Oppdatering for å hente organisasjon #deploy-profil-api

navikt · Jan 22, 2025 · 80b6932 · 80b6932
1 parent 7f3b6a0
commit 80b6932
Show file tree

Hide file tree

Showing 6 changed files with 47 additions and 40 deletions.
diff --git a/...l-api/src/main/java/no/nav/registre/testnorge/profil/consumer/AzureAdProfileConsumer.java b/...l-api/src/main/java/no/nav/registre/testnorge/profil/consumer/AzureAdProfileConsumer.java
@@ -10,6 +10,7 @@
 import org.springframework.stereotype.Service;
 import org.springframework.web.reactive.function.client.ExchangeStrategies;
 import org.springframework.web.reactive.function.client.WebClient;
+import reactor.core.publisher.Mono;
 import reactor.netty.http.client.HttpClient;
 import reactor.netty.transport.ProxyProvider;
 
@@ -56,10 +57,10 @@ public AzureAdProfileConsumer(
         this.webClient = builder.build();
     }
 
-    public Profil getProfil() {
+    public Mono<Profil> getProfil() {
         return azureAdTokenService.exchange(url + "/.default")
                 .flatMap(accessToken -> new GetProfileCommand(webClient, accessToken.getTokenValue()).call())
-                .map(Profil::new).block();
+                .map(Profil::new);
     }
 
     public Optional<byte[]> getProfilImage() {

diff --git a/...ain/java/no/nav/registre/testnorge/profil/consumer/PersonOrganisasjonTilgangConsumer.java b/...ain/java/no/nav/registre/testnorge/profil/consumer/PersonOrganisasjonTilgangConsumer.java
@@ -5,8 +5,6 @@
 import no.nav.registre.testnorge.profil.consumer.command.GetPersonOrganisasjonTilgangCommand;
 import no.nav.testnav.libs.dto.altinn3.v1.OrganisasjonDTO;
 import no.nav.testnav.libs.securitycore.domain.ServerProperties;
-import no.nav.testnav.libs.securitycore.domain.UserInfo;
-import no.nav.testnav.libs.servletsecurity.action.GetUserInfo;
 import no.nav.testnav.libs.servletsecurity.exchange.TokenExchange;
 import org.springframework.stereotype.Component;
 import org.springframework.web.reactive.function.client.WebClient;
@@ -16,34 +14,28 @@
 @Slf4j
 @Component
 public class PersonOrganisasjonTilgangConsumer {
+
     private final WebClient webClient;
     private final ServerProperties serverProperties;
     private final TokenExchange tokenExchange;
-    private final GetUserInfo getUserInfo;
 
     public PersonOrganisasjonTilgangConsumer(
             Consumers consumers,
             TokenExchange tokenExchange,
-            WebClient.Builder webClientBuilder,
-            GetUserInfo getUserInfo) {
+            WebClient.Builder webClientBuilder) {
 
         serverProperties = consumers.getTestnavAltinn3TilgangService();
         this.tokenExchange = tokenExchange;
         this.webClient = webClientBuilder
                 .baseUrl(serverProperties.getUrl())
                 .build();
-        this.getUserInfo = getUserInfo;
     }
 
-    public Mono<OrganisasjonDTO> getOrganisasjon(String organisasjonsnummer) {
-
-        var userId = getUserInfo.call()
-                .map(UserInfo::id)
-                .orElse(null);
+    public Mono<OrganisasjonDTO> getOrganisasjon(String ident, String organisasjonsnummer) {
 
         return Mono.from(tokenExchange.exchange(serverProperties)
                         .flatMapMany(accessToken ->
-                                new GetPersonOrganisasjonTilgangCommand(webClient, userId, accessToken.getTokenValue()).call()))
+                                new GetPersonOrganisasjonTilgangCommand(webClient, ident, accessToken.getTokenValue()).call()))
                 .doOnNext(organisasjon -> log.info("Mottatt organisasjon: {}", organisasjon))
                 .filter(organisasjon -> organisasjon.getOrganisasjonsnummer().equals(organisasjonsnummer));
     }

diff --git a/.../profil-api/src/main/java/no/nav/registre/testnorge/profil/provider/ProfilController.java b/.../profil-api/src/main/java/no/nav/registre/testnorge/profil/provider/ProfilController.java
@@ -28,7 +28,7 @@ public ProfilController(ProfilService profilService) {
     @SneakyThrows
     @GetMapping
     public ResponseEntity<ProfilDTO> getProfile() {
-        var profil = profilService.getProfile();
+        var profil = profilService.getProfile().block();
         return ResponseEntity.ok().cacheControl(cacheControl).body(profil.toDTO());
     }
 

diff --git a/apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/service/ProfilService.java b/apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/service/ProfilService.java
@@ -11,6 +11,7 @@
 import org.springframework.security.oauth2.jwt.JwtClaimNames;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
 import org.springframework.stereotype.Service;
+import reactor.core.publisher.Mono;
 
 import java.util.Optional;
 
