Framework migration (Don't merge)

docs/data-sources/provider.md

@@ -0,0 +1,20 @@
+---
+page_title: "Data Source: auth0_provider"
+description: |-
+  A data source for retrieving basic information about the provider.
+---
+
+# Data Source: auth0_provider
+
+A data source for retrieving basic information about the provider.
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Read-Only
+
+- `provider_version` (String) The version of the provider.
+
+

docs/resources/encryption_key_manager.md

@@ -1,12 +1,12 @@
 ---
 page_title: "Resource: auth0_encryption_key_manager"
 description: |-
-  Resource to allow the rekeying of your tenant master key.
+  A resource for managing the tenant root key.
 ---
 
 # Resource: auth0_encryption_key_manager
 
-Resource to allow the rekeying of your tenant master key.
+A resource for managing the tenant root key.
 
 ## Example Usage
 
@@ -50,13 +50,12 @@ resource "auth0_encryption_key_manager" "my_key_manager" {
 
 ### Optional
 
-- `customer_provided_root_key` (Block List, Max: 1) This attribute is used for provisioning the customer provided root key. To initiate the provisioning process, create a new empty `customer_provided_root_key` block. After applying this, the `public_wrapping_key` can be retreived from the resource, and the new root key should be generated by the customer and wrapped with the wrapping key, then base64-encoded and added as the `wrapped_key` attribute. (see [below for nested schema](#nestedblock--customer_provided_root_key))
+- `customer_provided_root_key` (Block, Optional) This attribute is used for provisioning the customer provided root key. To initiate the provisioning process, create a new empty `customer_provided_root_key` block. After applying this, the `public_wrapping_key` can be retreived from the resource, and the new root key should be generated by the customer and wrapped with the wrapping key, then base64-encoded and added as the `wrapped_key` attribute. (see [below for nested schema](#nestedblock--customer_provided_root_key))
 - `key_rotation_id` (String) If this value is changed, the encryption keys will be rotated. A UUID is recommended for the `key_rotation_id`.
 
 ### Read-Only
 
-- `encryption_keys` (List of Object) All encryption keys. (see [below for nested schema](#nestedatt--encryption_keys))
-- `id` (String) The ID of this resource.
+- `encryption_keys` (Attributes List) All encryption keys. (see [below for nested schema](#nestedatt--encryption_keys))
 
 <a id="nestedblock--customer_provided_root_key"></a>
 ### Nested Schema for `customer_provided_root_key`
@@ -82,11 +81,11 @@ Read-Only:
 
 Read-Only:
 
-- `created_at` (String)
-- `key_id` (String)
-- `parent_key_id` (String)
-- `state` (String)
-- `type` (String)
-- `updated_at` (String)
+- `created_at` (String) The ISO 8601 formatted date the customer provided root key was created.
+- `key_id` (String) The key ID of the customer provided root key.
+- `parent_key_id` (String) The key ID of the parent wrapping key.
+- `state` (String) The state of the encryption key. One of `pre-activation`, `active`, `deactivated`, or `destroyed`.
+- `type` (String) The type of the encryption key. One of `customer-provided-root-key`, `environment-root-key`, or `tenant-master-key`.
+- `updated_at` (String) The ISO 8601 formatted date the customer provided root key was updated.
 
 

