentlessDSSO`, `X509`, `FACEBOOK`, `GOOGLE`, `LINKEDIN`, `MICROSOFT`, `OIDC`.
+     * Default: `OKTA`
      */
     idpType?: pulumi.Input<string>;
     /**
-     * Policy rule name.
+     * Policy Rule Name
      */
     name?: pulumi.Input<string>;
     /**
-     * The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`.
+     * Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`
      */
     networkConnection?: pulumi.Input<string>;
     /**
-     * Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude.
+     * Required if `networkConnection` = `ZONE`. Indicates the network zones to exclude.
      */
     networkExcludes?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include.
+     * Required if `networkConnection` = `ZONE`. Indicates the network zones to include.
      */
     networkIncludes?: pulumi.Input<pulumi.Input<string>[]>;
     /**
@@ -198,27 +202,32 @@ export interface RuleIdpDiscoveryState {
      */
     platformIncludes?: pulumi.Input<pulumi.Input<inputs.policy.RuleIdpDiscoveryPlatformInclude>[]>;
     /**
-     * Policy ID.
+     * Policy ID of the Rule
      */
     policyId?: pulumi.Input<string>;
     /**
-     * Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
+     * Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if
+     * an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
      */
     priority?: pulumi.Input<number>;
     /**
-     * Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`.
+     * Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`
      */
     status?: pulumi.Input<string>;
     /**
-     * Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against.
+     * Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This
+     * is the attribute or identifier that the `userIdentifierPatterns` are checked against.
      */
     userIdentifierAttribute?: pulumi.Input<string>;
     /**
-     * Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.
+     * Specifies a User Identifier pattern condition to match against. If 'match_type' of 'EXPRESSION' is used, only a *single*
+     * element can be set, otherwise multiple elements of matching patterns may be provided. - 'match_type' - (Optional) The
+     * kind of pattern. For regex, use 'EXPRESSION'. For simple string matches, use one of the following: 'SUFFIX', 'EQUALS',
+     * 'STARTS_WITH', 'CONTAINS' - 'value' - (Optional) The regex or simple match string to match against.
      */
     userIdentifierPatterns?: pulumi.Input<pulumi.Input<inputs.policy.RuleIdpDiscoveryUserIdentifierPattern>[]>;
     /**
-     * One of: `"IDENTIFIER"`, `"ATTRIBUTE"`
+     * One of: `IDENTIFIER`, `ATTRIBUTE`
      */
     userIdentifierType?: pulumi.Input<string>;
 }
@@ -231,7 +240,10 @@ export interface RuleIdpDiscoveryArgs {
      */
     appExcludes?: pulumi.Input<pulumi.Input<inputs.policy.RuleIdpDiscoveryAppExclude>[]>;
     /**
-     * Applications to include in discovery rule.
+     * Applications to include in discovery rule. - 'id' - (Optional) Use if 'type' is 'APP' to indicate the application id to
+     * include. - 'name' - (Optional) Use if the 'type' is 'APP_TYPE' to indicate the type of application(s) to include in
+     * instances where an entire group (i.e. 'yahoo_mail') of applications should be included. - 'type' - (Required) One of:
+     * 'APP', 'APP_TYPE'
      */
     appIncludes?: pulumi.Input<pulumi.Input<inputs.policy.RuleIdpDiscoveryAppInclude>[]>;
     /**
@@ -239,23 +251,24 @@ export interface RuleIdpDiscoveryArgs {
      */
     idpId?: pulumi.Input<string>;
     /**
-     * Type of Idp. One of: `"SAML2"`, `"IWA"`, `"AgentlessDSSO"`, `"X509"`, `"FACEBOOK"`, `"GOOGLE"`, `"LINKEDIN"`, `"MICROSOFT"`, `"OIDC"`
+     * Type of Idp. One of: `SAML2`, `IWA`, `AgentlessDSSO`, `X509`, `FACEBOOK`, `GOOGLE`, `LINKEDIN`, `MICROSOFT`, `OIDC`.
+     * Default: `OKTA`
      */
     idpType?: pulumi.Input<string>;
     /**
-     * Policy rule name.
+     * Policy Rule Name
      */
     name?: pulumi.Input<string>;
     /**
-     * The network selection mode. One of `"ANYWEHRE"` or `"ZONE"`.
+     * Network selection mode: `ANYWHERE`, `ZONE`, `ON_NETWORK`, or `OFF_NETWORK`. Default: `ANYWHERE`
      */
     networkConnection?: pulumi.Input<string>;
     /**
-     * Required if `networkConnection` = `"ZONE"`. Indicates the network zones to exclude.
+     * Required if `networkConnection` = `ZONE`. Indicates the network zones to exclude.
