From ed875de4b2cd4ef96462c94570cb73f9cc205190 Mon Sep 17 00:00:00 2001 From: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com> Date: Wed, 1 Mar 2023 18:06:16 +0100 Subject: [PATCH] Move checking for unmanaged config secrets from the read to the update --- internal/auth0/connection/expand.go | 28 +++++++++++++++++++++++++--- internal/auth0/connection/flatten.go | 7 +------ 2 files changed, 26 insertions(+), 9 deletions(-) diff --git a/internal/auth0/connection/expand.go b/internal/auth0/connection/expand.go index cc0fb69d5..ef93619e4 100644 --- a/internal/auth0/connection/expand.go +++ b/internal/auth0/connection/expand.go @@ -40,7 +40,7 @@ func expandConnection(d *schema.ResourceData) (*management.Connection, diag.Diag config.GetAttr("options").ForEachElement(func(_ cty.Value, options cty.Value) (stop bool) { switch strategy { case management.ConnectionStrategyAuth0: - connection.Options, diagnostics = expandConnectionOptionsAuth0(options) + connection.Options, diagnostics = expandConnectionOptionsAuth0(d, options) case management.ConnectionStrategyGoogleOAuth2: connection.Options, diagnostics = expandConnectionOptionsGoogleOAuth2(d, options) case management.ConnectionStrategyGoogleApps: @@ -140,7 +140,10 @@ func expandConnectionOptionsGitHub( return options, diag.FromErr(err) } -func expandConnectionOptionsAuth0(config cty.Value) (*management.ConnectionOptions, diag.Diagnostics) { +func expandConnectionOptionsAuth0( + d *schema.ResourceData, + config cty.Value, +) (*management.ConnectionOptions, diag.Diagnostics) { options := &management.ConnectionOptions{ PasswordPolicy: value.String(config.GetAttr("password_policy")), NonPersistentAttrs: value.Strings(config.GetAttr("non_persistent_attrs")), @@ -270,8 +273,27 @@ func expandConnectionOptionsAuth0(config cty.Value) (*management.ConnectionOptio var err error options.UpstreamParams, err = value.MapFromJSON(config.GetAttr("upstream_params")) + if err != nil { + return nil, diag.FromErr(err) + } - return options, diag.FromErr(err) + if !d.IsNewResource() { + dbSecretConfig, ok := d.GetOk("options.0.configuration") + if !ok { + dbSecretConfig = make(map[string]interface{}) + } + + diags := checkForUnmanagedConfigurationSecrets( + dbSecretConfig.(map[string]interface{}), + options.GetConfiguration(), + ) + + if diags.HasError() { + return nil, diags + } + } + + return options, nil } func expandConnectionOptionsGoogleOAuth2( diff --git a/internal/auth0/connection/flatten.go b/internal/auth0/connection/flatten.go index 8cb1a8f88..21d40aa74 100644 --- a/internal/auth0/connection/flatten.go +++ b/internal/auth0/connection/flatten.go @@ -150,12 +150,7 @@ func flattenConnectionOptionsAuth0( } m["upstream_params"] = upstreamParams - diags := checkForUnmanagedConfigurationSecrets( - dbSecretConfig.(map[string]interface{}), - options.GetConfiguration(), - ) - - return m, diags + return m, nil } // checkForUnmanagedConfigurationSecrets is used to assess keys diff because values are sent back encrypted.