From f4ee1bb53e3bf09bd61d1f908a2f2a72364dc080 Mon Sep 17 00:00:00 2001 From: Sune Keller Date: Wed, 8 Jul 2020 12:16:18 +0200 Subject: [PATCH 01/11] Add oauth2_authorization and openid_authentication Signed-off-by: Sune Keller --- .../api_management_api_resource.go | 123 ++++++++++++++++++ .../tests/api_management_api_resource_test.go | 122 ++++++++++++++--- .../docs/r/api_management_api.html.markdown | 20 +++ 3 files changed, 249 insertions(+), 16 deletions(-) diff --git a/azurerm/internal/services/apimanagement/api_management_api_resource.go b/azurerm/internal/services/apimanagement/api_management_api_resource.go index 096448636596..38a05fed4c2a 100644 --- a/azurerm/internal/services/apimanagement/api_management_api_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_api_resource.go @@ -175,6 +175,53 @@ func resourceArmApiManagementApi() *schema.Resource { Default: false, }, + "oauth2_authorization": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "authorization_server_name": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validate.ApiManagementChildName, + }, + "scope": { + Type: schema.TypeString, + Optional: true, + // There is currently no validation, as any length and characters can be used in the field + }, + }, + }, + }, + + "openid_authentication": { + Type: schema.TypeList, + Optional: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "openid_provider_name": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validate.ApiManagementChildName, + }, + "bearer_token_sending_methods": { + Type: schema.TypeSet, + Optional: true, + ValidateFunc: nil, + Elem: &schema.Schema{ + Type: schema.TypeString, + ValidateFunc: validation.StringInSlice([]string{ + string(apimanagement.BearerTokenSendingMethodsAuthorizationHeader), + string(apimanagement.BearerTokenSendingMethodsQuery), + }, false), + }, + }, + }, + }, + }, + // Computed "is_current": { Type: schema.TypeBool, @@ -306,6 +353,24 @@ func resourceArmApiManagementApiCreateUpdate(d *schema.ResourceData, meta interf subscriptionKeyParameterNamesRaw := d.Get("subscription_key_parameter_names").([]interface{}) subscriptionKeyParameterNames := expandApiManagementApiSubscriptionKeyParamNames(subscriptionKeyParameterNamesRaw) + authenticationSettings := &apimanagement.AuthenticationSettingsContract{} + if vs, hasOAuth2Authorization := d.GetOk("oauth2_authorization"); hasOAuth2Authorization { + oAuth2AuthorizationVs := vs.([]interface{}) + oAuth2AuthorizationV := oAuth2AuthorizationVs[0].(map[string]interface{}) + authenticationSettings.OAuth2 = &apimanagement.OAuth2AuthenticationSettingsContract{ + AuthorizationServerID: utils.String(oAuth2AuthorizationV["authorization_server_name"].(string)), + Scope: utils.String(oAuth2AuthorizationV["scope"].(string)), + } + } + if vs, hasOpenIDAuthorization := d.GetOk("openid_authentication"); hasOpenIDAuthorization { + openIDAuthorizationVs := vs.([]interface{}) + openIDAuthorizationV := openIDAuthorizationVs[0].(map[string]interface{}) + authenticationSettings.Openid = &apimanagement.OpenIDAuthenticationSettingsContract{ + OpenidProviderID: utils.String(openIDAuthorizationV["openid_provider_name"].(string)), + BearerTokenSendingMethods: expandApiManagementOpenIDAuthenticationSettingsBearerTokenSendingMethods(openIDAuthorizationV["bearer_token_sending_methods"].([]interface{})), + } + } + params := apimanagement.APICreateOrUpdateParameter{ APICreateOrUpdateProperties: &apimanagement.APICreateOrUpdateProperties{ APIType: apiType, @@ -318,6 +383,7 @@ func resourceArmApiManagementApiCreateUpdate(d *schema.ResourceData, meta interf SubscriptionKeyParameterNames: subscriptionKeyParameterNames, APIVersion: utils.String(version), SubscriptionRequired: &subscriptionRequired, + AuthenticationSettings: authenticationSettings, }, } @@ -403,6 +469,14 @@ func resourceArmApiManagementApiRead(d *schema.ResourceData, meta interface{}) e if err := d.Set("subscription_key_parameter_names", flattenApiManagementApiSubscriptionKeyParamNames(props.SubscriptionKeyParameterNames)); err != nil { return fmt.Errorf("setting `subscription_key_parameter_names`: %+v", err) } + + if err := d.Set("oauth2_authorization", flattenApiManagementOAuth2Authorization(props.AuthenticationSettings.OAuth2)); err != nil { + return fmt.Errorf("setting `oauth2_authorization`: %+v", err) + } + + if err := d.Set("openid_authentication", flattenApiManagementOpenidAuthentication(props.AuthenticationSettings.Openid)); err != nil { + return fmt.Errorf("setting `openid_authentication`: %+v", err) + } } return nil @@ -494,3 +568,52 @@ func flattenApiManagementApiSubscriptionKeyParamNames(paramNames *apimanagement. return []interface{}{result} } + +func expandApiManagementOpenIDAuthenticationSettingsBearerTokenSendingMethods(input interface{}) *[]apimanagement.BearerTokenSendingMethods { + if input == nil { + return nil + } + results := make([]apimanagement.BearerTokenSendingMethods, 0) + + vs := input.(*schema.Set).List() + for _, v := range vs { + results = append(results, apimanagement.BearerTokenSendingMethods(v.(string))) + } + + return &results +} + +func flattenApiManagementOAuth2Authorization(input *apimanagement.OAuth2AuthenticationSettingsContract) []interface{} { + if input == nil { + return make([]interface{}, 0) + } + + result := make(map[string]interface{}) + + result["authorization_server_name"] = *input.AuthorizationServerID + if input.Scope != nil { + result["scope"] = *input.Scope + } + + return []interface{}{result} +} + +func flattenApiManagementOpenidAuthentication(input *apimanagement.OpenIDAuthenticationSettingsContract) []interface{} { + if input == nil { + return make([]interface{}, 0) + } + + result := make(map[string]interface{}) + + result["openid_provider_name"] = *input.OpenidProviderID + + bearerTokenSendingMethods := make([]interface{}, 0) + if s := input.BearerTokenSendingMethods; s != nil { + for _, v := range *s { + bearerTokenSendingMethods = append(bearerTokenSendingMethods, v) + } + } + result["bearer_token_sending_methods"] = schema.NewSet(schema.HashString, bearerTokenSendingMethods) + + return []interface{}{result} +} diff --git a/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go b/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go index 20c7899ebce1..9e12dc9dc886 100644 --- a/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go +++ b/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go @@ -120,6 +120,44 @@ func TestAccAzureRMApiManagementApi_version(t *testing.T) { }) } +func TestAccAzureRMApiManagementApi_oauth2Authorization(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_api_management_api", "test") + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acceptance.PreCheck(t) }, + Providers: acceptance.SupportedProviders, + CheckDestroy: testCheckAzureRMApiManagementApiDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAzureRMApiManagementApi_oauth2Authorization(data), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApiManagementApiExists(data.ResourceName), + ), + }, + data.ImportStep(), + }, + }) +} + +func TestAccAzureRMApiManagementApi_openidAuthentication(t *testing.T) { + data := acceptance.BuildTestData(t, "azurerm_api_management_api", "test") + + resource.Test(t, resource.TestCase{ + PreCheck: func() { acceptance.PreCheck(t) }, + Providers: acceptance.SupportedProviders, + CheckDestroy: testCheckAzureRMApiManagementApiDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAzureRMApiManagementApi_openidAuthentication(data), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApiManagementApiExists(data.ResourceName), + ), + }, + data.ImportStep(), + }, + }) +} + func TestAccAzureRMApiManagementApi_requiresImport(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_api_management_api", "test") @@ -575,31 +613,82 @@ resource "azurerm_api_management_api" "test" { `, template, data.RandomInteger, data.RandomInteger) } -func