From 093c065fc790558ef808bbd84e698499a50b60f9 Mon Sep 17 00:00:00 2001
From: Tom Bamford <tom@bamford.io>
Date: Tue, 26 Oct 2021 16:11:50 +0100
Subject: [PATCH] azuread_application: allow custom scheme in public client
 redirect URIs

Fixes: #642
---
 .../applications/application_resource_test.go         |  1 +
 internal/validate/uri.go                              | 11 ++++++++---
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/internal/services/applications/application_resource_test.go b/internal/services/applications/application_resource_test.go
index d3d1d6dcc..fec9d8725 100644
--- a/internal/services/applications/application_resource_test.go
+++ b/internal/services/applications/application_resource_test.go
@@ -714,6 +714,7 @@ resource "azuread_application" "test" {
   public_client {
     redirect_uris = [
       "myapp://auth",
+      "sample.mobile.app.bundie.id://auth",
       "https://login.microsoftonline.com/common/oauth2/nativeclient",
       "https://login.live.com/oauth20_desktop.srf",
       "ms-appx-web://Microsoft.AAD.BrokerPlugin/00000000-1111-1111-1111-222222222222",
diff --git a/internal/validate/uri.go b/internal/validate/uri.go
index 93ea28b2b..a9a0cae33 100644
--- a/internal/validate/uri.go
+++ b/internal/validate/uri.go
@@ -42,11 +42,12 @@ func IsLogoutUrl(i interface{}, path cty.Path) (ret diag.Diagnostics) {
 func IsRedirectUriFunc(urnAllowed bool, publicClient bool) schema.SchemaValidateDiagFunc {
 	return func(i interface{}, path cty.Path) (ret diag.Diagnostics) {
 		// See https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy#register-the-proxyidentityexperienceframework-application
-		if publicClient && i.(string) == "myapp://auth" {
-			return
+		var allowedSchemes []string
+		if !publicClient {
+			allowedSchemes = []string{"http", "https", "ms-appx-web"}
 		}
 
-		ret = IsUriFunc([]string{"http", "https", "ms-appx-web"}, urnAllowed, true)(i, path)
+		ret = IsUriFunc(allowedSchemes, urnAllowed, true)(i, path)
 		if len(ret) > 0 {
 			return
 		}
@@ -111,6 +112,10 @@ func IsUriFunc(validURLSchemes []string, urnAllowed bool, forceTrailingSlash boo
 			return
 		}
 
+		if validURLSchemes == nil {
+			return
+		}
+
 		if forceTrailingSlash && u.Path == "" {
 			ret = append(ret, diag.Diagnostic{
 				Severity:      diag.Error,