go.mod

@@ -1,6 +1,8 @@
 module github.com/auth0/terraform-provider-auth0
 
-go 1.22
+go 1.22.0
+
+toolchain go1.22.5
 
 require (
 	github.com/PuerkitoBio/rehttp v1.4.0
@@ -9,6 +11,10 @@ require (
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/go-multierror v1.1.1
 	github.com/hashicorp/terraform-plugin-docs v0.19.4
+	github.com/hashicorp/terraform-plugin-framework v1.12.0
+	github.com/hashicorp/terraform-plugin-framework-validators v0.13.0
+	github.com/hashicorp/terraform-plugin-go v0.24.0
+	github.com/hashicorp/terraform-plugin-mux v0.16.0
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0
 	github.com/hashicorp/terraform-plugin-testing v1.10.0
 	github.com/stretchr/testify v1.9.0
@@ -46,7 +52,7 @@ require (
 	github.com/hashicorp/logutils v1.0.0 // indirect
 	github.com/hashicorp/terraform-exec v0.21.0 // indirect
 	github.com/hashicorp/terraform-json v0.22.1 // indirect
-	github.com/hashicorp/terraform-plugin-go v0.23.0 // indirect
+	github.com/hashicorp/terraform-plugin-framework-timetypes v0.5.0 // indirect
 	github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect
 	github.com/hashicorp/terraform-registry-address v0.2.3 // indirect
 	github.com/hashicorp/terraform-svchost v0.1.1 // indirect
@@ -84,9 +90,9 @@ require (
 	golang.org/x/text v0.17.0 // indirect
 	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
 	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240521202816-d264139d666e // indirect
-	google.golang.org/grpc v1.64.1 // indirect
-	google.golang.org/protobuf v1.34.1 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117 // indirect
+	google.golang.org/grpc v1.66.2 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -111,10 +111,18 @@ github.com/hashicorp/terraform-json v0.22.1 h1:xft84GZR0QzjPVWs4lRUwvTcPnegqlyS7
 github.com/hashicorp/terraform-json v0.22.1/go.mod h1:JbWSQCLFSXFFhg42T7l9iJwdGXBYV8fmmD6o/ML4p3A=
 github.com/hashicorp/terraform-plugin-docs v0.19.4 h1:G3Bgo7J22OMtegIgn8Cd/CaSeyEljqjH3G39w28JK4c=
 github.com/hashicorp/terraform-plugin-docs v0.19.4/go.mod h1:4pLASsatTmRynVzsjEhbXZ6s7xBlUw/2Kt0zfrq8HxA=
-github.com/hashicorp/terraform-plugin-go v0.23.0 h1:AALVuU1gD1kPb48aPQUjug9Ir/125t+AAurhqphJ2Co=
-github.com/hashicorp/terraform-plugin-go v0.23.0/go.mod h1:1E3Cr9h2vMlahWMbsSEcNrOCxovCZhOOIXjFHbjc/lQ=
+github.com/hashicorp/terraform-plugin-framework v1.12.0 h1:7HKaueHPaikX5/7cbC1r9d1m12iYHY+FlNZEGxQ42CQ=
+github.com/hashicorp/terraform-plugin-framework v1.12.0/go.mod h1:N/IOQ2uYjW60Jp39Cp3mw7I/OpC/GfZ0385R0YibmkE=
+github.com/hashicorp/terraform-plugin-framework-timetypes v0.5.0 h1:v3DapR8gsp3EM8fKMh6up9cJUFQ2iRaFsYLP8UJnCco=
+github.com/hashicorp/terraform-plugin-framework-timetypes v0.5.0/go.mod h1:c3PnGE9pHBDfdEVG9t1S1C9ia5LW+gkFR0CygXlM8ak=
+github.com/hashicorp/terraform-plugin-framework-validators v0.13.0 h1:bxZfGo9DIUoLLtHMElsu+zwqI4IsMZQBRRy4iLzZJ8E=
+github.com/hashicorp/terraform-plugin-framework-validators v0.13.0/go.mod h1:wGeI02gEhj9nPANU62F2jCaHjXulejm/X+af4PdZaNo=
+github.com/hashicorp/terraform-plugin-go v0.24.0 h1:2WpHhginCdVhFIrWHxDEg6RBn3YaWzR2o6qUeIEat2U=
+github.com/hashicorp/terraform-plugin-go v0.24.0/go.mod h1:tUQ53lAsOyYSckFGEefGC5C8BAaO0ENqzFd3bQeuYQg=
 github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0=
 github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow=
+github.com/hashicorp/terraform-plugin-mux v0.16.0 h1:RCzXHGDYwUwwqfYYWJKBFaS3fQsWn/ZECEiW7p2023I=
+github.com/hashicorp/terraform-plugin-mux v0.16.0/go.mod h1:PF79mAsPc8CpusXPfEVa4X8PtkB+ngWoiUClMrNZlYo=
 github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0 h1:kJiWGx2kiQVo97Y5IOGR4EMcZ8DtMswHhUuFibsCQQE=
 github.com/hashicorp/terraform-plugin-sdk/v2 v2.34.0/go.mod h1:sl/UoabMc37HA6ICVMmGO+/0wofkVIRxf+BMb/dnoIg=
 github.com/hashicorp/terraform-plugin-testing v1.10.0 h1:2+tmRNhvnfE4Bs8rB6v58S/VpqzGC6RCh9Y8ujdn+aw=
@@ -283,14 +291,14 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
 google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240521202816-d264139d666e h1:Elxv5MwEkCI9f5SkoL6afed6NTdxaGoAo39eANBwHL8=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20240521202816-d264139d666e/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0=
-google.golang.org/grpc v1.64.1 h1:LKtvyfbX3UGVPFcGqJ9ItpVWW6oN/2XqTxfAnwRRXiA=
-google.golang.org/grpc v1.64.1/go.mod h1:hiQF4LFZelK2WKaP6W0L92zGHtiQdZxk8CrSdvyjeP0=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117 h1:1GBuWVLM/KMVUv1t1En5Gs+gFZCNd360GGb4sSxtrhU=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0=
+google.golang.org/grpc v1.66.2 h1:3QdXkuq3Bkh7w+ywLdLvM56cmGvQHUMZpiCzt6Rqaoo=
+google.golang.org/grpc v1.66.2/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
-google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
+google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

internal/acctest/acctest.go

@@ -7,27 +7,31 @@ import (
 	"testing"
 