testAccAzureRMApiManagementApi_template(data acceptance.TestData) string { +func testAccAzureRMApiManagementApi_oauth2Authorization(data acceptance.TestData) string { + template := testAccAzureRMApiManagementApi_template(data) return fmt.Sprintf(` -provider "azurerm" { - features {} +%s + +resource "azurerm_api_management_authorization_server" "test" { + name = "acctestauthsrv-%d" + resource_group_name = azurerm_resource_group.test.name + api_management_name = azurerm_api_management.test.name + display_name = "Test Group" + authorization_endpoint = "https://azacctest.hashicorptest.com/client/authorize" + client_id = "42424242-4242-4242-4242-424242424242" + client_registration_endpoint = "https://azacctest.hashicorptest.com/client/register" + + grant_types = [ + "implicit", + ] + + authorization_methods = [ + "GET", + ] } -resource "azurerm_resource_group" "test" { - name = "acctestRG-%d" - location = "%s" +resource "azurerm_api_management_api" "test" { + name = "acctestapi-%d" + resource_group_name = azurerm_resource_group.test.name + api_management_name = azurerm_api_management.test.name + display_name = "api1" + path = "api1" + protocols = ["https"] + revision = "1" + version = "v1" + oauth2_authorization { + authorization_server_name = azurerm_api_management_authorization_server.test.name + scope = "acctest" + } +} +`, template, data.RandomInteger, data.RandomInteger) } -resource "azurerm_api_management" "test" { - name = "acctestAM-%d" - location = azurerm_resource_group.test.location +func testAccAzureRMApiManagementApi_openidAuthentication(data acceptance.TestData) string { + template := testAccAzureRMApiManagementApi_template(data) + return fmt.Sprintf(` +%s + +resource "azurerm_api_management_openid_connect_provider" "test" { + name = "acctest-%d" + api_management_name = azurerm_api_management.test.name resource_group_name = azurerm_resource_group.test.name - publisher_name = "pub1" - publisher_email = "pub1@email.com" + client_id = "00001111-2222-3333-%d" + client_secret = "%d-cwdavsxbacsaxZX-%d" + display_name = "Initial Name" + metadata_endpoint = "https://azacctest.hashicorptest.com/example/foo" +} - sku_name = "Developer_1" +resource "azurerm_api_management_api" "test" { + name = "acctestapi-%d" + resource_group_name = azurerm_resource_group.test.name + api_management_name = azurerm_api_management.test.name + display_name = "api1" + path = "api1" + protocols = ["https"] + revision = "1" + version = "v1" + openid_authentication { + openid_provider_name = azurerm_api_management_openid_connect_provider.test.name + bearer_token_sending_methods = [ + "authorizationHeader", + "query", + ] + } } -`, data.RandomInteger, data.Locations.Primary, data.RandomInteger) +`, template, data.RandomInteger, data.RandomInteger) } -// Remove in 2.0 -func testAccAzureRMApiManagementApi_templateClassic(data acceptance.TestData) string { +func testAccAzureRMApiManagementApi_template(data acceptance.TestData) string { return fmt.Sprintf(` provider "azurerm" { features {} @@ -616,7 +705,8 @@ resource "azurerm_api_management" "test" { resource_group_name = azurerm_resource_group.test.name publisher_name = "pub1" publisher_email = "pub1@email.com" - sku_name = "Developer_1" + + sku_name = "Developer_1" } `, data.RandomInteger, data.Locations.Primary, data.RandomInteger) } diff --git a/website/docs/r/api_management_api.html.markdown b/website/docs/r/api_management_api.html.markdown index d20bcc428351..028688100832 100644 --- a/website/docs/r/api_management_api.html.markdown +++ b/website/docs/r/api_management_api.html.markdown @@ -68,6 +68,10 @@ The following arguments are supported: * `import` - (Optional) A `import` block as documented below. +* `oauth2_authorization` - (Optional) An `oauth2_authorization` block as documented below. + +* `openid_authentication` - (Optional) An `openid_authentication` block as documented