From 98583170246d0b0230e55d4245cb69f89cbd589e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristen=20H=C3=A6rum?= Date: Tue, 25 Feb 2025 08:44:26 +0100 Subject: [PATCH 01/13] Feature/dolly sok inkluder opprettede personer (#3724) --- .../workflows/app.dolly-search-service.yml | 25 ++ apps/dolly-backend/config.test.yml | 1 + apps/dolly-backend/config.yml | 6 +- .../dolly/DollyBackendApplicationStarter.java | 2 +- .../java/no/nav/dolly/config/Consumers.java | 1 + .../nav/dolly/elastic/dto/SearchResponse.java | 21 +- .../service/OpenSearchQueryBuilder.java | 4 +- .../DollySearchServiceConsumer.java | 39 ++ .../DollySearchServicePostCommand.java | 40 ++ .../dolly/opensearch/dto/SearchRequest.java | 52 +++ .../dolly/opensearch/dto/SearchResponse.java | 39 ++ .../OpenSearchRequestMappingStrategy.java | 29 ++ .../service/DollySearchService.java | 138 ++++++ .../provider/api/DollySearchController.java | 30 ++ .../src/main/resources/application-local.yml | 4 +- .../src/main/resources/application.yml | 5 + apps/dolly-search-service/Dockerfile | 8 + apps/dolly-search-service/README.md | 8 + apps/dolly-search-service/build.gradle | 29 ++ apps/dolly-search-service/config.yml | 64 +++ .../gradle/wrapper/gradle-wrapper.jar | Bin 0 -> 43453 bytes .../gradle/wrapper/gradle-wrapper.properties | 7 + apps/dolly-search-service/gradlew | 249 +++++++++++ apps/dolly-search-service/gradlew.bat | 92 ++++ apps/dolly-search-service/gradlewUpdate.sh | 3 + apps/dolly-search-service/settings.gradle | 21 + .../DollySearchServiceApplicationStarter.java | 16 + .../config/ApplicationConfig.java | 15 + .../dollysearchservice/config/Consumers.java | 20 + .../config/JsonMapperConfig.java | 82 ++++ .../config/OpenApiConfig.java | 68 +++ .../config/SecurityConfig.java | 38 ++ .../credentials/ElasticSearchCredentials.java | 18 + .../consumer/OpenSearchConsumer.java | 52 +++ .../consumer/command/OpenSearchCommand.java | 48 +++ .../utils/JacksonExchangeStrategyUtil.java | 25 ++ .../dollysearchservice/dto/SearchRequest.java | 16 + .../dto/SearchResponse.java | 58 +++ .../provider/OpensearchController.java | 29 ++ .../service/OpenSearchService.java | 81 ++++ .../utils/OpenSearchIdenterQueryUtils.java | 52 +++ .../utils/OpenSearchPersonQueryUtils.java | 399 ++++++++++++++++++ .../utils/OpenSearchQueryBuilder.java | 115 +++++ .../utils/OpenSearchQueryUtils.java | 51 +++ .../src/main/resources/application-local.yml | 13 + .../src/main/resources/application-prod.yml | 3 + .../src/main/resources/application.yml | 55 +++ .../src/main/resources/logback-spring.xml | 41 ++ .../ApplicationContextTest.java | 22 + .../src/test/resources/application-test.yml | 1 + .../data-transfer-search-objects/build.gradle | 1 + .../settings.gradle | 1 + .../dollysearchservice/v1/PersonRequest.java | 67 +++ .../dollysearchservice/v1/SearchRequest.java | 40 ++ .../dollysearchservice/v1/SearchResponse.java | 24 ++ .../src/main/groovy/dolly-versions.gradle | 2 +- proxies/pdl-proxy/config.yml | 9 +- .../pdlproxy/PdlProxyApplicationStarter.java | 3 +- 58 files changed, 2370 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/app.dolly-search-service.yml create mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/DollySearchServiceConsumer.java create mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/command/DollySearchServicePostCommand.java create mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchRequest.java create mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchResponse.java create mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/mapper/OpenSearchRequestMappingStrategy.java create mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/service/DollySearchService.java create mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/DollySearchController.java create mode 100644 apps/dolly-search-service/Dockerfile create mode 100644 apps/dolly-search-service/README.md create mode 100644 apps/dolly-search-service/build.gradle create mode 100644 apps/dolly-search-service/config.yml create mode 100644 apps/dolly-search-service/gradle/wrapper/gradle-wrapper.jar create mode 100644 apps/dolly-search-service/gradle/wrapper/gradle-wrapper.properties create mode 100755 apps/dolly-search-service/gradlew create mode 100644 apps/dolly-search-service/gradlew.bat create mode 100755 apps/dolly-search-service/gradlewUpdate.sh create mode 100644 apps/dolly-search-service/settings.gradle create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/DollySearchServiceApplicationStarter.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/ApplicationConfig.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/Consumers.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/JsonMapperConfig.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenApiConfig.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/SecurityConfig.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/credentials/ElasticSearchCredentials.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/OpenSearchConsumer.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/command/OpenSearchCommand.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/utils/JacksonExchangeStrategyUtil.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchResponse.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchController.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchIdenterQueryUtils.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchPersonQueryUtils.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryBuilder.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryUtils.java create mode 100644 apps/dolly-search-service/src/main/resources/application-local.yml create mode 100644 apps/dolly-search-service/src/main/resources/application-prod.yml create mode 100644 apps/dolly-search-service/src/main/resources/application.yml create mode 100644 apps/dolly-search-service/src/main/resources/logback-spring.xml create mode 100644 apps/dolly-search-service/src/test/java/no/nav/testnav/dollysearchservice/ApplicationContextTest.java create mode 100644 apps/dolly-search-service/src/test/resources/application-test.yml create mode 100644 libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/PersonRequest.java create mode 100644 libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchRequest.java create mode 100644 libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchResponse.java diff --git a/.github/workflows/app.dolly-search-service.yml b/.github/workflows/app.dolly-search-service.yml new file mode 100644 index 00000000000..65f242870f3 --- /dev/null +++ b/.github/workflows/app.dolly-search-service.yml @@ -0,0 +1,25 @@ +name: dolly-search-service + +on: + push: + paths: + - "plugins/**" + - "libs/data-transfer-search-objects/**" + - "libs/reactive-core/**" + - "libs/security-core/**" + - "libs/servlet-core/**" + - "libs/servlet-security/**" + - "libs/testing/**" + - "apps/dolly-search-service/**" + - ".github/workflows/app.dolly-search-service.yml" + +jobs: + workflow: + uses: ./.github/workflows/common.workflow.backend.yml + with: + working-directory: "apps/dolly-search-service" + deploy-tag: "#deploy-dolly-search-service" + permissions: + contents: read + id-token: write + secrets: inherit diff --git a/apps/dolly-backend/config.test.yml b/apps/dolly-backend/config.test.yml index 4b0375689e7..ab6f3de696c 100644 --- a/apps/dolly-backend/config.test.yml +++ b/apps/dolly-backend/config.test.yml @@ -32,6 +32,7 @@ spec: - application: testnav-arbeidsforhold-service - application: testnav-arbeidsplassencv-proxy - application: testnav-arbeidssoekerregisteret-proxy + - application: testnav-dolly-search-service - application: testnav-inntektsmelding-service - application: testnav-kodeverk-service - application: testnav-miljoer-service diff --git a/apps/dolly-backend/config.yml b/apps/dolly-backend/config.yml index 1175b294d1c..30963ba28a8 100644 --- a/apps/dolly-backend/config.yml +++ b/apps/dolly-backend/config.yml @@ -17,15 +17,16 @@ spec: accessPolicy: inbound: rules: + - application: dolly-frontend - application: dolly-idporten + - application: etterlatte-testdata + namespace: etterlatte - application: testnav-batch-bestilling-service - application: testnav-dollystatus - application: testnav-helsepersonell-service - application: testnav-oversikt-frontend - application: testnav-tenor-search-service - - application: etterlatte-testdata - namespace: etterlatte outbound: rules: - application: generer-navn-service @@ -33,6 +34,7 @@ spec: - application: testnav-arbeidsforhold-service - application: testnav-arbeidsplassencv-proxy - application: testnav-arbeidssoekerregisteret-proxy + - application: testnav-dolly-search-service - application: testnav-inntektsmelding-service - application: testnav-kodeverk-service - application: testnav-miljoer-service diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/DollyBackendApplicationStarter.java b/apps/dolly-backend/src/main/java/no/nav/dolly/DollyBackendApplicationStarter.java index 49a646b9734..bc4c91d31b3 100644 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/DollyBackendApplicationStarter.java +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/DollyBackendApplicationStarter.java @@ -12,4 +12,4 @@ public static void main(String[] args) { .initializers(new NaisEnvironmentApplicationContextInitializer()) .run(args); } -} +} \ No newline at end of file diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/config/Consumers.java b/apps/dolly-backend/src/main/java/no/nav/dolly/config/Consumers.java index eef10a7ed84..aaf5f1c51a0 100644 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/config/Consumers.java +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/config/Consumers.java @@ -47,4 +47,5 @@ public class Consumers { private ServerProperties testnavSkattekortService; private ServerProperties yrkesskadeProxy; private ServerProperties arbeidssoekerregisteretProxy; + private ServerProperties dollySearchService; } diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/dto/SearchResponse.java b/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/dto/SearchResponse.java index 87b68865e55..da5d61a1464 100644 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/dto/SearchResponse.java +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/dto/SearchResponse.java @@ -7,8 +7,11 @@ import lombok.NoArgsConstructor; import no.nav.dolly.elastic.ElasticBestilling; +import java.util.ArrayList; import java.util.List; +import static java.util.Objects.isNull; + @Data @Builder @NoArgsConstructor @@ -20,6 +23,22 @@ public class SearchResponse { private Float score; private String took; private List identer; - private List bestillinger; + private List registre; private String error; + + public List getIdenter() { + + if (isNull(identer)) { + identer = new ArrayList<>(); + } + return identer; + } + + public List getRegistre() { + + if (isNull(registre)) { + registre = new ArrayList<>(); + } + return registre; + } } \ No newline at end of file diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchQueryBuilder.java b/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchQueryBuilder.java index 85474cc3d36..0789b535f9c 100644 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchQueryBuilder.java +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchQueryBuilder.java @@ -70,7 +70,7 @@ public static BoolQueryBuilder buildTyperQuery(ElasticTyper[] typer) { return queryBuilder; } - private void setPersonQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + private static void setPersonQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { Optional.ofNullable(request.getPersonRequest()) .ifPresent(value -> { @@ -107,7 +107,7 @@ private void setPersonQuery(BoolQueryBuilder queryBuilder, SearchRequest request }); } - private QueryBuilder getFagsystemQuery(ElasticTyper type) { + public static QueryBuilder getFagsystemQuery(ElasticTyper type) { return switch (type) { case AAREG -> QueryBuilders.existsQuery("aareg"); diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/DollySearchServiceConsumer.