Merge pull request #204 from alexkappa/fix-client-jwt-scope

Fix for empty auth0_client.jwt_configuration.scope

.github/release.yml

@@ -2,6 +2,7 @@ builds:
   - binary: "terraform-provider-auth0_v{{ .Version }}"
     env:
       - CGO_ENABLED=0
+      - GOFLAGS=-mod=vendor
     goos:
       - darwin
       - linux

.travis.yml

@@ -13,7 +13,7 @@ cache:
   - $GOPATH/pkg/mod
 
 env:
-  - GO111MODULE=on
+  - GO111MODULE=on GOFLAGS=-mod=vendor
 
 install:
   # This script is used by the Travis build to install a cookie for

CHANGELOG.md

@@ -1,4 +1,5 @@
-## 0.9.0 (Unreleased)
+## 0.10.0 (Unreleased)
+## 0.9.0 (April 14, 2020)
 
 BUG FIXES:
 

GNUmakefile

@@ -8,7 +8,7 @@ WEBSITE_REPO = github.com/hashicorp/terraform-website
 default: build
 
 build: fmtcheck
-	@go install -mod=vendor
+	@go install
 
 install: build
 	@cp $(GOPATH)/bin/terraform-provider-auth0 ~/.terraform.d/plugins

auth0/internal/debug/debug.go

@@ -3,6 +3,7 @@ package debug
 import (
 	"fmt"
 	"log"
+	"sort"
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/terraform"
@@ -15,9 +16,20 @@ func DumpAttr(n string) resource.TestCheckFunc {
 			return fmt.Errorf("Not found: %s", n)
 		}
 		log.Printf("[DEBUG] Attrs: \n")
-		for key, value := range rs.Primary.Attributes {
-			log.Printf("[DEBUG]\t %s: %q\n", key, value)
+		attributes := rs.Primary.Attributes
+		keys := keys(attributes)
+		sort.Strings(keys)
+		for _, key := range keys {
+			log.Printf("[DEBUG]\t %s: %q\n", key, attributes[key])
 		}
 		return nil
 	}
 }
+
+func keys(m map[string]string) []string {
+	out := make([]string, 0, len(m))
+	for k := range m {
+		out = append(out, k)
+	}
+	return out
+}

auth0/provider.go

@@ -70,7 +70,7 @@ func Configure(data *schema.ResourceData) (interface{}, error) {
 	debug := data.Get("debug").(bool)
 
 	userAgent := fmt.Sprintf("Go-Auth0-SDK/%s; Terraform-SDK/%s",
-		auth0.VersionMajor(),
+		auth0.Version,
 		meta.SDKVersionString())
 
 	return management.New(domain, id, secret,

auth0/resource_auth0_client.go

@@ -104,18 +104,21 @@ func newClient() *schema.Resource {
 			"jwt_configuration": {
 				Type:     schema.TypeList,
 				Optional: true,
+				Computed: true,
 				MaxItems: 1,
 				MinItems: 1,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
 						"lifetime_in_seconds": {
 							Type:     schema.TypeInt,
 							Optional: true,
+							Computed: true,
 						},
 						"secret_encoded": {
 							Type:     schema.TypeBool,
 							Optional: true,
 							Computed: true,
+							ForceNew: true,
 						},
 						"scopes": {
 							Type:     schema.TypeMap,
@@ -465,7 +468,7 @@ func newClient() *schema.Resource {
 }
 
 func createClient(d *schema.ResourceData, m interface{}) error {
-	c := buildClient(d)
+	c := expandClient(d)
 	api := m.(*management.Management)
 	if err := api.Client.Create(c); err != nil {
 		return err
@@ -510,16 +513,7 @@ func readClient(d *schema.ResourceData, m interface{}) error {
 	d.Set("custom_login_page_preview", c.CustomLoginPagePreview)
 	d.Set("form_template", c.FormTemplate)
 	d.Set("token_endpoint_auth_method", c.TokenEndpointAuthMethod)
-
-	if jwtConfiguration := c.JWTConfiguration; jwtConfiguration != nil {
-		d.Set("jwt_configuration", map[string]interface{}{
-			"lifetime_in_seconds": jwtConfiguration.LifetimeInSeconds,
-			"secret_encoded":      jwtConfiguration.SecretEncoded,
-			"scopes":              jwtConfiguration.Scopes,
-			"alg":                 jwtConfiguration.Algorithm,
-		})
-	}
-
+	d.Set("jwt_configuration", flattenClientJwtConfiguration(c.JWTConfiguration))
 	d.Set("encryption_key", c.EncryptionKey)
 	d.Set("addons", c.Addons)
 	d.Set("client_metadata", c.ClientMetadata)
@@ -530,7 +524,7 @@ func readClient(d *schema.ResourceData, m interface{}) error {
 }
 
