azuread_client_config: return an error is object_id is empty

hashicorp · Dec 16, 2020 · 14b1fa8 · 14b1fa8
1 parent 408f76d
commit 14b1fa8
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/internal/services/serviceprincipals/client_config_data_source_msgraph.go b/internal/services/serviceprincipals/client_config_data_source_msgraph.go
@@ -2,6 +2,7 @@ package serviceprincipals
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
@@ -14,9 +15,9 @@ import (
 func clientConfigDataSourceReadMsGraph(_ context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
 	client := meta.(*clients.Client)
 
-	objectId := ""
-	if client.Claims.ObjectId != "" {
-		objectId = client.Claims.ObjectId
+	objectId := client.Claims.ObjectId
+	if client.Claims.ObjectId == "" {
+		return tf.ErrorDiagPathF(errors.New("oid claim in access token is empty"), "object_id", "Could not determine object ID of authenticated principal")
 	}
 
 	d.SetId(fmt.Sprintf("%s-%s-%s", client.TenantID, client.ClientID, objectId))