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/DollySearchServiceConsumer.java new file mode 100644 index 00000000000..387caf04423 --- /dev/null +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/DollySearchServiceConsumer.java @@ -0,0 +1,39 @@ +package no.nav.dolly.opensearch; + +import lombok.extern.slf4j.Slf4j; +import no.nav.dolly.config.Consumers; +import no.nav.dolly.opensearch.command.DollySearchServicePostCommand; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; +import no.nav.testnav.libs.securitycore.domain.ServerProperties; +import no.nav.testnav.libs.standalone.servletsecurity.exchange.TokenExchange; +import org.springframework.stereotype.Service; +import org.springframework.web.reactive.function.client.WebClient; +import reactor.core.publisher.Mono; + +@Service +@Slf4j +public class DollySearchServiceConsumer { + + private final TokenExchange tokenService; + private final WebClient webClient; + private final ServerProperties serverProperties; + + public DollySearchServiceConsumer( + TokenExchange tokenService, + Consumers consumers, + WebClient.Builder webClientBuilder) { + + this.tokenService = tokenService; + serverProperties = consumers.getDollySearchService(); + this.webClient = webClientBuilder + .baseUrl(serverProperties.getUrl()) + .build(); + } + + public Mono doPersonSearch(SearchRequest request) { + + return tokenService.exchange(serverProperties) + .flatMap(token -> new DollySearchServicePostCommand(webClient, request, token.getTokenValue()).call()); + } +} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/command/DollySearchServicePostCommand.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/command/DollySearchServicePostCommand.java new file mode 100644 index 00000000000..a3a789c1110 --- /dev/null +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/command/DollySearchServicePostCommand.java @@ -0,0 +1,40 @@ +package no.nav.dolly.opensearch.command; + +import lombok.RequiredArgsConstructor; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; +import no.nav.testnav.libs.reactivecore.utils.WebClientFilter; +import org.springframework.http.HttpHeaders; +import org.springframework.web.reactive.function.client.WebClient; +import reactor.core.publisher.Mono; +import reactor.util.retry.Retry; + +import java.time.Duration; +import java.util.concurrent.Callable; + +@RequiredArgsConstructor +public class DollySearchServicePostCommand implements Callable> { + + private static final String SEARCH_URL = "/api/v1/opensearch"; + + private final WebClient webClient; + private final SearchRequest request; + private final String token; + + @Override + public Mono call() { + + return webClient.post() + .uri(uriBuilder -> uriBuilder.path(SEARCH_URL).build()) + .header(HttpHeaders.AUTHORIZATION, "Bearer " + token) + .bodyValue(request) + .retrieve() + .bodyToMono(SearchResponse.class) + .doOnError(WebClientFilter::logErrorMessage) + .retryWhen(Retry.backoff(3, Duration.ofSeconds(5)) + .filter(WebClientFilter::is5xxException)) + .onErrorResume(error -> Mono.just(SearchResponse.builder() + .error(WebClientFilter.getMessage(error)) + .build())); + } +} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchRequest.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchRequest.java new file mode 100644 index 00000000000..fb50e13c2d0 --- /dev/null +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchRequest.java @@ -0,0 +1,52 @@ +package no.nav.dolly.opensearch.dto; + +import io.swagger.v3.oas.annotations.media.Schema; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; +import no.nav.testnav.libs.data.dollysearchservice.v1.PersonRequest; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class SearchRequest { + + @Schema(description = "Paginering for bestillinger") + private PagineringBestillingRequest pagineringBestillingRequest; + + @Schema(description = "Paginering for personersøk") + private PagineringPersonRequest pagineringPersonRequest; + + @Schema(description = "Persondetaljer") + private PersonRequest personRequest; + + @Data + @Builder + @NoArgsConstructor + @AllArgsConstructor + public static class PagineringBestillingRequest { + + @Schema(description = "Seed for paginering") + private Integer seed; + @Schema(description = "Sidenummer") + private Integer side; + @Schema(description = "Antall resultater per side") + private Integer antall; + } + + @Data + @Builder + @NoArgsConstructor + @AllArgsConstructor + public static class PagineringPersonRequest { + + @Schema(description = "Sidenummer") + private Integer side; + @Schema(description = "Antall resultater per side") + private Integer antall; + @Schema(description = "Seed for paginering") + private Integer seed; + } +} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchResponse.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchResponse.java new file mode 100644 index 00000000000..6f0b7de9c98 --- /dev/null +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchResponse.java @@ -0,0 +1,39 @@ +package no.nav.dolly.opensearch.dto; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; +import net.minidev.json.annotate.JsonIgnore; +import no.nav.dolly.elastic.ElasticTyper; + +import java.util.List; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class SearchResponse { + + private RegistreResponseStatus registreSearchResponse; + private no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse dollySearchResponse; + + @Data + @Builder + @NoArgsConstructor + @AllArgsConstructor + public static class RegistreResponseStatus { + + private Long totalHitsBestillinger; + private Float score; + private String took; + private Integer antall; + private Integer side; + private Integer antallIdenter; + private Integer seed; + private List registre; + private String error; + @JsonIgnore + private List identer; + } +} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/mapper/OpenSearchRequestMappingStrategy.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/mapper/OpenSearchRequestMappingStrategy.java new file mode 100644 index 00000000000..de62113745e --- /dev/null +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/mapper/OpenSearchRequestMappingStrategy.java @@ -0,0 +1,29 @@ +package no.nav.dolly.opensearch.mapper; + +import ma.glasnost.orika.CustomMapper; +import ma.glasnost.orika.MapperFactory; +import ma.glasnost.orika.MappingContext; +import no.nav.dolly.mapper.MappingStrategy; +import no.nav.dolly.opensearch.dto.SearchRequest; +import org.springframework.stereotype.Component; + +@Component +public class OpenSearchRequestMappingStrategy implements MappingStrategy { + + @Override + public void register(MapperFactory factory) { + + factory.classMap(SearchRequest.class, no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest.class) + .customize(new CustomMapper<>() { + @Override + public void mapAtoB(SearchRequest kilde, no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest destinasjon, MappingContext context) { + + destinasjon.setAntall(kilde.getPagineringPersonRequest().getAntall()); + destinasjon.setSide(kilde.getPagineringPersonRequest().getSide()); + destinasjon.setSeed(kilde.getPagineringPersonRequest().getSeed()); + } + }) + .byDefault() + .register(); + } +} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/service/DollySearchService.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/service/DollySearchService.java new file mode 100644 index 00000000000..0533ac542e1 --- /dev/null +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/service/DollySearchService.java @@ -0,0 +1,138 @@ +package no.nav.dolly.opensearch.service; + +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import ma.glasnost.orika.MapperFacade; +import no.nav.dolly.elastic.ElasticTyper; +import no.nav.dolly.elastic.service.OpenSearchQueryBuilder; +import no.nav.dolly.opensearch.DollySearchServiceConsumer; +import no.nav.dolly.opensearch.dto.SearchRequest; +import no.nav.dolly.opensearch.dto.SearchResponse; +import org.opensearch.client.RequestOptions; +import org.opensearch.client.RestHighLevelClient; +import org.opensearch.index.query.BoolQueryBuilder; +import org.opensearch.index.query.QueryBuilders; +import org.opensearch.index.query.functionscore.RandomScoreFunctionBuilder; +import org.opensearch.search.SearchHit; +import org.opensearch.search.SearchHits; +import org.opensearch.search.builder.SearchSourceBuilder; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Service; +import reactor.core.publisher.Mono; + +import java.io.IOException; +import java.security.SecureRandom; +import java.util.Arrays; +import java.util.Collection; +import java.util.HashSet; +import java.util.List; +import java.util.Random; + +import static java.util.Objects.isNull; +import static java.util.Objects.nonNull; + +@Slf4j +@Service +@RequiredArgsConstructor +public class DollySearchService { + + private static final Random SEED = new SecureRandom(); + + private final RestHighLevelClient restHighLevelClient; + private final DollySearchServiceConsumer dollySearchServiceConsumer; + private final MapperFacade mapperFacade; + + @Value("${open.search.index}") + private String index; + + public Mono search(List registre, SearchRequest request) { + + var personRequest = mapperFacade.map(request, no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest.class); + var response = new SearchResponse(); + + var registreResponse = execRegistreQuery(registre, request); + response.setRegistreSearchResponse(registreResponse); + personRequest.setIdenter(new HashSet<>(!registreResponse.getIdenter().isEmpty() ? + registreResponse.getIdenter() : List.of("99999999999"))); + + return dollySearchServiceConsumer.doPersonSearch(personRequest) + .map(personResultat -> { + response.setDollySearchResponse(personResultat); + response.getRegistreSearchResponse().setIdenter(null); + return response; + }); + } + + private SearchResponse.RegistreResponseStatus execRegistreQuery(List registre, SearchRequest request) { + + var side = isNull(request.getPagineringBestillingRequest().getSide()) ? + 1 : request.getPagineringBestillingRequest().getSide(); + var antall = isNull(request.getPagineringBestillingRequest().getAntall()) ? + 1000 : request.getPagineringBestillingRequest().getAntall(); + var seed = isNull(request.getPagineringBestillingRequest().getSeed()) ? + SEED.nextInt() : request.getPagineringBestillingRequest().getSeed(); + + var query = buildTyperQuery(registre, seed); + var searchRequest = new org.opensearch.action.search.SearchRequest(index); + searchRequest + .source(new SearchSourceBuilder().query(query) + .size(antall) + .from(side)); + + try { + var registerResultat = restHighLevelClient.search(searchRequest, RequestOptions.DEFAULT); + var registreResponse = getIdenter(registerResultat); + registreResponse.setRegistre(registre); + registreResponse.setSide(side); + registreResponse.setAntall(antall); + registreResponse.setSeed(seed); + + return registreResponse; + + } catch (IOException e) { + log.error("OpenSearch feil ved utføring av søk: {}", e.getMessage(), e); + return SearchResponse.RegistreResponseStatus.builder() + .error(e.getLocalizedMessage()) + .build(); + } + } + + private static SearchResponse.RegistreResponseStatus getIdenter(org.opensearch.action.search.SearchResponse response) { + + var identer = Arrays.stream(response.getHits().getHits()) + .map(SearchHit::getSourceAsMap) + .map(map -> (List) map.get("identer")) + .flatMap(Collection::stream) + .distinct() + .toList(); + return SearchResponse.RegistreResponseStatus.builder() + .identer(identer) + .totalHitsBestillinger(getTotalHits(response.getHits())) + .took(response.getTook().getStringRep()) + .antallIdenter(identer.size()) + .score(response.getHits().getMaxScore()) + .build(); + } + + @SuppressWarnings("java:S2259") + private static Long getTotalHits(SearchHits searchHits) { + + return nonNull(searchHits) && nonNull(searchHits.getTotalHits()) ? + searchHits.getTotalHits().value : null; + } + + private static BoolQueryBuilder buildTyperQuery(List typer, Integer seed) { + + var queryBuilder = QueryBuilders.boolQuery() + .must(QueryBuilders.functionScoreQuery( + new RandomScoreFunctionBuilder().seed(seed))); + + if (nonNull(typer)) { + typer.stream() + .map(OpenSearchQueryBuilder::getFagsystemQuery) + .forEach(queryBuilder::must); + } + + return queryBuilder; + } +} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/DollySearchController.java b/apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/DollySearchController.java new file mode 100644 index 00000000000..ab9642609f3 --- /dev/null +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/DollySearchController.java @@ -0,0 +1,30 @@ +package no.nav.dolly.provider.api; + +import lombok.RequiredArgsConstructor; +import no.nav.dolly.opensearch.dto.SearchRequest; +import no.nav.dolly.opensearch.dto.SearchResponse; +import no.nav.dolly.elastic.ElasticTyper; +import no.nav.dolly.opensearch.service.DollySearchService; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; +import reactor.core.publisher.Mono; + +import java.util.List; + +@RestController +@RequestMapping("/api/v1/opensearch") +@RequiredArgsConstructor +public class DollySearchController { + + private final DollySearchService dollySearchService; + + @PostMapping + public Mono searchPersoner(@RequestParam(required = false) List registre, + @RequestBody SearchRequest request) { + + return dollySearchService.search(registre, request); + } +} diff --git a/apps/dolly-backend/src/main/resources/application-local.yml b/apps/dolly-backend/src/main/resources/application-local.yml index b1da061c9a8..7403cba6d51 100644 --- a/apps/dolly-backend/src/main/resources/application-local.yml +++ b/apps/dolly-backend/src/main/resources/application-local.yml @@ -63,4 +63,6 @@ consumers: yrkesskade-proxy: url: https://testnav-yrkesskade-proxy.intern.dev.nav.no arbeidssoekerregisteret-proxy: - url: https://testnav-arbeidssoekerregisteret-proxy.intern.dev.nav.no \ No newline at end of file + url: https://testnav-arbeidssoekerregisteret-proxy.intern.dev.nav.no + dolly-search-service: + url: https://testnav-dolly-search-service.intern.dev.nav.no \ No newline at end of file diff --git a/apps/dolly-backend/src/main/resources/application.yml b/apps/dolly-backend/src/main/resources/application.yml index c81b075d146..6e8bfedc134 100644 --- a/apps/dolly-backend/src/main/resources/application.yml +++ b/apps/dolly-backend/src/main/resources/application.yml @@ -250,4 +250,9 @@ consumers: namespace: dolly url: http://testnav-arbeidssoekerregisteret-proxy.dolly.svc.cluster.local cluster: dev-gcp + dolly-search-service: + name: testnav-dolly-search-service + namespace: dolly + url: http://testnav-dolly-search-service.dolly.svc.cluster.local + cluster: dev-gcp \ No newline at end of file diff --git a/apps/dolly-search-service/Dockerfile b/apps/dolly-search-service/Dockerfile new file mode 100644 index 00000000000..4a36f93546f --- /dev/null +++ b/apps/dolly-search-service/Dockerfile @@ -0,0 +1,8 @@ +FROM ghcr.io/navikt/baseimages/temurin:21 +LABEL maintainer="Team Dolly" + +ENV JAVA_OPTS="-Dspring.profiles.active=prod" + +ADD /build/libs/app.jar /app/app.jar + +EXPOSE 8080 diff --git a/apps/dolly-search-service/README.md b/apps/dolly-search-service/README.md new file mode 100644 index 00000000000..ba17757db99 --- /dev/null +++ b/apps/dolly-search-service/README.md @@ -0,0 +1,8 @@ +# testnav-dolly-search-service +Service som forvalter søking på personer basert på innsendte kriterier + +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) +* [OpenSearch.](../../docs/local_opensearch.md) + diff --git a/apps/dolly-search-service/build.gradle b/apps/dolly-search-service/build.gradle new file mode 100644 index 00000000000..bcc3647ab12 --- /dev/null +++ b/apps/dolly-search-service/build.gradle @@ -0,0 +1,29 @@ +plugins { + id "dolly-apps" +} + +sonarqube { + properties { + property "sonar.projectKey", "dolly-search-service" + property "sonar.projectName", "dolly-search-service" + } +} + +dependencies { + implementation "no.nav.testnav.libs:data-transfer-search-objects" + implementation "no.nav.testnav.libs:reactive-core" + implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:servlet-core" + implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" + + implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" + + implementation "com.fasterxml.jackson.core:jackson-core:$versions.jackson" + + implementation "org.springframework.boot:spring-boot-starter-security" + implementation "org.springframework.boot:spring-boot-starter-oauth2-client" + implementation "org.springframework.boot:spring-boot-starter-web" + + implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" +} \ No newline at end of file diff --git a/apps/dolly-search-service/config.yml b/apps/dolly-search-service/config.yml new file mode 100644 index 00000000000..57e67706d11 --- /dev/null +++ b/apps/dolly-search-service/config.yml @@ -0,0 +1,64 @@ +apiVersion: "nais.io/v1alpha1" +kind: "Application" +metadata: + name: testnav-dolly-search-service + namespace: dolly + labels: + team: dolly + annotations: + nginx.ingress.kubernetes.io/proxy-body-size: "8m" + nginx.ingress.kubernetes.io/proxy-buffer-size: "8m" + nginx.ingress.kubernetes.io/client-body-buffer-size: "8m" +spec: + image: "{{image}}" + port: 8080 + webproxy: true + tokenx: + enabled: true + azure: + application: + allowAllUsers: true + enabled: true + tenant: nav.no + accessPolicy: + inbound: + rules: + - application: dolly-backend + - application: dolly-backend-dev + - application: team-dolly-lokal-app + - application: testnav-oversikt-frontend + outbound: + external: + - host: testnav-pdl-proxy.dev-fss-pub.nais.io + liveness: + path: /internal/isAlive + initialDelay: 4 + periodSeconds: 5 + failureThreshold: 500 + observability: + logging: + destinations: + - id: elastic + autoInstrumentation: + enabled: true + runtime: java + readiness: + path: /internal/isReady + initialDelay: 4 + periodSeconds: 5 + failureThreshold: 500 + prometheus: + enabled: true + path: /internal/metrics + replicas: + min: 1 + max: 1 + resources: + requests: + cpu: 200m + memory: 1024Mi + limits: + memory: 2048Mi + ingresses: + - "https://testnav-dolly-search-service.intern.dev.nav.no" + diff --git a/apps/dolly-search-service/gradle/wrapper/gradle-wrapper.jar b/apps/dolly-search-service/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000000000000000000000000000000000000..e6441136f3d4ba8a0da8d277868979cfbc8ad796 GIT binary patch literal 43453 zcma&N1CXTcmMvW9vTb(Rwr$&4wr$(C?dmSu>@vG-+vuvg^_??!{yS%8zW-#zn-LkA z5&1^$^{lnmUON?}LBF8_K|(?T0Ra(xUH{($5eN!MR#ZihR#HxkUPe+_R8Cn`RRs(P z_^*#_XlXmGv7!4;*Y%p4nw?{bNp@UZHv1?Um8r6)Fei3p@ClJn0ECfg1hkeuUU@Or zDaPa;U3fE=3L}DooL;8f;P0ipPt0Z~9P0)lbStMS)ag54=uL9ia-Lm3nh|@(Y?B`; zx_#arJIpXH!U{fbCbI^17}6Ri*H<>OLR%c|^mh8+)*h~K8Z!9)DPf zR2h?lbDZQ`p9P;&DQ4F0sur@TMa!Y}S8irn(%d-gi0*WxxCSk*A?3lGh=gcYN?FGl z7D=Js!i~0=u3rox^eO3i@$0=n{K1lPNU zwmfjRVmLOCRfe=seV&P*1Iq=^i`502keY8Uy-WNPwVNNtJFx?IwAyRPZo2Wo1+S(xF37LJZ~%i)kpFQ3Fw=mXfd@>%+)RpYQLnr}B~~zoof(JVm^^&f zxKV^+3D3$A1G;qh4gPVjhrC8e(VYUHv#dy^)(RoUFM?o%W-EHxufuWf(l*@-l+7vt z=l`qmR56K~F|v<^Pd*p~1_y^P0P^aPC##d8+HqX4IR1gu+7w#~TBFphJxF)T$2WEa zxa?H&6=Qe7d(#tha?_1uQys2KtHQ{)Qco)qwGjrdNL7thd^G5i8Os)CHqc>iOidS} z%nFEDdm=GXBw=yXe1W-ShHHFb?Cc70+$W~z_+}nAoHFYI1MV1wZegw*0y^tC*s%3h zhD3tN8b=Gv&rj}!SUM6|ajSPp*58KR7MPpI{oAJCtY~JECm)*m_x>AZEu>DFgUcby z1Qaw8lU4jZpQ_$;*7RME+gq1KySGG#Wql>aL~k9tLrSO()LWn*q&YxHEuzmwd1?aAtI zBJ>P=&$=l1efe1CDU;`Fd+_;&wI07?V0aAIgc(!{a z0Jg6Y=inXc3^n!U0Atk`iCFIQooHqcWhO(qrieUOW8X(x?(RD}iYDLMjSwffH2~tB z)oDgNBLB^AJBM1M^c5HdRx6fBfka`(LD-qrlh5jqH~);#nw|iyp)()xVYak3;Ybik z0j`(+69aK*B>)e_p%=wu8XC&9e{AO4c~O1U`5X9}?0mrd*m$_EUek{R?DNSh(=br# z#Q61gBzEpmy`$pA*6!87 zSDD+=@fTY7<4A?GLqpA?Pb2z$pbCc4B4zL{BeZ?F-8`s$?>*lXXtn*NC61>|*w7J* z$?!iB{6R-0=KFmyp1nnEmLsA-H0a6l+1uaH^g%c(p{iT&YFrbQ$&PRb8Up#X3@Zsk zD^^&LK~111%cqlP%!_gFNa^dTYT?rhkGl}5=fL{a`UViaXWI$k-UcHJwmaH1s=S$4 z%4)PdWJX;hh5UoK?6aWoyLxX&NhNRqKam7tcOkLh{%j3K^4Mgx1@i|Pi&}<^5>hs5 zm8?uOS>%)NzT(%PjVPGa?X%`N2TQCKbeH2l;cTnHiHppPSJ<7y-yEIiC!P*ikl&!B z%+?>VttCOQM@ShFguHVjxX^?mHX^hSaO_;pnyh^v9EumqSZTi+#f&_Vaija0Q-e*| z7ulQj6Fs*bbmsWp{`auM04gGwsYYdNNZcg|ph0OgD>7O}Asn7^Z=eI>`$2*v78;sj-}oMoEj&@)9+ycEOo92xSyY344^ z11Hb8^kdOvbf^GNAK++bYioknrpdN>+u8R?JxG=!2Kd9r=YWCOJYXYuM0cOq^FhEd zBg2puKy__7VT3-r*dG4c62Wgxi52EMCQ`bKgf*#*ou(D4-ZN$+mg&7$u!! z-^+Z%;-3IDwqZ|K=ah85OLwkO zKxNBh+4QHh)u9D?MFtpbl)us}9+V!D%w9jfAMYEb>%$A;u)rrI zuBudh;5PN}_6J_}l55P3l_)&RMlH{m!)ai-i$g)&*M`eN$XQMw{v^r@-125^RRCF0 z^2>|DxhQw(mtNEI2Kj(;KblC7x=JlK$@78`O~>V!`|1Lm-^JR$-5pUANAnb(5}B}JGjBsliK4& zk6y(;$e&h)lh2)L=bvZKbvh@>vLlreBdH8No2>$#%_Wp1U0N7Ank!6$dFSi#xzh|( zRi{Uw%-4W!{IXZ)fWx@XX6;&(m_F%c6~X8hx=BN1&q}*( zoaNjWabE{oUPb!Bt$eyd#$5j9rItB-h*5JiNi(v^e|XKAj*8(k<5-2$&ZBR5fF|JA z9&m4fbzNQnAU}r8ab>fFV%J0z5awe#UZ|bz?Ur)U9bCIKWEzi2%A+5CLqh?}K4JHi z4vtM;+uPsVz{Lfr;78W78gC;z*yTch~4YkLr&m-7%-xc ztw6Mh2d>_iO*$Rd8(-Cr1_V8EO1f*^@wRoSozS) zy1UoC@pruAaC8Z_7~_w4Q6n*&B0AjOmMWa;sIav&gu z|J5&|{=a@vR!~k-OjKEgPFCzcJ>#A1uL&7xTDn;{XBdeM}V=l3B8fE1--DHjSaxoSjNKEM9|U9#m2<3>n{Iuo`r3UZp;>GkT2YBNAh|b z^jTq-hJp(ebZh#Lk8hVBP%qXwv-@vbvoREX$TqRGTgEi$%_F9tZES@z8Bx}$#5eeG zk^UsLBH{bc2VBW)*EdS({yw=?qmevwi?BL6*=12k9zM5gJv1>y#ML4!)iiPzVaH9% zgSImetD@dam~e>{LvVh!phhzpW+iFvWpGT#CVE5TQ40n%F|p(sP5mXxna+Ev7PDwA zamaV4m*^~*xV+&p;W749xhb_X=$|LD;FHuB&JL5?