below. + * `service_url` - (Optional) Absolute URL of the backend service implementing this API. * `soap_pass_through` - (Optional) Should this API expose a SOAP frontend, rather than a HTTP frontend? Defaults to `false`. @@ -94,6 +98,22 @@ A `import` block supports the following: --- +A `oauth2_authorization` block supports the following: + +* `authorization_server_name` - (Required) OAuth authorization server identifier. The name of an [OAuth2 Authorization Server](https://www.terraform.io/docs/providers/azurerm/r/api_management_authorization_server.html). + +* `scope` - (Optional) Operations scope. + +--- + +A `openid_authentication` block supports the following: + +* `openid_provider_name` - (Required) OpenID Connect provider identifier. The name of an [OpenID Connect Provider](https://www.terraform.io/docs/providers/azurerm/r/api_management_openid_connect_provider.html). + +* `bearer_token_sending_methods` - (Optional) How to send token to the server. A list of zero or more methods. Valid values are `authorizationHeader` and `query`. + +--- + A `subscription_key_parameter_names` block supports the following: * `header` - (Required) The name of the HTTP Header which should be used for the Subscription Key. From db13fe54ee11653ff5bf92c9225661e696022e5d Mon Sep 17 00:00:00 2001 From: Sune Keller Date: Wed, 8 Jul 2020 13:15:54 +0200 Subject: [PATCH 02/11] Remove testAccAzureRMApiManagementApi_basicClassic and TestAccAzureRMApiManagementApi_basicClassic Signed-off-by: Sune Keller --- .../tests/api_management_api_resource_test.go | 41 ------------------- 1 file changed, 41 deletions(-) diff --git a/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go b/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go index 9e12dc9dc886..3c77a2b2aa95 100644 --- a/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go +++ b/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go @@ -34,29 +34,6 @@ func TestAccAzureRMApiManagementApi_basic(t *testing.T) { }) } -// Remove in 2.0 -func TestAccAzureRMApiManagementApi_basicClassic(t *testing.T) { - data := acceptance.BuildTestData(t, "azurerm_api_management_api", "test") - - resource.Test(t, resource.TestCase{ - PreCheck: func() { acceptance.PreCheck(t) }, - Providers: acceptance.SupportedProviders, - CheckDestroy: testCheckAzureRMApiManagementApiDestroy, - Steps: []resource.TestStep{ - { - Config: testAccAzureRMApiManagementApi_basicClassic(data), - Check: resource.ComposeTestCheckFunc( - testCheckAzureRMApiManagementApiExists(data.ResourceName), - resource.TestCheckResourceAttr(data.ResourceName, "soap_pass_through", "false"), - resource.TestCheckResourceAttr(data.ResourceName, "is_current", "true"), - resource.TestCheckResourceAttr(data.ResourceName, "is_online", "false"), - ), - }, - data.ImportStep(), - }, - }) -} - func TestAccAzureRMApiManagementApi_wordRevision(t *testing.T) { data := acceptance.BuildTestData(t, "azurerm_api_management_api", "test") @@ -408,24 +385,6 @@ resource "azurerm_api_management_api" "test" { `, template, data.RandomInteger) } -// Remove in 2.0 -func testAccAzureRMApiManagementApi_basicClassic(data acceptance.TestData) string { - template := testAccAzureRMApiManagementApi_templateClassic(data) - return fmt.Sprintf(` -%s - -resource "azurerm_api_management_api" "test" { - name = "acctestapi-%d" - resource_group_name = azurerm_resource_group.test.name - api_management_name = azurerm_api_management.test.name - display_name = "api1" - path = "api1" - protocols = ["https"] - revision = "1" -} -`, template, data.RandomInteger) -} - func testAccAzureRMApiManagementApi_blankPath(data acceptance.TestData) string { template := testAccAzureRMApiManagementApi_template(data) return fmt.Sprintf(` From b70954487405c3440e1a32bb442581538182b8f8 Mon Sep 17 00:00:00 2001 From: Sune Keller Date: Wed, 8 Jul 2020 13:55:46 +0200 Subject: [PATCH 03/11] Fix number of args to fmt.Sprintf in