alexkappa/terraform-provider-auth0

auth0_resource_server `scopes` are not configured properly via terraform

jowparks opened this issue · 1 comments

jowparks commented

Description

Auth0 scopes added via Auth0 UI work correctly, but when the same scope is added via terraform, the returned token doesn't have the expected scopes:
In UI Configuration:
Screen Shot 2022-01-14 at 2 55 51 PM
In Terraform Configuration:
Screen Shot 2022-01-14 at 3 11 26 PM

Token received from UI configuration:
Screen Shot 2022-01-14 at 2 55 59 PM

Token received from terraform configuration:
Screen Shot 2022-01-14 at 3 12 45 PM

Terraform Version

(Can't do running on remote CI machine)

 provider.auth0 alexkappa/auth0 v0.25.0

Affected Resource(s)

  • auth0_resource_server

Terraform Configuration Files


[2022-01-14T22:30:05.811Z] Terraform will perform the following actions:
[2022-01-14T22:30:05.811Z] 
[2022-01-14T22:30:05.811Z]   # module.auth0_snowflake_server.auth0_resource_server.resource_server will be updated in-place
[2022-01-14T22:30:05.811Z]   ~ resource "auth0_resource_server" "resource_server" {
[2022-01-14T22:30:05.811Z]         id                                              = "61e1d6cf92dfc1003f27f880"
[2022-01-14T22:30:05.811Z]         name                                            = "Snowflake resource for data platform"
[2022-01-14T22:30:05.811Z]         # (9 unchanged attributes hidden)
[2022-01-14T22:30:05.811Z] 
[2022-01-14T22:30:05.811Z]       + scopes {
[2022-01-14T22:30:05.811Z]           + description = "Change Snowflake Roles during session"
[2022-01-14T22:30:05.811Z]           + value       = "SESSION:ROLE-ANY"
[2022-01-14T22:30:05.811Z]         }
[2022-01-14T22:30:05.811Z]     }

Expected Behavior

scope should be returned in access_token from Auth0

Actual Behavior

Empty permissions list is returned

Steps to Reproduce

Add scope definition in terraform to resource_server definition, then request token with the audience of that resource_server

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
sergiught commented

We have moved this issue over at auth0/terraform-provider-auth0#58 as this repo is now maintained at https://github.com/auth0/terraform-provider-auth0.