*Y2-oIT(wYY2;73<^#46S~Gx| z^cez%V7x$81}UWqS13Gz80379Rj;6~WdiXWOSsdmzY39L;Hg3MH43o*y8ibNBBH`(av4|u;YPq%{R;IuYow<+GEsf@R?=@tT@!}?#>zIIn0CoyV!hq3mw zHj>OOjfJM3F{RG#6ujzo?y32m^tgSXf@v=J$ELdJ+=5j|=F-~hP$G&}tDZsZE?5rX ztGj`!S>)CFmdkccxM9eGIcGnS2AfK#gXwj%esuIBNJQP1WV~b~+D7PJTmWGTSDrR` zEAu4B8l>NPuhsk5a`rReSya2nfV1EK01+G!x8aBdTs3Io$u5!6n6KX%uv@DxAp3F@{4UYg4SWJtQ-W~0MDb|j-$lwVn znAm*Pl!?Ps&3wO=R115RWKb*JKoexo*)uhhHBncEDMSVa_PyA>k{Zm2(wMQ(5NM3# z)jkza|GoWEQo4^s*wE(gHz?Xsg4`}HUAcs42cM1-qq_=+=!Gk^y710j=66(cSWqUe zklbm8+zB_syQv5A2rj!Vbw8;|$@C!vfNmNV!yJIWDQ>{+2x zKjuFX`~~HKG~^6h5FntRpnnHt=D&rq0>IJ9#F0eM)Y-)GpRjiN7gkA8wvnG#K=q{q z9dBn8_~wm4J<3J_vl|9H{7q6u2A!cW{bp#r*-f{gOV^e=8S{nc1DxMHFwuM$;aVI^ zz6A*}m8N-&x8;aunp1w7_vtB*pa+OYBw=TMc6QK=mbA-|Cf* zvyh8D4LRJImooUaSb7t*fVfih<97Gf@VE0|z>NcBwBQze);Rh!k3K_sfunToZY;f2 z^HmC4KjHRVg+eKYj;PRN^|E0>Gj_zagfRbrki68I^#~6-HaHg3BUW%+clM1xQEdPYt_g<2K+z!$>*$9nQ>; zf9Bei{?zY^-e{q_*|W#2rJG`2fy@{%6u0i_VEWTq$*(ZN37|8lFFFt)nCG({r!q#9 z5VK_kkSJ3?zOH)OezMT{!YkCuSSn!K#-Rhl$uUM(bq*jY? zi1xbMVthJ`E>d>(f3)~fozjg^@eheMF6<)I`oeJYx4*+M&%c9VArn(OM-wp%M<-`x z7sLP1&3^%Nld9Dhm@$3f2}87!quhI@nwd@3~fZl_3LYW-B?Ia>ui`ELg z&Qfe!7m6ze=mZ`Ia9$z|ARSw|IdMpooY4YiPN8K z4B(ts3p%2i(Td=tgEHX z0UQ_>URBtG+-?0E;E7Ld^dyZ;jjw0}XZ(}-QzC6+NN=40oDb2^v!L1g9xRvE#@IBR zO!b-2N7wVfLV;mhEaXQ9XAU+>=XVA6f&T4Z-@AX!leJ8obP^P^wP0aICND?~w&NykJ#54x3_@r7IDMdRNy4Hh;h*!u(Ol(#0bJdwEo$5437-UBjQ+j=Ic>Q2z` zJNDf0yO6@mr6y1#n3)s(W|$iE_i8r@Gd@!DWDqZ7J&~gAm1#~maIGJ1sls^gxL9LLG_NhU!pTGty!TbhzQnu)I*S^54U6Yu%ZeCg`R>Q zhBv$n5j0v%O_j{QYWG!R9W?5_b&67KB$t}&e2LdMvd(PxN6Ir!H4>PNlerpBL>Zvyy!yw z-SOo8caEpDt(}|gKPBd$qND5#a5nju^O>V&;f890?yEOfkSG^HQVmEbM3Ugzu+UtH zC(INPDdraBN?P%kE;*Ae%Wto&sgw(crfZ#Qy(<4nk;S|hD3j{IQRI6Yq|f^basLY; z-HB&Je%Gg}Jt@={_C{L$!RM;$$|iD6vu#3w?v?*;&()uB|I-XqEKqZPS!reW9JkLewLb!70T7n`i!gNtb1%vN- zySZj{8-1>6E%H&=V}LM#xmt`J3XQoaD|@XygXjdZ1+P77-=;=eYpoEQ01B@L*a(uW zrZeZz?HJsw_4g0vhUgkg@VF8<-X$B8pOqCuWAl28uB|@r`19DTUQQsb^pfqB6QtiT z*`_UZ`fT}vtUY#%sq2{rchyfu*pCg;uec2$-$N_xgjZcoumE5vSI{+s@iLWoz^Mf; zuI8kDP{!XY6OP~q5}%1&L}CtfH^N<3o4L@J@zg1-mt{9L`s^z$Vgb|mr{@WiwAqKg zp#t-lhrU>F8o0s1q_9y`gQNf~Vb!F%70f}$>i7o4ho$`uciNf=xgJ>&!gSt0g;M>*x4-`U)ysFW&Vs^Vk6m%?iuWU+o&m(2Jm26Y(3%TL; zA7T)BP{WS!&xmxNw%J=$MPfn(9*^*TV;$JwRy8Zl*yUZi8jWYF>==j~&S|Xinsb%c z2?B+kpet*muEW7@AzjBA^wAJBY8i|#C{WtO_or&Nj2{=6JTTX05}|H>N2B|Wf!*3_ z7hW*j6p3TvpghEc6-wufFiY!%-GvOx*bZrhZu+7?iSrZL5q9}igiF^*R3%DE4aCHZ zqu>xS8LkW+Auv%z-<1Xs92u23R$nk@Pk}MU5!gT|c7vGlEA%G^2th&Q*zfg%-D^=f z&J_}jskj|Q;73NP4<4k*Y%pXPU2Thoqr+5uH1yEYM|VtBPW6lXaetokD0u z9qVek6Q&wk)tFbQ8(^HGf3Wp16gKmr>G;#G(HRBx?F`9AIRboK+;OfHaLJ(P>IP0w zyTbTkx_THEOs%Q&aPrxbZrJlio+hCC_HK<4%f3ZoSAyG7Dn`=X=&h@m*|UYO-4Hq0 z-Bq&+Ie!S##4A6OGoC~>ZW`Y5J)*ouaFl_e9GA*VSL!O_@xGiBw!AF}1{tB)z(w%c zS1Hmrb9OC8>0a_$BzeiN?rkPLc9%&;1CZW*4}CDDNr2gcl_3z+WC15&H1Zc2{o~i) z)LLW=WQ{?ricmC`G1GfJ0Yp4Dy~Ba;j6ZV4r{8xRs`13{dD!xXmr^Aga|C=iSmor% z8hi|pTXH)5Yf&v~exp3o+sY4B^^b*eYkkCYl*T{*=-0HniSA_1F53eCb{x~1k3*`W zr~};p1A`k{1DV9=UPnLDgz{aJH=-LQo<5%+Em!DNN252xwIf*wF_zS^!(XSm(9eoj z=*dXG&n0>)_)N5oc6v!>-bd(2ragD8O=M|wGW z!xJQS<)u70m&6OmrF0WSsr@I%T*c#Qo#Ha4d3COcX+9}hM5!7JIGF>7<~C(Ear^Sn zm^ZFkV6~Ula6+8S?oOROOA6$C&q&dp`>oR-2Ym3(HT@O7Sd5c~+kjrmM)YmgPH*tL zX+znN>`tv;5eOfX?h{AuX^LK~V#gPCu=)Tigtq9&?7Xh$qN|%A$?V*v=&-2F$zTUv z`C#WyIrChS5|Kgm_GeudCFf;)!WH7FI60j^0o#65o6`w*S7R@)88n$1nrgU(oU0M9 zx+EuMkC>(4j1;m6NoGqEkpJYJ?vc|B zOlwT3t&UgL!pX_P*6g36`ZXQ; z9~Cv}ANFnJGp(;ZhS(@FT;3e)0)Kp;h^x;$*xZn*k0U6-&FwI=uOGaODdrsp-!K$Ac32^c{+FhI-HkYd5v=`PGsg%6I`4d9Jy)uW0y%) zm&j^9WBAp*P8#kGJUhB!L?a%h$hJgQrx!6KCB_TRo%9{t0J7KW8!o1B!NC)VGLM5! zpZy5Jc{`r{1e(jd%jsG7k%I+m#CGS*BPA65ZVW~fLYw0dA-H_}O zrkGFL&P1PG9p2(%QiEWm6x;U-U&I#;Em$nx-_I^wtgw3xUPVVu zqSuKnx&dIT-XT+T10p;yjo1Y)z(x1fb8Dzfn8e yu?e%!_ptzGB|8GrCfu%p?(_ zQccdaaVK$5bz;*rnyK{_SQYM>;aES6Qs^lj9lEs6_J+%nIiuQC*fN;z8md>r_~Mfl zU%p5Dt_YT>gQqfr@`cR!$NWr~+`CZb%dn;WtzrAOI>P_JtsB76PYe*<%H(y>qx-`Kq!X_; z<{RpAqYhE=L1r*M)gNF3B8r(<%8mo*SR2hu zccLRZwGARt)Hlo1euqTyM>^!HK*!Q2P;4UYrysje@;(<|$&%vQekbn|0Ruu_Io(w4#%p6ld2Yp7tlA`Y$cciThP zKzNGIMPXX%&Ud0uQh!uQZz|FB`4KGD?3!ND?wQt6!n*f4EmCoJUh&b?;B{|lxs#F- z31~HQ`SF4x$&v00@(P+j1pAaj5!s`)b2RDBp*PB=2IB>oBF!*6vwr7Dp%zpAx*dPr zb@Zjq^XjN?O4QcZ*O+8>)|HlrR>oD*?WQl5ri3R#2?*W6iJ>>kH%KnnME&TT@ZzrHS$Q%LC?n|e>V+D+8D zYc4)QddFz7I8#}y#Wj6>4P%34dZH~OUDb?uP%-E zwjXM(?Sg~1!|wI(RVuxbu)-rH+O=igSho_pDCw(c6b=P zKk4ATlB?bj9+HHlh<_!&z0rx13K3ZrAR8W)!@Y}o`?a*JJsD+twZIv`W)@Y?Amu_u zz``@-e2X}27$i(2=9rvIu5uTUOVhzwu%mNazS|lZb&PT;XE2|B&W1>=B58#*!~D&) zfVmJGg8UdP*fx(>Cj^?yS^zH#o-$Q-*$SnK(ZVFkw+er=>N^7!)FtP3y~Xxnu^nzY zikgB>Nj0%;WOltWIob|}%lo?_C7<``a5hEkx&1ku$|)i>Rh6@3h*`slY=9U}(Ql_< zaNG*J8vb&@zpdhAvv`?{=zDedJ23TD&Zg__snRAH4eh~^oawdYi6A3w8<Ozh@Kw)#bdktM^GVb zrG08?0bG?|NG+w^&JvD*7LAbjED{_Zkc`3H!My>0u5Q}m!+6VokMLXxl`Mkd=g&Xx z-a>m*#G3SLlhbKB!)tnzfWOBV;u;ftU}S!NdD5+YtOjLg?X}dl>7m^gOpihrf1;PY zvll&>dIuUGs{Qnd- zwIR3oIrct8Va^Tm0t#(bJD7c$Z7DO9*7NnRZorrSm`b`cxz>OIC;jSE3DO8`hX955ui`s%||YQtt2 z5DNA&pG-V+4oI2s*x^>-$6J?p=I>C|9wZF8z;VjR??Icg?1w2v5Me+FgAeGGa8(3S z4vg*$>zC-WIVZtJ7}o9{D-7d>zCe|z#<9>CFve-OPAYsneTb^JH!Enaza#j}^mXy1 z+ULn^10+rWLF6j2>Ya@@Kq?26>AqK{A_| zQKb*~F1>sE*=d?A?W7N2j?L09_7n+HGi{VY;MoTGr_)G9)ot$p!-UY5zZ2Xtbm=t z@dpPSGwgH=QtIcEulQNI>S-#ifbnO5EWkI;$A|pxJd885oM+ zGZ0_0gDvG8q2xebj+fbCHYfAXuZStH2j~|d^sBAzo46(K8n59+T6rzBwK)^rfPT+B zyIFw)9YC-V^rhtK`!3jrhmW-sTmM+tPH+;nwjL#-SjQPUZ53L@A>y*rt(#M(qsiB2 zx6B)dI}6Wlsw%bJ8h|(lhkJVogQZA&n{?Vgs6gNSXzuZpEyu*xySy8ro07QZ7Vk1!3tJphN_5V7qOiyK8p z#@jcDD8nmtYi1^l8ml;AF<#IPK?!pqf9D4moYk>d99Im}Jtwj6c#+A;f)CQ*f-hZ< z=p_T86jog%!p)D&5g9taSwYi&eP z#JuEK%+NULWus;0w32-SYFku#i}d~+{Pkho&^{;RxzP&0!RCm3-9K6`>KZpnzS6?L z^H^V*s!8<>x8bomvD%rh>Zp3>Db%kyin;qtl+jAv8Oo~1g~mqGAC&Qi_wy|xEt2iz zWAJEfTV%cl2Cs<1L&DLRVVH05EDq`pH7Oh7sR`NNkL%wi}8n>IXcO40hp+J+sC!W?!krJf!GJNE8uj zg-y~Ns-<~D?yqbzVRB}G>0A^f0!^N7l=$m0OdZuqAOQqLc zX?AEGr1Ht+inZ-Qiwnl@Z0qukd__a!C*CKuGdy5#nD7VUBM^6OCpxCa2A(X;e0&V4 zM&WR8+wErQ7UIc6LY~Q9x%Sn*Tn>>P`^t&idaOEnOd(Ufw#>NoR^1QdhJ8s`h^|R_ zXX`c5*O~Xdvh%q;7L!_!ohf$NfEBmCde|#uVZvEo>OfEq%+Ns7&_f$OR9xsihRpBb z+cjk8LyDm@U{YN>+r46?nn{7Gh(;WhFw6GAxtcKD+YWV?uge>;+q#Xx4!GpRkVZYu zzsF}1)7$?%s9g9CH=Zs+B%M_)+~*j3L0&Q9u7!|+T`^O{xE6qvAP?XWv9_MrZKdo& z%IyU)$Q95AB4!#hT!_dA>4e@zjOBD*Y=XjtMm)V|+IXzjuM;(l+8aA5#Kaz_$rR6! zj>#&^DidYD$nUY(D$mH`9eb|dtV0b{S>H6FBfq>t5`;OxA4Nn{J(+XihF(stSche7$es&~N$epi&PDM_N`As;*9D^L==2Q7Z2zD+CiU(|+-kL*VG+&9!Yb3LgPy?A zm7Z&^qRG_JIxK7-FBzZI3Q<;{`DIxtc48k> zc|0dmX;Z=W$+)qE)~`yn6MdoJ4co;%!`ddy+FV538Y)j(vg}5*k(WK)KWZ3WaOG!8 z!syGn=s{H$odtpqFrT#JGM*utN7B((abXnpDM6w56nhw}OY}0TiTG1#f*VFZr+^-g zbP10`$LPq_;PvrA1XXlyx2uM^mrjTzX}w{yuLo-cOClE8MMk47T25G8M!9Z5ypOSV zAJUBGEg5L2fY)ZGJb^E34R2zJ?}Vf>{~gB!8=5Z) z9y$>5c)=;o0HeHHSuE4U)#vG&KF|I%-cF6f$~pdYJWk_dD}iOA>iA$O$+4%@>JU08 zS`ep)$XLPJ+n0_i@PkF#ri6T8?ZeAot$6JIYHm&P6EB=BiaNY|aA$W0I+nz*zkz_z zkEru!tj!QUffq%)8y0y`T&`fuus-1p>=^hnBiBqD^hXrPs`PY9tU3m0np~rISY09> z`P3s=-kt_cYcxWd{de@}TwSqg*xVhp;E9zCsnXo6z z?f&Sv^U7n4`xr=mXle94HzOdN!2kB~4=%)u&N!+2;z6UYKUDqi-s6AZ!haB;@&B`? z_TRX0%@suz^TRdCb?!vNJYPY8L_}&07uySH9%W^Tc&1pia6y1q#?*Drf}GjGbPjBS zbOPcUY#*$3sL2x4v_i*Y=N7E$mR}J%|GUI(>WEr+28+V z%v5{#e!UF*6~G&%;l*q*$V?&r$Pp^sE^i-0$+RH3ERUUdQ0>rAq2(2QAbG}$y{de( z>{qD~GGuOk559Y@%$?N^1ApVL_a704>8OD%8Y%8B;FCt%AoPu8*D1 zLB5X>b}Syz81pn;xnB}%0FnwazlWfUV)Z-~rZg6~b z6!9J$EcE&sEbzcy?CI~=boWA&eeIa%z(7SE^qgVLz??1Vbc1*aRvc%Mri)AJaAG!p z$X!_9Ds;Zz)f+;%s&dRcJt2==P{^j3bf0M=nJd&xwUGlUFn?H=2W(*2I2Gdu zv!gYCwM10aeus)`RIZSrCK=&oKaO_Ry~D1B5!y0R=%!i2*KfXGYX&gNv_u+n9wiR5 z*e$Zjju&ODRW3phN925%S(jL+bCHv6rZtc?!*`1TyYXT6%Ju=|X;6D@lq$8T zW{Y|e39ioPez(pBH%k)HzFITXHvnD6hw^lIoUMA;qAJ^CU?top1fo@s7xT13Fvn1H z6JWa-6+FJF#x>~+A;D~;VDs26>^oH0EI`IYT2iagy23?nyJ==i{g4%HrAf1-*v zK1)~@&(KkwR7TL}L(A@C_S0G;-GMDy=MJn2$FP5s<%wC)4jC5PXoxrQBFZ_k0P{{s@sz+gX`-!=T8rcB(=7vW}^K6oLWMmp(rwDh}b zwaGGd>yEy6fHv%jM$yJXo5oMAQ>c9j`**}F?MCry;T@47@r?&sKHgVe$MCqk#Z_3S z1GZI~nOEN*P~+UaFGnj{{Jo@16`(qVNtbU>O0Hf57-P>x8Jikp=`s8xWs^dAJ9lCQ z)GFm+=OV%AMVqVATtN@|vp61VVAHRn87}%PC^RAzJ%JngmZTasWBAWsoAqBU+8L8u z4A&Pe?fmTm0?mK-BL9t+{y7o(7jm+RpOhL9KnY#E&qu^}B6=K_dB}*VlSEiC9fn)+V=J;OnN)Ta5v66ic1rG+dGAJ1 z1%Zb_+!$=tQ~lxQrzv3x#CPb?CekEkA}0MYSgx$Jdd}q8+R=ma$|&1a#)TQ=l$1tQ z=tL9&_^vJ)Pk}EDO-va`UCT1m#Uty1{v^A3P~83_#v^ozH}6*9mIjIr;t3Uv%@VeW zGL6(CwCUp)Jq%G0bIG%?{_*Y#5IHf*5M@wPo6A{$Um++Co$wLC=J1aoG93&T7Ho}P z=mGEPP7GbvoG!uD$k(H3A$Z))+i{Hy?QHdk>3xSBXR0j!11O^mEe9RHmw!pvzv?Ua~2_l2Yh~_!s1qS`|0~0)YsbHSz8!mG)WiJE| z2f($6TQtt6L_f~ApQYQKSb=`053LgrQq7G@98#igV>y#i==-nEjQ!XNu9 z~;mE+gtj4IDDNQJ~JVk5Ux6&LCSFL!y=>79kE9=V}J7tD==Ga+IW zX)r7>VZ9dY=V&}DR))xUoV!u(Z|%3ciQi_2jl}3=$Agc(`RPb z8kEBpvY>1FGQ9W$n>Cq=DIpski};nE)`p3IUw1Oz0|wxll^)4dq3;CCY@RyJgFgc# zKouFh!`?Xuo{IMz^xi-h=StCis_M7yq$u) z?XHvw*HP0VgR+KR6wI)jEMX|ssqYvSf*_3W8zVTQzD?3>H!#>InzpSO)@SC8q*ii- z%%h}_#0{4JG;Jm`4zg};BPTGkYamx$Xo#O~lBirRY)q=5M45n{GCfV7h9qwyu1NxOMoP4)jjZMxmT|IQQh0U7C$EbnMN<3)Kk?fFHYq$d|ICu>KbY_hO zTZM+uKHe(cIZfEqyzyYSUBZa8;Fcut-GN!HSA9ius`ltNebF46ZX_BbZNU}}ZOm{M2&nANL9@0qvih15(|`S~z}m&h!u4x~(%MAO$jHRWNfuxWF#B)E&g3ghSQ9|> z(MFaLQj)NE0lowyjvg8z0#m6FIuKE9lDO~Glg}nSb7`~^&#(Lw{}GVOS>U)m8bF}x zVjbXljBm34Cs-yM6TVusr+3kYFjr28STT3g056y3cH5Tmge~ASxBj z%|yb>$eF;WgrcOZf569sDZOVwoo%8>XO>XQOX1OyN9I-SQgrm;U;+#3OI(zrWyow3 zk==|{lt2xrQ%FIXOTejR>;wv(Pb8u8}BUpx?yd(Abh6? zsoO3VYWkeLnF43&@*#MQ9-i-d0t*xN-UEyNKeyNMHw|A(k(_6QKO=nKMCxD(W(Yop zsRQ)QeL4X3Lxp^L%wzi2-WVSsf61dqliPUM7srDB?Wm6Lzn0&{*}|IsKQW;02(Y&| zaTKv|`U(pSzuvR6Rduu$wzK_W-Y-7>7s?G$)U}&uK;<>vU}^^ns@Z!p+9?St1s)dG zK%y6xkPyyS1$~&6v{kl?Md6gwM|>mt6Upm>oa8RLD^8T{0?HC!Z>;(Bob7el(DV6x zi`I)$&E&ngwFS@bi4^xFLAn`=fzTC;aimE^!cMI2n@Vo%Ae-ne`RF((&5y6xsjjAZ zVguVoQ?Z9uk$2ON;ersE%PU*xGO@T*;j1BO5#TuZKEf(mB7|g7pcEA=nYJ{s3vlbg zd4-DUlD{*6o%Gc^N!Nptgay>j6E5;3psI+C3Q!1ZIbeCubW%w4pq9)MSDyB{HLm|k zxv-{$$A*pS@csolri$Ge<4VZ}e~78JOL-EVyrbxKra^d{?|NnPp86!q>t<&IP07?Z z^>~IK^k#OEKgRH+LjllZXk7iA>2cfH6+(e&9ku5poo~6y{GC5>(bRK7hwjiurqAiZ zg*DmtgY}v83IjE&AbiWgMyFbaRUPZ{lYiz$U^&Zt2YjG<%m((&_JUbZcfJ22(>bi5 z!J?<7AySj0JZ&<-qXX;mcV!f~>G=sB0KnjWca4}vrtunD^1TrpfeS^4dvFr!65knK zZh`d;*VOkPs4*-9kL>$GP0`(M!j~B;#x?Ba~&s6CopvO86oM?-? zOw#dIRc;6A6T?B`Qp%^<U5 z19x(ywSH$_N+Io!6;e?`tWaM$`=Db!gzx|lQ${DG!zb1Zl&|{kX0y6xvO1o z220r<-oaS^^R2pEyY;=Qllqpmue|5yI~D|iI!IGt@iod{Opz@*ml^w2bNs)p`M(Io z|E;;m*Xpjd9l)4G#KaWfV(t8YUn@A;nK^#xgv=LtnArX|vWQVuw3}B${h+frU2>9^ z!l6)!Uo4`5k`<<;E(ido7M6lKTgWezNLq>U*=uz&s=cc$1%>VrAeOoUtA|T6gO4>UNqsdK=NF*8|~*sl&wI=x9-EGiq*aqV!(VVXA57 zw9*o6Ir8Lj1npUXvlevtn(_+^X5rzdR>#(}4YcB9O50q97%rW2me5_L=%ffYPUSRc z!vv?Kv>dH994Qi>U(a<0KF6NH5b16enCp+mw^Hb3Xs1^tThFpz!3QuN#}KBbww`(h z7GO)1olDqy6?T$()R7y%NYx*B0k_2IBiZ14&8|JPFxeMF{vSTxF-Vi3+ZOI=Thq2} zyQgjYY1_7^ZQHh{?P))4+qUiQJLi1&{yE>h?~jU%tjdV0h|FENbM3X(KnJdPKc?~k zh=^Ixv*+smUll!DTWH!jrV*wSh*(mx0o6}1@JExzF(#9FXgmTXVoU+>kDe68N)dkQ zH#_98Zv$}lQwjKL@yBd;U(UD0UCl322=pav<=6g>03{O_3oKTq;9bLFX1ia*lw;#K zOiYDcBJf)82->83N_Y(J7Kr_3lE)hAu;)Q(nUVydv+l+nQ$?|%MWTy`t>{havFSQloHwiIkGK9YZ79^9?AZo0ZyQlVR#}lF%dn5n%xYksXf8gnBm=wO7g_^! zauQ-bH1Dc@3ItZ-9D_*pH}p!IG7j8A_o94#~>$LR|TFq zZ-b00*nuw|-5C2lJDCw&8p5N~Z1J&TrcyErds&!l3$eSz%`(*izc;-?HAFD9AHb-| z>)id`QCrzRws^9(#&=pIx9OEf2rmlob8sK&xPCWS+nD~qzU|qG6KwA{zbikcfQrdH z+ zQg>O<`K4L8rN7`GJB0*3<3`z({lWe#K!4AZLsI{%z#ja^OpfjU{!{)x0ZH~RB0W5X zTwN^w=|nA!4PEU2=LR05x~}|B&ZP?#pNgDMwD*ajI6oJqv!L81gu=KpqH22avXf0w zX3HjbCI!n9>l046)5rr5&v5ja!xkKK42zmqHzPx$9Nn_MZk`gLeSLgC=LFf;H1O#B zn=8|^1iRrujHfbgA+8i<9jaXc;CQBAmQvMGQPhFec2H1knCK2x!T`e6soyrqCamX% zTQ4dX_E*8so)E*TB$*io{$c6X)~{aWfaqdTh=xEeGvOAN9H&-t5tEE-qso<+C!2>+ zskX51H-H}#X{A75wqFe-J{?o8Bx|>fTBtl&tcbdR|132Ztqu5X0i-pisB-z8n71%q%>EF}yy5?z=Ve`}hVh{Drv1YWL zW=%ug_&chF11gDv3D6B)Tz5g54H0mDHNjuKZ+)CKFk4Z|$RD zfRuKLW`1B>B?*RUfVd0+u8h3r-{@fZ{k)c!93t1b0+Q9vOaRnEn1*IL>5Z4E4dZ!7 ztp4GP-^1d>8~LMeb}bW!(aAnB1tM_*la=Xx)q(I0Y@__Zd$!KYb8T2VBRw%e$iSdZ zkwdMwd}eV9q*;YvrBFTv1>1+}{H!JK2M*C|TNe$ZSA>UHKk);wz$(F$rXVc|sI^lD zV^?_J!3cLM;GJuBMbftbaRUs$;F}HDEDtIeHQ)^EJJ1F9FKJTGH<(Jj`phE6OuvE) zqK^K`;3S{Y#1M@8yRQwH`?kHMq4tHX#rJ>5lY3DM#o@or4&^_xtBC(|JpGTfrbGkA z2Tu+AyT^pHannww!4^!$5?@5v`LYy~T`qs7SYt$JgrY(w%C+IWA;ZkwEF)u5sDvOK zGk;G>Mh&elvXDcV69J_h02l&O;!{$({fng9Rlc3ID#tmB^FIG^w{HLUpF+iB`|
