auth0 · willvedd · Oct 7, 2022 · Oct 7, 2022 · Oct 7, 2022
diff --git a/internal/provider/resource_auth0_hook.go b/internal/provider/resource_auth0_hook.go
@@ -12,6 +12,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+
+	"github.com/auth0/terraform-provider-auth0/internal/value"
 )
 
 func newHook() *schema.Resource {
@@ -79,8 +81,9 @@ func newHook() *schema.Resource {
 }
 
 func createHook(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
-	hook := expandHook(d)
 	api := m.(*management.Management)
+
+	hook := expandHook(d)
 	if err := api.Hook.Create(hook); err != nil {
 		return diag.FromErr(err)
 	}
@@ -181,42 +184,36 @@ func checkForUntrackedHookSecrets(ctx context.Context, d *schema.ResourceData, m
 
 func upsertHookSecrets(ctx context.Context, d *schema.ResourceData, m interface{}) error {
 	if d.IsNewResource() || d.HasChange("secrets") {
-		hookSecrets := expandHookSecrets(d)
 		api := m.(*management.Management)
-		return api.Hook.ReplaceSecrets(d.Id(), hookSecrets)
+
+		hookSecrets := value.MapOfStrings(d.GetRawConfig().GetAttr("secrets"))
+		if hookSecrets == nil {
+			return nil
+		}
+
+		return api.Hook.ReplaceSecrets(d.Id(), *hookSecrets)
 	}
 
 	return nil
 }
 
 func expandHook(d *schema.ResourceData) *management.Hook {
+	config := d.GetRawConfig()
+
 	hook := &management.Hook{
-		Name:      String(d, "name"),
-		Script:    String(d, "script"),
-		TriggerID: String(d, "trigger_id", IsNewResource()),
-		Enabled:   Bool(d, "enabled"),
+		Name:         value.String(config.GetAttr("name")),
+		Script:       value.String(config.GetAttr("script")),
+		Enabled:      value.Bool(config.GetAttr("enabled")),
+		Dependencies: value.MapOfStrings(config.GetAttr("dependencies")),
 	}
 
-	if deps := Map(d, "dependencies"); deps != nil {
-		hook.Dependencies = &deps
+	if d.IsNewResource() {
+		hook.TriggerID = value.String(config.GetAttr("trigger_id"))
 	}
 
 	return hook
 }
 
-func expandHookSecrets(d *schema.ResourceData) management.HookSecrets {
-	hookSecrets := management.HookSecrets{}
-	secrets := Map(d, "secrets")
-
-	for key, value := range secrets {
-		if strVal, ok := value.(string); ok {
-			hookSecrets[key] = strVal
-		}
-	}
-
-	return hookSecrets
-}
-
 func validateHookName() schema.SchemaValidateDiagFunc {
 	hookNameValidation := validation.StringMatch(
 		regexp.MustCompile(`^[^\s-][\w -]+[^\s-]$`),

diff --git a/internal/provider/resource_auth0_hook_test.go b/internal/provider/resource_auth0_hook_test.go
@@ -17,6 +17,17 @@ func TestAccHook(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		ProviderFactories: testProviders(httpRecorder),
 		Steps: []resource.TestStep{
+			{
+				Config: testAccHookEmpty,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_hook.my_hook", "name", "pre-user-reg-hook"),
+					resource.TestCheckResourceAttr("auth0_hook.my_hook", "script", "function (user, context, callback) { callback(null, { user }); }"),
+					resource.TestCheckResourceAttr("auth0_hook.my_hook", "trigger_id", "pre-user-registration"),
+					resource.TestCheckResourceAttrSet("auth0_hook.my_hook", "enabled"),
+					resource.TestCheckNoResourceAttr("auth0_hook.my_hook", "secrets"),
+					resource.TestCheckNoResourceAttr("auth0_hook.my_hook", "dependencies"),
+				),
+			},
 			{
 				Config: fmt.Sprintf(testAccHookCreate, ""),
 				Check: resource.ComposeTestCheckFunc(
@@ -30,6 +41,14 @@ func TestAccHook(t *testing.T) {
 	})
 }
 
+const testAccHookEmpty = `
+resource "auth0_hook" "my_hook" {
+  name = "pre-user-reg-hook"
+  script = "function (user, context, callback) { callback(null, { user }); }"
+  trigger_id = "pre-user-registration"
+}
+`
+
 const testAccHookCreate = `
 resource "auth0_hook" "my_hook" {
   name = "pre-user-reg-hook"
@@ -81,6 +100,17 @@ func TestAccHookSecrets(t *testing.T) {
 					resource.TestCheckNoResourceAttr("auth0_hook.my_hook", "secrets.bar"),
 				),
 			},
+			{
+				Config: fmt.Sprintf(testAccHookCreate, testAccHookSecretsEmpty),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_hook.my_hook", "name", "pre-user-reg-hook"),
+					resource.TestCheckResourceAttr("auth0_hook.my_hook", "script", "function (user, context, callback) { callback(null, { user }); }"),
+					resource.TestCheckResourceAttr("auth0_hook.my_hook", "trigger_id", "pre-user-registration"),
+					resource.TestCheckResourceAttr("auth0_hook.my_hook", "enabled", "true"),
+					resource.TestCheckResourceAttr("auth0_hook.my_hook", "secrets.%", "0"),
+					resource.TestCheckResourceAttr("auth0_hook.my_hook", "dependencies.%", "0"),
+				),
+			},
 		},
 	})
 }
@@ -113,6 +143,11 @@ const testAccHookSecretsUpdateAndRemoval = `
   }
 `
 
