Add support for rendering the settings of prompt-screen (#1077)

* 1. Support resource and data_source for render settings of prompt-screen
2. Include unit tests, examples and docs
3. Update Go-Auth0's dependent version

* Add unit tests for delete scenario for auth0_prompt_screen_renderer

* Include E2E test Recordings and few edge case scenario for auth0_prompt_screen_renderer resource

* Fix lint issue

* Handle null case for head_tags & update supported screens

* Update docs,unit tests and integration tests recordings

* Update the screen Name for reset-password-mfa-push-challenge-push

* Update the latest go-auth0 version

* Update the renderingMode type to ENUM.

* Update the renderingMode type to ENUM.

docs/data-sources/prompt_screen_renderer.md

@@ -0,0 +1,30 @@
+---
+page_title: "Data Source: auth0_prompt_screen_renderer"
+description: |-
+  Data source to retrieve a specific Auth0 prompt screen settings by prompt_type and screen_name
+---
+
+# Data Source: auth0_prompt_screen_renderer
+
+Data source to retrieve a specific Auth0 prompt screen settings by `prompt_type` and `screen_name`
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `prompt_type` (String) The type of prompt to customize.
+- `screen_name` (String) The screen name associated with the prompt type.
+
+### Read-Only
+
+- `context_configuration` (Set of String) Context values to make available
+- `default_head_tags_disabled` (Boolean) Override Universal Login default head tags
+- `head_tags` (String) An array of head tags
+- `id` (String) The ID of this resource.
+- `rendering_mode` (String) Rendering modeOptions are: `standard`, `advanced`.
+- `tenant` (String) Tenant ID
+
+

docs/resources/prompt_screen_renderer.md

@@ -0,0 +1,88 @@
+---
+page_title: "Resource: auth0_prompt_screen_renderer"
+description: |-
+  With this resource, you can Configure the render settings for a specific screen.You can read more about this.
+---
+
+# Resource: auth0_prompt_screen_renderer
+
+With this resource, you can Configure the render settings for a specific screen.You can read more about this.
+
+## Example Usage
+
+```terraform
+resource "auth0_prompt_screen_renderer" "prompt_screen_renderer" {
+  prompt_type                = "login-id"
+  screen_name                = "login-id"
+  rendering_mode             = "advanced"
+  default_head_tags_disabled = false
+  context_configuration = [
+    "branding.settings",
+    "branding.themes.default",
+    "client.logo_uri",
+    "client.description",
+    "client.metadata.key",
+    "organization.display_name",
+    "organization.branding",
+    "organization.metadata.key",
+    "screen.texts",
+    "tenant.name",
+    "tenant.friendly_name",
+    "tenant.enabled_locales",
+    "untrusted_data.submitted_form_data",
+    "untrusted_data.authorization_params.login_hint",
+    "untrusted_data.authorization_params.screen_hint",
+    "untrusted_data.authorization_params.ui_locales",
+    "untrusted_data.authorization_params.ext-.key",
+    "transaction.connection.metadata.key"
+  ]
+  head_tags = jsonencode([
+    {
+      attributes : {
+        "async" : true,
+        "defer" : true,
+        "integrity" : [
+          "sha512-v2CJ7UaYy4JwqLDIrZUI/4hqeoQieOmAZNXBeQyjo21dadnwR+8ZaIJVT8EE2iyI61OV8e6M8PP2/4hpQINQ/g=="
+        ],
+        "src" : "https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js"
+      },
+      tag : "script"
+    }
+  ])
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `prompt_type` (String) The prompt that you are configuring settings for. Options are: `signup-id`, `signup`, `signup-password`, `login`, `login-id`, `login-password`, `login-passwordless`, `login-email-verification`, `phone-identifier-enrollment`, `phone-identifier-challenge`, `email-identifier-challenge`, `reset-password`, `custom-form`, `consent`, `customized-consent`, `logout`, `mfa-push`, `mfa-otp`, `mfa-voice`, `mfa-phone`, `mfa-webauthn`, `mfa-sms`, `mfa-email`, `mfa-recovery-code`, `mfa`, `status`, `device-flow`, `email-verification`, `email-otp-challenge`, `organizations`, `invitation`, `common`, `passkeys`, `captcha`.
+- `screen_name` (String) The screen that you are configuring settings for. Options are: `login`, `login-id`, `login-password`, `signup`, `signup-id`, `signup-password`, `login-passwordless-sms-otp`, `login-passwordless-email-code`, `login-passwordless-email-link`, `login-email-verification`, `phone-identifier-enrollment`, `phone-identifier-challenge`, `email-identifier-challenge`, `reset-password-request`, `reset-password-email`, `reset-password`, `reset-password-success`, `reset-password-error`, `reset-password-mfa-email-challenge`, `reset-password-mfa-otp-challenge`, `reset-password-mfa-phone-challenge`, `reset-password-mfa-push-challenge-push`, `reset-password-mfa-recovery-code-challenge`, `reset-password-mfa-sms-challenge`, `reset-password-mfa-voice-challenge`, `reset-password-mfa-webauthn-platform-challenge`, `reset-password-mfa-webauthn-roaming-challenge`, `custom-form`, `consent`, `customized-consent`, `logout`, `logout-complete`, `logout-aborted`, `mfa-push-welcome`, `mfa-push-enrollment-qr`, `mfa-push-enrollment-code`, `mfa-push-success`, `mfa-push-challenge-push`, `mfa-push-list`, `mfa-otp-enrollment-qr`, `mfa-otp-enrollment-code`, `mfa-otp-challenge`, `mfa-voice-enrollment`, `mfa-voice-challenge`, `mfa-phone-challenge`, `mfa-phone-enrollment`, `mfa-webauthn-platform-enrollment`, `mfa-webauthn-roaming-enrollment`, `mfa-webauthn-platform-challenge`, `mfa-webauthn-roaming-challenge`, `mfa-webauthn-change-key-nickname`, `mfa-webauthn-enrollment-success`, `mfa-webauthn-error`, `mfa-webauthn-not-available-error`, `mfa-country-codes`, `mfa-sms-enrollment`, `mfa-sms-challenge`, `mfa-sms-list`, `mfa-email-challenge`, `mfa-email-list`, `mfa-recovery-code-enrollment`, `mfa-recovery-code-challenge`, `mfa-detect-browser-capabilities`, `mfa-enroll-result`, `mfa-login-options`, `mfa-begin-enroll-options`, `status`, `device-code-activation`, `device-code-activation-allowed`, `device-code-activation-denied`, `device-code-confirmation`, `email-verification-result`, `email-otp-challenge`, `organization-selection`, `organization-picker`, `accept-invitation`, `redeem-ticket`, `passkey-enrollment`, `passkey-enrollment-local`, `interstitial-captcha`.
+
+### Optional
+
+- `context_configuration` (Set of String) Context values to make available
+- `default_head_tags_disabled` (Boolean) Override Universal Login default head tags
+- `head_tags` (String) An array of head tags
+- `rendering_mode` (String) Rendering modeOptions are: `standard`, `advanced`.
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `tenant` (String) Tenant ID
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+# This resource can be imported using the prompt name and screen_name.
+#
+# As this is not a resource identifiable by an ID within the Auth0 Management API,
+# login can be imported using the prompt name and screen name using the format:
+# prompt_name:screen_name
+#
+# Example:
+terraform import auth0_prompt_screen_renderer "login-id:login-id"
+```

