@pulumi/okta 4.9.0-alpha.1718431198 → 4.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/adminRoleCustom.d.ts +105 -107
- package/adminRoleCustom.js +3 -5
- package/adminRoleCustom.js.map +1 -1
- package/adminRoleCustomAssignments.d.ts +12 -18
- package/adminRoleCustomAssignments.js +3 -6
- package/adminRoleCustomAssignments.js.map +1 -1
- package/adminRoleTargets.d.ts +14 -16
- package/adminRoleTargets.js +0 -2
- package/adminRoleTargets.js.map +1 -1
- package/app/accessPolicyAssignment.d.ts +23 -2
- package/app/accessPolicyAssignment.js +23 -2
- package/app/accessPolicyAssignment.js.map +1 -1
- package/app/autoLogin.d.ts +63 -97
- package/app/autoLogin.js +3 -37
- package/app/autoLogin.js.map +1 -1
- package/app/basicAuth.d.ts +30 -33
- package/app/basicAuth.js +4 -7
- package/app/basicAuth.js.map +1 -1
- package/app/bookmark.d.ts +30 -33
- package/app/bookmark.js +3 -6
- package/app/bookmark.js.map +1 -1
- package/app/getApp.d.ts +58 -25
- package/app/getApp.js +2 -2
- package/app/getApp.js.map +1 -1
- package/app/getMetadataSaml.d.ts +11 -5
- package/app/getMetadataSaml.js +2 -2
- package/app/getMetadataSaml.js.map +1 -1
- package/app/getOauth.d.ts +62 -34
- package/app/getOauth.js +2 -2
- package/app/getOauth.js.map +1 -1
- package/app/getSaml.d.ts +75 -56
- package/app/getSaml.js +2 -2
- package/app/getSaml.js.map +1 -1
- package/app/groupAssignment.d.ts +23 -9
- package/app/groupAssignment.js +17 -3
- package/app/groupAssignment.js.map +1 -1
- package/app/oauth.d.ts +135 -273
- package/app/oauth.js +6 -60
- package/app/oauth.js.map +1 -1
- package/app/oauthPostLogoutRedirectUri.d.ts +4 -6
- package/app/oauthPostLogoutRedirectUri.js +1 -3
- package/app/oauthPostLogoutRedirectUri.js.map +1 -1
- package/app/oauthRedirectUri.d.ts +4 -6
- package/app/oauthRedirectUri.js +1 -3
- package/app/oauthRedirectUri.js.map +1 -1
- package/app/oauthRoleAssignment.d.ts +4 -29
- package/app/oauthRoleAssignment.js +4 -29
- package/app/oauthRoleAssignment.js.map +1 -1
- package/app/saml.d.ts +161 -289
- package/app/saml.js +6 -152
- package/app/saml.js.map +1 -1
- package/app/securePasswordStore.d.ts +79 -80
- package/app/securePasswordStore.js +6 -7
- package/app/securePasswordStore.js.map +1 -1
- package/app/swa.d.ts +70 -71
- package/app/swa.js +4 -5
- package/app/swa.js.map +1 -1
- package/app/threeField.d.ts +74 -76
- package/app/threeField.js +5 -7
- package/app/threeField.js.map +1 -1
- package/app/user.d.ts +12 -17
- package/app/user.js +0 -2
- package/app/user.js.map +1 -1
- package/appGroupAssignments.d.ts +6 -8
- package/appGroupAssignments.js +3 -5
- package/appGroupAssignments.js.map +1 -1
- package/appOauthApiScope.d.ts +5 -7
- package/appOauthApiScope.js +2 -4
- package/appOauthApiScope.js.map +1 -1
- package/appSamlAppSettings.d.ts +6 -7
- package/appSamlAppSettings.js +3 -4
- package/appSamlAppSettings.js.map +1 -1
- package/appSharedCredentials.d.ts +61 -63
- package/appSharedCredentials.js +4 -6
- package/appSharedCredentials.js.map +1 -1
- package/appSignonPolicy.d.ts +3 -39
- package/appSignonPolicy.js +3 -39
- package/appSignonPolicy.js.map +1 -1
- package/appSignonPolicyRule.d.ts +69 -361
- package/appSignonPolicyRule.js +1 -278
- package/appSignonPolicyRule.js.map +1 -1
- package/appUserBaseSchemaProperty.d.ts +25 -29
- package/appUserBaseSchemaProperty.js +1 -5
- package/appUserBaseSchemaProperty.js.map +1 -1
- package/appUserSchemaProperty.d.ts +51 -41
- package/appUserSchemaProperty.js +0 -2
- package/appUserSchemaProperty.js.map +1 -1
- package/auth/getServer.d.ts +11 -11
- package/auth/getServer.js +2 -2
- package/auth/getServerPolicy.d.ts +15 -9
- package/auth/getServerPolicy.js +2 -2
- package/auth/getServerPolicy.js.map +1 -1
- package/auth/getServerScopes.d.ts +8 -5
- package/auth/getServerScopes.js +2 -2
- package/auth/getServerScopes.js.map +1 -1
- package/auth/server.d.ts +15 -19
- package/auth/server.js +1 -5
- package/auth/server.js.map +1 -1
- package/auth/serverClaim.d.ts +13 -17
- package/auth/serverClaim.js +1 -5
- package/auth/serverClaim.js.map +1 -1
- package/auth/serverPolicy.d.ts +10 -14
- package/auth/serverPolicy.js +1 -5
- package/auth/serverPolicy.js.map +1 -1
- package/auth/serverPolicyClaim.d.ts +50 -66
- package/auth/serverPolicyClaim.js +0 -25
- package/auth/serverPolicyClaim.js.map +1 -1
- package/auth/serverPolicyRule.d.ts +32 -43
- package/auth/serverPolicyRule.js +0 -2
- package/auth/serverPolicyRule.js.map +1 -1
- package/auth/serverScope.d.ts +16 -20
- package/auth/serverScope.js +1 -5
- package/auth/serverScope.js.map +1 -1
- package/authServerClaimDefault.d.ts +10 -25
- package/authServerClaimDefault.js +0 -9
- package/authServerClaimDefault.js.map +1 -1
- package/authServerDefault.d.ts +15 -19
- package/authServerDefault.js +1 -5
- package/authServerDefault.js.map +1 -1
- package/authenticator.d.ts +53 -61
- package/authenticator.js +11 -11
- package/authenticator.js.map +1 -1
- package/behaviour.d.ts +21 -41
- package/behaviour.js +0 -2
- package/behaviour.js.map +1 -1
- package/brand.d.ts +23 -22
- package/brand.js +8 -4
- package/brand.js.map +1 -1
- package/captcha.d.ts +15 -17
- package/captcha.js +3 -5
- package/captcha.js.map +1 -1
- package/captchaOrgWideSettings.d.ts +8 -43
- package/captchaOrgWideSettings.js +2 -37
- package/captchaOrgWideSettings.js.map +1 -1
- package/domain.d.ts +13 -21
- package/domain.js +0 -2
- package/domain.js.map +1 -1
- package/domainCertificate.d.ts +17 -24
