Merge branch 'master' into feature/dolly-frontend-react-19

navikt · Jan 24, 2025 · 7ed9a23 · 7ed9a23
2 parents 6453161 + f24abd9
commit 7ed9a23
Show file tree

Hide file tree

Showing 8 changed files with 67 additions and 49 deletions.
diff --git a/...rofil-api/src/main/java/no/nav/registre/testnorge/profil/ProfilApiApplicationStarter.java b/...rofil-api/src/main/java/no/nav/registre/testnorge/profil/ProfilApiApplicationStarter.java
@@ -12,4 +12,4 @@ public class ProfilApiApplicationStarter {
     public static void main(String[] args) {
         SpringApplication.run(ProfilApiApplicationStarter.class, args);
     }
-}
+}
diff --git a/...l-api/src/main/java/no/nav/registre/testnorge/profil/consumer/AzureAdProfileConsumer.java b/...l-api/src/main/java/no/nav/registre/testnorge/profil/consumer/AzureAdProfileConsumer.java
@@ -10,6 +10,7 @@
 import org.springframework.stereotype.Service;
 import org.springframework.web.reactive.function.client.ExchangeStrategies;
 import org.springframework.web.reactive.function.client.WebClient;
+import reactor.core.publisher.Mono;
 import reactor.netty.http.client.HttpClient;
 import reactor.netty.transport.ProxyProvider;
 
@@ -56,10 +57,10 @@ public AzureAdProfileConsumer(
         this.webClient = builder.build();
     }
 
-    public Profil getProfil() {
+    public Mono<Profil> getProfil() {
         return azureAdTokenService.exchange(url + "/.default")
                 .flatMap(accessToken -> new GetProfileCommand(webClient, accessToken.getTokenValue()).call())
-                .map(Profil::new).block();
+                .map(Profil::new);
     }
 
     public Optional<byte[]> getProfilImage() {

diff --git a/...ain/java/no/nav/registre/testnorge/profil/consumer/PersonOrganisasjonTilgangConsumer.java b/...ain/java/no/nav/registre/testnorge/profil/consumer/PersonOrganisasjonTilgangConsumer.java
@@ -5,8 +5,6 @@
 import no.nav.registre.testnorge.profil.consumer.command.GetPersonOrganisasjonTilgangCommand;
 import no.nav.testnav.libs.dto.altinn3.v1.OrganisasjonDTO;
 import no.nav.testnav.libs.securitycore.domain.ServerProperties;
-import no.nav.testnav.libs.securitycore.domain.UserInfo;
-import no.nav.testnav.libs.servletsecurity.action.GetUserInfo;
 import no.nav.testnav.libs.servletsecurity.exchange.TokenExchange;
 import org.springframework.stereotype.Component;
 import org.springframework.web.reactive.function.client.WebClient;
@@ -16,34 +14,28 @@
 @Slf4j
 @Component
 public class PersonOrganisasjonTilgangConsumer {
+
     private final WebClient webClient;
     private final ServerProperties serverProperties;
     private final TokenExchange tokenExchange;
-    private final GetUserInfo getUserInfo;
 
     public PersonOrganisasjonTilgangConsumer(
             Consumers consumers,
             TokenExchange tokenExchange,
-            WebClient.Builder webClientBuilder,
-            GetUserInfo getUserInfo) {
+            WebClient.Builder webClientBuilder) {
 
         serverProperties = consumers.getTestnavAltinn3TilgangService();
         this.tokenExchange = tokenExchange;
         this.webClient = webClientBuilder
                 .baseUrl(serverProperties.getUrl())
                 .build();
-        this.getUserInfo = getUserInfo;
     }
 
-    public Mono<OrganisasjonDTO> getOrganisasjon(String organisasjonsnummer) {
-
-        var userId = getUserInfo.call()
-                .map(UserInfo::id)
-                .orElse(null);
+    public Mono<OrganisasjonDTO> getOrganisasjon(String ident, String organisasjonsnummer) {
 
         return Mono.from(tokenExchange.exchange(serverProperties)
                         .flatMapMany(accessToken ->
-                                new GetPersonOrganisasjonTilgangCommand(webClient, userId, accessToken.getTokenValue()).call()))
+                                new GetPersonOrganisasjonTilgangCommand(webClient, ident, accessToken.getTokenValue()).call()))
                 .doOnNext(organisasjon -> log.info("Mottatt organisasjon: {}", organisasjon))
                 .filter(organisasjon -> organisasjon.getOrganisasjonsnummer().equals(organisasjonsnummer));
     }