      */
     networkExcludes?: pulumi.Input<pulumi.Input<string>[]>;
     /**
-     * Required if `networkConnection` = `"ZONE"`. Indicates the network zones to include.
+     * Required if `networkConnection` = `ZONE`. Indicates the network zones to include.
      */
     networkIncludes?: pulumi.Input<pulumi.Input<string>[]>;
     /**
@@ -265,27 +278,32 @@ export interface RuleIdpDiscoveryArgs {
      */
     platformIncludes?: pulumi.Input<pulumi.Input<inputs.policy.RuleIdpDiscoveryPlatformInclude>[]>;
     /**
-     * Policy ID.
+     * Policy ID of the Rule
      */
     policyId?: pulumi.Input<string>;
     /**
-     * Idp rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
+     * Rule priority. This attribute can be set to a valid priority. To avoid an endless diff situation an error is thrown if
+     * an invalid property is provided. The Okta API defaults to the last (lowest) if not provided.
      */
     priority?: pulumi.Input<number>;
     /**
-     * Idp rule status: `"ACTIVE"` or `"INACTIVE"`. By default, it is `"ACTIVE"`.
+     * Policy Rule Status: `ACTIVE` or `INACTIVE`. Default: `ACTIVE`
      */
     status?: pulumi.Input<string>;
     /**
-     * Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This is the attribute or identifier that the `userIdentifierPatterns` are checked against.
+     * Profile attribute matching can only have a single value that describes the type indicated in `userIdentifierType`. This
+     * is the attribute or identifier that the `userIdentifierPatterns` are checked against.
      */
     userIdentifierAttribute?: pulumi.Input<string>;
     /**
-     * Specifies a User Identifier pattern condition to match against. If `matchType` of `"EXPRESSION"` is used, only a *single* element can be set, otherwise multiple elements of matching patterns may be provided.
+     * Specifies a User Identifier pattern condition to match against. If 'match_type' of 'EXPRESSION' is used, only a *single*
+     * element can be set, otherwise multiple elements of matching patterns may be provided. - 'match_type' - (Optional) The
+     * kind of pattern. For regex, use 'EXPRESSION'. For simple string matches, use one of the following: 'SUFFIX', 'EQUALS',
+     * 'STARTS_WITH', 'CONTAINS' - 'value' - (Optional) The regex or simple match string to match against.
      */
     userIdentifierPatterns?: pulumi.Input<pulumi.Input<inputs.policy.RuleIdpDiscoveryUserIdentifierPattern>[]>;
     /**
-     * One of: `"IDENTIFIER"`, `"ATTRIBUTE"`
+     * One of: `IDENTIFIER`, `ATTRIBUTE`
      */
     userIdentifierType?: pulumi.Input<string>;
 }

package/policy/ruleIdpDiscovery.js

@@ -6,71 +6,62 @@ exports.RuleIdpDiscovery = void 0;
 const pulumi = require("@pulumi/pulumi");
 const utilities = require("../utilities");
 /**
- * This resource allows you to create and configure an IdP Discovery Policy Rule.
+ * Creates an IdP Discovery Policy Rule.
  *
- * > If you receive the error `You do not have permission to access the feature
- * you are requesting` contact support and
- * request feature flag `ADVANCED_SSO` be applied to your org.
+ * This resource allows you to create and configure an IdP Discovery Policy Rule.
+ * > If you receive the error 'You do not have permission to access the feature
+ * you are requesting' contact support and
+ * request feature flag 'ADVANCED_SSO' be applied to your org.