- package/domainCertificate.js +2 -9
- package/domainCertificate.js.map +1 -1
- package/domainVerification.d.ts +4 -10
- package/domainVerification.js +1 -7
- package/domainVerification.js.map +1 -1
- package/emailCustomization.d.ts +38 -222
- package/emailCustomization.js +29 -33
- package/emailCustomization.js.map +1 -1
- package/emailDomain.d.ts +4 -8
- package/emailDomain.js +0 -4
- package/emailDomain.js.map +1 -1
- package/emailDomainVerification.d.ts +3 -7
- package/emailDomainVerification.js +0 -4
- package/emailDomainVerification.js.map +1 -1
- package/emailSender.d.ts +15 -17
- package/emailSender.js +2 -4
- package/emailSender.js.map +1 -1
- package/emailSenderVerification.d.ts +5 -9
- package/emailSenderVerification.js +2 -6
- package/emailSenderVerification.js.map +1 -1
- package/eventHook.d.ts +16 -11
- package/eventHook.js +1 -5
- package/eventHook.js.map +1 -1
- package/eventHookVerification.d.ts +4 -10
- package/eventHookVerification.js +1 -7
- package/eventHookVerification.js.map +1 -1
- package/factor/factor.d.ts +4 -9
- package/factor/factor.js +1 -3
- package/factor/factor.js.map +1 -1
- package/factorTotp.d.ts +12 -21
- package/factorTotp.js +3 -3
- package/factorTotp.js.map +1 -1
- package/getAppGroupAssignments.d.ts +6 -6
- package/getAppGroupAssignments.js +2 -2
- package/getAppSignonPolicy.d.ts +16 -6
- package/getAppSignonPolicy.js +8 -4
- package/getAppSignonPolicy.js.map +1 -1
- package/getAppUserAssignments.d.ts +6 -6
- package/getAppUserAssignments.js +2 -2
- package/getAuthServerClaim.d.ts +15 -12
- package/getAuthServerClaim.js +2 -2
- package/getAuthServerClaim.js.map +1 -1
- package/getAuthServerClaims.d.ts +8 -5
- package/getAuthServerClaims.js +2 -2
- package/getAuthServerClaims.js.map +1 -1
- package/getAuthenticator.d.ts +24 -26
- package/getAuthenticator.js +14 -22
- package/getAuthenticator.js.map +1 -1
- package/getBehaviour.d.ts +6 -8
- package/getBehaviour.js +2 -2
- package/getBehaviour.js.map +1 -1
- package/getBehaviours.d.ts +7 -7
- package/getBehaviours.js +2 -2
- package/getBrand.d.ts +9 -6
- package/getBrand.js +2 -2
- package/getBrand.js.map +1 -1
- package/getBrands.d.ts +2 -2
- package/getBrands.js +2 -2
- package/getDomain.d.ts +11 -14
- package/getDomain.js +2 -8
- package/getDomain.js.map +1 -1
- package/getEmailCustomization.d.ts +14 -9
- package/getEmailCustomization.js +2 -6
- package/getEmailCustomization.js.map +1 -1
- package/getEmailCustomizations.d.ts +11 -9
- package/getEmailCustomizations.js +2 -6
- package/getEmailCustomizations.js.map +1 -1
- package/getGroups.d.ts +11 -25
- package/getGroups.js +2 -2
- package/getGroups.js.map +1 -1
- package/getLogStream.d.ts +8 -39
- package/getLogStream.js +2 -24
- package/getLogStream.js.map +1 -1
- package/getNetworkZone.d.ts +12 -12
- package/getNetworkZone.js +2 -2
- package/getOrgMetadata.d.ts +0 -22
- package/getOrgMetadata.js +0 -22
- package/getOrgMetadata.js.map +1 -1
- package/getRoleSubscription.d.ts +13 -35
- package/getRoleSubscription.js +2 -2
- package/getRoleSubscription.js.map +1 -1
- package/getTemplate.d.ts +10 -8
- package/getTemplate.js +2 -6
- package/getTemplate.js.map +1 -1
- package/getTemplates.d.ts +6 -7
- package/getTemplates.js +2 -6
- package/getTemplates.js.map +1 -1
- package/getTheme.d.ts +14 -12
- package/getTheme.js +2 -6
- package/getTheme.js.map +1 -1
- package/getThemes.d.ts +6 -7
- package/getThemes.js +2 -6
- package/getThemes.js.map +1 -1
- package/getTrustedOrigins.d.ts +7 -4
- package/getTrustedOrigins.js +2 -2
- package/getTrustedOrigins.js.map +1 -1
- package/getUserSecurityQuestions.d.ts +4 -8
- package/getUserSecurityQuestions.js +0 -4
- package/getUserSecurityQuestions.js.map +1 -1
- package/group/getEveryoneGroup.d.ts +10 -5
- package/group/getEveryoneGroup.js +4 -2
- package/group/getEveryoneGroup.js.map +1 -1
- package/group/getGroup.d.ts +17 -26
- package/group/getGroup.js +2 -2
- package/group/getGroup.js.map +1 -1
- package/group/getRule.d.ts +9 -9
- package/group/getRule.js +2 -2
- package/group/group.d.ts +4 -36
- package/group/group.js +1 -33
- package/group/group.js.map +1 -1
- package/group/role.d.ts +37 -81
- package/group/role.js +1 -6
- package/group/role.js.map +1 -1
- package/group/rule.d.ts +12 -20
- package/group/rule.js +0 -2
- package/group/rule.js.map +1 -1
- package/groupMemberships.d.ts +8 -10
- package/groupMemberships.js +2 -4
- package/groupMemberships.js.map +1 -1
- package/groupSchemaProperty.d.ts +57 -59
- package/groupSchemaProperty.js +0 -2
- package/groupSchemaProperty.js.map +1 -1
- package/idp/getMetadataSaml.d.ts +9 -6
- package/idp/getMetadataSaml.js +2 -2
- package/idp/getMetadataSaml.js.map +1 -1
- package/idp/getOidc.d.ts +9 -9
- package/idp/getOidc.js +2 -2
- package/idp/getSaml.d.ts +16 -13
- package/idp/getSaml.js +2 -2
- package/idp/getSaml.js.map +1 -1
- package/idp/getSocial.d.ts +8 -2
- package/idp/getSocial.js +2 -2
- package/idp/getSocial.js.map +1 -1
- package/idp/oidc.d.ts +70 -62
- package/idp/oidc.js +3 -5
- package/idp/oidc.js.map +1 -1
- package/idp/saml.d.ts +64 -86
- package/idp/saml.js +1 -5
- package/idp/saml.js.map +1 -1
- package/idp/samlKey.d.ts +3 -5
- package/idp/samlKey.js +0 -2
- package/idp/samlKey.js.map +1 -1
- package/idp/social.d.ts +99 -69
- package/idp/social.js +11 -5
- package/idp/social.js.map +1 -1
- package/inline/hook.d.ts +4 -26
- package/inline/hook.js +1 -5
- package/inline/hook.js.map +1 -1
