[1/X] Bump github.com/auth0/go-auth0 from 0.10.1 to 0.11.0 (#336)

* Bump github.com/auth0/go-auth0 from 0.10.1 to 0.11.0

Bumps [github.com/auth0/go-auth0](https://github.com/auth0/go-auth0) from 0.10.1 to 0.11.0.
- [Release notes](https://github.com/auth0/go-auth0/releases)
- [Changelog](https://github.com/auth0/go-auth0/blob/main/CHANGELOG.md)
- [Commits](auth0/go-auth0@v0.10.1...v0.11.0)

---
updated-dependencies:
- dependency-name: github.com/auth0/go-auth0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* [2/X] Refactor actions resource to allow for empty fields (#337)

* Refactor actions resource to allow for empty fields

* Refactor actions trigger binding resource to allow for empty fields

* [3/X] Refactor attack protection resource to allow for empty fields (#338)

* Refactor attack protection resource to allow for empty fields

* [4/X] Refactor branding resources to allow for empty fields (#339)

* Refactor branding resources to allow for empty fields

* [5/X] Refactor client resources to allow for empty fields (#340)

* Refactor client resources to allow for empty fields

* [6/X] Refactor connection resources to allow for empty fields (#341)

* Refactor client resources to allow for empty fields

* Refactor connection resources to allow for empty fields

* [7/X] Refactor guardian resources to allow for empty fields (#342)

* Refactor guardian resources to allow for empty fields

* Early return for erroneous guardian API requests

* Early return for erroneous guardian API requests

* [8/X] Refactor orgs to allow for empty fields and remove deprecated field (#343)

* Refactor ors to allow for empty fields and remove deprecated field

* [9/X] Refactor email resources to allow for empty fields (#344)

* Refactor email resources to allow for empty fields

* [10/X] Refactor resource server resources to allow for empty fields (#345)

* Refactor resource server resources to allow for empty fields

* [11/X] Refactor tenant resource to allow for empty fields (#346)

* Refactor tenant resource to allow for empty fields

* [12/X] Refactor custom domain resource to allow for empty fields (#347)

* Refactor custom domain resource to allow for empty fields

* [13/X] Refactor user resource to allow for empty fields (#348)

* Refactor user resource to allow for empty fields

* [14/X] Refactor role and rule resources to allow for empty fields (#349)

* Refactor role and rule resources to allow for empty fields

* [15/X] Refactor log stream resource to allow for empty fields (#350)

* Refactor log stream resource to allow for empty fields

* [16/X] Refactor prompts resource to allow for empty fields (#351)

* Refactor prompts resource to allow for empty fields

* [17/X] Refactor hooks resource to allow for empty fields (#352)

Refactor hooks resource to allow for empty fields

* Fix small issue with log stream filters

* Adding user_id back in to tests

Co-authored-by: Will Vedder <will.vedder@okta.com>

Co-authored-by: Will Vedder <will.vedder@okta.com>

* Removing default audience string replace

* Removing unncessary check

Co-authored-by: Will Vedder <will.vedder@okta.com>

Co-authored-by: Will Vedder <will.vedder@okta.com>

Co-authored-by: Will Vedder <will.vedder@okta.com>

Co-authored-by: Will Vedder <will.vedder@okta.com>

Co-authored-by: Will Vedder <will.vedder@okta.com>

* Adding extra assertion

Co-authored-by: Will Vedder <will.vedder@okta.com>

Co-authored-by: Will Vedder <will.vedder@okta.com>

Co-authored-by: Will Vedder <will.vedder@okta.com>

Co-authored-by: Will Vedder <will.vedder@okta.com>

* Adding test for multiple depss

* Adding stop

Co-authored-by: Will Vedder <will.vedder@okta.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sergiu Ghitea <28300158+sergiught@users.noreply.github.com>
Co-authored-by: Will Vedder <will.vedder@okta.com>

docs/resources/organization.md

@@ -44,7 +44,6 @@ resource "auth0_organization" "my_organization" {
 ### Optional
 
 - `branding` (Block List, Max: 1) Defines how to style the login pages. (see [below for nested schema](#nestedblock--branding))
-- `connections` (Block Set, Deprecated) (see [below for nested schema](#nestedblock--connections))
 - `display_name` (String) Friendly name of this organization.
 - `metadata` (Map of String) Metadata associated with the organization. Maximum of 10 metadata properties allowed.
 
@@ -60,18 +59,6 @@ Optional:
 - `colors` (Map of String) Color scheme used to customize the login pages.
 - `logo_url` (String) URL of logo to display on login page.
 
