fix: handle server side default for security token (#53)

seanl-circle · web-flow · commit 54a00868846f · 2025-12-18T17:33:24.000Z
It turns out that if you leave the value unset, the server will generate
one for you.
We need to mark it computed to accept the value.
We should also allow the old behaviour of setting an emtpy string.

I ran the acceptance tests locally and they finally passed.
diff --git a/internal/provider/stream_resource.go b/internal/provider/stream_resource.go
@@ -308,8 +308,10 @@ func (r *StreamResource) Schema(ctx context.Context, req resource.SchemaRequest,
 					},
 
 					"security_token": schema.StringAttribute{
+						// If unset, the server will generate one for you
 						Optional:  true,
 						Sensitive: true,
+						Computed:  true,
 						Validators: []validator.String{
 							securityTokenValidator,
 						},
diff --git a/internal/validators/stream_validators.go b/internal/validators/stream_validators.go
@@ -185,7 +185,7 @@ var (
 	}
 
 	SecurityTokenValidator = StringRegexpValidator{
-		regexp:  regexp.MustCompile(`^.{32,64}$`),
+		regexp:  regexp.MustCompile(`^(.{32,64}|)$`),
 		message: "security token must be between 32-64 characters",
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -185,7 +185,7 @@ var (`
`185`	`185`	`}`
`186`	`186`
`187`	`187`	`SecurityTokenValidator = StringRegexpValidator{`
`188`		- regexp: regexp.MustCompile(`^.{32,64}$`),
	`188`	+ regexp: regexp.MustCompile(`^(.{32,64}\|)$`),
`189`	`189`	`message: "security token must be between 32-64 characters",`
`190`	`190`	`}`
`191`	`191`