changes suggested by review

azuread/data_application.go

@@ -73,6 +73,7 @@ func dataApplication() *schema.Resource {
 			"oauth2_permissions": {
 				Type:     schema.TypeList,
 				Optional: true,
+				Computed: true,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
 						"admin_consent_description": {

azuread/resource_application.go

@@ -170,7 +170,6 @@ func resourceApplicationCreate(d *schema.ResourceData, meta interface{}) error {
 	name := d.Get("name").(string)
 
 	properties := graphrbac.ApplicationCreateParameters{
-		AdditionalProperties:    make(map[string]interface{}),
 		DisplayName:             &name,
 		Homepage:                expandADApplicationHomepage(d, name),
 		IdentifierUris:          tf.ExpandStringArrayPtr(d.Get("identifier_uris").([]interface{})),
@@ -404,29 +403,29 @@ func flattenADApplicationOauth2Permissions(in []interface{}) []map[string]interf
 	for _, oauth2Permissions := range in {
 		rawPermission := oauth2Permissions.(map[string]interface{})
 		permission := make(map[string]interface{})
-		if rawPermission["adminConsentDescription"] != nil {
-			permission["admin_consent_description"] = rawPermission["adminConsentDescription"]
+		if v := rawPermission["adminConsentDescription"]; v != nil {
+			permission["admin_consent_description"] = v
 		}
-		if rawPermission["adminConsentDisplayName"] != nil {
-			permission["admin_consent_description"] = rawPermission["adminConsentDescription"]
+		if v := rawPermission["adminConsentDisplayName"]; v != nil {
+			permission["admin_consent_description"] = v
 		}
-		if rawPermission["id"] != nil {
-			permission["id"] = rawPermission["id"]
+		if v := rawPermission["id"]; v != nil {
+			permission["id"] = v
 		}
-		if rawPermission["isEnabled"] != nil {
-			permission["is_enabled"] = rawPermission["isEnabled"].(bool)
+		if v := rawPermission["isEnabled"]; v != nil {
+			permission["is_enabled"] = v.(bool)
 		}
-		if rawPermission["type"] != nil {
-			permission["type"] = rawPermission["type"]
+		if v := rawPermission["type"]; v != nil {
+			permission["type"] = v
 		}
-		if rawPermission["userConsentDescription"] != nil {
-			permission["user_consent_description"] = rawPermission["userConsentDescription"]
+		if v := rawPermission["userConsentDescription"]; v != nil {
+			permission["user_consent_description"] = v
 		}
-		if rawPermission["userConsentDisplayName"] != nil {
-			permission["user_consent_display_name"] = rawPermission["userConsentDisplayName"]
+		if v := rawPermission["userConsentDisplayName"]; v != nil {
+			permission["user_consent_display_name"] = v
 		}
-		if rawPermission["value"] != nil {
-			permission["value"] = rawPermission["value"]
+		if v := rawPermission["value"]; v != nil {
+			permission["value"] = v
 		}
 
 		result = append(result, permission)

website/docs/r/application.html.markdown

@@ -69,15 +69,15 @@ The following arguments are supported:
 
 * `oauth2_allow_implicit_flow` - (Optional) Does this Azure AD Application allow OAuth2.0 implicit flow tokens? Defaults to `false`.
 
-* `required_resource_access` - (Optional) A collection of `required_resource_access` blocks as documented below. 
+* `required_resource_access` - (Optional) A collection of `required_resource_access` blocks as documented below.
 
 ---
 
 `required_resource_access` supports the following:
 
 * `resource_app_id` - (Required) The unique identifier for the resource that the application requires access to. This should be equal to the appId declared on the target resource application.
 
-* `resource_access` - (Required) A collection of `resource_access` blocks as documented below
+* `resource_access` - (Required) A collection of `resource_access` blocks as documented below.
 
 ---
 
@@ -99,21 +99,21 @@ The following attributes are exported:
 
 `oauth2_permission` block exports the following:
 
-* `id` - The unique identifier for one of the `OAuth2Permission`
+* `id` - The unique identifier for one of the `OAuth2Permission`.
 
-* `type` - The type of the permission
+* `type` - The type of the permission.
 
-* `admin_consent_description` - The description of the admin consent
+* `admin_consent_description` - The description of the admin consent.
 
-* `admin_consent_display_name` - The display name of the admin consent
+* `admin_consent_display_name` - The display name of the admin consent.
 
 * `is_enabled` - Is this permission enabled?
 
-* `user_consent_description` - The description of the user consent
+* `user_consent_description` - The description of the user consent.
 
-* `user_consent_display_name` - The display name of the user consent
+* `user_consent_display_name` - The display name of the user consent.
 
-* `value` - The name of this permission
+* `value` - The name of this permission.
 
 ## Import