-
-<a id="nestedblock--connections"></a>
-### Nested Schema for `connections`
-
-Required:
-
-- `connection_id` (String) The connection ID of the connection to add to the organization.
-
-Optional:
-
-- `assign_membership_on_login` (Boolean) When `true`, all users that log in with this connection will be automatically granted membership in the organization. When `false`, users must be granted membership in the organization before logging in with this connection.
-
 ## Import
 
 Import is supported using the following syntax:

docs/resources/resource_server.md

@@ -35,11 +35,14 @@ resource "auth0_resource_server" "my_resource_server" {
 <!-- schema generated by tfplugindocs -->
 ## Schema
 
+### Required
+
+- `identifier` (String) Unique identifier for the resource server. Used as the audience parameter for authorization calls. Cannot be changed once set.
+
 ### Optional
 
 - `allow_offline_access` (Boolean) Indicates whether refresh tokens can be issued for this resource server.
 - `enforce_policies` (Boolean) Indicates whether authorization polices are enforced.
-- `identifier` (String) Unique identifier for the resource server. Used as the audience parameter for authorization calls. Cannot be changed once set.
 - `name` (String) Friendly name for the resource server. Cannot include `<` or `>` characters.
 - `options` (Map of String) Used to store additional metadata.
 - `scopes` (Block Set) List of permissions (scopes) used by this resource server. (see [below for nested schema](#nestedblock--scopes))

go.mod

@@ -3,7 +3,7 @@ module github.com/auth0/terraform-provider-auth0
 go 1.18
 
 require (
-	github.com/auth0/go-auth0 v0.10.1
+	github.com/auth0/go-auth0 v0.11.0
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/go-multierror v1.1.1
 	github.com/hashicorp/terraform-plugin-docs v0.13.0

go.sum

@@ -63,8 +63,8 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj
 github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
 github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
-github.com/auth0/go-auth0 v0.10.1 h1:UXBWqXRHkjcOn9z7tI7UeEATFzCWV6P8++7ObcW61Ug=
-github.com/auth0/go-auth0 v0.10.1/go.mod h1:XtmeQ7vZzyss3AAaLXMpupn28Y1Xj/DCt1IGEJRZ2gY=
+github.com/auth0/go-auth0 v0.11.0 h1:mxqbDMe91wjX3hvtPU/T7BdJqjgNQUJ02ZaROm/WRKA=
+github.com/auth0/go-auth0 v0.11.0/go.mod h1:XtmeQ7vZzyss3AAaLXMpupn28Y1Xj/DCt1IGEJRZ2gY=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
 github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=

internal/provider/data_source_auth0_client_test.go

@@ -10,17 +10,24 @@ import (
 	"github.com/auth0/terraform-provider-auth0/internal/template"
 )
 
+const testAccGivenAClient = `
+resource "auth0_client" "my_client" {
+	name     = "Acceptance Test - {{.testName}}"
+	app_type = "non_interactive"
+}
+`
+
 const testAccDataClientConfigByName = `
-%v
-data auth0_client test {
-  name = "Acceptance Test - {{.testName}}"
+data "auth0_client" "test" {
+	depends_on = [ auth0_client.my_client ]
+
+	name = "Acceptance Test - {{.testName}}"
 }
 `
 
 const testAccDataClientConfigByID = `
-%v
-data auth0_client test {
-  client_id = auth0_client.my_client.client_id
+data "auth0_client" "test" {
+	client_id = auth0_client.my_client.client_id
 }
 `
 