- package/linkDefinition.d.ts +2 -3
- package/linkDefinition.js +2 -3
- package/linkDefinition.js.map +1 -1
- package/linkValue.d.ts +7 -9
- package/linkValue.js +1 -3
- package/linkValue.js.map +1 -1
- package/logStream.d.ts +32 -27
- package/logStream.js +23 -9
- package/logStream.js.map +1 -1
- package/network/zone.d.ts +25 -66
- package/network/zone.js +1 -39
- package/network/zone.js.map +1 -1
- package/orgConfiguration.d.ts +4 -9
- package/orgConfiguration.js +1 -3
- package/orgConfiguration.js.map +1 -1
- package/orgSupport.d.ts +4 -7
- package/orgSupport.js +1 -4
- package/orgSupport.js.map +1 -1
- package/package.json +3 -3
- package/policy/getDefaultPolicy.d.ts +9 -7
- package/policy/getDefaultPolicy.js +6 -2
- package/policy/getDefaultPolicy.js.map +1 -1
- package/policy/getPolicy.d.ts +11 -26
- package/policy/getPolicy.js +2 -2
- package/policy/getPolicy.js.map +1 -1
- package/policy/mfa.d.ts +18 -220
- package/policy/mfa.js +0 -10
- package/policy/mfa.js.map +1 -1
- package/policy/password.d.ts +91 -95
- package/policy/password.js +1 -5
- package/policy/password.js.map +1 -1
- package/policy/ruleIdpDiscovery.d.ts +111 -93
- package/policy/ruleIdpDiscovery.js +48 -57
- package/policy/ruleIdpDiscovery.js.map +1 -1
- package/policy/ruleMfa.d.ts +40 -30
- package/policy/ruleMfa.js +1 -3
- package/policy/ruleMfa.js.map +1 -1
- package/policy/rulePassword.d.ts +34 -38
- package/policy/rulePassword.js +1 -5
- package/policy/rulePassword.js.map +1 -1
- package/policy/ruleSignon.d.ts +94 -85
- package/policy/ruleSignon.js +1 -4
- package/policy/ruleSignon.js.map +1 -1
- package/policy/signon.d.ts +16 -20
- package/policy/signon.js +1 -5
- package/policy/signon.js.map +1 -1
- package/policyMfaDefault.d.ts +15 -214
- package/policyMfaDefault.js +2 -9
- package/policyMfaDefault.js.map +1 -1
- package/policyPasswordDefault.d.ts +85 -101
- package/policyPasswordDefault.js +1 -5
- package/policyPasswordDefault.js.map +1 -1
- package/policyProfileEnrollment.d.ts +8 -9
- package/policyProfileEnrollment.js +2 -3
- package/policyProfileEnrollment.js.map +1 -1
- package/policyProfileEnrollmentApps.d.ts +8 -11
- package/policyProfileEnrollmentApps.js +3 -6
- package/policyProfileEnrollmentApps.js.map +1 -1
- package/policyRuleProfileEnrollment.d.ts +42 -31
- package/policyRuleProfileEnrollment.js +2 -3
- package/policyRuleProfileEnrollment.js.map +1 -1
- package/profile/mapping.d.ts +19 -34
- package/profile/mapping.js +4 -4
- package/profile/mapping.js.map +1 -1
- package/rateLimiting.d.ts +8 -17
- package/rateLimiting.js +2 -5
- package/rateLimiting.js.map +1 -1
- package/resourceSet.d.ts +18 -26
- package/resourceSet.js +9 -14
- package/resourceSet.js.map +1 -1
- package/roleSubscription.d.ts +35 -86
- package/roleSubscription.js +2 -2
- package/roleSubscription.js.map +1 -1
- package/securityNotificationEmails.d.ts +4 -7
- package/securityNotificationEmails.js +4 -7
- package/securityNotificationEmails.js.map +1 -1
- package/templateSms.d.ts +4 -8
- package/templateSms.js +1 -5
- package/templateSms.js.map +1 -1
- package/theme.d.ts +46 -46
- package/theme.js +2 -2
- package/threatInsightSettings.d.ts +7 -27
- package/threatInsightSettings.js +1 -3
- package/threatInsightSettings.js.map +1 -1
- package/trustedorigin/origin.d.ts +13 -17
- package/trustedorigin/origin.js +1 -5
- package/trustedorigin/origin.js.map +1 -1
- package/types/input.d.ts +65 -162
- package/types/output.d.ts +75 -275
- package/user/getUser.d.ts +32 -104
- package/user/getUser.js +2 -2
- package/user/getUser.js.map +1 -1
- package/user/getUserProfileMappingSource.d.ts +9 -7
- package/user/getUserProfileMappingSource.js +6 -4
- package/user/getUserProfileMappingSource.js.map +1 -1
- package/user/getUserType.d.ts +7 -7
- package/user/getUserType.js +2 -2
- package/user/getUsers.d.ts +95 -37
- package/user/getUsers.js +64 -24
- package/user/getUsers.js.map +1 -1
- package/user/user.d.ts +160 -209
- package/user/user.js +43 -65
- package/user/user.js.map +1 -1
- package/user/userType.d.ts +1 -5
- package/user/userType.js +1 -5
- package/user/userType.js.map +1 -1
- package/userAdminRoles.d.ts +10 -17
- package/userAdminRoles.js +1 -5
- package/userAdminRoles.js.map +1 -1
- package/userBaseSchemaProperty.d.ts +26 -34
- package/userBaseSchemaProperty.js +2 -10
- package/userBaseSchemaProperty.js.map +1 -1
- package/userFactorQuestion.d.ts +1 -5
- package/userFactorQuestion.js +1 -5
- package/userFactorQuestion.js.map +1 -1
- package/userGroupMemberships.d.ts +3 -3
- package/userSchemaProperty.d.ts +57 -56
- package/userSchemaProperty.js +0 -8
- package/userSchemaProperty.js.map +1 -1
|
@@ -1,30 +1,5 @@
|
|
|
1
1
|
import * as pulumi from "@pulumi/pulumi";
|
|
2
2
|
/**
|
|
3
|
-
* ## Example Usage
|
|
4
|
-
*
|
|
5
|
-
* ```typescript
|
|
6
|
-
* import * as pulumi from "@pulumi/pulumi";
|
|
7
|
-
* import * as okta from "@pulumi/okta";
|
|
8
|
-
*
|
|
9
|
-
* const example = new okta.auth.ServerPolicyRule("example", {
|
|
10
|
-
* authServerId: "<auth server id>",
|
|
11
|
-
* policyId: "<auth server policy id>",
|
|
12
|
-
* status: "ACTIVE",
|
|
13
|
-
* name: "example",
|
|
14
|
-
* priority: 1,
|
|
15
|
-
* groupWhitelists: ["<group ids>"],
|
|
16
|
-
* grantTypeWhitelists: ["implicit"],
|
|
17
|
-
* });
|
|
18
|
-
* ```
|
|
19
|
-
*
|
|
20
|
-
* ## Import
|
|
21
|
-
*
|
|
22
|
-
* Authorization Server Policy Rule can be imported via the Auth Server ID, Policy ID, and Policy Rule ID.