 func updateClient(d *schema.ResourceData, m interface{}) error {
-	c := buildClient(d)
+	c := expandClient(d)
 	api := m.(*management.Management)
 	if clientHasChange(c) {
 		err := api.Client.Update(d.Id(), c)
@@ -561,7 +555,7 @@ func deleteClient(d *schema.ResourceData, m interface{}) error {
 	return err
 }
 
-func buildClient(d *schema.ResourceData) *management.Client {
+func expandClient(d *schema.ResourceData) *management.Client {
 
 	c := &management.Client{
 		Name:                           String(d, "name"),
@@ -590,8 +584,9 @@ func buildClient(d *schema.ResourceData) *management.Client {
 
 	List(d, "jwt_configuration").Elem(func(d Data) {
 		c.JWTConfiguration = &management.ClientJWTConfiguration{
-			LifetimeInSeconds: Int(d, "lifetime_in_seconds"),
-			Algorithm:         String(d, "alg"),
+			LifetimeInSeconds: Int(d, "lifetime_in_seconds", IsNewResource(), HasChange()),
+			SecretEncoded:     Bool(d, "secret_encoded", IsNewResource()),
+			Algorithm:         String(d, "alg", IsNewResource(), HasChange()),
 			Scopes:            Map(d, "scopes"),
 		}
 	})
@@ -700,3 +695,14 @@ func rotateClientSecret(d *schema.ResourceData, m interface{}) error {
 func clientHasChange(c *management.Client) bool {
 	return c.String() != "{}"
 }
+
+func flattenClientJwtConfiguration(jwt *management.ClientJWTConfiguration) []interface{} {
+	m := make(map[string]interface{})
+	if jwt != nil {
+		m["lifetime_in_seconds"] = jwt.LifetimeInSeconds
+		m["secret_encoded"] = jwt.SecretEncoded
+		m["scopes"] = jwt.Scopes
+		m["alg"] = jwt.Algorithm
+	}
+	return []interface{}{m}
+}

auth0/resource_auth0_client_test.go

@@ -274,3 +274,80 @@ resource "auth0_client" "my_client" {
   initiate_login_uri = "https://example.com/login#fragment"
 }
 `
+
+func TestAccClientJwtScopes(t *testing.T) {
+
+	rand := random.String(6)
+
+	resource.Test(t, resource.TestCase{
+		Providers: map[string]terraform.ResourceProvider{
+			"auth0": Provider(),
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: random.Template(testAccClientConfigJwtScopes, rand),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_client.my_client", "jwt_configuration.#", "1"),
+					resource.TestCheckResourceAttr("auth0_client.my_client", "jwt_configuration.0.secret_encoded", "true"),
+					resource.TestCheckResourceAttr("auth0_client.my_client", "jwt_configuration.0.lifetime_in_seconds", "300"),
+					resource.TestCheckResourceAttr("auth0_client.my_client", "jwt_configuration.0.scopes.%", "0"),
+				),
+			},
+			{
+				Config: random.Template(testAccClientConfigJwtScopesUpdate, rand),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr("auth0_client.my_client", "jwt_configuration.#", "1"),
+					resource.TestCheckResourceAttr("auth0_client.my_client", "jwt_configuration.0.alg", "RS256"),
+					resource.TestCheckResourceAttr("auth0_client.my_client", "jwt_configuration.0.lifetime_in_seconds", "300"),
+					resource.TestCheckResourceAttr("auth0_client.my_client", "jwt_configuration.0.scopes.%", "1"),
+					resource.TestCheckResourceAttr("auth0_client.my_client", "jwt_configuration.0.scopes.foo", "bar"),
+					resource.TestCheckResourceAttr("auth0_client.my_client", "jwt_configuration.0.secret_encoded", "true"),
+				),
+			},
+			// {
+			// 	Config: random.Template(testAccClientConfigJwtScopesUpdateAgain, rand),
+			// },
+		},
+	})
+}
+
+const testAccClientConfigJwtScopes = `
+
+resource "auth0_client" "my_client" {
+  name = "Acceptance Test - JWT Scopes - {{.random}}"
+  jwt_configuration {
+    lifetime_in_seconds = 300
+    secret_encoded = true
+    alg = "RS256"
+    scopes = {}
+  }
+}
+`
+
+const testAccClientConfigJwtScopesUpdate = `
+
+resource "auth0_client" "my_client" {
+  name = "Acceptance Test - JWT Scopes - {{.random}}"
+  jwt_configuration {
+    lifetime_in_seconds = 300
+    secret_encoded = true
+    alg = "RS256"
+    scopes = {
+		foo = "bar"
+	}
+  }
+}
+`
+
+const testAccClientConfigJwtScopesUpdateAgain = `
+
+resource "auth0_client" "my_client" {
+  name = "Acceptance Test - JWT Scopes - {{.random}}"
+  jwt_configuration {
+    lifetime_in_seconds = 300
+    secret_encoded = true
+    alg = "RS256"
+    scopes = {} # leaving scopes empty will not update, known json behavior which triggers this bug
+  }
+}
+`

