Skip to content

Add enforce_sso, disabled fields in tenant API #538

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 10 commits into from
May 4, 2025
+27 −7
Merged

Add enforce_sso, disabled fields in tenant API #538

Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
c498b62
added enforce_sso, disabled to tenant api
LioriE Mar 26, 2025
6f1d75d
update search and test
LioriE Apr 1, 2025
fd00d44
Revert "update search and test"
LioriE Apr 2, 2025
153222f
fisx create tenant test
LioriE Apr 2, 2025
535f8ea
Update test_tenant.py
LioriE Apr 2, 2025
8210a8e
Merge branch 'main' into add-tenant-enforcesso-disabled
LioriE Apr 2, 2025
65d73f8
Merge branch 'main' into add-tenant-enforcesso-disabled
LioriE May 4, 2025
34c2527
Update tenant.py
LioriE May 4, 2025
55c0b78
Merge branch 'add-tenant-enforcesso-disabled' of github.com:descope/p…
LioriE May 4, 2025
dd08951
Update test_tenant.py
LioriE May 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 14 additions & 2 deletions descope/management/tenant.py
View file
Original file line number Diff line number Diff line change
@@ -11,6 +11,8 @@ def create(
id: Optional[str] = None,
self_provisioning_domains: Optional[List[str]] = None,
custom_attributes: Optional[dict] = None,
enforce_sso: Optional[bool] = False,
disabled: Optional[bool] = False,
) -> dict:
"""
Create a new tenant with the given name. Tenant IDs are provisioned automatically, but can be provided
@@ -22,6 +24,8 @@ def create(
self_provisioning_domains (List[str]): An optional list of domain that are associated with this tenant.
Users authenticating from these domains will be associated with this tenant.
custom_attributes (dict): Optional, set the different custom attributes values of the keys that were previously configured in Descope console app
enforce_sso (bool): Optional, login to the tenant is possible only using the configured sso
disabled (bool): Optional, login to the tenant will be disabled

Return value (dict):
Return dict in the format
@@ -38,7 +42,7 @@ def create(
response = self._auth.do_post(
uri,
Tenant._compose_create_update_body(
name, id, self_provisioning_domains, custom_attributes
name, id, self_provisioning_domains, custom_attributes, enforce_sso, disabled
),
pswd=self._auth.management_key,
)
@@ -50,6 +54,8 @@ def update(
name: str,
self_provisioning_domains: Optional[List[str]] = None,
custom_attributes: Optional[dict] = None,
enforce_sso: Optional[bool] = False,
disabled: Optional[bool] = False,
):
"""
Update an existing tenant with the given name and domains. IMPORTANT: All parameters are used as overrides
@@ -61,6 +67,8 @@ def update(
self_provisioning_domains (List[str]): An optional list of domain that are associated with this tenant.
Users authenticating from these domains will be associated with this tenant.
custom_attributes (dict): Optional, set the different custom attributes values of the keys that were previously configured in Descope console app
enforce_sso (bool): Optional, login to the tenant is possible only using the configured sso
disabled (bool): Optional, login to the tenant will be disabled

Raise:
AuthException: raised if creation operation fails
@@ -73,7 +81,7 @@ def update(
self._auth.do_post(
uri,
Tenant._compose_create_update_body(
name, id, self_provisioning_domains, custom_attributes
name, id, self_provisioning_domains, custom_attributes, enforce_sso, disabled
),
pswd=self._auth.management_key,
)
@@ -184,11 +192,15 @@ def _compose_create_update_body(
id: Optional[str],
self_provisioning_domains: List[str],
custom_attributes: Optional[dict] = None,
enforce_sso: Optional[bool] = False,
disabled: Optional[bool] = False,
) -> dict:
body: dict[str, Any] = {
"name": name,
"id": id,
"selfProvisioningDomains": self_provisioning_domains,
"enforceSSO": enforce_sso,
"disabled": disabled
}
if custom_attributes is not None:
body["customAttributes"] = custom_attributes
18 changes: 13 additions & 5 deletions tests/management/test_tenant.py
View file
Original file line number Diff line number Diff line change
@@ -61,19 +61,21 @@ def test_create(self):
"name": "name",
"id": "t1",
"selfProvisioningDomains": ["domain.com"],
"enforceSSO": False,
"disabled": False,
},
allow_redirects=False,
verify=True,
timeout=DEFAULT_TIMEOUT_SECONDS,
)

# Test success flow with custom attributes
# Test success flow with custom attributes, enforce_sso, disabled
with patch("requests.post") as mock_post:
network_resp = mock.Mock()
network_resp.ok = True
network_resp.json.return_value = json.loads("""{"id": "t1"}""")
mock_post.return_value = network_resp
resp = client.mgmt.tenant.create("name", "t1", ["domain.com"], {"k1": "v1"})
resp = client.mgmt.tenant.create("name", "t1", ["domain.com"], {"k1": "v1"}, enforce_sso=True, disabled=True)
self.assertEqual(resp["id"], "t1")
mock_post.assert_called_with(
f"{common.DEFAULT_BASE_URL}{MgmtV1.tenant_create_path}",
@@ -88,6 +90,8 @@ def test_create(self):
"id": "t1",
"selfProvisioningDomains": ["domain.com"],
"customAttributes": {"k1": "v1"},
"enforceSSO": True,
"disabled": True,
},
allow_redirects=False,
verify=True,
@@ -116,7 +120,7 @@ def test_update(self):
with patch("requests.post") as mock_post:
mock_post.return_value.ok = True
self.assertIsNone(
client.mgmt.tenant.update("t1", "new-name", ["domain.com"])
client.mgmt.tenant.update("t1", "new-name", ["domain.com"], enforce_sso=True, disabled=True)
)
mock_post.assert_called_with(
f"{common.DEFAULT_BASE_URL}{MgmtV1.tenant_update_path}",
@@ -130,18 +134,20 @@ def test_update(self):
"name": "new-name",
"id": "t1",
"selfProvisioningDomains": ["domain.com"],
"enforceSSO": True,
"disabled": True,
},
allow_redirects=False,
verify=True,
timeout=DEFAULT_TIMEOUT_SECONDS,
)

# Test success flow with custom attributes
# Test success flow with custom attributes, enforce_sso, disabled
with patch("requests.post") as mock_post:
mock_post.return_value.ok = True
self.assertIsNone(
client.mgmt.tenant.update(
"t1", "new-name", ["domain.com"], {"k1": "v1"}
"t1", "new-name", ["domain.com"], {"k1": "v1"}, enforce_sso=True, disabled=True
)
)
mock_post.assert_called_with(
@@ -157,6 +163,8 @@ def test_update(self):
"id": "t1",
"selfProvisioningDomains": ["domain.com"],
"customAttributes": {"k1": "v1"},
"enforceSSO": True,
"disabled": True,
},
allow_redirects=False,
verify=True,