@@ -32,18 +39,12 @@ func TestAccDataClientByName(t *testing.T) {
 		PreventPostDestroyRefresh: true,
 		Steps: []resource.TestStep{
 			{
-				Config: template.ParseTestName(testAccClientConfig, t.Name()),
-				Check: resource.ComposeTestCheckFunc(
-					resource.TestCheckResourceAttr("auth0_client.my_client", "name", fmt.Sprintf("Acceptance Test - %s", t.Name())),
-				), // check that the client got created correctly before using the data source
-			},
-			{
-				Config: template.ParseTestName(fmt.Sprintf(testAccDataClientConfigByName, testAccClientConfig), t.Name()),
+				Config: template.ParseTestName(testAccGivenAClient+testAccDataClientConfigByName, t.Name()),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttrSet("data.auth0_client.test", "client_id"),
-					resource.TestCheckResourceAttr("data.auth0_client.test", "signing_keys.#", "1"), // checks that signing_keys is set, and it includes 1 element
+					resource.TestCheckResourceAttr("data.auth0_client.test", "signing_keys.#", "1"),
 					resource.TestCheckResourceAttr("data.auth0_client.test", "name", fmt.Sprintf("Acceptance Test - %v", t.Name())),
-					resource.TestCheckResourceAttr("data.auth0_client.test", "app_type", "non_interactive"), // Arbitrary property selection
+					resource.TestCheckResourceAttr("data.auth0_client.test", "app_type", "non_interactive"),
 					resource.TestCheckNoResourceAttr("data.auth0_client.test", "client_secret_rotation_trigger"),
 				),
 			},
@@ -59,17 +60,11 @@ func TestAccDataClientById(t *testing.T) {
 		PreventPostDestroyRefresh: true,
 		Steps: []resource.TestStep{
 			{
-				Config: template.ParseTestName(testAccClientConfig, t.Name()),
-				Check: resource.ComposeTestCheckFunc(
-					resource.TestCheckResourceAttr("auth0_client.my_client", "name", fmt.Sprintf("Acceptance Test - %v", t.Name())),
-				), // check that the client got created correctly before using the data source
-			},
-			{
-				Config: template.ParseTestName(fmt.Sprintf(testAccDataClientConfigByID, testAccClientConfig), t.Name()),
+				Config: template.ParseTestName(testAccGivenAClient+testAccDataClientConfigByID, t.Name()),
 				Check: resource.ComposeTestCheckFunc(
 					resource.TestCheckResourceAttrSet("data.auth0_client.test", "id"),
 					resource.TestCheckResourceAttrSet("data.auth0_client.test", "name"),
-					resource.TestCheckResourceAttr("data.auth0_client.test", "signing_keys.#", "1"), // checks that signing_keys is set, and it includes 1 element
+					resource.TestCheckResourceAttr("data.auth0_client.test", "signing_keys.#", "1"),
 					resource.TestCheckNoResourceAttr("data.auth0_client.test", "client_secret_rotation_trigger"),
 				),
 			},

internal/provider/resource_auth0_action.go

@@ -12,6 +12,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+
+	"github.com/auth0/terraform-provider-auth0/internal/value"
 )
 
 func newAction() *schema.Resource {
@@ -127,9 +129,9 @@ func newAction() *schema.Resource {
 }
 
 func createAction(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
-	action := expandAction(d)
-
 	api := m.(*management.Management)
+
+	action := expandAction(d.GetRawConfig())
 	if err := api.Action.Create(action); err != nil {
 		return diag.FromErr(err)
 	}
@@ -145,6 +147,7 @@ func createAction(ctx context.Context, d *schema.ResourceData, m interface{}) di
 
 func readAction(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
 	api := m.(*management.Management)
+
 	action, err := api.Action.Read(d.Id())
 	if err != nil {
 		if mErr, ok := err.(management.Error); ok {
@@ -160,7 +163,7 @@ func readAction(ctx context.Context, d *schema.ResourceData, m interface{}) diag
 		d.Set("name", action.Name),
 		d.Set("supported_triggers", flattenActionTriggers(action.SupportedTriggers)),
 		d.Set("code", action.Code),
-		d.Set("dependencies", flattenActionDependencies(action.Dependencies)),
+		d.Set("dependencies", flattenActionDependencies(action.GetDependencies())),
 		d.Set("runtime", action.Runtime),
 	)
 
@@ -172,15 +175,14 @@ func readAction(ctx context.Context, d *schema.ResourceData, m interface{}) diag
 }
 
 func updateAction(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
-	action := expandAction(d)
-
 	api := m.(*management.Management)
 
 	diagnostics := preventErasingUnmanagedSecrets(d, api)
 	if diagnostics.HasError() {
 		return diagnostics
 	}
 
+	action := expandAction(d.GetRawConfig())
 	if err := api.Action.Update(d.Id(), action); err != nil {
 		return diag.FromErr(err)
 	}
@@ -194,16 +196,16 @@ func updateAction(ctx context.Context, d *schema.ResourceData, m interface{}) di
 
 func deleteAction(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
 	api := m.(*management.Management)
+
 	if err := api.Action.Delete(d.Id()); err != nil {
-		if mErr, ok := err.(management.Error); ok {
-			if mErr.Status() == http.StatusNotFound {
-				d.SetId("")
-				return nil
-			}
+		if mErr, ok := err.(management.Error); ok && mErr.Status() == http.StatusNotFound {
+			d.SetId("")
+			return nil
 		}
 		return diag.FromErr(err)
 	}
 
+	d.SetId("")
 	return nil
 }
 
@@ -276,12 +278,12 @@ func preventErasingUnmanagedSecrets(d *schema.ResourceData, api *management.Mana
 	oldSecrets, newSecrets := d.GetChange("secrets")
 	allSecrets := append(oldSecrets.([]interface{}), newSecrets.([]interface{})...)
 