go.mod

@@ -5,5 +5,5 @@ go 1.13
 require (
 	github.com/hashicorp/go-multierror v1.1.0
 	github.com/hashicorp/terraform-plugin-sdk v1.9.1
-	gopkg.in/auth0.v4 v4.3.1
+	gopkg.in/auth0.v4 v4.3.3
 )

go.sum

@@ -11,6 +11,8 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/PuerkitoBio/rehttp v0.0.0-20180310210549-11cf6ea5d3e9 h1:VE0eMvNSQI72dADsq4gm5KpNPmt97WgqneTfaS5MWrs=
 github.com/PuerkitoBio/rehttp v0.0.0-20180310210549-11cf6ea5d3e9/go.mod h1:ItsOiHl4XeMOV3rzbZqQRjLc3QQxbE6391/9iNG7rE8=
+github.com/PuerkitoBio/rehttp v1.0.0 h1:aJ7A7YI2lIvOxcJVeUZY4P6R7kKZtLeONjgyKGwOIu8=
+github.com/PuerkitoBio/rehttp v1.0.0/go.mod h1:ItsOiHl4XeMOV3rzbZqQRjLc3QQxbE6391/9iNG7rE8=
 github.com/agext/levenshtein v1.2.1 h1:QmvMAjj2aEICytGiWzmxoE0x2KZvE0fvmqMOfy2tjT8=
 github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558=
 github.com/agext/levenshtein v1.2.2 h1:0S/Yg6LYmFJ5stwQeRp6EeOcCbj7xiqQSdNelsXvaqE=
@@ -259,6 +261,8 @@ golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a h1:tImsplftrFpALCYumobsd0
 golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BGiEpg5IG2JkU5FkPIawgtw=
+golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -357,6 +361,8 @@ gopkg.in/auth0.v4 v4.2.0 h1:pVU7ezBMwKNHY9Tv/a3rlokyxhgo8r8BFFBvsSdBp40=
 gopkg.in/auth0.v4 v4.2.0/go.mod h1:B9QUu0MG0np724IVcwWu/azhsckQ+3/niPVtQEThPlU=
 gopkg.in/auth0.v4 v4.3.1 h1:A8QTYcrMvRCd9pjaupk+BSHJgS0rrS7zMssUZwSgNcM=
 gopkg.in/auth0.v4 v4.3.1/go.mod h1:AXTju4pos7DDjJmMctlRnmdZRfYALW56O3XuDjmEFYs=
+gopkg.in/auth0.v4 v4.3.3 h1:adPjwLB2UoSwUZIbcIKBEe/diMbGvfokZHseqFMq1D8=
+gopkg.in/auth0.v4 v4.3.3/go.mod h1:6ZOcoQequCmURgwJnGIX09/51deRWVRpUaUP8p1Jbpk=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=