Merge pull request okta#1796 from okta/1558_okta_idp_saml

Missing attributes in `okta_idp_saml` resource not getting set in read context

okta/resource_okta_app_oauth_redirect_uri.go

@@ -52,7 +52,6 @@ func resourceAppOAuthRedirectURIRead(kind string) func(ctx context.Context, d *s
 		aid, ok := d.GetOk("app_id")
 		if !ok || aid.(string) == "" {
 			return diag.Errorf("app_id not set on resource")
-
 		}
 		appID := aid.(string)
 

okta/resource_okta_idp_saml.go

@@ -117,6 +117,11 @@ func resourceIdpSamlRead(ctx context.Context, d *schema.ResourceData, m interfac
 	_ = d.Set("name", idp.Name)
 	_ = d.Set("acs_binding", idp.Protocol.Endpoints.Acs.Binding)
 	_ = d.Set("acs_type", idp.Protocol.Endpoints.Acs.Type)
+	if idp.Protocol.Endpoints.Sso != nil {
+		_ = d.Set("sso_binding", idp.Protocol.Endpoints.Sso.Binding)
+		_ = d.Set("sso_destination", idp.Protocol.Endpoints.Sso.Destination)
+		_ = d.Set("sso_url", idp.Protocol.Endpoints.Sso.Url)
+	}
 	if idp.Policy.MaxClockSkewPtr != nil {
 		_ = d.Set("max_clock_skew", *idp.Policy.MaxClockSkewPtr)
 	}
@@ -139,6 +144,9 @@ func resourceIdpSamlRead(ctx context.Context, d *schema.ResourceData, m interfac
 	if idp.IssuerMode != "" {
 		_ = d.Set("issuer_mode", idp.IssuerMode)
 	}
+	if idp.Status != "" {
+		_ = d.Set("status", idp.Status)
+	}
 	mapping, resp, err := getProfileMappingBySourceID(ctx, idp.Id, "", m)
 	if err := suppressErrorOn401("resource okta_idp_saml.user_type_id", m, resp, err); err != nil {
 		return diag.Errorf("failed to get SAML identity provider profile mapping: %v", err)

okta/resource_okta_idp_saml_test.go

@@ -1,10 +1,13 @@
 package okta
 
 import (
+	"errors"
 	"fmt"
+	"strings"
 	"testing"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
 )
 
 func TestAccResourceOktaIdpSaml_crud(t *testing.T) {
@@ -14,10 +17,10 @@ func TestAccResourceOktaIdpSaml_crud(t *testing.T) {
 	resourceName := fmt.Sprintf("%s.test", idpSaml)
 
 	oktaResourceTest(t, resource.TestCase{
-		PreCheck:          testAccPreCheck(t),
-		ErrorCheck:        testAccErrorChecks(t),
-		ProviderFactories: testAccProvidersFactories,
-		CheckDestroy:      checkResourceDestroy(idpSaml, createDoesIdpExist),
+		PreCheck:                 testAccPreCheck(t),
+		ErrorCheck:               testAccErrorChecks(t),
+		ProtoV5ProviderFactories: testAccMergeProvidersFactories,
+		CheckDestroy:             checkResourceDestroy(idpSaml, createDoesIdpExist),
 		Steps: []resource.TestStep{
 			{
 				Config: config,
@@ -56,6 +59,52 @@ func TestAccResourceOktaIdpSaml_crud(t *testing.T) {
 					resource.TestCheckResourceAttrSet(resourceName, "kid"),
 				),
 			},
+			{
+				// Before fixing
+				// https://github.com/okta/terraform-provider-okta/issues/1558
+				// Not all settable arguments that were from API values were
+				// being set on the read like sso_url.
+				ResourceName: resourceName,
+				ImportState:  true,
+				ImportStateCheck: func(s []*terraform.InstanceState) error {
+					if len(s) != 1 {
+						return errors.New("failed to import resource into state")
+					}
+					expectedAttrs := []string{
+						"acs_binding",
+						"acs_type",
+						"audience",
+						"deprovisioned_action",
+						"issuer",
+						// "issuer_mode", not set during test
+						"kid",
+						"max_clock_skew",
+						"name",
+						"profile_master",
+						"provisioning_action",
+						"sso_binding",
+						"sso_destination",
+						"sso_url",
+						"status",
+						// "subject_filter", not set during test
+						// "subject_match_attribute", not set durting test
+						"subject_match_type",
+						"suspended_action",
+						"user_type_id",
+						"username_template",
+					}
+					notFound := []string{}
+					for _, attr := range expectedAttrs {
+						if s[0].Attributes[attr] == "" {
+							notFound = append(notFound, attr)
+						}
+					}
+					if len(notFound) > 0 {
+						return fmt.Errorf("expected attributes %s to be set during import read", strings.Join(notFound, ", "))
+					}
+					return nil
+				},
+			},
 		},
 	})
 }