-	return checkForUnmanagedActionSecrets(allSecrets, preUpdateAction.Secrets)
+	return checkForUnmanagedActionSecrets(allSecrets, preUpdateAction.GetSecrets())
 }
 
 func checkForUnmanagedActionSecrets(
 	secretsFromConfig []interface{},
-	secretsFromAPI []*management.ActionSecret,
+	secretsFromAPI []management.ActionSecret,
 ) diag.Diagnostics {
 	secretKeysInConfigMap := make(map[string]bool, len(secretsFromConfig))
 	for _, secret := range secretsFromConfig {
@@ -308,57 +310,95 @@ func checkForUnmanagedActionSecrets(
 	return diagnostics
 }
 
-func expandAction(d *schema.ResourceData) *management.Action {
+func expandAction(config cty.Value) *management.Action {
 	action := &management.Action{
-		Name:    String(d, "name"),
-		Code:    String(d, "code"),
-		Runtime: String(d, "runtime"),
+		Name:              value.String(config.GetAttr("name")),
+		Code:              value.String(config.GetAttr("code")),
+		Runtime:           value.String(config.GetAttr("runtime")),
+		SupportedTriggers: expandActionTriggers(config.GetAttr("supported_triggers")),
+		Dependencies:      expandActionDependencies(config.GetAttr("dependencies")),
+		Secrets:           expandActionSecrets(config.GetAttr("secrets")),
 	}
 
-	List(d, "supported_triggers").Elem(func(d ResourceData) {
-		action.SupportedTriggers = []*management.ActionTrigger{
-			{
-				ID:      String(d, "id"),
-				Version: String(d, "version"),
-			},
-		}
+	return action
+}
+
+func expandActionTriggers(triggers cty.Value) []management.ActionTrigger {
+	if triggers.IsNull() {
+		return nil
+	}
+
+	supportedTriggers := make([]management.ActionTrigger, 0)
+
+	triggers.ForEachElement(func(_ cty.Value, triggers cty.Value) (stop bool) {
+		supportedTriggers = append(supportedTriggers, management.ActionTrigger{
+			ID:      value.String(triggers.GetAttr("id")),
+			Version: value.String(triggers.GetAttr("version")),
+		})
+		return stop
 	})
 
-	Set(d, "dependencies").Elem(func(d ResourceData) {
-		action.Dependencies = append(action.Dependencies, &management.ActionDependency{
-			Name:    String(d, "name"),
-			Version: String(d, "version"),
+	return supportedTriggers
+}
+
+func expandActionDependencies(dependencies cty.Value) *[]management.ActionDependency {
+	if dependencies.IsNull() {
+		return nil
+	}
+
+	actionDependencies := make([]management.ActionDependency, 0)
+
+	dependencies.ForEachElement(func(_ cty.Value, dep cty.Value) (stop bool) {
+		actionDependencies = append(actionDependencies, management.ActionDependency{
+			Name:    value.String(dep.GetAttr("name")),
+			Version: value.String(dep.GetAttr("version")),
 		})
+		return stop
 	})
 
-	List(d, "secrets").Elem(func(d ResourceData) {
-		action.Secrets = append(action.Secrets, &management.ActionSecret{
-			Name:  String(d, "name"),
-			Value: String(d, "value"),
+	return &actionDependencies
+}
+
+func expandActionSecrets(secrets cty.Value) *[]management.ActionSecret {
+	if secrets.IsNull() {
+		return nil
+	}
+
+	actionSecrets := make([]management.ActionSecret, 0)
+
+	secrets.ForEachElement(func(_ cty.Value, secret cty.Value) (stop bool) {
+		actionSecrets = append(actionSecrets, management.ActionSecret{
+			Name:  value.String(secret.GetAttr("name")),
+			Value: value.String(secret.GetAttr("value")),
 		})
+		return stop
 	})
 
-	return action
+	return &actionSecrets
 }
 
-func flattenActionTriggers(triggers []*management.ActionTrigger) []interface{} {
+func flattenActionTriggers(triggers []management.ActionTrigger) []interface{} {
 	var result []interface{}
+
 	for _, trigger := range triggers {
 		result = append(result, map[string]interface{}{
-			"id":      trigger.ID,
-			"version": trigger.Version,
+			"id":      trigger.GetID(),
+			"version": trigger.GetVersion(),
 		})
 	}
+
 	return result
 }
 
-func flattenActionDependencies(dependencies []*management.ActionDependency) []interface{} {
+func flattenActionDependencies(dependencies []management.ActionDependency) []interface{} {
 	var result []interface{}
+
 	for _, dependency := range dependencies {
 		result = append(result, map[string]interface{}{
-			"name":    dependency.Name,
-			"version": dependency.Version,
+			"name":    dependency.GetName(),
+			"version": dependency.GetVersion(),
 		})
 	}
+
 	return result
 }