testAccAzureRMApiManagementApi_openidAuthentication Signed-off-by: Sune Keller --- .../apimanagement/tests/api_management_api_resource_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go b/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go index 3c77a2b2aa95..2a2e94a55c8b 100644 --- a/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go +++ b/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go @@ -644,7 +644,7 @@ resource "azurerm_api_management_api" "test" { ] } } -`, template, data.RandomInteger, data.RandomInteger) +`, template, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger, data.RandomInteger) } func testAccAzureRMApiManagementApi_template(data acceptance.TestData) string { From d759803f5c35b1a3529915d85663cccaaf41f0e7 Mon Sep 17 00:00:00 2001 From: Sune Keller Date: Thu, 23 Jul 2020 13:42:16 +0200 Subject: [PATCH 04/11] Check `authorization_server_name` for nil Co-authored-by: Steve <11830746+jackofallops@users.noreply.github.com> --- .../services/apimanagement/api_management_api_resource.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/azurerm/internal/services/apimanagement/api_management_api_resource.go b/azurerm/internal/services/apimanagement/api_management_api_resource.go index 38a05fed4c2a..3bced92471dd 100644 --- a/azurerm/internal/services/apimanagement/api_management_api_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_api_resource.go @@ -590,7 +590,11 @@ func flattenApiManagementOAuth2Authorization(input *apimanagement.OAuth2Authenti result := make(map[string]interface{}) - result["authorization_server_name"] = *input.AuthorizationServerID + authServerId := "" + if input.AuthorizationServerID != nil { + authServerId = *input.AuthorizationServerID + } + result["authorization_server_name"] = authServerId if input.Scope != nil { result["scope"] = *input.Scope } From bbf2523b2f623b49363cd027f6185a91221bcfe2 Mon Sep 17 00:00:00 2001 From: Sune Keller Date: Thu, 23 Jul 2020 13:42:35 +0200 Subject: [PATCH 05/11] Check `openid_provider_name` for nil Co-authored-by: Steve <11830746+jackofallops@users.noreply.github.com> --- .../services/apimanagement/api_management_api_resource.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/azurerm/internal/services/apimanagement/api_management_api_resource.go b/azurerm/internal/services/apimanagement/api_management_api_resource.go index 3bced92471dd..51c822b35a74 100644 --- a/azurerm/internal/services/apimanagement/api_management_api_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_api_resource.go @@ -609,7 +609,12 @@ func flattenApiManagementOpenidAuthentication(input *apimanagement.OpenIDAuthent result := make(map[string]interface{}) - result["openid_provider_name"] = *input.OpenidProviderID + openIdProviderId := "" + if input.OpenidProviderID != nil { + openIdProviderId = *input.OpenidProviderID + } + result["openid_provider_name"] = openIdProviderId + bearerTokenSendingMethods := make([]interface{}, 0) if s := input.BearerTokenSendingMethods; s != nil { From f260a23f0a6539e41d417890eaa04325819fe863 Mon Sep 17 00:00:00 2001 From: Sune Keller Date: Thu, 23 Jul 2020 13:40:51 +0200 Subject: [PATCH 06/11] Add expand functions for OAuth2 and OpenID auth blocks Signed-off-by: Sune Keller --- .../api_management_api_resource.go | 69 +++++++++++-------- 1 file changed, 42 insertions(+), 27 deletions(-) diff --git a/azurerm/internal/services/apimanagement/api_management_api_resource.go b/azurerm/internal/services/apimanagement/api_management_api_resource.go index 51c822b35a74..e144edad29ef 100644 --- a/azurerm/internal/services/apimanagement/api_management_api_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_api_resource.go @@ -354,22 +354,14 @@ func resourceArmApiManagementApiCreateUpdate(d *schema.ResourceData, meta interf subscriptionKeyParameterNames := expandApiManagementApiSubscriptionKeyParamNames(subscriptionKeyParameterNamesRaw) authenticationSettings := &apimanagement.AuthenticationSettingsContract{} - if vs, hasOAuth2Authorization := d.GetOk("oauth2_authorization"); hasOAuth2Authorization { - oAuth2AuthorizationVs := vs.