diff --git a/auth0/data_source_auth0_client_test.go b/auth0/data_source_auth0_client_test.go index 0f507bb6c..c980bed23 100644 --- a/auth0/data_source_auth0_client_test.go +++ b/auth0/data_source_auth0_client_test.go @@ -40,6 +40,7 @@ func TestAccDataClientByName(t *testing.T) { Config: random.Template(fmt.Sprintf(testAccDataClientConfigByName, testAccClientConfig), rand), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.auth0_client.test", "client_id"), + resource.TestCheckResourceAttr("data.auth0_client.test", "signing_keys.#", "1"), // checks that signing_keys is set, and it includes 1 element resource.TestCheckResourceAttr("data.auth0_client.test", "name", fmt.Sprintf("Acceptance Test - %v", rand)), resource.TestCheckResourceAttr("data.auth0_client.test", "app_type", "non_interactive"), // Arbitrary property selection resource.TestCheckNoResourceAttr("data.auth0_client.test", "client_secret_rotation_trigger"), @@ -67,6 +68,7 @@ func TestAccDataClientById(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.auth0_client.test", "id"), resource.TestCheckResourceAttrSet("data.auth0_client.test", "name"), + resource.TestCheckResourceAttr("data.auth0_client.test", "signing_keys.#", "1"), // checks that signing_keys is set, and it includes 1 element resource.TestCheckNoResourceAttr("data.auth0_client.test", "client_secret_rotation_trigger"), resource.TestCheckNoResourceAttr("data.auth0_client.test", "client_secret"), ), diff --git a/auth0/resource_auth0_client.go b/auth0/resource_auth0_client.go index 4f9fc123f..d10a2e72d 100644 --- a/auth0/resource_auth0_client.go +++ b/auth0/resource_auth0_client.go @@ -584,20 +584,8 @@ func newClient() *schema.Resource { }, "signing_keys": { Type: schema.TypeList, + Elem: &schema.Schema{Type: schema.TypeMap}, Computed: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "cert": { - Type: schema.TypeString, - Computed: true, - }, - "pkcs7": { - Type: schema.TypeString, - Computed: true, - }, - }, - }, }, }, } diff --git a/auth0/resource_auth0_client_test.go b/auth0/resource_auth0_client_test.go index fa1be0d33..d7701ca2d 100644 --- a/auth0/resource_auth0_client_test.go +++ b/auth0/resource_auth0_client_test.go @@ -83,6 +83,7 @@ func TestAccClient(t *testing.T) { resource.TestCheckResourceAttr("auth0_client.my_client", "addons.0.samlp.0.signing_cert", "-----BEGIN PUBLIC KEY-----\nMIGf...bpP/t3\n+JGNGIRMj1hF1rnb6QIDAQAB\n-----END PUBLIC KEY-----\n"), resource.TestCheckResourceAttr("auth0_client.my_client", "client_metadata.foo", "zoo"), resource.TestCheckResourceAttr("auth0_client.my_client", "initiate_login_uri", "https://example.com/login"), + resource.TestCheckResourceAttr("auth0_client.my_client", "signing_keys.#", "1"), // checks that signing_keys is set, and it includes 1 element ), }, }, @@ -483,42 +484,3 @@ resource "auth0_client" "my_client" { } } ` - -func TestAccClientSigningKeys(t *testing.T) { - rand := random.String(6) - - resource.Test(t, resource.TestCase{ - Providers: map[string]terraform.ResourceProvider{ - "auth0": Provider(), - }, - Steps: []resource.TestStep{ - { - Config: random.Template(testAccClientSigningKeysCreate, rand), - Check: resource.ComposeTestCheckFunc( - random.TestCheckResourceAttr("auth0_client.my_client", "name", "Acceptance Test - Signing Keys - {{.random}}", rand), - resource.TestCheckResourceAttrSet("auth0_client.my_client", "signing_keys.0.cert"), - ), - }, - { - Config: random.Template(testAccClientSigningKeysUpdate, rand), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttrSet("auth0_client.my_client", "signing_keys.0.cert"), - ), - }, - }, - }) -} - -const testAccClientSigningKeysCreate = ` -resource "auth0_client" "my_client" { - name = "Acceptance Test - Signing Keys - {{.random}}" - is_first_party = false -} -` - -const testAccClientSigningKeysUpdate = ` -resource "auth0_client" "my_client" { - name = "Acceptance Test - Signing Keys - {{.random}}" - is_first_party = true -} -` diff --git a/docs/resources/client.md b/docs/resources/client.md index 623b358a4..b59d2381a 100644 --- a/docs/resources/client.md +++ b/docs/resources/client.md @@ -260,7 +260,8 @@ Attributes exported by this resource include: * `grant_types` - List(String). Types of grants that this client is authorized to use. * `custom_login_page_on` - Boolean. Indicates whether or not a custom login page is to be used. * `token_endpoint_auth_method` - String. Defines the requested authentication method for the token endpoint. Options include `none` (public client without a client secret), `client_secret_post` (client uses HTTP POST parameters), `client_secret_basic` (client uses HTTP Basic). -* `signing_keys` - List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7 +* `signing_keys` - List(Map). List containing a map of the public cert of the signing key and the public cert of the signing key in pkcs7. + ### Client keys To access the `client_secret` attribute you need to add the `read:client_keys` scope to the Terraform client. Otherwise, the attribute will contain an empty string.