NnX)EH+Nua)3Y(c z&{(nX_ht=QbJ%DzAya}!&uNu!4V0xI)QE$SY__m)SAKcN0P(&JcoK*Lxr@P zY&P=}&B3*UWNlc|&$Oh{BEqwK2+N2U$4WB7Fd|aIal`FGANUa9E-O)!gV`((ZGCc$ zBJA|FFrlg~9OBp#f7aHodCe{6= zay$6vN~zj1ddMZ9gQ4p32(7wD?(dE>KA2;SOzXRmPBiBc6g`eOsy+pVcHu=;Yd8@{ zSGgXf@%sKKQz~;!J;|2fC@emm#^_rnO0esEn^QxXgJYd`#FPWOUU5b;9eMAF zZhfiZb|gk8aJIw*YLp4!*(=3l8Cp{(%p?ho22*vN9+5NLV0TTazNY$B5L6UKUrd$n zjbX%#m7&F#U?QNOBXkiiWB*_tk+H?N3`vg;1F-I+83{M2!8<^nydGr5XX}tC!10&e z7D36bLaB56WrjL&HiiMVtpff|K%|*{t*ltt^5ood{FOG0<>k&1h95qPio)2`eL${YAGIx(b4VN*~nKn6E~SIQUuRH zQ+5zP6jfnP$S0iJ@~t!Ai3o`X7biohli;E zT#yXyl{bojG@-TGZzpdVDXhbmF%F9+-^YSIv|MT1l3j zrxOFq>gd2%U}?6}8mIj?M zc077Zc9fq(-)4+gXv?Az26IO6eV`RAJz8e3)SC7~>%rlzDwySVx*q$ygTR5kW2ds- z!HBgcq0KON9*8Ff$X0wOq$`T7ml(@TF)VeoF}x1OttjuVHn3~sHrMB++}f7f9H%@f z=|kP_?#+fve@{0MlbkC9tyvQ_R?lRdRJ@$qcB(8*jyMyeME5ns6ypVI1Xm*Zr{DuS zZ!1)rQfa89c~;l~VkCiHI|PCBd`S*2RLNQM8!g9L6?n`^evQNEwfO@&JJRme+uopQX0%Jo zgd5G&#&{nX{o?TQwQvF1<^Cg3?2co;_06=~Hcb6~4XWpNFL!WU{+CK;>gH%|BLOh7@!hsa(>pNDAmpcuVO-?;Bic17R}^|6@8DahH)G z!EmhsfunLL|3b=M0MeK2vqZ|OqUqS8npxwge$w-4pFVXFq$_EKrZY?BuP@Az@(k`L z`ViQBSk`y+YwRT;&W| z2e3UfkCo^uTA4}Qmmtqs+nk#gNr2W4 zTH%hhErhB)pkXR{B!q5P3-OM+M;qu~f>}IjtF%>w{~K-0*jPVLl?Chz&zIdxp}bjx zStp&Iufr58FTQ36AHU)0+CmvaOpKF;W@sMTFpJ`j;3d)J_$tNQI^c<^1o<49Z(~K> z;EZTBaVT%14(bFw2ob@?JLQ2@(1pCdg3S%E4*dJ}dA*v}_a4_P(a`cHnBFJxNobAv zf&Zl-Yt*lhn-wjZsq<9v-IsXxAxMZ58C@e0!rzhJ+D@9^3~?~yllY^s$?&oNwyH!#~6x4gUrfxplCvK#!f z$viuszW>MFEcFL?>ux*((!L$;R?xc*myjRIjgnQX79@UPD$6Dz0jutM@7h_pq z0Zr)#O<^y_K6jfY^X%A-ip>P%3saX{!v;fxT-*0C_j4=UMH+Xth(XVkVGiiKE#f)q z%Jp=JT)uy{&}Iq2E*xr4YsJ5>w^=#-mRZ4vPXpI6q~1aFwi+lQcimO45V-JXP;>(Q zo={U`{=_JF`EQj87Wf}{Qy35s8r1*9Mxg({CvOt}?Vh9d&(}iI-quvs-rm~P;eRA@ zG5?1HO}puruc@S{YNAF3vmUc2B4!k*yi))<5BQmvd3tr}cIs#9)*AX>t`=~{f#Uz0 z0&Nk!7sSZwJe}=)-R^$0{yeS!V`Dh7w{w5rZ9ir!Z7Cd7dwZcK;BT#V0bzTt>;@Cl z#|#A!-IL6CZ@eHH!CG>OO8!%G8&8t4)Ro@}USB*k>oEUo0LsljsJ-%5Mo^MJF2I8- z#v7a5VdJ-Cd%(a+y6QwTmi+?f8Nxtm{g-+WGL>t;s#epv7ug>inqimZCVm!uT5Pf6 ziEgQt7^%xJf#!aPWbuC_3Nxfb&CFbQy!(8ANpkWLI4oSnH?Q3f?0k1t$3d+lkQs{~(>06l&v|MpcFsyAv zin6N!-;pggosR*vV=DO(#+}4ps|5$`udE%Kdmp?G7B#y%H`R|i8skKOd9Xzx8xgR$>Zo2R2Ytktq^w#ul4uicxW#{ zFjG_RNlBroV_n;a7U(KIpcp*{M~e~@>Q#Av90Jc5v%0c>egEdY4v3%|K1XvB{O_8G zkTWLC>OZKf;XguMH2-Pw{BKbFzaY;4v2seZV0>^7Q~d4O=AwaPhP3h|!hw5aqOtT@ z!SNz}$of**Bl3TK209@F=Tn1+mgZa8yh(Png%Zd6Mt}^NSjy)etQrF zme*llAW=N_8R*O~d2!apJnF%(JcN??=`$qs3Y+~xs>L9x`0^NIn!8mMRFA_tg`etw z3k{9JAjnl@ygIiJcNHTy02GMAvBVqEss&t2<2mnw!; zU`J)0>lWiqVqo|ex7!+@0i>B~BSU1A_0w#Ee+2pJx0BFiZ7RDHEvE*ptc9md(B{&+ zKE>TM)+Pd>HEmdJao7U@S>nL(qq*A)#eLOuIfAS@j`_sK0UEY6OAJJ-kOrHG zjHx`g!9j*_jRcJ%>CE9K2MVf?BUZKFHY?EpV6ai7sET-tqk=nDFh-(65rhjtlKEY% z@G&cQ<5BKatfdA1FKuB=i>CCC5(|9TMW%K~GbA4}80I5%B}(gck#Wlq@$nO3%@QP_ z8nvPkJFa|znk>V92cA!K1rKtr)skHEJD;k8P|R8RkCq1Rh^&}Evwa4BUJz2f!2=MH zo4j8Y$YL2313}H~F7@J7mh>u%556Hw0VUOz-Un@ZASCL)y8}4XXS`t1AC*^>PLwIc zUQok5PFS=*#)Z!3JZN&eZ6ZDP^-c@StY*t20JhCnbMxXf=LK#;`4KHEqMZ-Ly9KsS zI2VUJGY&PmdbM+iT)zek)#Qc#_i4uH43 z@T5SZBrhNCiK~~esjsO9!qBpaWK<`>!-`b71Y5ReXQ4AJU~T2Njri1CEp5oKw;Lnm)-Y@Z3sEY}XIgSy%xo=uek(kAAH5MsV$V3uTUsoTzxp_rF=tx zV07vlJNKtJhCu`b}*#m&5LV4TAE&%KtHViDAdv#c^x`J7bg z&N;#I2GkF@SIGht6p-V}`!F_~lCXjl1BdTLIjD2hH$J^YFN`7f{Q?OHPFEM$65^!u zNwkelo*5+$ZT|oQ%o%;rBX$+?xhvjb)SHgNHE_yP%wYkkvXHS{Bf$OiKJ5d1gI0j< zF6N}Aq=(WDo(J{e-uOecxPD>XZ@|u-tgTR<972`q8;&ZD!cep^@B5CaqFz|oU!iFj zU0;6fQX&~15E53EW&w1s9gQQ~Zk16X%6 zjG`j0yq}4deX2?Tr(03kg>C(!7a|b9qFI?jcE^Y>-VhudI@&LI6Qa}WQ>4H_!UVyF z((cm&!3gmq@;BD#5P~0;_2qgZhtJS|>WdtjY=q zLnHH~Fm!cxw|Z?Vw8*~?I$g#9j&uvgm7vPr#&iZgPP~v~BI4jOv;*OQ?jYJtzO<^y z7-#C={r7CO810!^s(MT!@@Vz_SVU)7VBi(e1%1rvS!?PTa}Uv`J!EP3s6Y!xUgM^8 z4f!fq<3Wer_#;u!5ECZ|^c1{|q_lh3m^9|nsMR1#Qm|?4Yp5~|er2?W^7~cl;_r4WSme_o68J9p03~Hc%X#VcX!xAu%1`R!dfGJCp zV*&m47>s^%Ib0~-2f$6oSgn3jg8m%UA;ArcdcRyM5;}|r;)?a^D*lel5C`V5G=c~k zy*w_&BfySOxE!(~PI$*dwG><+-%KT5p?whOUMA*k<9*gi#T{h3DAxzAPxN&Xws8o9Cp*`PA5>d9*Z-ynV# z9yY*1WR^D8|C%I@vo+d8r^pjJ$>eo|j>XiLWvTWLl(^;JHCsoPgem6PvegHb-OTf| zvTgsHSa;BkbG=(NgPO|CZu9gUCGr$8*EoH2_Z#^BnxF0yM~t`|9ws_xZ8X8iZYqh! zAh;HXJ)3P&)Q0(&F>!LN0g#bdbis-cQxyGn9Qgh`q+~49Fqd2epikEUw9caM%V6WgP)532RMRW}8gNS%V%Hx7apSz}tn@bQy!<=lbhmAH=FsMD?leawbnP5BWM0 z5{)@EEIYMu5;u)!+HQWhQ;D3_Cm_NADNeb-f56}<{41aYq8p4=93d=-=q0Yx#knGYfXVt z+kMxlus}t2T5FEyCN~!}90O_X@@PQpuy;kuGz@bWft%diBTx?d)_xWd_-(!LmVrh**oKg!1CNF&LX4{*j|) zIvjCR0I2UUuuEXh<9}oT_zT#jOrJAHNLFT~Ilh9hGJPI1<5`C-WA{tUYlyMeoy!+U zhA#=p!u1R7DNg9u4|QfED-2TuKI}>p#2P9--z;Bbf4Op*;Q9LCbO&aL2i<0O$ByoI z!9;Ght733FC>Pz>$_mw(F`zU?`m@>gE`9_p*=7o=7av`-&ifU(^)UU`Kg3Kw`h9-1 z6`e6+im=|m2v`pN(2dE%%n8YyQz;#3Q-|x`91z?gj68cMrHl}C25|6(_dIGk*8cA3 zRHB|Nwv{@sP4W+YZM)VKI>RlB`n=Oj~Rzx~M+Khz$N$45rLn6k1nvvD^&HtsMA4`s=MmuOJID@$s8Ph4E zAmSV^+s-z8cfv~Yd(40Sh4JG#F~aB>WFoX7ykaOr3JaJ&Lb49=B8Vk-SQT9%7TYhv z?-Pprt{|=Y5ZQ1?od|A<_IJU93|l4oAfBm?3-wk{O<8ea+`}u%(kub(LFo2zFtd?4 zwpN|2mBNywv+d^y_8#<$r>*5+$wRTCygFLcrwT(qc^n&@9r+}Kd_u@Ithz(6Qb4}A zWo_HdBj#V$VE#l6pD0a=NfB0l^6W^g`vm^sta>Tly?$E&{F?TTX~DsKF~poFfmN%2 z4x`Dc{u{Lkqz&y!33;X}weD}&;7p>xiI&ZUb1H9iD25a(gI|`|;G^NwJPv=1S5e)j z;U;`?n}jnY6rA{V^ zxTd{bK)Gi^odL3l989DQlN+Zs39Xe&otGeY(b5>rlIqfc7Ap4}EC?j<{M=hlH{1+d zw|c}}yx88_xQr`{98Z!d^FNH77=u(p-L{W6RvIn40f-BldeF-YD>p6#)(Qzf)lfZj z?3wAMtPPp>vMehkT`3gToPd%|D8~4`5WK{`#+}{L{jRUMt zrFz+O$C7y8$M&E4@+p+oV5c%uYzbqd2Y%SSgYy#xh4G3hQv>V*BnuKQhBa#=oZB~w{azUB+q%bRe_R^ z>fHBilnRTUfaJ201czL8^~Ix#+qOHSO)A|xWLqOxB$dT2W~)e-r9;bm=;p;RjYahB z*1hegN(VKK+ztr~h1}YP@6cfj{e#|sS`;3tJhIJK=tVJ-*h-5y9n*&cYCSdg#EHE# zSIx=r#qOaLJoVVf6v;(okg6?*L_55atl^W(gm^yjR?$GplNP>BZsBYEf_>wM0Lc;T zhf&gpzOWNxS>m+mN92N0{;4uw`P+9^*|-1~$uXpggj4- z^SFc4`uzj2OwdEVT@}Q`(^EcQ_5(ZtXTql*yGzdS&vrS_w>~~ra|Nb5abwf}Y!uq6R5f&6g2ge~2p(%c< z@O)cz%%rr4*cRJ5f`n@lvHNk@lE1a*96Kw6lJ~B-XfJW%?&-y?;E&?1AacU@`N`!O z6}V>8^%RZ7SQnZ-z$(jsX`amu*5Fj8g!3RTRwK^`2_QHe;_2y_n|6gSaGyPmI#kA0sYV<_qOZc#-2BO%hX)f$s-Z3xlI!ub z^;3ru11DA`4heAu%}HIXo&ctujzE2!6DIGE{?Zs>2}J+p&C$rc7gJC35gxhflorvsb%sGOxpuWhF)dL_&7&Z99=5M0b~Qa;Mo!j&Ti_kXW!86N%n= zSC@6Lw>UQ__F&+&Rzv?gscwAz8IP!n63>SP)^62(HK98nGjLY2*e^OwOq`3O|C92? z;TVhZ2SK%9AGW4ZavTB9?)mUbOoF`V7S=XM;#3EUpR+^oHtdV!GK^nXzCu>tpR|89 zdD{fnvCaN^^LL%amZ^}-E+214g&^56rpdc@yv0b<3}Ys?)f|fXN4oHf$six)-@<;W&&_kj z-B}M5U*1sb4)77aR=@%I?|Wkn-QJVuA96an25;~!gq(g1@O-5VGo7y&E_srxL6ZfS z*R%$gR}dyONgju*D&?geiSj7SZ@ftyA|}(*Y4KbvU!YLsi1EDQQCnb+-cM=K1io78o!v*);o<XwjaQH%)uIP&Zm?)Nfbfn;jIr z)d#!$gOe3QHp}2NBak@yYv3m(CPKkwI|{;d=gi552u?xj9ObCU^DJFQp4t4e1tPzM zvsRIGZ6VF+{6PvqsplMZWhz10YwS={?`~O0Ec$`-!klNUYtzWA^f9m7tkEzCy<_nS z=&<(awFeZvt51>@o_~>PLs05CY)$;}Oo$VDO)?l-{CS1Co=nxjqben*O1BR>#9`0^ zkwk^k-wcLCLGh|XLjdWv0_Hg54B&OzCE^3NCP}~OajK-LuRW53CkV~Su0U>zN%yQP zH8UH#W5P3-!ToO-2k&)}nFe`t+mdqCxxAHgcifup^gKpMObbox9LFK;LP3}0dP-UW z?Zo*^nrQ6*$FtZ(>kLCc2LY*|{!dUn$^RW~m9leoF|@Jy|M5p-G~j%+P0_#orRKf8 zvuu5<*XO!B?1E}-*SY~MOa$6c%2cM+xa8}_8x*aVn~57v&W(0mqN1W`5a7*VN{SUH zXz98DDyCnX2EPl-`Lesf`=AQT%YSDb`$%;(jUTrNen$NPJrlpPDP}prI>Ml!r6bCT;mjsg@X^#&<}CGf0JtR{Ecwd&)2zuhr#nqdgHj+g2n}GK9CHuwO zk>oZxy{vcOL)$8-}L^iVfJHAGfwN$prHjYV0ju}8%jWquw>}_W6j~m<}Jf!G?~r5&Rx)!9JNX!ts#SGe2HzobV5); zpj@&`cNcO&q+%*<%D7za|?m5qlmFK$=MJ_iv{aRs+BGVrs)98BlN^nMr{V_fcl_;jkzRju+c-y?gqBC_@J0dFLq-D9@VN&-`R9U;nv$Hg?>$oe4N&Ht$V_(JR3TG^! zzJsbQbi zFE6-{#9{G{+Z}ww!ycl*7rRdmU#_&|DqPfX3CR1I{Kk;bHwF6jh0opI`UV2W{*|nn zf_Y@%wW6APb&9RrbEN=PQRBEpM(N1w`81s=(xQj6 z-eO0k9=Al|>Ej|Mw&G`%q8e$2xVz1v4DXAi8G};R$y)ww638Y=9y$ZYFDM$}vzusg zUf+~BPX>(SjA|tgaFZr_e0{)+z9i6G#lgt=F_n$d=beAt0Sa0a7>z-?vcjl3e+W}+ z1&9=|vC=$co}-Zh*%3588G?v&U7%N1Qf-wNWJ)(v`iO5KHSkC5&g7CrKu8V}uQGcfcz zmBz#Lbqwqy#Z~UzHgOQ;Q-rPxrRNvl(&u6ts4~0=KkeS;zqURz%!-ERppmd%0v>iRlEf+H$yl{_8TMJzo0 z>n)`On|7=WQdsqhXI?#V{>+~}qt-cQbokEbgwV3QvSP7&hK4R{Z{aGHVS3;+h{|Hz z6$Js}_AJr383c_+6sNR|$qu6dqHXQTc6?(XWPCVZv=)D#6_;D_8P-=zOGEN5&?~8S zl5jQ?NL$c%O)*bOohdNwGIKM#jSAC?BVY={@A#c9GmX0=T(0G}xs`-%f3r=m6-cpK z!%waekyAvm9C3%>sixdZj+I(wQlbB4wv9xKI*T13DYG^T%}zZYJ|0$Oj^YtY+d$V$ zAVudSc-)FMl|54n=N{BnZTM|!>=bhaja?o7s+v1*U$!v!qQ%`T-6fBvmdPbVmro&d zk07TOp*KuxRUSTLRrBj{mjsnF8`d}rMViY8j`jo~Hp$fkv9F_g(jUo#Arp;Xw0M$~ zRIN!B22~$kx;QYmOkos@%|5k)!QypDMVe}1M9tZfkpXKGOxvKXB!=lo`p?|R1l=tA zp(1}c6T3Fwj_CPJwVsYtgeRKg?9?}%oRq0F+r+kdB=bFUdVDRPa;E~~>2$w}>O>v=?|e>#(-Lyx?nbg=ckJ#5U6;RT zNvHhXk$P}m9wSvFyU3}=7!y?Y z=fg$PbV8d7g25&-jOcs{%}wTDKm>!Vk);&rr;O1nvO0VrU&Q?TtYVU=ir`te8SLlS zKSNmV=+vF|ATGg`4$N1uS|n??f}C_4Sz!f|4Ly8#yTW-FBfvS48Tef|-46C(wEO_%pPhUC5$-~Y?!0vFZ^Gu`x=m7X99_?C-`|h zfmMM&Y@zdfitA@KPw4Mc(YHcY1)3*1xvW9V-r4n-9ZuBpFcf{yz+SR{ zo$ZSU_|fgwF~aakGr(9Be`~A|3)B=9`$M-TWKipq-NqRDRQc}ABo*s_5kV%doIX7LRLRau_gd@Rd_aLFXGSU+U?uAqh z8qusWWcvgQ&wu{|sRXmv?sl=xc<$6AR$+cl& zFNh5q1~kffG{3lDUdvEZu5c(aAG~+64FxdlfwY^*;JSS|m~CJusvi-!$XR`6@XtY2 znDHSz7}_Bx7zGq-^5{stTRy|I@N=>*y$zz>m^}^{d&~h;0kYiq8<^Wq7Dz0w31ShO^~LUfW6rfitR0(=3;Uue`Y%y@ex#eKPOW zO~V?)M#AeHB2kovn1v=n^D?2{2jhIQd9t|_Q+c|ZFaWt+r&#yrOu-!4pXAJuxM+Cx z*H&>eZ0v8Y`t}8{TV6smOj=__gFC=eah)mZt9gwz>>W$!>b3O;Rm^Ig*POZP8Rl0f zT~o=Nu1J|lO>}xX&#P58%Yl z83`HRs5#32Qm9mdCrMlV|NKNC+Z~ z9OB8xk5HJ>gBLi+m@(pvpw)1(OaVJKs*$Ou#@Knd#bk+V@y;YXT?)4eP9E5{J%KGtYinNYJUH9PU3A}66c>Xn zZ{Bn0<;8$WCOAL$^NqTjwM?5d=RHgw3!72WRo0c;+houoUA@HWLZM;^U$&sycWrFd zE7ekt9;kb0`lps{>R(}YnXlyGY}5pPd9zBpgXeJTY_jwaJGSJQC#-KJqmh-;ad&F- z-Y)E>!&`Rz!HtCz>%yOJ|v(u7P*I$jqEY3}(Z-orn4 zlI?CYKNl`6I){#2P1h)y(6?i;^z`N3bxTV%wNvQW+eu|x=kbj~s8rhCR*0H=iGkSj zk23lr9kr|p7#qKL=UjgO`@UnvzU)`&fI>1Qs7ubq{@+lK{hH* zvl6eSb9%yngRn^T<;jG1SVa)eA>T^XX=yUS@NCKpk?ovCW1D@!=@kn;l_BrG;hOTC z6K&H{<8K#dI(A+zw-MWxS+~{g$tI7|SfP$EYKxA}LlVO^sT#Oby^grkdZ^^lA}uEF zBSj$weBJG{+Bh@Yffzsw=HyChS(dtLE3i*}Zj@~!_T-Ay7z=B)+*~3|?w`Zd)Co2t zC&4DyB!o&YgSw+fJn6`sn$e)29`kUwAc+1MND7YjV%lO;H2}fNy>hD#=gT ze+-aFNpyKIoXY~Vq-}OWPBe?Rfu^{ps8>Xy%42r@RV#*QV~P83jdlFNgkPN=T|Kt7 zV*M`Rh*30&AWlb$;ae130e@}Tqi3zx2^JQHpM>j$6x`#{mu%tZlwx9Gj@Hc92IuY* zarmT|*d0E~vt6<+r?W^UW0&#U&)8B6+1+;k^2|FWBRP9?C4Rk)HAh&=AS8FS|NQaZ z2j!iZ)nbEyg4ZTp-zHwVlfLC~tXIrv(xrP8PAtR{*c;T24ycA-;auWsya-!kF~CWZ zw_uZ|%urXgUbc@x=L=_g@QJ@m#5beS@6W195Hn7>_}z@Xt{DIEA`A&V82bc^#!q8$ zFh?z_Vn|ozJ;NPd^5uu(9tspo8t%&-U9Ckay-s@DnM*R5rtu|4)~e)`z0P-sy?)kc zs_k&J@0&0!q4~%cKL)2l;N*T&0;mqX5T{Qy60%JtKTQZ-xb%KOcgqwJmb%MOOKk7N zgq})R_6**{8A|6H?fO+2`#QU)p$Ei2&nbj6TpLSIT^D$|`TcSeh+)}VMb}LmvZ{O| ze*1IdCt3+yhdYVxcM)Q_V0bIXLgr6~%JS<<&dxIgfL=Vnx4YHuU@I34JXA|+$_S3~ zy~X#gO_X!cSs^XM{yzDGNM>?v(+sF#<0;AH^YrE8smx<36bUsHbN#y57K8WEu(`qHvQ6cAZPo=J5C(lSmUCZ57Rj6cx!e^rfaI5%w}unz}4 zoX=nt)FVNV%QDJH`o!u9olLD4O5fl)xp+#RloZlaA92o3x4->?rB4`gS$;WO{R;Z3>cG3IgFX2EA?PK^M}@%1%A;?f6}s&CV$cIyEr#q5;yHdNZ9h{| z-=dX+a5elJoDo?Eq&Og!nN6A)5yYpnGEp}?=!C-V)(*~z-+?kY1Q7qs#Rsy%hu_60rdbB+QQNr?S1 z?;xtjUv|*E3}HmuNyB9aFL5H~3Ho0UsmuMZELp1a#CA1g`P{-mT?BchuLEtK}!QZ=3AWakRu~?f9V~3F;TV`5%9Pcs_$gq&CcU}r8gOO zC2&SWPsSG{&o-LIGTBqp6SLQZPvYKp$$7L4WRRZ0BR$Kf0I0SCFkqveCp@f)o8W)! z$%7D1R`&j7W9Q9CGus_)b%+B#J2G;l*FLz#s$hw{BHS~WNLODV#(!u_2Pe&tMsq={ zdm7>_WecWF#D=?eMjLj=-_z`aHMZ=3_-&E8;ibPmM}61i6J3is*=dKf%HC>=xbj4$ zS|Q-hWQ8T5mWde6h@;mS+?k=89?1FU<%qH9B(l&O>k|u_aD|DY*@~(`_pb|B#rJ&g zR0(~(68fpUPz6TdS@4JT5MOPrqDh5_H(eX1$P2SQrkvN8sTxwV>l0)Qq z0pzTuvtEAKRDkKGhhv^jk%|HQ1DdF%5oKq5BS>szk-CIke{%js?