|
|
23
|
-
*
|
|
24
|
-
* ```sh
|
|
25
|
-
* $ pulumi import okta:auth/serverPolicyClaim:ServerPolicyClaim example <auth server id>/<policy id>/<policy rule id>
|
|
26
|
-
* ```
|
|
27
|
-
*
|
|
28
3
|
* @deprecated okta.auth/serverpolicyclaim.ServerPolicyClaim has been deprecated in favor of okta.auth/serverpolicyrule.ServerPolicyRule
|
|
29
4
|
*/
|
|
30
5
|
export declare class ServerPolicyClaim extends pulumi.CustomResource {
|
|
@@ -48,13 +23,15 @@ export declare class ServerPolicyClaim extends pulumi.CustomResource {
|
|
|
48
23
|
*/
|
|
49
24
|
readonly accessTokenLifetimeMinutes: pulumi.Output<number | undefined>;
|
|
50
25
|
/**
|
|
51
|
-
* Auth
|
|
26
|
+
* Auth server ID
|
|
52
27
|
*/
|
|
53
28
|
readonly authServerId: pulumi.Output<string>;
|
|
54
29
|
/**
|
|
55
|
-
* Accepted grant type values, `
|
|
56
|
-
* `
|
|
57
|
-
* `
|
|
30
|
+
* Accepted grant type values, `authorizationCode`, `implicit`, `password`, `clientCredentials`,
|
|
31
|
+
* `urn:ietf:params:oauth:grant-type:saml2-bearer` (*Early Access Property*),
|
|
32
|
+
* `urn:ietf:params:oauth:grant-type:token-exchange` (*Early Access
|
|
33
|
+
* Property*),`urn:ietf:params:oauth:grant-type:device_code` (*Early Access Property*), `interactionCode` (*OIE only*). For
|
|
34
|
+
* `implicit` value either `userWhitelist` or `groupWhitelist` should be set.
|
|
58
35
|
*/
|
|
59
36
|
readonly grantTypeWhitelists: pulumi.Output<string[]>;
|
|
60
37
|
/**
|
|
@@ -62,7 +39,7 @@ export declare class ServerPolicyClaim extends pulumi.CustomResource {
|
|
|
62
39
|
*/
|
|
63
40
|
readonly groupBlacklists: pulumi.Output<string[] | undefined>;
|
|
64
41
|
/**
|
|
65
|
-
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `
|
|
42
|
+
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `EVERYONE`.
|
|
66
43
|
*/
|
|
67
44
|
readonly groupWhitelists: pulumi.Output<string[] | undefined>;
|
|
68
45
|
/**
|
|
@@ -70,15 +47,15 @@ export declare class ServerPolicyClaim extends pulumi.CustomResource {
|
|
|
70
47
|
*/
|
|
71
48
|
readonly inlineHookId: pulumi.Output<string | undefined>;
|
|
72
49
|
/**
|
|
73
|
-
* Auth
|
|
50
|
+
* Auth server policy rule name
|
|
74
51
|
*/
|
|
75
52
|
readonly name: pulumi.Output<string>;
|
|
76
53
|
/**
|
|
77
|
-
* Auth
|
|
54
|
+
* Auth server policy ID
|
|
78
55
|
*/
|
|
79
56
|
readonly policyId: pulumi.Output<string>;
|
|
80
57
|
/**
|
|
81
|
-
* Priority of the auth server policy rule
|
|
58
|
+
* Priority of the auth server policy rule
|
|
82
59
|
*/
|
|
83
60
|
readonly priority: pulumi.Output<number>;
|
|
84
61
|
/**
|
|
@@ -86,24 +63,25 @@ export declare class ServerPolicyClaim extends pulumi.CustomResource {
|
|
|
86
63
|
*/
|
|
87
64
|
readonly refreshTokenLifetimeMinutes: pulumi.Output<number | undefined>;
|
|
88
65
|
/**
|
|
89
|
-
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is
|
|
90
|
-
* `
|
|
66
|
+
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is
|
|
67
|
+
* `10080` (7 days).`refreshTokenWindowMinutes` must be between `accessTokenLifetimeMinutes` and
|
|
68
|
+
* `refreshTokenLifetimeMinutes`.
|
|
91
69
|
*/
|
|
92
70
|
readonly refreshTokenWindowMinutes: pulumi.Output<number | undefined>;
|
|
93
71
|
/**
|
|
94
|
-
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with `
|
|
72
|
+
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with ` * `
|
|
95
73
|
*/
|
|
96
74
|
readonly scopeWhitelists: pulumi.Output<string[] | undefined>;
|
|
97
75
|
/**
|
|
98
|
-
*
|
|
76
|
+
* Default to `ACTIVE`
|
|
99
77
|
*/
|
|
100
78
|
readonly status: pulumi.Output<string | undefined>;
|
|
101
79
|
/**
|
|
102
|
-
* The rule is the system (default) rule for its associated policy
|
|
80
|
+
* The rule is the system (default) rule for its associated policy
|
|
103
81
|
*/
|
|
104
82
|
readonly system: pulumi.Output<boolean>;
|
|
105
83
|
/**
|
|
106
|
-
*
|
|
84
|
+
* Auth server policy rule type, unlikely this will be anything other then the default
|
|
107
85
|
*/
|
|
108
86
|
readonly type: pulumi.Output<string | undefined>;
|
|
109
87
|
/**
|
|
@@ -133,13 +111,15 @@ export interface ServerPolicyClaimState {
|
|
|
133
111
|
*/
|
|
134
112
|
accessTokenLifetimeMinutes?: pulumi.Input<number>;
|
|
135
113
|
/**
|
|
136
|
-
* Auth
|
|
114
|
+
* Auth server ID
|
|
137
115
|
*/
|
|
138
116
|
authServerId?: pulumi.Input<string>;
|
|
139
117
|
/**
|
|
140
|
-
* Accepted grant type values, `
|
|
141
|
-
* `
|
|
142
|
-
* `
|
|
118
|
+
* Accepted grant type values, `authorizationCode`, `implicit`, `password`, `clientCredentials`,
|
|
119
|
+
* `urn:ietf:params:oauth:grant-type:saml2-bearer` (*Early Access Property*),
|
|
120
|
+
* `urn:ietf:params:oauth:grant-type:token-exchange` (*Early Access
|
|
121
|
+
* Property*),`urn:ietf:params:oauth:grant-type:device_code` (*Early Access Property*), `interactionCode` (*OIE only*). For
|
|
122
|
+
* `implicit` value either `userWhitelist` or `groupWhitelist` should be set.
|
|
143
123
|
*/
|
|
144
124
|
grantTypeWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
145
125
|
/**
|
|
@@ -147,7 +127,7 @@ export interface ServerPolicyClaimState {
|
|
|
147
127
|
*/
|
|
148
128
|
groupBlacklists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
149
129
|
/**
|
|
150
|
-
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `
|
|
130
|
+
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `EVERYONE`.