+const testAccHookSecretsEmpty = `
+  dependencies = {}
+  secrets = {}
+`
+
 func TestHookNameRegexp(t *testing.T) {
 	for givenHookName, expectedError := range map[string]bool{
 		"my-hook-1":                 false,

diff --git a/internal/provider/resource_auth0_prompt.go b/internal/provider/resource_auth0_prompt.go
@@ -4,11 +4,14 @@ import (
 	"context"
 
 	"github.com/auth0/go-auth0/management"
+	"github.com/hashicorp/go-cty/cty"
 	"github.com/hashicorp/go-multierror"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+
+	"github.com/auth0/terraform-provider-auth0/internal/value"
 )
 
 func newPrompt() *schema.Resource {
@@ -26,6 +29,7 @@ func newPrompt() *schema.Resource {
 			"universal_login_experience": {
 				Type:     schema.TypeString,
 				Optional: true,
+				Computed: true,
 				ValidateFunc: validation.StringInSlice([]string{
 					"new", "classic",
 				}, false),
@@ -40,6 +44,7 @@ func newPrompt() *schema.Resource {
 			"webauthn_platform_first_factor": {
 				Type:        schema.TypeBool,
 				Optional:    true,
+				Computed:    true,
 				Description: "Determines if the login screen uses identifier and biometrics first.",
 			},
 		},
@@ -71,7 +76,7 @@ func readPrompt(ctx context.Context, d *schema.ResourceData, m interface{}) diag
 func updatePrompt(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
 	api := m.(*management.Management)
 
-	prompt := expandPrompt(d)
+	prompt := expandPrompt(d.GetRawConfig())
 	if err := api.Prompt.Update(prompt); err != nil {
 		return diag.FromErr(err)
 	}
@@ -84,10 +89,16 @@ func deletePrompt(ctx context.Context, d *schema.ResourceData, m interface{}) di
 	return nil
 }
 
-func expandPrompt(d *schema.ResourceData) *management.Prompt {
-	return &management.Prompt{
-		UniversalLoginExperience:    d.Get("universal_login_experience").(string),
-		IdentifierFirst:             Bool(d, "identifier_first"),
-		WebAuthnPlatformFirstFactor: Bool(d, "webauthn_platform_first_factor"),
+func expandPrompt(d cty.Value) *management.Prompt {
+	prompt := management.Prompt{
+		IdentifierFirst:             value.Bool(d.GetAttr("identifier_first")),
+		WebAuthnPlatformFirstFactor: value.Bool(d.GetAttr("webauthn_platform_first_factor")),
+	}
+
+	ule := d.GetAttr("universal_login_experience")
+	if !ule.IsNull() {
+		prompt.UniversalLoginExperience = ule.AsString()
 	}
+
+	return &prompt
 }
diff --git a/internal/provider/resource_auth0_prompt_test.go b/internal/provider/resource_auth0_prompt_test.go
@@ -8,6 +8,12 @@ import (
 	"github.com/auth0/terraform-provider-auth0/internal/recorder"
 )
 
+const testAccPromptEmpty = `
+resource "auth0_prompt" "prompt" {
+	identifier_first = false # Required by API to include at least one property
+}
+`
+
 const testAccPromptCreate = `
 resource "auth0_prompt" "prompt" {
   universal_login_experience = "classic"
@@ -38,6 +44,14 @@ func TestAccPrompt(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		ProviderFactories: testProviders(httpRecorder),
 		Steps: []resource.TestStep{
+			{
+				Config: testAccPromptEmpty,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet("auth0_prompt.prompt", "universal_login_experience"),
+					resource.TestCheckResourceAttr("auth0_prompt.prompt", "identifier_first", "false"),
+					resource.TestCheckResourceAttrSet("auth0_prompt.prompt", "webauthn_platform_first_factor"),
+				),
+			},
 			{
 				Config: testAccPromptCreate,
 				Check: resource.ComposeTestCheckFunc(
@@ -62,6 +76,14 @@ func TestAccPrompt(t *testing.T) {
 					resource.TestCheckResourceAttr("auth0_prompt.prompt", "webauthn_platform_first_factor", "true"),
 				),
 			},
+			{
+				Config: testAccPromptEmpty,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_prompt.prompt", "universal_login_experience", "new"),
+					resource.TestCheckResourceAttr("auth0_prompt.prompt", "identifier_first", "false"),
+					resource.TestCheckResourceAttr("auth0_prompt.prompt", "webauthn_platform_first_factor", "true"),
+				),
+			},
 		},
 	})
 }