feat(azuread_application): random id for oauth2_permission_scope (#2027)

Co-authored-by: Simon Schneider <[email protected]>

examples/azuread/107-azuread-application-with-single-page-application/configuration.tfvars

@@ -51,6 +51,13 @@ azuread_applications = {
           id    = "d4c3605a-b327-35c5-f04d-77f7fcdd4995"
           type  = "Admin"
           value = "app"
+        },
+        {
+          admin_consent_description  = "Allow to administer app2."
+          admin_consent_display_name = "Administer app2"
+          enabled                    = true
+          type  = "Admin"
+          value = "app2"
         }
       ]
     }

modules/azuread/applications_v1/azuread_application.tf

@@ -36,7 +36,7 @@ resource "azuread_application" "app" {
         content {
           admin_consent_description  = oauth2_permission_scope.value.admin_consent_description
           admin_consent_display_name = oauth2_permission_scope.value.admin_consent_display_name
-          id                         = oauth2_permission_scope.value.id
+          id                         = try(oauth2_permission_scope.value.id, random_uuid.oauth2_permission_scopes[oauth2_permission_scope.key].id)
           enabled                    = try(oauth2_permission_scope.value.enabled, null)
           type                       = try(oauth2_permission_scope.value.type, null)
           user_consent_description   = try(oauth2_permission_scope.value.user_consent_description, null)
@@ -131,3 +131,10 @@ resource "random_uuid" "app_role_id" {
     if try(value.id, null) == null
   }
 }
+
+resource "random_uuid" "oauth2_permission_scopes" {
+  for_each = {
+    for key, value in try(var.settings.api.oauth2_permission_scopes, {}) : key => value
+    if try(value.id, null) == null
+  }
+}