([]interface{}) - oAuth2AuthorizationV := oAuth2AuthorizationVs[0].(map[string]interface{}) - authenticationSettings.OAuth2 = &apimanagement.OAuth2AuthenticationSettingsContract{ - AuthorizationServerID: utils.String(oAuth2AuthorizationV["authorization_server_name"].(string)), - Scope: utils.String(oAuth2AuthorizationV["scope"].(string)), - } - } - if vs, hasOpenIDAuthorization := d.GetOk("openid_authentication"); hasOpenIDAuthorization { - openIDAuthorizationVs := vs.([]interface{}) - openIDAuthorizationV := openIDAuthorizationVs[0].(map[string]interface{}) - authenticationSettings.Openid = &apimanagement.OpenIDAuthenticationSettingsContract{ - OpenidProviderID: utils.String(openIDAuthorizationV["openid_provider_name"].(string)), - BearerTokenSendingMethods: expandApiManagementOpenIDAuthenticationSettingsBearerTokenSendingMethods(openIDAuthorizationV["bearer_token_sending_methods"].([]interface{})), - } - } + + oAuth2AuthorizationSettingsRaw := d.Get("oauth2_authorization").([]interface{}) + oAuth2AuthorizationSettings := expandApiManagementOAuth2AuthenticationSettingsContract(oAuth2AuthorizationSettingsRaw) + authenticationSettings.OAuth2 = oAuth2AuthorizationSettings + + openIDAuthorizationSettingsRaw := d.Get("openid_authentication").([]interface{}) + openIDAuthorizationSettings := expandApiManagementOpenIDAuthenticationSettingsContract(openIDAuthorizationSettingsRaw) + authenticationSettings.Openid = openIDAuthorizationSettings params := apimanagement.APICreateOrUpdateParameter{ APICreateOrUpdateProperties: &apimanagement.APICreateOrUpdateProperties{ @@ -474,7 +466,7 @@ func resourceArmApiManagementApiRead(d *schema.ResourceData, meta interface{}) e return fmt.Errorf("setting `oauth2_authorization`: %+v", err) } - if err := d.Set("openid_authentication", flattenApiManagementOpenidAuthentication(props.AuthenticationSettings.Openid)); err != nil { + if err := d.Set("openid_authentication", flattenApiManagementOpenIDAuthentication(props.AuthenticationSettings.Openid)); err != nil { return fmt.Errorf("setting `openid_authentication`: %+v", err) } } @@ -569,18 +561,16 @@ func flattenApiManagementApiSubscriptionKeyParamNames(paramNames *apimanagement. return []interface{}{result} } -func expandApiManagementOpenIDAuthenticationSettingsBearerTokenSendingMethods(input interface{}) *[]apimanagement.BearerTokenSendingMethods { - if input == nil { +func expandApiManagementOAuth2AuthenticationSettingsContract(input []interface{}) *apimanagement.OAuth2AuthenticationSettingsContract { + if len(input) == 0 { return nil } - results := make([]apimanagement.BearerTokenSendingMethods, 0) - vs := input.(*schema.Set).List() - for _, v := range vs { - results = append(results, apimanagement.BearerTokenSendingMethods(v.(string))) + oAuth2AuthorizationV := input[0].(map[string]interface{}) + return &apimanagement.OAuth2AuthenticationSettingsContract{ + AuthorizationServerID: utils.String(oAuth2AuthorizationV["authorization_server_name"].(string)), + Scope: utils.String(oAuth2AuthorizationV["scope"].(string)), } - - return &results } func flattenApiManagementOAuth2Authorization(input *apimanagement.OAuth2AuthenticationSettingsContract) []interface{} { @@ -602,7 +592,33 @@ func flattenApiManagementOAuth2Authorization(input *apimanagement.OAuth2Authenti return []interface{}{result} } -func flattenApiManagementOpenidAuthentication(input *apimanagement.OpenIDAuthenticationSettingsContract) []interface{} { +func expandApiManagementOpenIDAuthenticationSettingsContract(input []interface{}) *apimanagement.OpenIDAuthenticationSettingsContract { + if len(input) == 0 { + return nil + } + + openIDAuthorizationV := input[0].(map[string]interface{}) + return &apimanagement.OpenIDAuthenticationSettingsContract{ + OpenidProviderID: utils.String(openIDAuthorizationV["openid_provider_name"].