|
|
151
131
|
*/
|
|
152
132
|
groupWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
153
133
|
/**
|
|
@@ -155,15 +135,15 @@ export interface ServerPolicyClaimState {
|
|
|
155
135
|
*/
|
|
156
136
|
inlineHookId?: pulumi.Input<string>;
|
|
157
137
|
/**
|
|
158
|
-
* Auth
|
|
138
|
+
* Auth server policy rule name
|
|
159
139
|
*/
|
|
160
140
|
name?: pulumi.Input<string>;
|
|
161
141
|
/**
|
|
162
|
-
* Auth
|
|
142
|
+
* Auth server policy ID
|
|
163
143
|
*/
|
|
164
144
|
policyId?: pulumi.Input<string>;
|
|
165
145
|
/**
|
|
166
|
-
* Priority of the auth server policy rule
|
|
146
|
+
* Priority of the auth server policy rule
|
|
167
147
|
*/
|
|
168
148
|
priority?: pulumi.Input<number>;
|
|
169
149
|
/**
|
|
@@ -171,24 +151,25 @@ export interface ServerPolicyClaimState {
|
|
|
171
151
|
*/
|
|
172
152
|
refreshTokenLifetimeMinutes?: pulumi.Input<number>;
|
|
173
153
|
/**
|
|
174
|
-
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is
|
|
175
|
-
* `
|
|
154
|
+
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is
|
|
155
|
+
* `10080` (7 days).`refreshTokenWindowMinutes` must be between `accessTokenLifetimeMinutes` and
|
|
156
|
+
* `refreshTokenLifetimeMinutes`.
|
|
176
157
|
*/
|
|
177
158
|
refreshTokenWindowMinutes?: pulumi.Input<number>;
|
|
178
159
|
/**
|
|
179
|
-
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with `
|
|
160
|
+
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with ` * `
|
|
180
161
|
*/
|
|
181
162
|
scopeWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
182
163
|
/**
|
|
183
|
-
*
|
|
164
|
+
* Default to `ACTIVE`
|
|
184
165
|
*/
|
|
185
166
|
status?: pulumi.Input<string>;
|
|
186
167
|
/**
|
|
187
|
-
* The rule is the system (default) rule for its associated policy
|
|
168
|
+
* The rule is the system (default) rule for its associated policy
|
|
188
169
|
*/
|
|
189
170
|
system?: pulumi.Input<boolean>;
|
|
190
171
|
/**
|
|
191
|
-
*
|
|
172
|
+
* Auth server policy rule type, unlikely this will be anything other then the default
|
|
192
173
|
*/
|
|
193
174
|
type?: pulumi.Input<string>;
|
|
194
175
|
/**
|
|
@@ -209,13 +190,15 @@ export interface ServerPolicyClaimArgs {
|
|
|
209
190
|
*/
|
|
210
191
|
accessTokenLifetimeMinutes?: pulumi.Input<number>;
|
|
211
192
|
/**
|
|
212
|
-
* Auth
|
|
193
|
+
* Auth server ID
|
|
213
194
|
*/
|
|
214
195
|
authServerId: pulumi.Input<string>;
|
|
215
196
|
/**
|
|
216
|
-
* Accepted grant type values, `
|
|
217
|
-
* `
|
|
218
|
-
* `
|
|
197
|
+
* Accepted grant type values, `authorizationCode`, `implicit`, `password`, `clientCredentials`,
|
|
198
|
+
* `urn:ietf:params:oauth:grant-type:saml2-bearer` (*Early Access Property*),
|
|
199
|
+
* `urn:ietf:params:oauth:grant-type:token-exchange` (*Early Access
|
|
200
|
+
* Property*),`urn:ietf:params:oauth:grant-type:device_code` (*Early Access Property*), `interactionCode` (*OIE only*). For
|
|
201
|
+
* `implicit` value either `userWhitelist` or `groupWhitelist` should be set.
|
|
219
202
|
*/
|
|
220
203
|
grantTypeWhitelists: pulumi.Input<pulumi.Input<string>[]>;
|
|
221
204
|
/**
|
|
@@ -223,7 +206,7 @@ export interface ServerPolicyClaimArgs {
|
|
|
223
206
|
*/
|
|
224
207
|
groupBlacklists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
225
208
|
/**
|
|
226
|
-
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `
|
|
209
|
+
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `EVERYONE`.
|
|
227
210
|
*/
|
|
228
211
|
groupWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
229
212
|
/**
|
|
@@ -231,15 +214,15 @@ export interface ServerPolicyClaimArgs {
|
|
|
231
214
|
*/
|
|
232
215
|
inlineHookId?: pulumi.Input<string>;
|
|
233
216
|
/**
|
|
234
|
-
* Auth
|
|
217
|
+
* Auth server policy rule name
|
|
235
218
|
*/
|
|
236
219
|
name?: pulumi.Input<string>;
|
|
237
220
|
/**
|
|
238
|
-
* Auth
|
|
221
|
+
* Auth server policy ID
|
|
239
222
|
*/
|
|
240
223
|
policyId: pulumi.Input<string>;
|
|
241
224
|
/**
|
|
242
|
-
* Priority of the auth server policy rule
|
|
225
|
+
* Priority of the auth server policy rule
|
|
243
226
|
*/
|
|
244
227
|
priority: pulumi.Input<number>;
|
|
245
228
|
/**
|
|
@@ -247,20 +230,21 @@ export interface ServerPolicyClaimArgs {
|
|
|
247
230
|
*/
|
|
248
231
|
refreshTokenLifetimeMinutes?: pulumi.Input<number>;
|
|
249
232
|
/**
|
|
250
|
-
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is
|
|
251
|
-
* `
|
|
233
|
+
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is
|
|
234
|
+
* `10080` (7 days).`refreshTokenWindowMinutes` must be between `accessTokenLifetimeMinutes` and
|
|
235
|
+
* `refreshTokenLifetimeMinutes`.
|
|
252
236
|
*/
|
|
253
237
|
refreshTokenWindowMinutes?: pulumi.Input<number>;
|
|
254
238
|
/**
|
|
255
|
-
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with `
|
|
239
|
+
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with ` * `
|
|
256
240
|
*/
|
|
257
241
|
scopeWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
258
242
|
/**
|
|
259
|
-
*
|
|
243
|
+
* Default to `ACTIVE`
|
|
260
244
|
*/
|
|
261
245
|
status?: pulumi.Input<string>;
|
|
262
246
|
/**
|
|
263
|
-
*
|
|
247
|
+
* Auth server policy rule type, unlikely this will be anything other then the default
|
|
264
248
|
*/
|
|
265
249
|
type?: pulumi.Input<string>;
|
|
266
250
|
/**
|
|
@@ -6,31 +6,6 @@ exports.ServerPolicyClaim = void 0;
|
|
|
6
6
|
const pulumi = require("@pulumi/pulumi");
|
|
7
7
|
const utilities = require("../utilities");
|
|
8
8
|
/**
|
|
9
|
-
* ## Example Usage
|
|
10
|
-
*
|
|
11
|
-
* ```typescript
|
|
12
|
-
* import * as pulumi from "@pulumi/pulumi";
|
|
13
|
-
* import * as okta from "@pulumi/okta";
|
|
14
|
-
*
|
|
15
|
-
* const example = new okta.auth.ServerPolicyRule("example", {
|
|
16
|
-
* authServerId: "<auth server id>",
|
|
17
|
-
* policyId: "<auth server policy id>",
|
|
18
|
-
* status: "ACTIVE",
|
|
19
|
-
* name: "example",
|
|
20
|
-
* priority: 1,
|
|
21
|
-
* groupWhitelists: ["<group ids>"],
|
|
22
|
-
* grantTypeWhitelists: ["implicit"],
|
|
23
|
-
* });
|
|
24
|
-
* ```
|
|
25
|
-
*
|
|
26
|
-
* ## Import
|
|
27
|
-
*
|
|
28
|
-
* Authorization Server Policy Rule can be imported via the Auth Server ID, Policy ID, and Policy Rule ID.