~%@$uaN3^Uz6Wf z_iyx{bZ(;9y4X&>LPV=L=d+A}7I4GkK0c1Xts{rrW1Q7apHf-))`BgC^0^F(>At1* za@e7{lq%yAkn*NH8Q1{@{lKhRg*^TfGvv!Sn*ed*x@6>M%aaqySxR|oNadYt1mpUZ z6H(rupHYf&Z z29$5g#|0MX#aR6TZ$@eGxxABRKakDYtD%5BmKp;HbG_ZbT+=81E&=XRk6m_3t9PvD zr5Cqy(v?gHcYvYvXkNH@S#Po~q(_7MOuCAB8G$a9BC##gw^5mW16cML=T=ERL7wsk zzNEayTG?mtB=x*wc@ifBCJ|irFVMOvH)AFRW8WE~U()QT=HBCe@s$dA9O!@`zAAT) zaOZ7l6vyR+Nk_OOF!ZlZmjoImKh)dxFbbR~z(cMhfeX1l7S_`;h|v3gI}n9$sSQ>+3@AFAy9=B_y$)q;Wdl|C-X|VV3w8 z2S#>|5dGA8^9%Bu&fhmVRrTX>Z7{~3V&0UpJNEl0=N32euvDGCJ>#6dUSi&PxFW*s zS`}TB>?}H(T2lxBJ!V#2taV;q%zd6fOr=SGHpoSG*4PDaiG0pdb5`jelVipkEk%FV zThLc@Hc_AL1#D&T4D=w@UezYNJ%0=f3iVRuVL5H?eeZM}4W*bomebEU@e2d`M<~uW zf#Bugwf`VezG|^Qbt6R_=U0}|=k;mIIakz99*>FrsQR{0aQRP6ko?5<7bkDN8evZ& zB@_KqQG?ErKL=1*ZM9_5?Pq%lcS4uLSzN(Mr5=t6xHLS~Ym`UgM@D&VNu8e?_=nSFtF$u@hpPSmI4Vo_t&v?>$~K4y(O~Rb*(MFy_igM7 z*~yYUyR6yQgzWnWMUgDov!!g=lInM+=lOmOk4L`O?{i&qxy&D*_qorRbDwj6?)!ef z#JLd7F6Z2I$S0iYI={rZNk*<{HtIl^mx=h>Cim*04K4+Z4IJtd*-)%6XV2(MCscPiw_a+y*?BKbTS@BZ3AUao^%Zi#PhoY9Vib4N>SE%4>=Jco0v zH_Miey{E;FkdlZSq)e<{`+S3W=*ttvD#hB8w=|2aV*D=yOV}(&p%0LbEWH$&@$X3x~CiF-?ejQ*N+-M zc8zT@3iwkdRT2t(XS`d7`tJQAjRmKAhiw{WOqpuvFp`i@Q@!KMhwKgsA}%@sw8Xo5Y=F zhRJZg)O4uqNWj?V&&vth*H#je6T}}p_<>!Dr#89q@uSjWv~JuW(>FqoJ5^ho0%K?E z9?x_Q;kmcsQ@5=}z@tdljMSt9-Z3xn$k)kEjK|qXS>EfuDmu(Z8|(W?gY6-l z@R_#M8=vxKMAoi&PwnaIYw2COJM@atcgfr=zK1bvjW?9B`-+Voe$Q+H$j!1$Tjn+* z&LY<%)L@;zhnJlB^Og6I&BOR-m?{IW;tyYC%FZ!&Z>kGjHJ6cqM-F z&19n+e1=9AH1VrVeHrIzqlC`w9=*zfmrerF?JMzO&|Mmv;!4DKc(sp+jy^Dx?(8>1 zH&yS_4yL7m&GWX~mdfgH*AB4{CKo;+egw=PrvkTaoBU+P-4u?E|&!c z)DKc;>$$B6u*Zr1SjUh2)FeuWLWHl5TH(UHWkf zLs>7px!c5n;rbe^lO@qlYLzlDVp(z?6rPZel=YB)Uv&n!2{+Mb$-vQl=xKw( zve&>xYx+jW_NJh!FV||r?;hdP*jOXYcLCp>DOtJ?2S^)DkM{{Eb zS$!L$e_o0(^}n3tA1R3-$SNvgBq;DOEo}fNc|tB%%#g4RA3{|euq)p+xd3I8^4E&m zFrD%}nvG^HUAIKe9_{tXB;tl|G<%>yk6R;8L2)KUJw4yHJXUOPM>(-+jxq4R;z8H#>rnJy*)8N+$wA$^F zN+H*3t)eFEgxLw+Nw3};4WV$qj&_D`%ADV2%r zJCPCo%{=z7;`F98(us5JnT(G@sKTZ^;2FVitXyLe-S5(hV&Ium+1pIUB(CZ#h|g)u zSLJJ<@HgrDiA-}V_6B^x1>c9B6%~847JkQ!^KLZ2skm;q*edo;UA)~?SghG8;QbHh z_6M;ouo_1rq9=x$<`Y@EA{C%6-pEV}B(1#sDoe_e1s3^Y>n#1Sw;N|}8D|s|VPd+g z-_$QhCz`vLxxrVMx3ape1xu3*wjx=yKSlM~nFgkNWb4?DDr*!?U)L_VeffF<+!j|b zZ$Wn2$TDv3C3V@BHpSgv3JUif8%hk%OsGZ=OxH@8&4`bbf$`aAMchl^qN>Eyu3JH} z9-S!x8-s4fE=lad%Pkp8hAs~u?|uRnL48O|;*DEU! zuS0{cpk%1E0nc__2%;apFsTm0bKtd&A0~S3Cj^?72-*Owk3V!ZG*PswDfS~}2<8le z5+W^`Y(&R)yVF*tU_s!XMcJS`;(Tr`J0%>p=Z&InR%D3@KEzzI+-2)HK zuoNZ&o=wUC&+*?ofPb0a(E6(<2Amd6%uSu_^-<1?hsxs~0K5^f(LsGqgEF^+0_H=uNk9S0bb!|O8d?m5gQjUKevPaO+*VfSn^2892K~%crWM8+6 z25@V?Y@J<9w%@NXh-2!}SK_(X)O4AM1-WTg>sj1{lj5@=q&dxE^9xng1_z9w9DK>| z6Iybcd0e zyi;Ew!KBRIfGPGytQ6}z}MeXCfLY0?9%RiyagSp_D1?N&c{ zyo>VbJ4Gy`@Fv+5cKgUgs~na$>BV{*em7PU3%lloy_aEovR+J7TfQKh8BJXyL6|P8un-Jnq(ghd!_HEOh$zlv2$~y3krgeH;9zC}V3f`uDtW(%mT#944DQa~^8ZI+zAUu4U(j0YcDfKR$bK#gvn_{JZ>|gZ5+)u?T$w7Q%F^;!Wk?G z(le7r!ufT*cxS}PR6hIVtXa)i`d$-_1KkyBU>qmgz-=T};uxx&sKgv48akIWQ89F{ z0XiY?WM^~;|T8zBOr zs#zuOONzH?svv*jokd5SK8wG>+yMC)LYL|vLqm^PMHcT=`}V$=nIRHe2?h)8WQa6O zPAU}d`1y(>kZiP~Gr=mtJLMu`i<2CspL|q2DqAgAD^7*$xzM`PU4^ga`ilE134XBQ z99P(LhHU@7qvl9Yzg$M`+dlS=x^(m-_3t|h>S}E0bcFMn=C|KamQ)=w2^e)35p`zY zRV8X?d;s^>Cof2SPR&nP3E+-LCkS0J$H!eh8~k0qo$}00b=7!H_I2O+Ro@3O$nPdm ztmbOO^B+IHzQ5w>@@@J4cKw5&^_w6s!s=H%&byAbUtczPQ7}wfTqxxtQNfn*u73Qw zGuWsrky_ajPx-5`R<)6xHf>C(oqGf_Fw|-U*GfS?xLML$kv;h_pZ@Kk$y0X(S+K80 z6^|z)*`5VUkawg}=z`S;VhZhxyDfrE0$(PMurAxl~<>lfZa>JZ288ULK7D` zl9|#L^JL}Y$j*j`0-K6kH#?bRmg#5L3iB4Z)%iF@SqT+Lp|{i`m%R-|ZE94Np7Pa5 zCqC^V3}B(FR340pmF*qaa}M}+h6}mqE~7Sh!9bDv9YRT|>vBNAqv09zXHMlcuhKD| zcjjA(b*XCIwJ33?CB!+;{)vX@9xns_b-VO{i0y?}{!sdXj1GM8+$#v>W7nw;+O_9B z_{4L;C6ol?(?W0<6taGEn1^uG=?Q3i29sE`RfYCaV$3DKc_;?HsL?D_fSYg}SuO5U zOB_f4^vZ_x%o`5|C@9C5+o=mFy@au{s)sKw!UgC&L35aH(sgDxRE2De%(%OT=VUdN ziVLEmdOvJ&5*tCMKRyXctCwQu_RH%;m*$YK&m;jtbdH#Ak~13T1^f89tn`A%QEHWs~jnY~E}p_Z$XC z=?YXLCkzVSK+Id`xZYTegb@W8_baLt-Fq`Tv|=)JPbFsKRm)4UW;yT+J`<)%#ue9DPOkje)YF2fsCilK9MIIK>p*`fkoD5nGfmLwt)!KOT+> zOFq*VZktDDyM3P5UOg`~XL#cbzC}eL%qMB=Q5$d89MKuN#$6|4gx_Jt0Gfn8w&q}%lq4QU%6#jT*MRT% zrLz~C8FYKHawn-EQWN1B75O&quS+Z81(zN)G>~vN8VwC+e+y(`>HcxC{MrJ;H1Z4k zZWuv$w_F0-Ub%MVcpIc){4PGL^I7M{>;hS?;eH!;gmcOE66z3;Z1Phqo(t zVP(Hg6q#0gIKgsg7L7WE!{Y#1nI(45tx2{$34dDd#!Z0NIyrm)HOn5W#7;f4pQci# zDW!FI(g4e668kI9{2+mLwB+=#9bfqgX%!B34V-$wwSN(_cm*^{y0jQtv*4}eO^sOV z*9xoNvX)c9isB}Tgx&ZRjp3kwhTVK?r9;n!x>^XYT z@Q^7zp{rkIs{2mUSE^2!Gf6$6;j~&4=-0cSJJDizZp6LTe8b45;{AKM%v99}{{FfC zz709%u0mC=1KXTo(=TqmZQ;c?$M3z(!xah>aywrj40sc2y3rKFw4jCq+Y+u=CH@_V zxz|qeTwa>+<|H%8Dz5u>ZI5MmjTFwXS-Fv!TDd*`>3{krWoNVx$<133`(ftS?ZPyY z&4@ah^3^i`vL$BZa>O|Nt?ucewzsF)0zX3qmM^|waXr=T0pfIb0*$AwU=?Ipl|1Y; z*Pk6{C-p4MY;j@IJ|DW>QHZQJcp;Z~?8(Q+Kk3^0qJ}SCk^*n4W zu9ZFwLHUx-$6xvaQ)SUQcYd6fF8&x)V`1bIuX@>{mE$b|Yd(qomn3;bPwnDUc0F=; zh*6_((%bqAYQWQ~odER?h>1mkL4kpb3s7`0m@rDKGU*oyF)$j~Ffd4fXV$?`f~rHf zB%Y)@5SXZvfwm10RY5X?TEo)PK_`L6qgBp=#>fO49$D zDq8Ozj0q6213tV5Qq=;fZ0$|KroY{Dz=l@lU^J)?Ko@ti20TRplXzphBi>XGx4bou zEWrkNjz0t5j!_ke{g5I#PUlEU$Km8g8TE|XK=MkU@PT4T><2OVamoK;wJ}3X0L$vX zgd7gNa359*nc)R-0!`2X@FOTB`+oETOPc=ubp5R)VQgY+5BTZZJ2?9QwnO=dnulIUF3gFn;BODC2)65)HeVd%t86sL7Rv^Y+nbn+&l z6BAJY(ETvwI)Ts$aiE8rht4KD*qNyE{8{x6R|%akbTBzw;2+6Echkt+W+`u^XX z_z&x%n '} + case $link in #( + /*) app_path=$link ;; #( + *) app_path=$APP_HOME$link ;; + esac +done + +# This is normally unused +# shellcheck disable=SC2034 +APP_BASE_NAME=${0##*/} +# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036) +APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD=maximum + +warn () { + echo "$*" +} >&2 + +die () { + echo + echo "$*" + echo + exit 1 +} >&2 + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "$( uname )" in #( + CYGWIN* ) cygwin=true ;; #( + Darwin* ) darwin=true ;; #( + MSYS* | MINGW* ) msys=true ;; #( + NONSTOP* ) nonstop=true ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD=$JAVA_HOME/jre/sh/java + else + JAVACMD=$JAVA_HOME/bin/java + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD=java + if ! command -v java >/dev/null 2>&1 + then + die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +fi + +# Increase the maximum file descriptors if we can. +if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then + case $MAX_FD in #( + max*) + # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + MAX_FD=$( ulimit -H -n ) || + warn "Could not query maximum file descriptor limit" + esac + case $MAX_FD in #( + '' | soft) :;; #( + *) + # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked. + # shellcheck disable=SC2039,SC3045 + ulimit -n "$MAX_FD" || + warn "Could not set maximum file descriptor limit to $MAX_FD" + esac +fi + +# Collect all arguments for the java command, stacking in reverse order: +# * args from the command line +# * the main class name +# * -classpath +# * -D...appname settings +# * --module-path (only if needed) +# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables. + +# For Cygwin or MSYS, switch paths to Windows format before running java +if "$cygwin" || "$msys" ; then + APP_HOME=$( cygpath --path --mixed "$APP_HOME" ) + CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" ) + + JAVACMD=$( cygpath --unix "$JAVACMD" ) + + # Now convert the arguments - kludge to limit ourselves to /bin/sh + for arg do + if + case $arg in #( + -*) false ;; # don't mess with options #( + /?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath + [ -e "$t" ] ;; #( + *) false ;; + esac + then + arg=$( cygpath --path --ignore --mixed "$arg" ) + fi + # Roll the args list around exactly as many times as the number of + # args, so each arg winds up back in the position where it started, but + # possibly modified. + # + # NB: a `for` loop captures its iteration list before it begins, so + # changing the positional parameters here affects neither the number of + # iterations, nor the values presented in `arg`. + shift # remove old arg + set -- "$@" "$arg" # push replacement arg + done +fi + + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Collect all arguments for the java command: +# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, +# and any embedded shellness will be escaped. +# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be +# treated as '${Hostname}' itself on the command line. + +set -- \ + "-Dorg.gradle.appname=$APP_BASE_NAME" \ + -classpath "$CLASSPATH" \ + org.gradle.wrapper.GradleWrapperMain \ + "$@" + +# Stop when "xargs" is not available. +if ! command -v xargs >/dev/null 2>&1 +then + die "xargs is not available" +fi + +# Use "xargs" to parse quoted args. +# +# With -n1 it outputs one arg per line, with the quotes and backslashes removed. +# +# In Bash we could simply go: +# +# readarray ARGS < <( xargs -n1 <<<"$var" ) && +# set -- "${ARGS[@]}" "$@" +# +# but POSIX shell has neither arrays nor command substitution, so instead we +# post-process each arg (as a line of input to sed) to backslash-escape any +# character that might be a shell metacharacter, then use eval to reverse +# that process (while maintaining the separation between arguments), and wrap +# the whole thing up as a single "set" statement. +# +# This will of course break if any of these variables contains a newline or +# an unmatched quote. +# + +eval "set -- $( + printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" | + xargs -n1 | + sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' | + tr '\n' ' ' + )" '"$@"' + +exec "$JAVACMD" "$@" diff --git a/apps/dolly-search-service/gradlew.bat b/apps/dolly-search-service/gradlew.bat new file mode 100644 index 00000000000..25da30dbdee --- /dev/null +++ b/apps/dolly-search-service/gradlew.bat @@ -0,0 +1,92 @@ +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem https://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem + +@if "%DEBUG%"=="" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%"=="" set DIRNAME=. +@rem This is normally unused +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if %ERRORLEVEL% equ 0 goto execute + +echo. 1>&2 +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto execute + +echo. 1>&2 +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2 +echo. 1>&2 +echo Please set the JAVA_HOME variable in your environment to match the 1>&2 +echo location of your Java installation. 1>&2 + +goto fail + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* + +:end +@rem End local scope for the variables with windows NT shell +if %ERRORLEVEL% equ 0 goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +set EXIT_CODE=%ERRORLEVEL% +if %EXIT_CODE% equ 0 set EXIT_CODE=1 +if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE% +exit /b %EXIT_CODE% + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/apps/dolly-search-service/gradlewUpdate.sh b/apps/dolly-search-service/gradlewUpdate.sh new file mode 100755 index 00000000000..e5ee6361152 --- /dev/null +++ b/apps/dolly-search-service/gradlewUpdate.