examples/resources/auth0_prompt_screen_renderer/import.sh

@@ -0,0 +1,8 @@
+# This resource can be imported using the prompt name and screen_name.
+#
+# As this is not a resource identifiable by an ID within the Auth0 Management API,
+# login can be imported using the prompt name and screen name using the format:
+# prompt_name:screen_name
+#
+# Example:
+terraform import auth0_prompt_screen_renderer "login-id:login-id"

examples/resources/auth0_prompt_screen_renderer/resource.tf

@@ -0,0 +1,39 @@
+resource "auth0_prompt_screen_renderer" "prompt_screen_renderer" {
+  prompt_type                = "login-id"
+  screen_name                = "login-id"
+  rendering_mode             = "advanced"
+  default_head_tags_disabled = false
+  context_configuration = [
+    "branding.settings",
+    "branding.themes.default",
+    "client.logo_uri",
+    "client.description",
+    "client.metadata.key",
+    "organization.display_name",
+    "organization.branding",
+    "organization.metadata.key",
+    "screen.texts",
+    "tenant.name",
+    "tenant.friendly_name",
+    "tenant.enabled_locales",
+    "untrusted_data.submitted_form_data",
+    "untrusted_data.authorization_params.login_hint",
+    "untrusted_data.authorization_params.screen_hint",
+    "untrusted_data.authorization_params.ui_locales",
+    "untrusted_data.authorization_params.ext-.key",
+    "transaction.connection.metadata.key"
+  ]
+  head_tags = jsonencode([
+    {
+      attributes : {
+        "async" : true,
+        "defer" : true,
+        "integrity" : [
+          "sha512-v2CJ7UaYy4JwqLDIrZUI/4hqeoQieOmAZNXBeQyjo21dadnwR+8ZaIJVT8EE2iyI61OV8e6M8PP2/4hpQINQ/g=="
+        ],
+        "src" : "https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js"
+      },
+      tag : "script"
+    }
+  ])
+}

