issue#547: Fix auth0 management api data source not reading scopes (#555

)
auth0 · Apr 20, 2023 · e0334ec · e0334ec
1 parent e68a489
commit e0334ec
Show file tree

Hide file tree

Showing 3 changed files with 262 additions and 9 deletions.
diff --git a/internal/auth0/resourceserver/data_source.go b/internal/auth0/resourceserver/data_source.go
@@ -2,8 +2,11 @@ package resourceserver
 
 import (
 	"context"
+	"net/http"
 	"net/url"
 
+	"github.com/auth0/go-auth0/management"
+	"github.com/hashicorp/go-multierror"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 
@@ -38,11 +41,41 @@ func dataSourceSchema() map[string]*schema.Schema {
 
 func readResourceServerForDataSource(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	resourceServerID := data.Get("resource_server_id").(string)
-	if resourceServerID != "" {
-		data.SetId(resourceServerID)
-		return readResourceServer(ctx, data, meta)
+	if resourceServerID == "" {
+		resourceServerID = url.PathEscape(data.Get("identifier").(string))
 	}
 
-	data.SetId(url.PathEscape(data.Get("identifier").(string)))
-	return readResourceServer(ctx, data, meta)
+	api := meta.(*management.Management)
+	resourceServer, err := api.ResourceServer.Read(resourceServerID)
+	if err != nil {
+		if mErr, ok := err.(management.Error); ok && mErr.Status() == http.StatusNotFound {
+			data.SetId("")
+			return nil
+		}
+		return diag.FromErr(err)
+	}
+
+	// Ensuring the ID is the resource server ID and not the identifier,
+	// as both can be used to find a resource server with the Read() func.
+	data.SetId(resourceServer.GetID())
+
+	result := multierror.Append(
+		data.Set("name", resourceServer.GetName()),
+		data.Set("identifier", resourceServer.GetIdentifier()),
+		data.Set("token_lifetime", resourceServer.GetTokenLifetime()),
+		data.Set("allow_offline_access", resourceServer.GetAllowOfflineAccess()),
+		data.Set("token_lifetime_for_web", resourceServer.GetTokenLifetimeForWeb()),
+		data.Set("signing_alg", resourceServer.GetSigningAlgorithm()),
+		data.Set("signing_secret", resourceServer.GetSigningSecret()),
+		data.Set(
+			"skip_consent_for_verifiable_first_party_clients",
+			resourceServer.GetSkipConsentForVerifiableFirstPartyClients(),
+		),
+		data.Set("verification_location", resourceServer.GetVerificationLocation()),
+		data.Set("enforce_policies", resourceServer.GetEnforcePolicies()),
+		data.Set("token_dialect", resourceServer.GetTokenDialect()),
+		data.Set("scopes", flattenResourceServerScopes(resourceServer.GetScopes())),
+	)
+
+	return diag.FromErr(result.ErrorOrNil())
 }
diff --git a/internal/auth0/resourceserver/data_source_test.go b/internal/auth0/resourceserver/data_source_test.go
@@ -2,6 +2,7 @@ package resourceserver_test
 
 import (
 	"fmt"
+	"os"
 	"regexp"
 	"testing"
 
@@ -31,15 +32,15 @@ resource "auth0_resource_server" "my_api" {
 }
 `
 
-const testAccDataConnectionConfigByIdentifier = testAccGivenAResourceServer + `
+const testAccDataResourceServerConfigByIdentifier = testAccGivenAResourceServer + `
 data "auth0_resource_server" "test" {
 	depends_on = [ auth0_resource_server.my_api ]
 
 	identifier = auth0_resource_server.my_api.identifier
 }
 `
 
-const testAccDataConnectionConfigByID = testAccGivenAResourceServer + `
+const testAccDataResourceServerConfigByID = testAccGivenAResourceServer + `
 data "auth0_resource_server" "test" {
 	depends_on = [ auth0_resource_server.my_api ]
 
@@ -94,7 +95,7 @@ func TestAccDataSourceResourceServerByIdentifier(t *testing.T) {
 				),
 			},
 			{
-				Config: acctest.ParseTestName(testAccDataConnectionConfigByIdentifier, t.Name()),
+				Config: acctest.ParseTestName(testAccDataResourceServerConfigByIdentifier, t.Name()),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttr("data.auth0_resource_server.test", "name", fmt.Sprintf("Acceptance Test - %s", t.Name())),
 					resource.TestCheckResourceAttr("data.auth0_resource_server.test", "identifier", fmt.Sprintf("https://uat.api.terraform-provider-auth0.com/%s", t.Name())),
@@ -162,7 +163,7 @@ func TestAccDataSourceResourceServerByID(t *testing.T) {
 				),
 			},
 			{
-				Config: acctest.ParseTestName(testAccDataConnectionConfigByID, t.Name()),
+				Config: acctest.ParseTestName(testAccDataResourceServerConfigByID, t.Name()),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttrSet("data.auth0_resource_server.test", "resource_server_id"),
 					resource.TestCheckResourceAttr("data.auth0_resource_server.test", "name", fmt.Sprintf("Acceptance Test - %s", t.Name())),
@@ -195,3 +196,39 @@ func TestAccDataSourceResourceServerByID(t *testing.T) {
 		},
 	})
 }
+
+const testAccDataAuth0ManagementAPI = `
+data "auth0_resource_server" "auth0" {
+	resource_server_id = "112233445566777899011232"
+}
+`
+
+func TestAccDataResourceServerAuth0APIManagement(t *testing.T) {
+	if os.Getenv("AUTH0_DOMAIN") != acctest.RecordingsDomain {
+		// Skip this test if we're running with a real domain as the Auth0 Management API
+		// is a singleton resource always created on the tenant and each tenant
+		// will have it created with different IDs and Identifiers.
+		t.Skip()
+	}
+
+	acctest.Test(t, resource.TestCase{
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataAuth0ManagementAPI,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "name", "Auth0 Management API"),
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "identifier", "https://terraform-provider-auth0-dev.eu.auth0.com/api/v2/"),
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "token_lifetime", "86400"),
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "skip_consent_for_verifiable_first_party_clients", "false"),
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "allow_offline_access", "false"),
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "signing_alg", "RS256"),
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "token_lifetime_for_web", "7200"),
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "scopes.#", "136"),
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "verification_location", ""),
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "enforce_policies", "false"),
+					resource.TestCheckResourceAttr("data.auth0_resource_server.auth0", "token_dialect", ""),
+				),
+			},
+		},
+	})
+}