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +gradle wrapper \ No newline at end of file diff --git a/apps/dolly-search-service/settings.gradle b/apps/dolly-search-service/settings.gradle new file mode 100644 index 00000000000..9ebb65a2187 --- /dev/null +++ b/apps/dolly-search-service/settings.gradle @@ -0,0 +1,21 @@ +plugins { + id "com.gradle.develocity" version "3.17.4" +} + +rootProject.name = 'dolly-search-service' + +includeBuild "../../plugins/java" + +includeBuild '../../libs/data-transfer-search-objects' +includeBuild '../../libs/reactive-core' +includeBuild '../../libs/security-core' +includeBuild '../../libs/servlet-core' +includeBuild '../../libs/servlet-security' +includeBuild '../../libs/testing' + +develocity { + buildScan { + termsOfUseUrl = "https://gradle.com/terms-of-service" + termsOfUseAgree = "yes" + } +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/DollySearchServiceApplicationStarter.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/DollySearchServiceApplicationStarter.java new file mode 100644 index 00000000000..1ed1004ae1f --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/DollySearchServiceApplicationStarter.java @@ -0,0 +1,16 @@ +package no.nav.testnav.dollysearchservice; + +import no.nav.dolly.libs.nais.NaisEnvironmentApplicationContextInitializer; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.builder.SpringApplicationBuilder; + +@SpringBootApplication +public class +DollySearchServiceApplicationStarter { + public static void main(String[] args) { + + new SpringApplicationBuilder(DollySearchServiceApplicationStarter.class) + .initializers(new NaisEnvironmentApplicationContextInitializer()) + .run(args); + } +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/ApplicationConfig.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/ApplicationConfig.java new file mode 100644 index 00000000000..7a1cba2632c --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/ApplicationConfig.java @@ -0,0 +1,15 @@ +package no.nav.testnav.dollysearchservice.config; + +import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig; +import no.nav.testnav.libs.servletsecurity.jwt.SecureOAuth2ServerToServerAutoConfiguration; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Import; + +@Configuration +@Import({ + ApplicationCoreConfig.class, + SecureOAuth2ServerToServerAutoConfiguration.class +}) +public class ApplicationConfig { + +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/Consumers.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/Consumers.java new file mode 100644 index 00000000000..7f6ff695b81 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/Consumers.java @@ -0,0 +1,20 @@ +package no.nav.testnav.dollysearchservice.config; + +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import no.nav.testnav.libs.securitycore.domain.ServerProperties; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +import static lombok.AccessLevel.PACKAGE; + +@Configuration +@ConfigurationProperties(prefix = "consumers") +@NoArgsConstructor(access = PACKAGE) +@Getter +@Setter(PACKAGE) +public class Consumers { + + private ServerProperties testnavPdlProxy; +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/JsonMapperConfig.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/JsonMapperConfig.java new file mode 100644 index 00000000000..3a66ddb2cc9 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/JsonMapperConfig.java @@ -0,0 +1,82 @@ +package no.nav.testnav.dollysearchservice.config; + +import com.fasterxml.jackson.core.JsonParser; +import com.fasterxml.jackson.databind.*; +import com.fasterxml.jackson.databind.json.JsonMapper; +import com.fasterxml.jackson.databind.module.SimpleModule; +import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateSerializer; +import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateTimeSerializer; +import com.fasterxml.jackson.datatype.jsr310.ser.ZonedDateTimeSerializer; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +import java.io.IOException; +import java.time.LocalDate; +import java.time.LocalDateTime; +import java.time.ZonedDateTime; +import java.time.format.DateTimeFormatter; + +import static org.apache.commons.lang3.StringUtils.isBlank; + +@Configuration +public class JsonMapperConfig { + + @Bean + public ObjectMapper objectMapper() { + + SimpleModule simpleModule = new SimpleModule() + .addDeserializer(LocalDateTime.class, new DollyLocalDateTimeDeserializer()) + .addSerializer(LocalDateTime.class, new LocalDateTimeSerializer(DateTimeFormatter.ISO_DATE_TIME)) + .addDeserializer(LocalDate.class, new DollyLocalDateDeserializer()) + .addSerializer(LocalDate.class, new LocalDateSerializer(DateTimeFormatter.ISO_DATE)) + .addDeserializer(ZonedDateTime.class, new DollyZonedDateTimeDeserializer()) + .addSerializer(ZonedDateTime.class, new ZonedDateTimeSerializer(DateTimeFormatter.ISO_DATE_TIME)); + return JsonMapper + .builder() + .configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false) + .configure(DeserializationFeature.ACCEPT_EMPTY_STRING_AS_NULL_OBJECT, true) + .enable(MapperFeature.ACCEPT_CASE_INSENSITIVE_ENUMS) + .disable(SerializationFeature.FAIL_ON_EMPTY_BEANS) + .build() + .registerModule(simpleModule); + + } + + private static class DollyZonedDateTimeDeserializer extends JsonDeserializer { + + @Override + public ZonedDateTime deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException { + JsonNode node = jsonParser.getCodec().readTree(jsonParser); + if (isBlank(node.asText())) { + return null; + } + return ZonedDateTime.parse(node.asText(), DateTimeFormatter.ISO_DATE_TIME); + } + } + + private static class DollyLocalDateDeserializer extends JsonDeserializer { + + @Override + public LocalDate deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException { + JsonNode node = jsonParser.getCodec().readTree(jsonParser); + if (isBlank(node.asText())) { + return null; + } + String dateTime = node.asText().length() > 10 ? node.asText().substring(0, 10) : node.asText(); + return LocalDate.parse(dateTime); + } + } + + private static class DollyLocalDateTimeDeserializer extends JsonDeserializer { + + @Override + public LocalDateTime deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException { + JsonNode node = jsonParser.getCodec().readTree(jsonParser); + if (isBlank(node.asText())) { + return null; + } + String dateTime = node.asText().length() > 19 ? node.asText().substring(0, 19) : node.asText(); + return dateTime.length() > 10 ? LocalDateTime.parse(dateTime) : LocalDate.parse(dateTime).atStartOfDay(); + } + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenApiConfig.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenApiConfig.java new file mode 100644 index 00000000000..bee18b431ed --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenApiConfig.java @@ -0,0 +1,68 @@ +package no.nav.testnav.dollysearchservice.config; + +import io.swagger.v3.oas.models.Components; +import io.swagger.v3.oas.models.OpenAPI; +import io.swagger.v3.oas.models.info.Contact; +import io.swagger.v3.oas.models.info.Info; +import io.swagger.v3.oas.models.info.License; +import io.swagger.v3.oas.models.security.SecurityRequirement; +import io.swagger.v3.oas.models.security.SecurityScheme; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +import java.util.Arrays; + +import no.nav.testnav.libs.securitycore.config.UserConstant; +import no.nav.testnav.libs.servletcore.config.ApplicationProperties; + +@Configuration +public class OpenApiConfig implements WebMvcConfigurer { + + @Bean + public OpenAPI openApi(ApplicationProperties applicationProperties) { + return new OpenAPI() + .components(new Components() + .addSecuritySchemes("bearer-jwt", new SecurityScheme() + .type(SecurityScheme.Type.HTTP) + .scheme("bearer") + .bearerFormat("JWT") + .in(SecurityScheme.In.HEADER) + .name("Authorization") + .description("Trenger ikke \"Bearer \" foran") + ) + .addSecuritySchemes("user-jwt", new SecurityScheme() + .type(SecurityScheme.Type.APIKEY) + .scheme("bearer") + .bearerFormat("JWT") + .in(SecurityScheme.In.HEADER) + .name(UserConstant.USER_HEADER_JWT) + )) + .addSecurityItem( + new SecurityRequirement() + .addList("bearer-jwt", Arrays.asList("read", "write")) + .addList("user-jwt", Arrays.asList("read", "write")) + ) + .info(new Info() + .title(applicationProperties.getName()) + .version(applicationProperties.getVersion()) + .description(applicationProperties.getDescription()) + .termsOfService("https://nav.no") + .contact(new Contact() + .url("https://nav-it.slack.com/archives/CA3P9NGA2") + .email("dolly@nav.no") + .name("Team Dolly") + ) + .license(new License() + .name("MIT License") + .url("https://opensource.org/licenses/MIT") + ) + ); + } + + @Override + public void addViewControllers(ViewControllerRegistry registry) { + registry.addViewController("/swagger").setViewName("redirect:/swagger-ui.html"); + } +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/SecurityConfig.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/SecurityConfig.java new file mode 100644 index 00000000000..70c7746038a --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/SecurityConfig.java @@ -0,0 +1,38 @@ +package no.nav.testnav.dollysearchservice.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; +import org.springframework.security.config.Customizer; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; + +@EnableWebSecurity +@Configuration +@Profile({ "prod", "local" }) +public class SecurityConfig { + + @Bean + public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception { + + httpSecurity.sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .csrf(AbstractHttpConfigurer::disable) + .authorizeHttpRequests(authorizeConfig -> authorizeConfig.requestMatchers( + "/internal/**", + "/webjars/**", + "/swagger-resources/**", + "/v3/api-docs/**", + "/swagger-ui/**", + "/swagger", + "/error", + "/swagger-ui.html" + ).permitAll().requestMatchers("/api/**").fullyAuthenticated()) + .oauth2ResourceServer(oauth2RSConfig -> oauth2RSConfig.jwt(Customizer.withDefaults())); + + return httpSecurity.build(); + } +} + diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/credentials/ElasticSearchCredentials.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/credentials/ElasticSearchCredentials.java new file mode 100644 index 00000000000..142b0f3f58a --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/credentials/ElasticSearchCredentials.java @@ -0,0 +1,18 @@ +package no.nav.testnav.dollysearchservice.config.credentials; + + +import lombok.Getter; +import lombok.Setter; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +@Getter +@Setter +@Configuration +@ConfigurationProperties(prefix = "elasticsearch.client") +public class ElasticSearchCredentials { + private String host; + private String port; + private String username; + private String password; +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/OpenSearchConsumer.