go.mod

@@ -6,7 +6,7 @@ toolchain go1.22.5
 
 require (
 	github.com/PuerkitoBio/rehttp v1.4.0
-	github.com/auth0/go-auth0 v1.12.0
+	github.com/auth0/go-auth0 v1.13.0
 	github.com/google/go-cmp v0.6.0
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/go-multierror v1.1.1

go.sum

@@ -24,8 +24,8 @@ github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew
 github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4=
 github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
 github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
-github.com/auth0/go-auth0 v1.12.0 h1:wfpXnTMix5mDZ5Rx68ir6XwtFqwOhhgBcYmRSCI0EjU=
-github.com/auth0/go-auth0 v1.12.0/go.mod h1:G3oPT7sWjmM4mHbn6qkMYEsxnwm/5PnSbo0kpPLSS0E=
+github.com/auth0/go-auth0 v1.13.0 h1:GA7WyGAzlKBQ2ctHcCZwVf0aiOvPd2PB3QagC5heQJg=
+github.com/auth0/go-auth0 v1.13.0/go.mod h1:G3oPT7sWjmM4mHbn6qkMYEsxnwm/5PnSbo0kpPLSS0E=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
 github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=

internal/auth0/prompt/data_source_screen_render.go

@@ -0,0 +1,54 @@
+package prompt
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/auth0/go-auth0/management"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+
+	"github.com/auth0/terraform-provider-auth0/internal/config"
+	internalSchema "github.com/auth0/terraform-provider-auth0/internal/schema"
+)
+
+// NewPromptScreenRenderDataSource creates a new data source to retrieve the prompt and screen settings`.
+func NewPromptScreenRenderDataSource() *schema.Resource {
+	return &schema.Resource{
+		ReadContext: readPromptScreenRenderDataSource,
+		Description: "Data source to retrieve a specific Auth0 prompt screen settings by `prompt_type` and `screen_name`",
+		Schema:      getPromptScreenRenderDataSourceSchema(),
+	}
+}
+
+func getPromptScreenRenderDataSourceSchema() map[string]*schema.Schema {
+	dataSourceSchema := internalSchema.TransformResourceToDataSource(NewPromptScreenRenderResource().Schema)
+	internalSchema.SetExistingAttributesAsRequired(dataSourceSchema, "prompt_type", "screen_name")
+	dataSourceSchema["prompt_type"].Description = "The type of prompt to customize."
+	dataSourceSchema["prompt_type"].ValidateFunc = validation.StringInSlice(allowedPromptsSettingsRenderer, false)
+	dataSourceSchema["screen_name"].Description = "The screen name associated with the prompt type."
+	dataSourceSchema["screen_name"].ValidateFunc = validation.StringInSlice(allowedScreensSettingsRenderer, false)
+	return dataSourceSchema
+}
+
+func readPromptScreenRenderDataSource(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	api := meta.(*config.Config).GetAPI()
+
+	prompt := management.PromptType(data.Get("prompt_type").(string))
+	screen := management.ScreenName(data.Get("screen_name").(string))
+
+	screenSettings, err := api.Prompt.ReadRendering(ctx, prompt, screen)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	data.SetId(fmt.Sprintf("%s:%s", prompt, screen))
+
+	if err := flattenPromptScreenSettings(data, screenSettings); err != nil {
+		return diag.FromErr(err)
+	}
+
+	return diag.FromErr(err)
+}