|
|
29
|
-
*
|
|
30
|
-
* ```sh
|
|
31
|
-
* $ pulumi import okta:auth/serverPolicyClaim:ServerPolicyClaim example <auth server id>/<policy id>/<policy rule id>
|
|
32
|
-
* ```
|
|
33
|
-
*
|
|
34
9
|
* @deprecated okta.auth/serverpolicyclaim.ServerPolicyClaim has been deprecated in favor of okta.auth/serverpolicyrule.ServerPolicyRule
|
|
35
10
|
*/
|
|
36
11
|
class ServerPolicyClaim extends pulumi.CustomResource {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serverPolicyClaim.js","sourceRoot":"","sources":["../../auth/serverPolicyClaim.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"serverPolicyClaim.js","sourceRoot":"","sources":["../../auth/serverPolicyClaim.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;GAEG;AACH,MAAa,iBAAkB,SAAQ,MAAM,CAAC,cAAc;IACxD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA8B,EAAE,IAAmC;QAC5H,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,4JAA4J,CAAC,CAAA;QAC7K,OAAO,IAAI,iBAAiB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACxE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,iBAAiB,CAAC,YAAY,CAAC;IAClE,CAAC;IAsFD,4IAA4I;IAC5I,YAAY,IAAY,EAAE,WAA4D,EAAE,IAAmC;QACvH,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,4JAA4J,CAAC,CAAA;QAC7K,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAiD,CAAC;YAChE,cAAc,CAAC,4BAA4B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAC,SAAS,CAAC;YACpG,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,6BAA6B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC,CAAC,SAAS,CAAC;YACtG,cAAc,CAAC,2BAA2B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClG,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/E;aAAM;YACH,MAAM,IAAI,GAAG,WAAgD,CAAC;YAC9D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACzD,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;aAC/D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,mBAAmB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAChE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;aACtE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,cAAc,CAAC,4BAA4B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC,SAAS,CAAC;YAClG,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,6BAA6B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC,SAAS,CAAC;YACpG,cAAc,CAAC,2BAA2B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChG,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,QAAQ,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAChD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,KAAK,CAAC,iBAAiB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACtE,CAAC;;AA3KL,8CA4KC;AA7JG,gBAAgB;AACO,8BAAY,GAAG,+CAA+C,CAAC"}
|
|
@@ -19,8 +19,6 @@ import * as pulumi from "@pulumi/pulumi";
|
|
|
19
19
|
*
|
|
20
20
|
* ## Import
|
|
21
21
|
*
|
|
22
|
-
* Authorization Server Policy Rule can be imported via the Auth Server ID, Policy ID, and Policy Rule ID.
|
|
23
|
-
*
|
|
24
22
|
* ```sh
|
|
25
23
|
* $ pulumi import okta:auth/serverPolicyRule:ServerPolicyRule example <auth server id>/<policy id>/<policy rule id>
|
|
26
24
|
* ```
|
|
@@ -46,13 +44,11 @@ export declare class ServerPolicyRule extends pulumi.CustomResource {
|
|
|
46
44
|
*/
|
|
47
45
|
readonly accessTokenLifetimeMinutes: pulumi.Output<number | undefined>;
|
|
48
46
|
/**
|
|
49
|
-
* Auth
|
|
47
|
+
* Auth server ID
|
|
50
48
|
*/
|
|
51
49
|
readonly authServerId: pulumi.Output<string>;
|
|
52
50
|
/**
|
|
53
|
-
* Accepted grant type values, `
|
|
54
|
-
* `"urn:ietf:params:oauth:grant-type:saml2-bearer"` (*Early Access Property*), `"urn:ietf:params:oauth:grant-type:token-exchange"` (*Early Access Property*),
|
|
55
|
-
* `"urn:ietf:params:oauth:grant-type:device_code"` (*Early Access Property*), `"interactionCode"` (*OIE only*). For `"implicit"` value either `userWhitelist` or `groupWhitelist` should be set.
|
|
51
|
+
* Accepted grant type values, `authorizationCode`, `implicit`, `password`, `clientCredentials`, `urn:ietf:params:oauth:grant-type:saml2-bearer` (*Early Access Property*), `urn:ietf:params:oauth:grant-type:token-exchange` (*Early Access Property*),`urn:ietf:params:oauth:grant-type:device_code` (*Early Access Property*), `interactionCode` (*OIE only*). For `implicit` value either `userWhitelist` or `groupWhitelist` should be set.
|
|
56
52
|
*/
|
|
57
53
|
readonly grantTypeWhitelists: pulumi.Output<string[]>;
|
|
58
54
|
/**
|
|
@@ -60,7 +56,7 @@ export declare class ServerPolicyRule extends pulumi.CustomResource {
|
|
|
60
56
|
*/
|
|
61
57
|
readonly groupBlacklists: pulumi.Output<string[] | undefined>;
|
|
62
58
|
/**
|
|
63
|
-
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `
|
|
59
|
+
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `EVERYONE`.
|
|
64
60
|
*/
|
|
65
61
|
readonly groupWhitelists: pulumi.Output<string[] | undefined>;
|
|
66
62
|
/**
|
|
@@ -68,15 +64,15 @@ export declare class ServerPolicyRule extends pulumi.CustomResource {
|
|
|
68
64
|
*/
|
|
69
65
|
readonly inlineHookId: pulumi.Output<string | undefined>;
|
|
70
66
|
/**
|
|
71
|
-
* Auth
|
|
67
|
+
* Auth server policy rule name
|
|
72
68
|
*/
|
|
73
69
|
readonly name: pulumi.Output<string>;
|
|
74
70
|
/**
|
|
75
|
-
* Auth
|
|
71
|
+
* Auth server policy ID
|
|
76
72
|
*/
|
|
77
73
|
readonly policyId: pulumi.Output<string>;
|
|
78
74
|
/**
|
|
79
|
-
* Priority of the auth server policy rule
|
|
75
|
+
* Priority of the auth server policy rule
|
|
80
76
|
*/
|
|
81
77
|
readonly priority: pulumi.Output<number>;
|
|
82
78
|
/**
|
|
@@ -84,24 +80,23 @@ export declare class ServerPolicyRule extends pulumi.CustomResource {
|
|
|
84
80
|
*/
|
|
85
81
|
readonly refreshTokenLifetimeMinutes: pulumi.Output<number | undefined>;
|
|
86
82
|
/**
|
|
87
|
-
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is `10080` (7 days)
|
|
88
|
-
* `"refreshTokenWindowMinutes"` must be between `"accessTokenLifetimeMinutes"` and `"refreshTokenLifetimeMinutes"`.
|
|
83
|
+
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is `10080` (7 days).`refreshTokenWindowMinutes` must be between `accessTokenLifetimeMinutes` and `refreshTokenLifetimeMinutes`.
