Oppdateringer, refaktorert SecurityConfig for resterende apper

Fikset KRR frontend til å tydelig vise hva som godtas på mobilnr format
Endret Pensjon FraOgMed til å kun gi gyldige alternativer, altså år fra og med ident er fylt sytten
#deploy-test-frontend

apps/adresse-service/src/main/java/no/nav/testnav/apps/adresseservice/config/SecurityConfig.java

@@ -7,6 +7,7 @@
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
@@ -20,7 +21,7 @@ public class SecurityConfig {
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
 
         httpSecurity.sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-                .csrf(csrfSpec -> csrfSpec.disable())
+                .csrf(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests(authorizeConfig -> authorizeConfig.requestMatchers(
                         "/internal/**",
                         "/webjars/**",

apps/amelding-service/src/main/java/no/nav/registre/testnav/ameldingservice/config/SecurityConfig.java

@@ -22,7 +22,7 @@ public class SecurityConfig {
     @Bean
     public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity httpSecurity) {
         return httpSecurity
-                .csrf(csrfSpec -> csrfSpec.disable())
+                .csrf(ServerHttpSecurity.CsrfSpec::disable)
                 .authorizeExchange(authorizeConfig -> authorizeConfig.pathMatchers(
                         "/internal/**",
                         "/webjars/**",

apps/app-tilgang-analyse-service/src/main/java/no/nav/testnav/apps/apptilganganalyseservice/config/SecurityConfig.java

@@ -23,7 +23,7 @@ public class SecurityConfig {
     @Bean
     public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity httpSecurity) {
         return httpSecurity
-                .csrf(csrfSpec -> csrfSpec.disable())
+                .csrf(ServerHttpSecurity.CsrfSpec::disable)
                 .authorizeExchange(authorizeConfig -> authorizeConfig.pathMatchers(
                         "/internal/**",
                         "/webjars/**",

apps/arbeidsforhold-export-api/src/main/java/no/nav/no/registere/testnorge/arbeidsforholdexportapi/config/SecurityConfig.java

@@ -6,6 +6,7 @@
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
@@ -18,7 +19,7 @@ public class SecurityConfig {
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
 
         httpSecurity.sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-                .csrf(csrfSpec -> csrfSpec.disable())
+                .csrf(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests(authorizeConfig -> authorizeConfig.requestMatchers(
                         "/internal/**",
                         "/webjars/**",

apps/arbeidsforhold-service/src/main/java/no/nav/registre/testnorge/arbeidsforholdservice/config/SecurityConfig.java

@@ -7,6 +7,7 @@
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
@@ -21,7 +22,7 @@ public class SecurityConfig {
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
 
         httpSecurity.sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-                .csrf(csrfSpec -> csrfSpec.disable())
+                .csrf(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests(authorizeConfig -> authorizeConfig.requestMatchers(
                         "/internal/**",
                         "/webjars/**",

apps/batch-bestilling-service/src/main/java/no/nav/registre/testnorge/batchbestillingservice/config/SecurityConfig.java

@@ -6,6 +6,7 @@
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
@@ -18,7 +19,7 @@ public class SecurityConfig {
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
 
         httpSecurity.sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-                .csrf(csrfSpec -> csrfSpec.disable())
+                .csrf(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests(authorizeConfig -> authorizeConfig.requestMatchers(
                         "/internal/**",
                         "/webjars/**",

apps/bruker-service/src/main/java/no/nav/testnav/apps/brukerservice/config/SecurityConfig.java

@@ -23,7 +23,7 @@ public class SecurityConfig {
     @Bean
     public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity httpSecurity) {
         return httpSecurity
-                .csrf(csrfSpec -> csrfSpec.disable())
+                .csrf(ServerHttpSecurity.CsrfSpec::disable)
                 .authorizeExchange(authorizeConfig -> authorizeConfig.pathMatchers(
                         "/internal/**",
                         "/webjars/**",

apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/IdportenSecurityConfig.java

@@ -48,34 +48,32 @@ public SecurityWebFilterChain configure(ServerHttpSecurity http) {
         var logoutSuccessHandler = new LogoutSuccessHandler();
         logoutSuccessHandler.applyOn("idporten", new IdportenOcidLogoutUrlResolver(wellKnownUrl, postLogoutRedirectUri));
 