@@ -25,25 +26,28 @@ public class ProfilService {
     private final PersonOrganisasjonTilgangConsumer organisasjonTilgangConsumer;
     private final GetUserInfo getUserInfo;
 
-    public Profil getProfile() {
+    public Mono<Profil> getProfile() {
+
         if (isTokenX()) {
             return getUserInfo.call()
-                    .map(userInfo -> new Profil(
-                            userInfo.brukernavn(),
-                            UKJENT,
-                            UKJENT,
-                            UKJENT,
-                            userInfo.organisasjonsnummer(),
-                            BANK_ID)
-                    )
-                    .orElse(new Profil(
-                            BANK_ID,
-                            UKJENT,
-                            UKJENT,
-                            UKJENT,
-                            UKJENT,
-                            BANK_ID
-                    ));
+                    .map(userInfo -> organisasjonTilgangConsumer
+                            .getOrganisasjon(getIdent(), userInfo.organisasjonsnummer())
+                            .map(organisasjon -> new Profil(
+                                    userInfo.brukernavn(),
+                                    UKJENT,
+                                    UKJENT,
+                                    organisasjon.getNavn(),
+                                    userInfo.organisasjonsnummer(),
+                                    BANK_ID)
+                            ))
+                            .orElse(Mono.just(new Profil(
+                                    BANK_ID,
+                                    UKJENT,
+                                    UKJENT,
+                                    UKJENT,
+                                    UKJENT,
+                                    BANK_ID
+                            )));
         }
         return azureAdProfileConsumer.getProfil();
     }
@@ -52,18 +56,29 @@ public Optional<byte[]> getImage() {
         return isTokenX() ? Optional.empty() : azureAdProfileConsumer.getProfilImage();
     }
 
-    private JwtAuthenticationToken getJwtAuthenticationToken() {
+    private Optional<JwtAuthenticationToken> getJwtAuthenticationToken() {
+
         return Optional.ofNullable(SecurityContextHolder.getContext().getAuthentication())
                 .filter(JwtAuthenticationToken.class::isInstance)
-                .map(JwtAuthenticationToken.class::cast)
-                .orElseThrow();
+                .map(JwtAuthenticationToken.class::cast);
     }
 
     private boolean isTokenX() {
 
         return getJwtAuthenticationToken()
-                .getTokenAttributes()
-                .get(JwtClaimNames.ISS)
-                .equals(tokenXResourceServerProperties.getIssuerUri());
+                .map(token -> token
+                        .getTokenAttributes()
+                        .get(JwtClaimNames.ISS)
+                        .equals(tokenXResourceServerProperties.getIssuerUri()))
+                .orElseThrow();
+    }
+
+    private String getIdent() {
+
+        return getJwtAuthenticationToken()
+                .map(JwtAuthenticationToken::getTokenAttributes)
+                .map(attribs -> attribs.get("pid"))
+                .map(ident -> (String) ident)
+                .orElseThrow();
     }
 }
diff --git a/apps/profil-api/src/main/resources/logback-spring.xml b/apps/profil-api/src/main/resources/logback-spring.xml
@@ -17,7 +17,7 @@
                 </throwableConverter>
             </encoder>
         </appender>
-        <root level="TRACE">
+        <root level="INFO">
             <appender-ref ref="stdout_json"/>
         </root>
     </springProfile>

diff --git a/...ervlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/action/GetUserInfo.java b/...ervlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/action/GetUserInfo.java
@@ -35,7 +35,6 @@ public Optional<UserInfo> call() {
             var jwt = JWT.decode(token);
             var verifier = JWT.require(Algorithm.HMAC256(secret)).build();
             verifier.verify(jwt);
-            log.info("jwt ---> {}", jwt.getToken());
             return new UserInfo(
                     jwt.getClaim(UserConstant.USER_CLAIM_ID).asString(),
                     jwt.getClaim(UserConstant.USER_CLAIM_ORG).asString(),