|
|
89
84
|
*/
|
|
90
85
|
readonly refreshTokenWindowMinutes: pulumi.Output<number | undefined>;
|
|
91
86
|
/**
|
|
92
|
-
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with
|
|
87
|
+
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with `*`
|
|
93
88
|
*/
|
|
94
89
|
readonly scopeWhitelists: pulumi.Output<string[] | undefined>;
|
|
95
90
|
/**
|
|
96
|
-
*
|
|
91
|
+
* Default to `ACTIVE`
|
|
97
92
|
*/
|
|
98
93
|
readonly status: pulumi.Output<string | undefined>;
|
|
99
94
|
/**
|
|
100
|
-
* The rule is the system (default) rule for its associated policy
|
|
95
|
+
* The rule is the system (default) rule for its associated policy
|
|
101
96
|
*/
|
|
102
97
|
readonly system: pulumi.Output<boolean>;
|
|
103
98
|
/**
|
|
104
|
-
*
|
|
99
|
+
* Auth server policy rule type, unlikely this will be anything other then the default
|
|
105
100
|
*/
|
|
106
101
|
readonly type: pulumi.Output<string | undefined>;
|
|
107
102
|
/**
|
|
@@ -130,13 +125,11 @@ export interface ServerPolicyRuleState {
|
|
|
130
125
|
*/
|
|
131
126
|
accessTokenLifetimeMinutes?: pulumi.Input<number>;
|
|
132
127
|
/**
|
|
133
|
-
* Auth
|
|
128
|
+
* Auth server ID
|
|
134
129
|
*/
|
|
135
130
|
authServerId?: pulumi.Input<string>;
|
|
136
131
|
/**
|
|
137
|
-
* Accepted grant type values, `
|
|
138
|
-
* `"urn:ietf:params:oauth:grant-type:saml2-bearer"` (*Early Access Property*), `"urn:ietf:params:oauth:grant-type:token-exchange"` (*Early Access Property*),
|
|
139
|
-
* `"urn:ietf:params:oauth:grant-type:device_code"` (*Early Access Property*), `"interactionCode"` (*OIE only*). For `"implicit"` value either `userWhitelist` or `groupWhitelist` should be set.
|
|
132
|
+
* Accepted grant type values, `authorizationCode`, `implicit`, `password`, `clientCredentials`, `urn:ietf:params:oauth:grant-type:saml2-bearer` (*Early Access Property*), `urn:ietf:params:oauth:grant-type:token-exchange` (*Early Access Property*),`urn:ietf:params:oauth:grant-type:device_code` (*Early Access Property*), `interactionCode` (*OIE only*). For `implicit` value either `userWhitelist` or `groupWhitelist` should be set.
|
|
140
133
|
*/
|
|
141
134
|
grantTypeWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
142
135
|
/**
|
|
@@ -144,7 +137,7 @@ export interface ServerPolicyRuleState {
|
|
|
144
137
|
*/
|
|
145
138
|
groupBlacklists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
146
139
|
/**
|
|
147
|
-
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `
|
|
140
|
+
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `EVERYONE`.
|
|
148
141
|
*/
|
|
149
142
|
groupWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
150
143
|
/**
|
|
@@ -152,15 +145,15 @@ export interface ServerPolicyRuleState {
|
|
|
152
145
|
*/
|
|
153
146
|
inlineHookId?: pulumi.Input<string>;
|
|
154
147
|
/**
|
|
155
|
-
* Auth
|
|
148
|
+
* Auth server policy rule name
|
|
156
149
|
*/
|
|
157
150
|
name?: pulumi.Input<string>;
|
|
158
151
|
/**
|
|
159
|
-
* Auth
|
|
152
|
+
* Auth server policy ID
|
|
160
153
|
*/
|
|
161
154
|
policyId?: pulumi.Input<string>;
|
|
162
155
|
/**
|
|
163
|
-
* Priority of the auth server policy rule
|
|
156
|
+
* Priority of the auth server policy rule
|
|
164
157
|
*/
|
|
165
158
|
priority?: pulumi.Input<number>;
|
|
166
159
|
/**
|
|
@@ -168,24 +161,23 @@ export interface ServerPolicyRuleState {
|
|
|
168
161
|
*/
|
|
169
162
|
refreshTokenLifetimeMinutes?: pulumi.Input<number>;
|
|
170
163
|
/**
|
|
171
|
-
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is `10080` (7 days)
|
|
172
|
-
* `"refreshTokenWindowMinutes"` must be between `"accessTokenLifetimeMinutes"` and `"refreshTokenLifetimeMinutes"`.
|
|
164
|
+
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is `10080` (7 days).`refreshTokenWindowMinutes` must be between `accessTokenLifetimeMinutes` and `refreshTokenLifetimeMinutes`.
|
|
173
165
|
*/
|
|
174
166
|
refreshTokenWindowMinutes?: pulumi.Input<number>;
|
|
175
167
|
/**
|
|
176
|
-
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with
|
|
168
|
+
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with `*`
|
|
177
169
|
*/
|
|
178
170
|
scopeWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
179
171
|
/**
|
|
180
|
-
*
|
|
172
|
+
* Default to `ACTIVE`
|
|
181
173
|
*/
|
|
182
174
|
status?: pulumi.Input<string>;
|
|
183
175
|
/**
|
|
184
|
-
* The rule is the system (default) rule for its associated policy
|
|
176
|
+
* The rule is the system (default) rule for its associated policy
|
|
185
177
|
*/
|
|
186
178
|
system?: pulumi.Input<boolean>;
|
|
187
179
|
/**
|
|
188
|
-
*
|
|
180
|
+
* Auth server policy rule type, unlikely this will be anything other then the default
|
|
189
181
|
*/
|
|
190
182
|
type?: pulumi.Input<string>;
|
|
191
183
|
/**
|
|
@@ -206,13 +198,11 @@ export interface ServerPolicyRuleArgs {
|
|
|
206
198
|
*/
|
|
207
199
|
accessTokenLifetimeMinutes?: pulumi.Input<number>;
|
|
208
200
|
/**
|
|
209
|
-
* Auth
|
|
201
|
+
* Auth server ID
|
|
210
202
|
*/
|
|
211
203
|
authServerId: pulumi.Input<string>;
|
|
212
204
|
/**
|
|
213
|
-
* Accepted grant type values, `
|
|
214
|
-
* `"urn:ietf:params:oauth:grant-type:saml2-bearer"` (*Early Access Property*), `"urn:ietf:params:oauth:grant-type:token-exchange"` (*Early Access Property*),
|
|
215
|
-
* `"urn:ietf:params:oauth:grant-type:device_code"` (*Early Access Property*), `"interactionCode"` (*OIE only*). For `"implicit"` value either `userWhitelist` or `groupWhitelist` should be set.
|
|
205
|
+
* Accepted grant type values, `authorizationCode`, `implicit`, `password`, `clientCredentials`, `urn:ietf:params:oauth:grant-type:saml2-bearer` (*Early Access Property*), `urn:ietf:params:oauth:grant-type:token-exchange` (*Early Access Property*),`urn:ietf:params:oauth:grant-type:device_code` (*Early Access Property*), `interactionCode` (*OIE only*). For `implicit` value either `userWhitelist` or `groupWhitelist` should be set.