(string)), + BearerTokenSendingMethods: expandApiManagementOpenIDAuthenticationSettingsBearerTokenSendingMethods(openIDAuthorizationV["bearer_token_sending_methods"].([]interface{})), + } +} + +func expandApiManagementOpenIDAuthenticationSettingsBearerTokenSendingMethods(input interface{}) *[]apimanagement.BearerTokenSendingMethods { + if input == nil { + return nil + } + results := make([]apimanagement.BearerTokenSendingMethods, 0) + + vs := input.(*schema.Set).List() + for _, v := range vs { + results = append(results, apimanagement.BearerTokenSendingMethods(v.(string))) + } + + return &results +} + +func flattenApiManagementOpenIDAuthentication(input *apimanagement.OpenIDAuthenticationSettingsContract) []interface{} { if input == nil { return make([]interface{}, 0) } @@ -615,7 +631,6 @@ func flattenApiManagementOpenidAuthentication(input *apimanagement.OpenIDAuthent } result["openid_provider_name"] = openIdProviderId - bearerTokenSendingMethods := make([]interface{}, 0) if s := input.BearerTokenSendingMethods; s != nil { for _, v := range *s { From f60ef116a3befb4e91d012fbddecb0166fb56260 Mon Sep 17 00:00:00 2001 From: Sune Keller Date: Thu, 23 Jul 2020 16:45:04 +0200 Subject: [PATCH 07/11] Apply suggestions from code review Signed-off-by: Sune Keller Co-authored-by: Steve <11830746+jackofallops@users.noreply.github.com> --- .../apimanagement/tests/api_management_api_resource_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go b/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go index 2a2e94a55c8b..61dcea96c58f 100644 --- a/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go +++ b/azurerm/internal/services/apimanagement/tests/api_management_api_resource_test.go @@ -603,7 +603,6 @@ resource "azurerm_api_management_api" "test" { path = "api1" protocols = ["https"] revision = "1" - version = "v1" oauth2_authorization { authorization_server_name = azurerm_api_management_authorization_server.test.name scope = "acctest" @@ -635,7 +634,6 @@ resource "azurerm_api_management_api" "test" { path = "api1" protocols = ["https"] revision = "1" - version = "v1" openid_authentication { openid_provider_name = azurerm_api_management_openid_connect_provider.test.name bearer_token_sending_methods = [ From 16d3a354a4ffb67c99ea73534045cb502f5c14ab Mon Sep 17 00:00:00 2001 From: Sune Keller Date: Fri, 7 Aug 2020 15:18:49 +0200 Subject: [PATCH 08/11] Apply suggestions from code review Signed-off-by: Sune Keller Co-authored-by: Steve <11830746+jackofallops@users.noreply.github.com> --- .../services/apimanagement/api_management_api_resource.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/azurerm/internal/services/apimanagement/api_management_api_resource.go b/azurerm/internal/services/apimanagement/api_management_api_resource.go index e144edad29ef..f173dc130085 100644 --- a/azurerm/internal/services/apimanagement/api_management_api_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_api_resource.go @@ -209,7 +209,6 @@ func resourceArmApiManagementApi() *schema.Resource { "bearer_token_sending_methods": { Type: schema.TypeSet, Optional: true, - ValidateFunc: nil, Elem: &schema.Schema{ Type: schema.TypeString, ValidateFunc: validation.StringInSlice([]string{ @@ -600,7 +599,7 @@ func expandApiManagementOpenIDAuthenticationSettingsContract(input []interface{} openIDAuthorizationV := input[0].(map[string]interface{}) return &apimanagement.OpenIDAuthenticationSettingsContract{ OpenidProviderID: utils.String(openIDAuthorizationV["openid_provider_name"].(string)), - BearerTokenSendingMethods: expandApiManagementOpenIDAuthenticationSettingsBearerTokenSendingMethods(openIDAuthorizationV["bearer_token_sending_methods"].([]interface{})), + BearerTokenSendingMethods: expandApiManagementOpenIDAuthenticationSettingsBearerTokenSendingMethods(openIDAuthorizationV["bearer_token_sending_methods"].