Merge pull request #1947 from okta/OKTA-712619-cannot-create-custom-o…

…tp-authenticator fix issue of cannot create new custom_otp authenticator
okta · Mar 28, 2024 · ab08b1a · ab08b1a
2 parents 3234c84 + 92e769a
commit ab08b1a
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 8 deletions.
diff --git a/okta/data_source_okta_authenticator.go b/okta/data_source_okta_authenticator.go
@@ -150,11 +150,19 @@ func findAuthenticator(ctx context.Context, m interface{}, name, key string) (*s
 		return nil, err
 	}
 	for _, authenticator := range authenticators {
-		if authenticator.Name == name {
-			return authenticator, nil
-		}
-		if authenticator.Key == key {
-			return authenticator, nil
+		if key != "custom_otp" {
+			if authenticator.Name == name {
+				return authenticator, nil
+			}
+			if authenticator.Key == key {
+				return authenticator, nil
+			}
+		} else {
+			if authenticator.Name == name && authenticator.Key == key {
+				return authenticator, nil
+			} else {
+				return nil, fmt.Errorf("authenticator with name '%s' and/or key '%s' does not exist", name, key)
+			}
 		}
 	}
 	if key != "" {

diff --git a/okta/resource_okta_authenticator.go b/okta/resource_okta_authenticator.go
@@ -157,7 +157,7 @@ func resourceAuthenticatorCreate(ctx context.Context, d *schema.ResourceData, m
 
 	var err error
 	// soft create if the authenticator already exists
-	authenticator, _ := findAuthenticator(ctx, m, "", d.Get("key").(string))
+	authenticator, _ := findAuthenticator(ctx, m, d.Get("name").(string), d.Get("key").(string))
 	if authenticator == nil {
 		// otherwise hard create
 		authenticator, err = buildAuthenticator(d)

diff --git a/okta/resource_okta_authenticator_test.go b/okta/resource_okta_authenticator_test.go
@@ -21,8 +21,7 @@ func TestAccResourceOktaAuthenticatorOTP(t *testing.T) {
 		  "algorithm" : "HMacSHA256",
 		  "passCodeLength" : 6
 		})
-	}
-`
+	}`
 	resourceName := fmt.Sprintf("%s.otp", authenticator)
 
 	oktaResourceTest(t, resource.TestCase{