 	"github.com/auth0/go-auth0/management"
+	"github.com/hashicorp/terraform-plugin-framework/provider"
+	"github.com/hashicorp/terraform-plugin-go/tfprotov6"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
 	"gopkg.in/dnaeon/go-vcr.v3/recorder"
 
 	"github.com/auth0/terraform-provider-auth0/internal/config"
-	"github.com/auth0/terraform-provider-auth0/internal/provider"
+	frameworkError "github.com/auth0/terraform-provider-auth0/internal/framework/error"
+	frameworkProvider "github.com/auth0/terraform-provider-auth0/internal/framework/provider"
+	internalProvider "github.com/auth0/terraform-provider-auth0/internal/provider"
 )
 
 // Test checks to see if http recordings are enabled and runs the tests
 // in parallel if they are, otherwise it simply wraps resource.Test.
 func Test(t *testing.T, testCase resource.TestCase) {
 	if httpRecordingsAreEnabled() {
 		httpRecorder := newHTTPRecorder(t)
-		testCase.ProviderFactories = testFactoriesWithHTTPRecordings(httpRecorder)
+		testCase.ProtoV6ProviderFactories = testProviderFactoriesWithHTTPRecordings(httpRecorder)
 		resource.ParallelTest(t, testCase)
 
 		return
 	}
 
-	testCase.ProviderFactories = TestFactories()
+	testCase.ProtoV6ProviderFactories = TestProviderFactories()
 	resource.Test(t, testCase)
 }
 
@@ -36,23 +40,29 @@ func httpRecordingsAreEnabled() bool {
 	return httpRecordings == "true" || httpRecordings == "1" || httpRecordings == "on"
 }
 
-// TestFactories returns the configured auth0 provider used in testing.
-func TestFactories() map[string]func() (*schema.Provider, error) {
-	return map[string]func() (*schema.Provider, error){
-		"auth0": func() (*schema.Provider, error) {
-			return provider.New(), nil
+// TestProviderFactories returns the configured auth0 provider used in testing for the framework.
+func TestProviderFactories() map[string]func() (tfprotov6.ProviderServer, error) {
+	// Set descriptions to support Markdown syntax for SDK resources,
+	// this will be used in document generation.
+	schema.DescriptionKind = schema.StringMarkdown
+	return map[string]func() (tfprotov6.ProviderServer, error){
+		"auth0": func() (tfprotov6.ProviderServer, error) {
+			return frameworkProvider.MuxServer(internalProvider.New(), frameworkProvider.New())
 		},
 	}
 }
 
