From 41a64a640094105d20206f00a7dcee6419d6bed7 Mon Sep 17 00:00:00 2001
From: George Nikolopoulos <giorgos.nikolopoulos@citrix.com>
Date: Tue, 12 Mar 2019 15:46:39 +0200
Subject: [PATCH] Add capability to do MAS proxied calls

Signed-off-by: George Nikolopoulos <giorgos.nikolopoulos@citrix.com>
---
 README.md                               | 1 +
 examples/mas_proxied_calls/provider.tf  | 6 ++++++
 examples/mas_proxied_calls/resources.tf | 7 +++++++
 netscaler/provider.go                   | 7 +++++++
 4 files changed, 21 insertions(+)
 create mode 100644 examples/mas_proxied_calls/provider.tf
 create mode 100644 examples/mas_proxied_calls/resources.tf

diff --git a/README.md b/README.md
index 0be650770..8bed7cf29 100644
--- a/README.md
+++ b/README.md
@@ -68,6 +68,7 @@ The following arguments are supported.
 * `password` - This is the password to access to NetScaler. Defaults to `nsroot` unless environment variable `NS_PASSWORD` has been set
 * `endpoint` - (Required) Nitro API endpoint in the form `http://<NS_IP>/` or `http://<NS_IP>:<PORT>/`. Can be specified in environment variable `NS_URL`
 * `insecure_skip_verify` - (Optional, true/false) Whether to accept the untrusted certificate on the NetScaler when the NetScaler endpoint is `https`
+* `proxied_ns` - (Optional, NSIP) The target Netscaler NSIP for MAS proxied calls. When this option is defined, `username`, `password` and `endpoint` must refer to the MAS proxy.
 
 The username, password and endpoint can be provided in environment variables `NS_LOGIN`, `NS_PASSWORD` and `NS_URL`. 
 
diff --git a/examples/mas_proxied_calls/provider.tf b/examples/mas_proxied_calls/provider.tf
new file mode 100644
index 000000000..bd47bcf7d
--- /dev/null
+++ b/examples/mas_proxied_calls/provider.tf
@@ -0,0 +1,6 @@
+provider "netscaler" {
+    endpoint = "http://10.78.60.207"
+    username = "nsroot"
+    password = "nsroot"
+    proxied_ns = "10.78.60.209"
+}
diff --git a/examples/mas_proxied_calls/resources.tf b/examples/mas_proxied_calls/resources.tf
new file mode 100644
index 000000000..59f264fbf
--- /dev/null
+++ b/examples/mas_proxied_calls/resources.tf
@@ -0,0 +1,7 @@
+
+resource "netscaler_servicegroup" "backend" {
+  servicegroupname = "test_service_group"
+  servicetype = "HTTP"
+  servicegroupmembers = [ "192.168.1.1:80:10" ]
+}
+
diff --git a/netscaler/provider.go b/netscaler/provider.go
index a3df1e1a4..03cb6616f 100644
--- a/netscaler/provider.go
+++ b/netscaler/provider.go
@@ -64,6 +64,12 @@ func providerSchema() map[string]*schema.Schema {
 			Description: "Ignore validity of endpoint TLS certificate if true",
 			Default:     false,
 		},
+		"proxied_ns": {
+			Type:        schema.TypeString,
+			Optional:    true,
+			Description: "Target NS ip. When defined username, password and endpoint must refer to MAS.",
+			DefaultFunc: schema.EnvDefaultFunc("_MPS_API_PROXY_MANAGED_INSTANCE_IP", ""),
+		},
 	}
 }
 
@@ -97,6 +103,7 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
 		Url:       d.Get("endpoint").(string),
 		Username:  d.Get("username").(string),
 		Password:  d.Get("password").(string),
+		ProxiedNs: d.Get("proxied_ns").(string),
 		SslVerify: !d.Get("insecure_skip_verify").(bool),
 	}
 	client, err := netscaler.NewNitroClientFromParams(params)