diff --git a/.../profil-api/src/main/java/no/nav/registre/testnorge/profil/provider/ProfilController.java b/.../profil-api/src/main/java/no/nav/registre/testnorge/profil/provider/ProfilController.java
@@ -28,7 +28,7 @@ public ProfilController(ProfilService profilService) {
     @SneakyThrows
     @GetMapping
     public ResponseEntity<ProfilDTO> getProfile() {
-        var profil = profilService.getProfile();
+        var profil = profilService.getProfile().block();
         return ResponseEntity.ok().cacheControl(cacheControl).body(profil.toDTO());
     }
 

diff --git a/apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/service/ProfilService.java b/apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/service/ProfilService.java
@@ -1,6 +1,7 @@
 package no.nav.registre.testnorge.profil.service;
 
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import no.nav.registre.testnorge.profil.consumer.AzureAdProfileConsumer;
 import no.nav.registre.testnorge.profil.consumer.PersonOrganisasjonTilgangConsumer;
 import no.nav.registre.testnorge.profil.domain.Profil;
@@ -10,9 +11,11 @@
 import org.springframework.security.oauth2.jwt.JwtClaimNames;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
 import org.springframework.stereotype.Service;
+import reactor.core.publisher.Mono;
 
 import java.util.Optional;
 
+@Slf4j
 @Service
 @RequiredArgsConstructor
 public class ProfilService {
@@ -23,28 +26,28 @@ public class ProfilService {
     private final PersonOrganisasjonTilgangConsumer organisasjonTilgangConsumer;
     private final GetUserInfo getUserInfo;
 
-    public Profil getProfile() {
+    public Mono<Profil> getProfile() {
+
         if (isTokenX()) {
             return getUserInfo.call()
-                    .map(userInfo ->
-                    organisasjonTilgangConsumer
-                            .getOrganisasjon(userInfo.organisasjonsnummer())
-                            .map(dto -> new Profil(
+                    .map(userInfo -> organisasjonTilgangConsumer
+                            .getOrganisasjon(getIdent(), userInfo.organisasjonsnummer())
+                            .map(organisasjon -> new Profil(
                                     userInfo.brukernavn(),
                                     UKJENT,
                                     UKJENT,
-                                    dto.getNavn(),
-                                    dto.getOrganisasjonsnummer(),
+                                    organisasjon.getNavn(),
+                                    userInfo.organisasjonsnummer(),
                                     BANK_ID)
-                            ).block()
-            ).orElse(new Profil(
-                    BANK_ID,
-                    UKJENT,
-                    UKJENT,
-                    UKJENT,
-                    UKJENT,
-                    BANK_ID
-            ));
+                            ))
+                            .orElse(Mono.just(new Profil(
+                                    BANK_ID,
+                                    UKJENT,
+                                    UKJENT,
+                                    UKJENT,
+                                    UKJENT,
+                                    BANK_ID
+                            )));
         }
         return azureAdProfileConsumer.getProfil();
     }
@@ -53,18 +56,29 @@ public Optional<byte[]> getImage() {
         return isTokenX() ? Optional.empty() : azureAdProfileConsumer.getProfilImage();
     }
 
-    private JwtAuthenticationToken getJwtAuthenticationToken() {
+    private Optional<JwtAuthenticationToken> getJwtAuthenticationToken() {
+
         return Optional.ofNullable(SecurityContextHolder.getContext().getAuthentication())
                 .filter(JwtAuthenticationToken.class::isInstance)
-                .map(JwtAuthenticationToken.class::cast)
-                .orElseThrow();
+                .map(JwtAuthenticationToken.class::cast);
     }
 
     private boolean isTokenX() {
+
         return getJwtAuthenticationToken()
-                .getTokenAttributes()
-                .get(JwtClaimNames.ISS)
-                .equals(tokenXResourceServerProperties.getIssuerUri());
+                .map(token -> token
+                        .getTokenAttributes()
+                        .get(JwtClaimNames.ISS)
+                        .equals(tokenXResourceServerProperties.getIssuerUri()))
+                .orElseThrow();
     }
 
+    private String getIdent() {
+
+        return getJwtAuthenticationToken()
+                .map(JwtAuthenticationToken::getTokenAttributes)
+                .map(attribs -> attribs.get("pid"))
+                .map(ident -> (String) ident)
+                .orElseThrow();
+    }
 }
diff --git a/...av/proxies/arbeidsplassencvproxy/filter/AddAuthenticationRequestGatewayFilterFactory.java b/...av/proxies/arbeidsplassencvproxy/filter/AddAuthenticationRequestGatewayFilterFactory.java
@@ -7,6 +7,7 @@
 import no.nav.testnav.proxies.arbeidsplassencvproxy.consumer.FakedingsConsumer;
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.http.HttpHeaders;
+import org.springframework.web.server.ServerWebExchange;
 