-func testFactoriesWithHTTPRecordings(httpRecorder *recorder.Recorder) map[string]func() (*schema.Provider, error) {
-	return map[string]func() (*schema.Provider, error){
-		"auth0": func() (*schema.Provider, error) {
-			auth0Provider := provider.New()
-
-			auth0Provider.ConfigureContextFunc = configureTestProviderWithHTTPRecordings(httpRecorder)
-
-			return auth0Provider, nil
+func testProviderFactoriesWithHTTPRecordings(httpRecorder *recorder.Recorder) map[string]func() (tfprotov6.ProviderServer, error) {
+	// Set descriptions to support Markdown syntax for SDK resources,
+	// this will be used in document generation.
+	schema.DescriptionKind = schema.StringMarkdown
+	return map[string]func() (tfprotov6.ProviderServer, error){
+		"auth0": func() (tfprotov6.ProviderServer, error) {
+			sdkProvider := internalProvider.New()
+			sdkProvider.ConfigureContextFunc = configureTestProviderWithHTTPRecordings(httpRecorder)
+			fwkProvider := frameworkProvider.New()
+			fwkProvider.SetConfigureFunc(configureTestFrameworkProviderWithHTTPRecordings(httpRecorder))
+			return frameworkProvider.MuxServer(sdkProvider, fwkProvider)
 		},
 	}
 }
@@ -96,3 +106,71 @@ func configureTestProviderWithHTTPRecordings(httpRecorder *recorder.Recorder) sc
 		return config.New(apiClient), nil
 	}
 }
+
+func configureTestFrameworkProviderWithHTTPRecordings(httpRecorder *recorder.Recorder) func(context.Context, provider.ConfigureRequest, *provider.ConfigureResponse) {
+	return func(ctx context.Context, request provider.ConfigureRequest, response *provider.ConfigureResponse) {
+		domain := os.Getenv("AUTH0_DOMAIN")
+		debugStr := os.Getenv("AUTH0_DEBUG")
+		debug := (debugStr == "1" || debugStr == "true" || debugStr == "TRUE" || debugStr == "on" || debugStr == "ON")
+
+		var data config.FrameworkProviderModel
+		response.Diagnostics.Append(request.Config.Get(ctx, &data)...)
+
+		if data.Domain.ValueString() != "" {
+			domain = data.Domain.ValueString()
+		}
+		if !data.Debug.IsNull() && !data.Debug.IsUnknown() {
+			debug = data.Debug.ValueBool()
+		}
+
+		clientOptions := []management.Option{
+			management.WithStaticToken("insecure"),
+			management.WithClient(httpRecorder.GetDefaultClient()),
+			management.WithDebug(debug),
+			management.WithRetries(3, []int{http.StatusTooManyRequests, http.StatusInternalServerError}),
+		}
+
+		if domain != RecordingsDomain {
+			clientID := os.Getenv("AUTH0_CLIENT_ID")
+			clientSecret := os.Getenv("AUTH0_CLIENT_SECRET")
+			apiToken := os.Getenv("AUTH0_API_TOKEN")
+			audience := os.Getenv("AUTH0_AUDIENCE")
+
+			if data.ClientID.ValueString() != "" {
+				clientID = data.ClientID.ValueString()
+			}
+			if data.ClientSecret.ValueString() != "" {
+				clientSecret = data.ClientSecret.ValueString()
+			}
+			if data.APIToken.ValueString() != "" {
+				apiToken = data.APIToken.ValueString()
+			}
+			if data.Audience.ValueString() != "" {
+				audience = data.Audience.ValueString()
+			}
+
+			authenticationOption := management.WithStaticToken(apiToken)
+			if apiToken == "" {
+				ctx := context.Background()
+
+				authenticationOption = management.WithClientCredentials(ctx, clientID, clientSecret)
+				if audience != "" {
+					authenticationOption = management.WithClientCredentialsAndAudience(ctx, clientID, clientSecret, audience)
+				}
+			}
+
+			clientOptions = append(clientOptions, authenticationOption)
+		}
+
+		apiClient, err := management.New(domain, clientOptions...)
+		if err != nil {
+			response.Diagnostics.Append(frameworkError.Diagnostics(err)...)
+		}
+
+		if !response.Diagnostics.HasError() {
+			config := config.New(apiClient)
+			response.ResourceData = config
+			response.DataSourceData = config
+		}
+	}
+}

internal/auth0/client/resource_test.go

@@ -21,7 +21,7 @@ resource "auth0_client" "my_client" {
 
 func TestAccClientInitiateLoginUriValidation(t *testing.T) {
 	resource.UnitTest(t, resource.TestCase{
-		ProviderFactories: acctest.TestFactories(),
+		ProtoV6ProviderFactories: acctest.TestProviderFactories(),
 		Steps: []resource.TestStep{
 			{
 				Config:      acctest.ParseTestName(testAccClientValidationOnInitiateLoginURIWithHTTP, t.Name()),
@@ -44,7 +44,7 @@ resource "auth0_client" "my_client" {
 
 func TestAccClientMobileValidationError(t *testing.T) {
 	resource.UnitTest(t, resource.TestCase{
-		ProviderFactories: acctest.TestFactories(),
+		ProtoV6ProviderFactories: acctest.TestProviderFactories(),
 		Steps: []resource.TestStep{
 			{
 				Config:      acctest.ParseTestName(testAccClientValidationOnMobile, t.Name()),

internal/auth0/connection/data_source_test.go

@@ -55,7 +55,7 @@ data "auth0_connection" "test" {
 
 func TestAccDataSourceConnectionRequiredArguments(t *testing.T) {
 	resource.UnitTest(t, resource.TestCase{
-		ProviderFactories: acctest.TestFactories(),
+		ProtoV6ProviderFactories: acctest.TestProviderFactories(),
 		Steps: []resource.TestStep{
 			{
 				Config:      `data "auth0_connection" "test" { }`,