-        return http.cors()
-                .and().csrf().disable()
-                .authorizeExchange()
-                .pathMatchers(
-                        "/internal/isReady",
-                        "/internal/isAlive",
-                        "/assets/*",
-                        "/internal/metrics",
-                        "/oauth2/callback",
-                        "/favicon.ico",
-                        LOGIN,
-                        LOGOUT,
-                        "/oauth2/logout",
-                        "/*.css",
-                        "/*.js",
-                        "/*.mjs",
-                        "/*.png"
-                ).permitAll()
-                .anyExchange().authenticated()
-                .and().oauth2Login(oAuth2LoginSpec -> oAuth2LoginSpec
+        return http.cors(ServerHttpSecurity.CorsSpec::disable)
+                .csrf(ServerHttpSecurity.CsrfSpec::disable)
+                .authorizeExchange(authorizeExchangeSpec -> authorizeExchangeSpec.pathMatchers(
+                                "/internal/isReady",
+                                "/internal/isAlive",
+                                "/assets/*",
+                                "/internal/metrics",
+                                "/oauth2/callback",
+                                "/favicon.ico",
+                                LOGIN,
+                                LOGOUT,
+                                "/oauth2/logout",
+                                "/*.css",
+                                "/*.js",
+                                "/*.mjs",
+                                "/*.png"
+                        ).permitAll()
+                        .anyExchange().authenticated())
+                .oauth2Login(oAuth2LoginSpec -> oAuth2LoginSpec
                         .authenticationManager(authenticationManger)
                         .authenticationSuccessHandler(authenticationSuccessHandler))
-                .formLogin().loginPage(LOGIN)
-                .and().logout(logoutSpec -> logoutSpec
+                .formLogin(formLoginSpec -> formLoginSpec.loginPage(LOGIN))
+                .logout(logoutSpec -> logoutSpec
                         .logoutUrl(LOGOUT)
                         .requiresLogout(ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, LOGOUT))
                         .logoutSuccessHandler(logoutSuccessHandler))
                 .build();
     }
-
 }

apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/LocalSecurityConfig.java

@@ -29,29 +29,28 @@ public SecurityWebFilterChain configure(ServerHttpSecurity http) {
         var authenticationSuccessHandler = new DollyAuthenticationSuccessHandler();
         var logoutSuccessHandler = new LogoutSuccessHandler();
 
-        return http.cors()
-                .and().csrf().disable()
-                .authorizeExchange()
-                .pathMatchers(
-                        "/internal/isReady",
-                        "/internal/isAlive",
-                        "/assets/*",
-                        "/internal/metrics",
-                        "/oauth2/callback",
-                        "/favicon.ico",
-                        LOGIN,
-                        LOGOUT,
-                        "/oauth2/logout",
-                        "/*.css",
-                        "/*.js",
-                        "/*.mjs",
-                        "/*.png"
-                ).permitAll()
-                .anyExchange().authenticated()
-                .and().oauth2Login(oAuth2LoginSpec -> oAuth2LoginSpec
+        return http.cors(ServerHttpSecurity.CorsSpec::disable)
+                .csrf(ServerHttpSecurity.CsrfSpec::disable)
+                .authorizeExchange(authorizeExchangeSpec -> authorizeExchangeSpec.pathMatchers(
+                                "/internal/isReady",
+                                "/internal/isAlive",
+                                "/assets/*",
+                                "/internal/metrics",
+                                "/oauth2/callback",
+                                "/favicon.ico",
+                                LOGIN,
+                                LOGOUT,
+                                "/oauth2/logout",
+                                "/*.css",
+                                "/*.js",
+                                "/*.mjs",
+                                "/*.png"
+                        ).permitAll()
+                        .anyExchange().authenticated())
+                .oauth2Login(oAuth2LoginSpec -> oAuth2LoginSpec
                         .authenticationSuccessHandler(authenticationSuccessHandler))
-                .formLogin().loginPage(LOGIN)
-                .and().logout(logoutSpec -> logoutSpec
+                .formLogin(formLoginSpec -> formLoginSpec.loginPage(LOGIN))
+                .logout(logoutSpec -> logoutSpec
                         .logoutUrl(LOGOUT)
                         .requiresLogout(ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, LOGOUT))
                         .logoutSuccessHandler(logoutSuccessHandler))

apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/SecurityConfig.java

@@ -29,12 +29,10 @@ public class SecurityConfig {
     @Bean
     public SecurityWebFilterChain configure(ServerHttpSecurity http) {
 
-        http.cors()
-                .and().csrf().disable()
-                .authorizeExchange()
-                .anyExchange()
-                .permitAll()
-                .and().oauth2ResourceServer().jwt(jwt -> jwtDecoder());
+        http.cors(ServerHttpSecurity.CorsSpec::disable)
+                .csrf(ServerHttpSecurity.CsrfSpec::disable)
+                .authorizeExchange(authorizeExchangeSpec -> authorizeExchangeSpec.anyExchange().permitAll())
+                .oauth2ResourceServer(oAuth2ResourceServerSpec -> oAuth2ResourceServerSpec.jwt(jwtSpec -> jwtDecoder()));
         return http.build();
     }
 

apps/dolly-frontend/src/main/js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dolly",
-  "version": "2.5.27",
+  "version": "2.5.28",
   "description": "",
   "main": "index.js",
   "scripts": {

apps/dolly-frontend/src/main/js/src/components/fagsystem/krrstub/form/Form.tsx

@@ -73,7 +73,6 @@ export const KrrstubForm = ({ formikBag }: KrrstubFormProps) => {
 								fastfield={false}
 							/>
 							<FormikTextInput name="krrstub.epost" label="E-post" />
-							TODO: FIKSE DENNE TIL Å VISE TYDELIG AT +47xxx ER RIKTIG FORMAT
 							<FormikTextInput
 								name="krrstub.mobil"
 								label="Mobilnummer (+47)"