Fix bug around app include/exclude

okta/resource_policy_rule_idp_discovery.go

@@ -159,12 +159,13 @@ func buildAppConditions(d *schema.ResourceData) *sdk.IdpDiscoveryRuleApp {
 	}
 
 	excludeList := []*sdk.IdpDiscoveryRuleAppObj{}
+
 	if v, ok := d.GetOk("app_exclude"); ok {
 		valueList := v.(*schema.Set).List()
 
 		for _, item := range valueList {
 			if value, ok := item.(map[string]interface{}); ok {
-				includeList = append(excludeList, &sdk.IdpDiscoveryRuleAppObj{
+				excludeList = append(excludeList, &sdk.IdpDiscoveryRuleAppObj{
 					ID:   getMapString(value, "id"),
 					Type: getMapString(value, "type"),
 					Name: getMapString(value, "name"),
@@ -198,8 +199,8 @@ func buildUserIdPatterns(d *schema.ResourceData) []*sdk.IdpDiscoveryRulePattern
 }
 
 func buildIdentifier(d *schema.ResourceData) *sdk.IdpDiscoveryRuleUserIdentifier {
-
 	uidType := d.Get("user_identifier_type").(string)
+
 	if uidType != "" {
 		return &sdk.IdpDiscoveryRuleUserIdentifier{
 			Attribute: d.Get("user_identifier_attribute").(string),
@@ -242,7 +243,7 @@ func flattenPlatformInclude(platform *sdk.IdpDiscoveryRulePlatform) *schema.Set
 }
 
 func flattenAppInclude(app *sdk.IdpDiscoveryRuleApp) *schema.Set {
-	var flattened []interface{}
+	flattened := []interface{}{}
 
 	if app != nil && app.Include != nil {
 		for _, v := range app.Include {
@@ -257,18 +258,18 @@ func flattenAppInclude(app *sdk.IdpDiscoveryRuleApp) *schema.Set {
 }
 
 func flattenAppExclude(app *sdk.IdpDiscoveryRuleApp) *schema.Set {
-	var flattend []interface{}
+	flattened := []interface{}{}
 
-	if app != nil && app.Include != nil {
+	if app != nil && app.Exclude != nil {
 		for _, v := range app.Exclude {
-			flattend = append(flattend, map[string]interface{}{
+			flattened = append(flattened, map[string]interface{}{
 				"id":   v.ID,
 				"name": v.Name,
 				"type": v.Type,
 			})
 		}
 	}
-	return schema.NewSet(schema.HashResource(appResource), flattend)
+	return schema.NewSet(schema.HashResource(appResource), flattened)
 }
 
 func resourcePolicyRuleIdpDiscoveryExists(d *schema.ResourceData, m interface{}) (bool, error) {

okta/resource_policy_rule_idp_discovery_test.go

@@ -34,6 +34,7 @@ func TestAccOktaPolicyRuleIdpDiscovery(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceName, "name", buildResourceName(ri)),
 					resource.TestCheckResourceAttr(resourceName, "status", "ACTIVE"),
 					resource.TestCheckResourceAttr(resourceName, "user_identifier_patterns.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "user_identifier_type", "ATTRIBUTE"),
 				),
 			},
 			{
@@ -42,6 +43,7 @@ func TestAccOktaPolicyRuleIdpDiscovery(t *testing.T) {
 					ensureRuleExists(resourceName),
 					resource.TestCheckResourceAttr(resourceName, "name", buildResourceName(ri)),
 					resource.TestCheckResourceAttr(resourceName, "status", "ACTIVE"),
+					resource.TestCheckResourceAttr(resourceName, "user_identifier_type", "IDENTIFIER"),
 					resource.TestCheckResourceAttr(resourceName, "user_identifier_patterns.#", "2"),
 				),
 			},
@@ -51,6 +53,7 @@ func TestAccOktaPolicyRuleIdpDiscovery(t *testing.T) {
 					ensureRuleExists(resourceName),
 					resource.TestCheckResourceAttr(resourceName, "name", buildResourceName(ri)),
 					resource.TestCheckResourceAttr(resourceName, "status", "INACTIVE"),
+					resource.TestCheckResourceAttr(resourceName, "user_identifier_type", "IDENTIFIER"),
 					resource.TestCheckResourceAttr(resourceName, "user_identifier_patterns.#", "2"),
 				),
 			},

okta/resource_policy_rule_password_test.go

@@ -163,7 +163,7 @@ func doesRuleExistsUpstream(policyID string, ID string) (bool, error) {
 	client := getClientFromMetadata(testAccProvider.Meta())
 
 	rule, resp, err := client.Policies.GetPolicyRule(policyID, ID)
-	if resp.StatusCode == http.StatusNotFound {
+	if resp != nil && resp.StatusCode == http.StatusNotFound {
 		return false, nil
 	} else if err != nil {
 		return false, err