 @Slf4j
 @UtilityClass
@@ -18,13 +19,16 @@ public static GatewayFilter bearerIdportenHeaderFilter(FakedingsConsumer fakedin
         return (exchange, chain) -> {
             var httpRequest = exchange.getRequest();
             var ident = httpRequest.getHeaders().getFirst("fnr");
+
             return fakedingsConsumer.getFakeToken(ident)
                     .flatMap(faketoken -> tokenXService.exchange(serverProperties, faketoken)
                             .flatMap(tokenX -> {
-                                exchange.mutate()
+                                ServerWebExchange mutatedExchange = exchange.mutate()
                                         .request(builder -> builder.header(HttpHeaders.AUTHORIZATION,
-                                                "Bearer " + tokenX.getTokenValue()).build());
-                                return chain.filter(exchange);
+                                                "Bearer " + tokenX.getTokenValue()).build())
+                                        .build();
+
+                                return chain.filter(mutatedExchange);
                             }));
         };
     }

diff --git a/...av/testnav/proxies/fullmaktproxy/filter/AddAuthenticationRequestGatewayFilterFactory.java b/...av/testnav/proxies/fullmaktproxy/filter/AddAuthenticationRequestGatewayFilterFactory.java
@@ -7,6 +7,7 @@
 import no.nav.testnav.proxies.fullmaktproxy.consumer.FakedingsConsumer;
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.http.HttpHeaders;
+import org.springframework.web.server.ServerWebExchange;
 
 @Slf4j
 @UtilityClass
@@ -18,14 +19,17 @@ public static GatewayFilter bearerIdportenHeaderFilter(FakedingsConsumer fakedin
         return (exchange, chain) -> {
             var httpRequest = exchange.getRequest();
             var ident = httpRequest.getHeaders().getFirst("fnr");
+
             return fakedingsConsumer.getFakeToken(ident)
                     .flatMap(faketoken -> tokenXService.exchange(serverProperties, faketoken)
                             .flatMap(tokenX -> {
-                                exchange.mutate()
+                                ServerWebExchange mutatedExchange = exchange.mutate()
                                         .request(builder -> builder.header(HttpHeaders.AUTHORIZATION,
-                                                "Bearer " + tokenX.getTokenValue()).build());
-                                return chain.filter(exchange);
+                                                "Bearer " + tokenX.getTokenValue()).build())
+                                        .build();
+
+                                return chain.filter(mutatedExchange);
                             }));
         };
     }
-}
+}
diff --git a/.../testnav/proxies/yrkesskadeproxy/filter/AddAuthenticationRequestGatewayFilterFactory.java b/.../testnav/proxies/yrkesskadeproxy/filter/AddAuthenticationRequestGatewayFilterFactory.java
@@ -7,6 +7,7 @@
 import no.nav.testnav.proxies.yrkesskadeproxy.consumer.FakedingsConsumer;
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.http.HttpHeaders;
+import org.springframework.web.server.ServerWebExchange;
 
 @Slf4j
 @UtilityClass
@@ -18,14 +19,16 @@ public static GatewayFilter bearerIdportenHeaderFilter(FakedingsConsumer fakedin
         return (exchange, chain) -> {
             var httpRequest = exchange.getRequest();
             var ident = httpRequest.getHeaders().getFirst("ident");
+
             return fakedingsConsumer.getFakeToken(ident)
                     .flatMap(faketoken -> tokenXService.exchange(serverProperties, faketoken)
                             .flatMap(tokenX -> {
-                                exchange.mutate()
+                                ServerWebExchange mutatedExchange = exchange.mutate()
                                         .request(builder -> builder.header(HttpHeaders.AUTHORIZATION,
-                                                "Bearer " + tokenX.getTokenValue()).build());
-                                log.info("TokenX {}", tokenX.getTokenValue());
-                                return chain.filter(exchange);
+                                                "Bearer " + tokenX.getTokenValue()).build())
+                                        .build();
+
+                                return chain.filter(mutatedExchange);
                             }));
         };
     }
-Original file line number
+Diff line change
@@ Expand Up / @@ -12,4 +12,4 @@ public class ProfilApiApplicationStarter { @@
         public static void main(String[] args) {
             SpringApplication.run(ProfilApiApplicationStarter.class, args);
         }
-    }
+    }