|
|
216
206
|
*/
|
|
217
207
|
grantTypeWhitelists: pulumi.Input<pulumi.Input<string>[]>;
|
|
218
208
|
/**
|
|
@@ -220,7 +210,7 @@ export interface ServerPolicyRuleArgs {
|
|
|
220
210
|
*/
|
|
221
211
|
groupBlacklists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
222
212
|
/**
|
|
223
|
-
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `
|
|
213
|
+
* Specifies a set of Groups whose Users are to be included. Can be set to Group ID or to the following: `EVERYONE`.
|
|
224
214
|
*/
|
|
225
215
|
groupWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
226
216
|
/**
|
|
@@ -228,15 +218,15 @@ export interface ServerPolicyRuleArgs {
|
|
|
228
218
|
*/
|
|
229
219
|
inlineHookId?: pulumi.Input<string>;
|
|
230
220
|
/**
|
|
231
|
-
* Auth
|
|
221
|
+
* Auth server policy rule name
|
|
232
222
|
*/
|
|
233
223
|
name?: pulumi.Input<string>;
|
|
234
224
|
/**
|
|
235
|
-
* Auth
|
|
225
|
+
* Auth server policy ID
|
|
236
226
|
*/
|
|
237
227
|
policyId: pulumi.Input<string>;
|
|
238
228
|
/**
|
|
239
|
-
* Priority of the auth server policy rule
|
|
229
|
+
* Priority of the auth server policy rule
|
|
240
230
|
*/
|
|
241
231
|
priority: pulumi.Input<number>;
|
|
242
232
|
/**
|
|
@@ -244,20 +234,19 @@ export interface ServerPolicyRuleArgs {
|
|
|
244
234
|
*/
|
|
245
235
|
refreshTokenLifetimeMinutes?: pulumi.Input<number>;
|
|
246
236
|
/**
|
|
247
|
-
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is `10080` (7 days)
|
|
248
|
-
* `"refreshTokenWindowMinutes"` must be between `"accessTokenLifetimeMinutes"` and `"refreshTokenLifetimeMinutes"`.
|
|
237
|
+
* Window in which a refresh token can be used. It can be a value between 5 and 2628000 (5 years) minutes. Default is `10080` (7 days).`refreshTokenWindowMinutes` must be between `accessTokenLifetimeMinutes` and `refreshTokenLifetimeMinutes`.
|
|
249
238
|
*/
|
|
250
239
|
refreshTokenWindowMinutes?: pulumi.Input<number>;
|
|
251
240
|
/**
|
|
252
|
-
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with
|
|
241
|
+
* Scopes allowed for this policy rule. They can be whitelisted by name or all can be whitelisted with `*`
|
|
253
242
|
*/
|
|
254
243
|
scopeWhitelists?: pulumi.Input<pulumi.Input<string>[]>;
|
|
255
244
|
/**
|
|
256
|
-
*
|
|
245
|
+
* Default to `ACTIVE`
|
|
257
246
|
*/
|
|
258
247
|
status?: pulumi.Input<string>;
|
|
259
248
|
/**
|
|
260
|
-
*
|
|
249
|
+
* Auth server policy rule type, unlikely this will be anything other then the default
|
|
261
250
|
*/
|
|
262
251
|
type?: pulumi.Input<string>;
|
|
263
252
|
/**
|
package/auth/serverPolicyRule.js
CHANGED
|
@@ -25,8 +25,6 @@ const utilities = require("../utilities");
|
|
|
25
25
|
*
|
|
26
26
|
* ## Import
|
|
27
27
|
*
|
|
28
|
-
* Authorization Server Policy Rule can be imported via the Auth Server ID, Policy ID, and Policy Rule ID.
|
|
29
|
-
*
|
|
30
28
|
* ```sh
|
|
31
29
|
* $ pulumi import okta:auth/serverPolicyRule:ServerPolicyRule example <auth server id>/<policy id>/<policy rule id>
|
|
32
30
|
* ```
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serverPolicyRule.js","sourceRoot":"","sources":["../../auth/serverPolicyRule.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C
|
|
1
|
+
{"version":3,"file":"serverPolicyRule.js","sourceRoot":"","sources":["../../auth/serverPolicyRule.ts"],"names":[],"mappings":";AAAA,wFAAwF;AACxF,iFAAiF;;;AAEjF,yCAAyC;AACzC,0CAA0C;AAE1C;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAa,gBAAiB,SAAQ,MAAM,CAAC,cAAc;IACvD;;;;;;;;OAQG;IACI,MAAM,CAAC,GAAG,CAAC,IAAY,EAAE,EAA2B,EAAE,KAA6B,EAAE,IAAmC;QAC3H,OAAO,IAAI,gBAAgB,CAAC,IAAI,EAAO,KAAK,kCAAO,IAAI,KAAE,EAAE,EAAE,EAAE,IAAG,CAAC;IACvE,CAAC;IAKD;;;OAGG;IACI,MAAM,CAAC,UAAU,CAAC,GAAQ;QAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE;YACnC,OAAO,KAAK,CAAC;SAChB;QACD,OAAO,GAAG,CAAC,cAAc,CAAC,KAAK,gBAAgB,CAAC,YAAY,CAAC;IACjE,CAAC;IA+ED,YAAY,IAAY,EAAE,WAA0D,EAAE,IAAmC;QACrH,IAAI,cAAc,GAAkB,EAAE,CAAC;QACvC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QAClB,IAAI,IAAI,CAAC,EAAE,EAAE;YACT,MAAM,KAAK,GAAG,WAAgD,CAAC;YAC/D,cAAc,CAAC,4BAA4B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC,CAAC,SAAS,CAAC;YACpG,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,qBAAqB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACtF,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,cAAc,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACxE,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,UAAU,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAChE,cAAc,CAAC,6BAA6B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC,CAAC,SAAS,CAAC;YACtG,cAAc,CAAC,2BAA2B,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC,SAAS,CAAC;YAClG,cAAc,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9E,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5D,cAAc,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACxD,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;SAC/E;aAAM;YACH,MAAM,IAAI,GAAG,WAA+C,CAAC;YAC7D,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACzD,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;aAC/D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,mBAAmB,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBAChE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;aACtE;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACrD,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;aAC3D;YACD,cAAc,CAAC,4BAA4B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC,SAAS,CAAC;YAClG,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,qBAAqB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,SAAS,CAAC;YACpF,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;YACtE,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,cAAc,CAAC,6BAA6B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC,SAAS,CAAC;YACpG,cAAc,CAAC,2BAA2B,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC,CAAC,SAAS,CAAC;YAChG,cAAc,CAAC,iBAAiB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC;YAC5E,cAAc,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1D,cAAc,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACtD,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC;YAC1E,cAAc,CAAC,QAAQ,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC;SAChD;QACD,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,MAAM,SAAS,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,+CAA+C,EAAE,CAAC,EAAE,CAAC;QAC3F,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAC5C,KAAK,CAAC,gBAAgB,CAAC,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;IACrE,CAAC;;AAnKL,4CAoKC;AAtJG,gBAAgB;AACO,6BAAY,GAAG,6CAA6C,CAAC"}
|