internal/auth0/prompt/data_source_screen_render_test.go

@@ -0,0 +1,99 @@
+package prompt_test
+
+import (
+	"regexp"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+
+	"github.com/auth0/terraform-provider-auth0/internal/acctest"
+)
+
+const testAccPromptScreenRenderWithoutScreens = testAccGivenACustomDomain + testGivenABrandingTemplate + `
+data "auth0_prompt_screen_renderer" "prompt_screen_render" {
+	  prompt_type = "login-passwordless"
+}
+`
+const testAccPromptScreenRenderInvalid = `
+data "auth0_prompt_screen_renderer" "prompt_screen_render" {
+	  prompt_type = "login-xxxxx"
+      screen_name = "login-passwordless-email-code"
+}
+`
+
+const testAccPromptScreenRenderData = `
+resource "auth0_prompt_screen_renderer" "prompt_screen_render" {
+	  prompt_type = "login-passwordless"
+	  screen_name = "login-passwordless-email-code"
+      rendering_mode = "advanced"
+      context_configuration = [
+        "branding.settings",
+        "branding.themes.default",
+        "client.logo_uri",
+        "client.description",
+        "organization.display_name",
+        "organization.branding",
+        "screen.texts",
+        "tenant.name",
+        "tenant.friendly_name",
+        "tenant.enabled_locales",
+        "untrusted_data.submitted_form_data",
+        "untrusted_data.authorization_params.ui_locales",
+        "untrusted_data.authorization_params.login_hint",
+        "untrusted_data.authorization_params.screen_hint"
+    ]
+    head_tags = jsonencode([
+       {
+           attributes: {
+               "async": true,
+               "defer": true,
+               "integrity": [
+                   "sha512-v2CJ7UaYy4JwqLDIrZUI/4hqeoQieOmAZNXBeQyjo21dadnwR+8ZaIJVT8EE2iyI61OV8e6M8PP2/4hpQINQ/g=="
+               ],
+               "src": "https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js"
+           },
+           tag: "script"
+       }
+    ])
+
+
+}
+
+data "auth0_prompt_screen_renderer" "prompt_screen_render" {
+  	  depends_on = [ auth0_prompt_screen_renderer.prompt_screen_render ]
+	  prompt_type = auth0_prompt_screen_renderer.prompt_screen_render.prompt_type
+	  screen_name = auth0_prompt_screen_renderer.prompt_screen_render.screen_name
+}
+`
+
+func TestAccDataPromptScreenRender(t *testing.T) {
+	acctest.Test(t, resource.TestCase{
+		Steps: []resource.TestStep{
+			{
+				Config:      `data "auth0_prompt_screen_renderer" "prompt_screen_render" { }`,
+				ExpectError: regexp.MustCompile("Error: Missing required argument"),
+			},
+			{
+				Config:      testAccPromptScreenRenderWithoutScreens,
+				ExpectError: regexp.MustCompile("Error: Missing required argument"),
+			},
+			{
+				Config:      testAccPromptScreenRenderInvalid,
+				ExpectError: regexp.MustCompile("expected prompt_type to be one of"),
+			},
+			{
+				Config: testAccPromptScreenRenderData,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_prompt_screen_renderer.prompt_screen_render", "prompt_type", "login-passwordless"),
+					resource.TestCheckResourceAttr("auth0_prompt_screen_renderer.prompt_screen_render", "screen_name", "login-passwordless-email-code"),
+					resource.TestCheckResourceAttr("auth0_prompt_screen_renderer.prompt_screen_render", "rendering_mode", "advanced"),
+					resource.TestCheckResourceAttr("auth0_prompt_screen_renderer.prompt_screen_render", "context_configuration.#", "14"),
+					resource.TestCheckResourceAttr("data.auth0_prompt_screen_renderer.prompt_screen_render", "prompt_type", "login-passwordless"),
+					resource.TestCheckResourceAttr("data.auth0_prompt_screen_renderer.prompt_screen_render", "screen_name", "login-passwordless-email-code"),
+					resource.TestCheckResourceAttr("data.auth0_prompt_screen_renderer.prompt_screen_render", "rendering_mode", "advanced"),
+					resource.TestCheckResourceAttr("data.auth0_prompt_screen_renderer.prompt_screen_render", "context_configuration.#", "14"),
+				),
+			},
+		},
+	})
+}

internal/auth0/prompt/expand.go

@@ -1,6 +1,8 @@
 package prompt
 
 import (
+	"encoding/json"
+
 	"github.com/auth0/go-auth0/management"
 	"github.com/hashicorp/go-cty/cty"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
@@ -94,3 +96,43 @@ func expandInsertionPoints(insertionPointsList []cty.Value) map[management.Inser
 
 	return insertionPoints
 }
+
+func expandPromptSettings(data *schema.ResourceData) (*management.PromptRendering, error) {
+	promptRawSettings := data.GetRawConfig()
+	if promptRawSettings.IsNull() {
+		return nil, nil
+	}
+
+	promptSettings := &management.PromptRendering{}
+
+	promptSettings.RenderingMode = (*management.RenderingMode)(value.String(promptRawSettings.GetAttr("rendering_mode")))
+	promptSettings.ContextConfiguration = value.Strings(promptRawSettings.GetAttr("context_configuration"))
+	promptSettings.DefaultHeadTagsDisabled = value.Bool(promptRawSettings.GetAttr("default_head_tags_disabled"))
+	if data.HasChange("head_tags") {
+		promptSettings.HeadTags = expandInterfaceArray(data, "head_tags")
+	}
+
+	return promptSettings, nil
+}
+
+func expandInterfaceArray(d *schema.ResourceData, key string) []interface{} {
+	_, newMetadata := d.GetChange(key)
+	result := make([]interface{}, 0)
+	if newMetadata == "" {
+		return result
+	}
+
+	if newMetadataStr, ok := newMetadata.(string); ok {
+		var newMetadataArr []interface{}
+		if err := json.Unmarshal([]byte(newMetadataStr), &newMetadataArr); err != nil {
+			return nil
+		}
+		return newMetadataArr
+	}
+
+	if newMetadataArr, ok := newMetadata.([]interface{}); ok {
+		return newMetadataArr
+	}
+
+	return result
+}