  *
  * ## Example Usage
  *
- * ```typescript
- * import * as pulumi from "@pulumi/pulumi";
- * import * as okta from "@pulumi/okta";
+ * ### All Okta orgs contain only one IdP Discovery Policy
+ * data "okta.policy.getPolicy" "idpDiscoveryPolicy" {
+ *   name = "Idp Discovery Policy"
+ *   type = "IDP_DISCOVERY"
+ * }
+ *
+ * resource "okta.policy.RuleIdpDiscovery" "example" {
+ *   policyId                 = data.okta_policy.idp_discovery_policy.id
+ *   name                      = "example"
+ *   idpId                    = "<idp id>"
+ *   idpType                  = "OIDC"
+ *   networkConnection        = "ANYWHERE"
+ *   priority                  = 1
+ *   status                    = "ACTIVE"
+ *   userIdentifierType      = "ATTRIBUTE"
+ *   userIdentifierAttribute = "company"
+ *
+ *   appExclude {
+ *     id   = "<app id>"
+ *     type = "APP"
+ *   }
+ *
+ *   appExclude {
+ *     name = "yahooMail"
+ *     type = "APP_TYPE"
+ *   }
  *
- * // All Okta orgs contain only one IdP Discovery Policy
- * const idpDiscoveryPolicy = okta.policy.getPolicy({
- *     name: "Idp Discovery Policy",
- *     type: "IDP_DISCOVERY",
- * });
- * const example = new okta.policy.RuleIdpDiscovery("example", {
- *     policyId: idpDiscoveryPolicy.then(idpDiscoveryPolicy => idpDiscoveryPolicy.id),
- *     name: "example",
- *     idpId: "<idp id>",
- *     idpType: "OIDC",
- *     networkConnection: "ANYWHERE",
- *     priority: 1,
- *     status: "ACTIVE",
- *     userIdentifierType: "ATTRIBUTE",
- *     userIdentifierAttribute: "company",
- *     appExcludes: [
- *         {
- *             id: "<app id>",
- *             type: "APP",
- *         },
- *         {
- *             name: "yahoo_mail",
- *             type: "APP_TYPE",
- *         },
- *     ],
- *     appIncludes: [
- *         {
- *             id: "<app id>",
- *             type: "APP",
- *         },
- *         {
- *             name: "<app type name>",
- *             type: "APP_TYPE",
- *         },
- *     ],
- *     platformIncludes: [{
- *         type: "MOBILE",
- *         osType: "OSX",
- *     }],
- *     userIdentifierPatterns: [{
- *         matchType: "EQUALS",
- *         value: "Articulate",
- *     }],
- * });
- * ```
+ *   appInclude {
+ *     id   = "<app id>"
+ *     type = "APP"
+ *   }
  *
- * ## Import
+ *   appInclude {
+ *     name = "<app type name>"
+ *     type = "APP_TYPE"
+ *   }
  *
- * A Policy Rule can be imported via the Policy and Rule ID.
+ *   platformInclude {
+ *     type    = "MOBILE"
+ *     osType = "OSX"
+ *   }
  *
- * ```sh
- * $ pulumi import okta:policy/ruleIdpDiscovery:RuleIdpDiscovery example &#60;policy id&#62;/&#60;rule id&#62;
- * ```
+ *   userIdentifierPatterns {
+ *     matchType = "EQUALS"
+ *     value      = "Articulate"
+ *   }
+ * }
  */
 class RuleIdpDiscovery extends pulumi.CustomResource {
     /**

package/policy/ruleIdpDiscovery.js.map

@@ -1 +1 @@
-{"version":3,"file":"ruleIdpDiscovery.js","sourceRoot":"","sources":["../../policy/ruleIdpDiscovery.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkEG;AACH,MAAa,gBAAiB,SAAQ,MAAM,CAAC,cAAc;IACvD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA6B,EAAE,IAAmC;QAC3H,OAAO,IAAI,gBAAgB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACvE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,gBAAgB,CAAC,YAAY,CAAC;IACjE,CAAC;IAyED,YAAY,IAAY,EAAE,WAA0D,EAAE,IAAmC;QACrH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAgD,CAAC;YAC/D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;SACvF;aAAM;YACH,MAAM,IAAI,GAAG,WAA+C,CAAC;YAC7D,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;SACrF;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,gBAAgB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACrE,CAAC;;AA3IL,4CA4IC;AA9HG,gBAAgB;AACO,6BAAY,GAAG,+CAA+C,CAAC"}
+{"version":3,"file":"ruleIdpDiscovery.js","sourceRoot":"","sources":["../../policy/ruleIdpDiscovery.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AAGzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAyDG;AACH,MAAa,gBAAiB,SAAQ,MAAM,CAAC,cAAc;IACvD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA6B,EAAE,IAAmC;QAC3H,OAAO,IAAI,gBAAgB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACvE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,gBAAgB,CAAC,YAAY,CAAC;IACjE,CAAC;IAkFD,YAAY,IAAY,EAAE,WAA0D,EAAE,IAAmC;QACrH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAgD,CAAC;YAC/D,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,aAAa,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,SAAS,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,mBAAmB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClF,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,kBAAkB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,yBAAyB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9F,cAAc,CAAC,wBAAwB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,oBAAoB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;SACvF;aAAM;YACH,MAAM,IAAI,GAAG,WAA+C,CAAC;YAC7D,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;YACpE,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChF,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,kBAAkB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,yBAAyB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5F,cAAc,CAAC,wBAAwB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1F,cAAc,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC;SACrF;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,gBAAgB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACrE,CAAC;;AApJL,4CAqJC;AAvIG,gBAAgB;AACO,6BAAY,GAAG,+CAA+C,CAAC"}