(*schema.Set).List()), } } From a42e60de7a176d78b9752fb6cb3cdea844879a66 Mon Sep 17 00:00:00 2001 From: Sune Keller Date: Wed, 12 Aug 2020 10:37:19 +0200 Subject: [PATCH 09/11] Make fmt Signed-off-by: Sune Keller --- .../services/apimanagement/api_management_api_resource.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azurerm/internal/services/apimanagement/api_management_api_resource.go b/azurerm/internal/services/apimanagement/api_management_api_resource.go index f173dc130085..37e3eff4ba98 100644 --- a/azurerm/internal/services/apimanagement/api_management_api_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_api_resource.go @@ -207,8 +207,8 @@ func resourceArmApiManagementApi() *schema.Resource { ValidateFunc: validate.ApiManagementChildName, }, "bearer_token_sending_methods": { - Type: schema.TypeSet, - Optional: true, + Type: schema.TypeSet, + Optional: true, Elem: &schema.Schema{ Type: schema.TypeString, ValidateFunc: validation.StringInSlice([]string{ From cb31cb5386862c3c88b3539b3daed2e4904cd534 Mon Sep 17 00:00:00 2001 From: jackofallops Date: Fri, 14 Aug 2020 14:41:22 +0100 Subject: [PATCH 10/11] adjusted for knock on effects of applying previous suggestion --- .../services/apimanagement/api_management_api_resource.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/azurerm/internal/services/apimanagement/api_management_api_resource.go b/azurerm/internal/services/apimanagement/api_management_api_resource.go index 37e3eff4ba98..a98a5a2c77bc 100644 --- a/azurerm/internal/services/apimanagement/api_management_api_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_api_resource.go @@ -603,14 +603,13 @@ func expandApiManagementOpenIDAuthenticationSettingsContract(input []interface{} } } -func expandApiManagementOpenIDAuthenticationSettingsBearerTokenSendingMethods(input interface{}) *[]apimanagement.BearerTokenSendingMethods { +func expandApiManagementOpenIDAuthenticationSettingsBearerTokenSendingMethods(input []interface{}) *[]apimanagement.BearerTokenSendingMethods { if input == nil { return nil } results := make([]apimanagement.BearerTokenSendingMethods, 0) - vs := input.(*schema.Set).List() - for _, v := range vs { + for _, v := range input { results = append(results, apimanagement.BearerTokenSendingMethods(v.(string))) } @@ -633,7 +632,7 @@ func flattenApiManagementOpenIDAuthentication(input *apimanagement.OpenIDAuthent bearerTokenSendingMethods := make([]interface{}, 0) if s := input.BearerTokenSendingMethods; s != nil { for _, v := range *s { - bearerTokenSendingMethods = append(bearerTokenSendingMethods, v) + bearerTokenSendingMethods = append(bearerTokenSendingMethods, apimanagement.BearerTokenSendingMethod(v)) } } result["bearer_token_sending_methods"] = schema.NewSet(schema.HashString, bearerTokenSendingMethods) From 7c93267ac2e549da99a1815751591807d16ed3b3 Mon Sep 17 00:00:00 2001 From: jackofallops Date: Fri, 14 Aug 2020 15:50:55 +0100 Subject: [PATCH 11/11] fixed type setting mistake from last commit --- .../services/apimanagement/api_management_api_resource.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/internal/services/apimanagement/api_management_api_resource.go b/azurerm/internal/services/apimanagement/api_management_api_resource.go index a98a5a2c77bc..9373481b5139 100644 --- a/azurerm/internal/services/apimanagement/api_management_api_resource.go +++ b/azurerm/internal/services/apimanagement/api_management_api_resource.go @@ -632,7 +632,7 @@ func flattenApiManagementOpenIDAuthentication(input *apimanagement.OpenIDAuthent bearerTokenSendingMethods := make([]interface{}, 0) if s := input.BearerTokenSendingMethods; s != nil { for _, v := range *s { - bearerTokenSendingMethods = append(bearerTokenSendingMethods, apimanagement.BearerTokenSendingMethod(v)) + bearerTokenSendingMethods = append(bearerTokenSendingMethods, string(v)) } } result["bearer_token_sending_methods"] = schema.NewSet(schema.HashString, bearerTokenSendingMethods)