Merge pull request #1303 from JonasBak/main

feat: allow data.azuread_application lookup using identifier_uri
hashicorp · May 15, 2024 · ec84fc7 · ec84fc7
2 parents 310ed13 + e221e10
commit ec84fc7
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 7 deletions.
diff --git a/docs/data-sources/application.md b/docs/data-sources/application.md
@@ -33,8 +33,9 @@ The following arguments are supported:
 * `client_id` - (Optional) Specifies the Client ID of the application.
 * `display_name` - (Optional) Specifies the display name of the application.
 * `object_id` - (Optional) Specifies the Object ID of the application.
+* `identifier_uri` - (Optional) Specifies any identifier URI of the application. See also the `identifier_uris` attribute which contains a list of all identifier URIs for the application.
 
-~> One of `client_id`, `display_name`, or `object_id` must be specified.
+~> One of `client_id`, `display_name`, `object_id`, or `identifier_uri` must be specified.
 
 ## Attributes Reference
 

diff --git a/internal/services/applications/application_data_source.go b/internal/services/applications/application_data_source.go
@@ -34,7 +34,7 @@ func applicationDataSource() *pluginsdk.Resource {
 				Type:             pluginsdk.TypeString,
 				Optional:         true,
 				Computed:         true,
-				ExactlyOneOf:     []string{"application_id", "client_id", "display_name", "object_id"},
+				ExactlyOneOf:     []string{"application_id", "client_id", "display_name", "object_id", "identifier_uri"},
 				ValidateDiagFunc: validation.ValidateDiag(validation.IsUUID),
 			},
 
@@ -43,7 +43,7 @@ func applicationDataSource() *pluginsdk.Resource {
 				Type:             pluginsdk.TypeString,
 				Optional:         true,
 				Computed:         true,
-				ExactlyOneOf:     []string{"application_id", "client_id", "display_name", "object_id"},
+				ExactlyOneOf:     []string{"application_id", "client_id", "display_name", "object_id", "identifier_uri"},
 				ValidateDiagFunc: validation.ValidateDiag(validation.IsUUID),
 				Deprecated:       "The `application_id` property has been replaced with the `client_id` property and will be removed in version 3.0 of the AzureAD provider",
 			},
@@ -53,10 +53,19 @@ func applicationDataSource() *pluginsdk.Resource {
 				Type:             pluginsdk.TypeString,
 				Optional:         true,
 				Computed:         true,
-				ExactlyOneOf:     []string{"application_id", "client_id", "display_name", "object_id"},
+				ExactlyOneOf:     []string{"application_id", "client_id", "display_name", "object_id", "identifier_uri"},
 				ValidateDiagFunc: validation.ValidateDiag(validation.IsUUID),
 			},
 
+			"identifier_uri": {
+				Description:      "One of the application's identifier URIs",
+				Type:             pluginsdk.TypeString,
+				Optional:         true,
+				Computed:         true,
+				ExactlyOneOf:     []string{"application_id", "client_id", "display_name", "object_id", "identifier_uri"},
+				ValidateDiagFunc: validation.ValidateDiag(validation.StringIsNotEmpty),
+			},
+
 			"disabled_by_microsoft": {
 				Description: "Whether Microsoft has disabled the registered application",
 				Type:        pluginsdk.TypeString,
@@ -68,7 +77,7 @@ func applicationDataSource() *pluginsdk.Resource {
 				Type:             pluginsdk.TypeString,
 				Optional:         true,
 				Computed:         true,
-				ExactlyOneOf:     []string{"application_id", "client_id", "display_name", "object_id"},
+				ExactlyOneOf:     []string{"application_id", "client_id", "display_name", "object_id", "identifier_uri"},
 				ValidateDiagFunc: validation.ValidateDiag(validation.StringIsNotEmpty),
 			},
 
@@ -525,6 +534,7 @@ func applicationDataSourceRead(ctx context.Context, d *pluginsdk.ResourceData, m
 		}
 	} else {
 		var fieldName, fieldValue string
+		filterOp := "%s eq '%s'"
 		if applicationId, ok := d.Get("application_id").(string); ok && applicationId != "" {
 			fieldName = "appId"
 			fieldValue = applicationId
@@ -534,11 +544,15 @@ func applicationDataSourceRead(ctx context.Context, d *pluginsdk.ResourceData, m
 		} else if displayName, ok := d.Get("display_name").(string); ok && displayName != "" {
 			fieldName = "displayName"
 			fieldValue = displayName
+		} else if identifierUri, ok := d.Get("identifier_uri").(string); ok {
+			fieldName = "IdentifierUris"
+			fieldValue = identifierUri
+			filterOp = "%s/any(uri:uri eq '%s')"
 		} else {
-			return tf.ErrorDiagF(nil, "One of `object_id`, `application_id`, `client_id`, or `displayName` must be specified")
+			return tf.ErrorDiagF(nil, "One of `object_id`, `application_id`, `client_id`, `displayName`, or `identifier_uri` must be specified")
 		}
 
-		filter := fmt.Sprintf("%s eq '%s'", fieldName, fieldValue)
+		filter := fmt.Sprintf(filterOp, fieldName, fieldValue)
 
 		result, _, err := client.List(ctx, odata.Query{Filter: filter})
 		if err != nil {

diff --git a/internal/services/applications/application_data_source_test.go b/internal/services/applications/application_data_source_test.go
@@ -61,6 +61,18 @@ func TestAccApplicationDataSource_byDisplayName(t *testing.T) {
 	})
 }
 
+func TestAccApplicationDataSource_byIdentifierUri(t *testing.T) {
+	data := acceptance.BuildTestData(t, "data.azuread_application", "test")
+	r := ApplicationDataSource{}
+
+	data.DataSourceTest(t, []acceptance.TestStep{
+		{
+			Config: r.identifierUri(data),
+			Check:  r.testCheck(data),
+		},
+	})
+}
+
 func (ApplicationDataSource) testCheck(data acceptance.TestData) acceptance.TestCheckFunc {
 	return acceptance.ComposeTestCheckFunc(
 		check.That(data.ResourceName).Key("application_id").IsUuid(),
@@ -130,3 +142,13 @@ data "azuread_application" "test" {
 }
 `, ApplicationResource{}.complete(data))
 }
+
+func (ApplicationDataSource) identifierUri(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+%[1]s
+
+data "azuread_application" "test" {
+  identifier_uri = tolist(azuread_application.test.identifier_uris)[0]
+}
+`, ApplicationResource{}.complete(data))
+}