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/OpenSearchConsumer.java new file mode 100644 index 00000000000..3c29c69e86a --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/OpenSearchConsumer.java @@ -0,0 +1,52 @@ +package no.nav.testnav.dollysearchservice.consumer; + +import com.fasterxml.jackson.databind.ObjectMapper; +import lombok.SneakyThrows; +import lombok.extern.slf4j.Slf4j; +import no.nav.testnav.dollysearchservice.config.Consumers; +import no.nav.testnav.dollysearchservice.consumer.command.OpenSearchCommand; +import no.nav.testnav.dollysearchservice.dto.SearchRequest; +import no.nav.testnav.dollysearchservice.dto.SearchResponse; +import no.nav.testnav.libs.securitycore.domain.ServerProperties; +import no.nav.testnav.libs.servletsecurity.exchange.TokenExchange; +import org.springframework.stereotype.Component; +import org.springframework.web.reactive.function.client.WebClient; +import reactor.core.publisher.Flux; + +import static no.nav.testnav.dollysearchservice.consumer.utils.JacksonExchangeStrategyUtil.getJacksonStrategy; + +@Slf4j +@Component +public class OpenSearchConsumer { + + private final WebClient webClient; + private final TokenExchange tokenExchange; + private final ServerProperties serverProperties; + + public OpenSearchConsumer( + TokenExchange tokenExchange, + Consumers consumers, + ObjectMapper objectMapper, + WebClient.Builder webClientBuilder + ) { + + serverProperties = consumers.getTestnavPdlProxy(); + this.webClient = webClientBuilder + .baseUrl(serverProperties.getUrl()) + .exchangeStrategies(getJacksonStrategy(objectMapper)) + .build(); + this.tokenExchange = tokenExchange; + } + + @SneakyThrows + public Flux search(SearchRequest request) { + return tokenExchange.exchange(serverProperties) + .flatMapMany(token -> + new OpenSearchCommand(webClient, request.getQuery().indices()[0], + token.getTokenValue(), request.getQuery().source().toString()).call()) + .map(response -> { + response.setRequest(request.getRequest()); + return response; + }); + } +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/command/OpenSearchCommand.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/command/OpenSearchCommand.java new file mode 100644 index 00000000000..9fcaa76c525 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/command/OpenSearchCommand.java @@ -0,0 +1,48 @@ +package no.nav.testnav.dollysearchservice.consumer.command; + +import lombok.RequiredArgsConstructor; +import no.nav.testnav.dollysearchservice.dto.SearchResponse; +import no.nav.testnav.libs.reactivecore.utils.WebClientFilter; +import org.springframework.web.reactive.function.BodyInserters; +import org.springframework.web.reactive.function.client.WebClient; +import reactor.core.publisher.Mono; +import reactor.util.retry.Retry; + +import java.time.Duration; +import java.util.concurrent.Callable; + +import static org.apache.http.HttpHeaders.AUTHORIZATION; +import static org.apache.http.HttpHeaders.CONTENT_TYPE; +import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE; + + +@RequiredArgsConstructor +public class OpenSearchCommand implements Callable> { + + private static final String SEARCH_URL = "/pdl-elastic/{index}/_search"; + + private final WebClient webClient; + private final String index; + private final String token; + private final Object body; + + @Override + public Mono call() { + + return webClient.post() + .uri(uriBuilder -> uriBuilder + .path(SEARCH_URL) + .build(index)) + .header(CONTENT_TYPE, APPLICATION_JSON_VALUE) + .header(AUTHORIZATION, "Bearer " + token) + .body(BodyInserters.fromValue(body)) + .retrieve() + .bodyToMono(SearchResponse.class) + .retryWhen(Retry.backoff(3, Duration.ofSeconds(5)) + .filter(WebClientFilter::is5xxException)) + .onErrorResume(throwable -> Mono.just(SearchResponse.builder() + .status(WebClientFilter.getStatus(throwable)) + .error(WebClientFilter.getMessage(throwable)) + .build())); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/utils/JacksonExchangeStrategyUtil.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/utils/JacksonExchangeStrategyUtil.java new file mode 100644 index 00000000000..5d039494015 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/utils/JacksonExchangeStrategyUtil.java @@ -0,0 +1,25 @@ +package no.nav.testnav.dollysearchservice.consumer.utils; + +import com.fasterxml.jackson.databind.ObjectMapper; +import lombok.experimental.UtilityClass; +import org.springframework.http.MediaType; +import org.springframework.http.codec.json.Jackson2JsonDecoder; +import org.springframework.http.codec.json.Jackson2JsonEncoder; +import org.springframework.web.reactive.function.client.ExchangeStrategies; + +@UtilityClass +public final class JacksonExchangeStrategyUtil { + + public static ExchangeStrategies getJacksonStrategy(ObjectMapper objectMapper) { + return ExchangeStrategies.builder() + .codecs(config -> { + config.defaultCodecs() + .maxInMemorySize(32 * 1024 * 1024); + config.defaultCodecs() + .jackson2JsonEncoder(new Jackson2JsonEncoder(objectMapper, MediaType.APPLICATION_JSON)); + config.defaultCodecs() + .jackson2JsonDecoder(new Jackson2JsonDecoder(objectMapper, MediaType.APPLICATION_JSON)); + }) + .build(); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java new file mode 100644 index 00000000000..a1c47ee3f83 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java @@ -0,0 +1,16 @@ +package no.nav.testnav.dollysearchservice.dto; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class SearchRequest { + + private no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest request; + private org.opensearch.action.search.SearchRequest query; +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchResponse.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchResponse.java new file mode 100644 index 00000000000..7800ad9bdc7 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchResponse.java @@ -0,0 +1,58 @@ +package no.nav.testnav.dollysearchservice.dto; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import org.springframework.http.HttpStatus; + +import java.util.List; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class SearchResponse { + + private SearchRequest request; + + private Integer took; + private Boolean timedOut; + private SearchHits hits; + + private HttpStatus status; + private String error; + + @Data + @NoArgsConstructor + @AllArgsConstructor + public static class SearchHits { + + private Total total; + private float maxScore; + private List hits; + } + + @Data + @NoArgsConstructor + @AllArgsConstructor + public static class Total { + + private Long value; + private String relation; + } + + @Data + @NoArgsConstructor + @AllArgsConstructor + @SuppressWarnings("java:S116") + public static class SearchHit { + + private String _index; + private String _type; + private String _id; + private Double _score; + private Object _source; + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchController.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchController.java new file mode 100644 index 00000000000..f704bc86dbd --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchController.java @@ -0,0 +1,29 @@ +package no.nav.testnav.dollysearchservice.provider; + +import io.swagger.v3.oas.annotations.Operation; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import no.nav.testnav.dollysearchservice.service.OpenSearchService; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; +import reactor.core.publisher.Mono; + +@Slf4j +@RestController +@RequestMapping("/api/v1/opensearch") +@RequiredArgsConstructor +public class OpensearchController { + + private final OpenSearchService openSearchService; + + @PostMapping + @Operation(description = "Henter personer som matcher søk av persondetaljer i request") + public Mono getPersoner(@RequestBody SearchRequest request) { + + return openSearchService.search(request); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java new file mode 100644 index 00000000000..13cc7855d75 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java @@ -0,0 +1,81 @@ +package no.nav.testnav.dollysearchservice.service; + +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import no.nav.testnav.dollysearchservice.consumer.OpenSearchConsumer; +import no.nav.testnav.dollysearchservice.utils.OpenSearchQueryBuilder; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; +import org.opensearch.common.unit.TimeValue; +import org.opensearch.index.query.BoolQueryBuilder; +import org.opensearch.search.builder.SearchSourceBuilder; +import org.springframework.stereotype.Service; +import reactor.core.publisher.Mono; + +import java.util.concurrent.TimeUnit; + +import static java.util.Objects.isNull; +import static org.apache.commons.lang3.StringUtils.isNotBlank; + +@Slf4j +@Service +@RequiredArgsConstructor +public class OpenSearchService { + + private final OpenSearchConsumer openSearchConsumer; + private final ObjectMapper objectMapper; + + public Mono search(SearchRequest request) { + + var query = OpenSearchQueryBuilder.buildSearchQuery(request); + return execQuery(request, query); + } + + private Mono execQuery(SearchRequest request, BoolQueryBuilder query) { + + if (isNull(request.getSide())) { + request.setSide(1); + } + + if (isNull(request.getAntall())) { + request.setAntall(10); + } + + return Mono.from(openSearchConsumer.search( + no.nav.testnav.dollysearchservice.dto.SearchRequest.builder() + .query( + new org.opensearch.action.search.SearchRequest() + .indices("pdl-sok") + .source(new SearchSourceBuilder() + .query(query) + .from(request.getSide() * request.getAntall()) + .size(request.getAntall()) + .timeout(new TimeValue(3, TimeUnit.SECONDS)))) + .request(request) + .build())) + .map(this::formatResponse); + } + + private SearchResponse formatResponse(no.nav.testnav.dollysearchservice.dto.SearchResponse response) { + + if (isNotBlank(response.getError())) { + return SearchResponse.builder() + .error(response.getError()) + .build(); + } + + return SearchResponse.builder() + .took(response.getTook().toString()) + .totalHits(response.getHits().getTotal().getValue()) + .antall(response.getHits().getHits().size()) + .side(response.getRequest().getSide()) + .seed(response.getRequest().getSeed()) + .personer(response.getHits().getHits().stream() + .map(no.nav.testnav.dollysearchservice.dto.SearchResponse.SearchHit::get_source) + .map(person -> objectMapper.convertValue(person, JsonNode.class)) + .toList()) + .build(); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchIdenterQueryUtils.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchIdenterQueryUtils.java new file mode 100644 index 00000000000..3a1ad74ce2a --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchIdenterQueryUtils.java @@ -0,0 +1,52 @@ +package no.nav.testnav.dollysearchservice.utils; + +import lombok.experimental.UtilityClass; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import org.opensearch.index.query.BoolQueryBuilder; +import org.opensearch.index.query.QueryBuilders; + +import java.util.Set; + +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.FOLKEREGISTERIDENTIFIKATOR; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.HENT_IDENTER; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.METADATA_HISTORISK; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.NAVSPERSONIDENTIFIKATOR; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.matchQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.nestedMatchQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.nestedRegexpQuery; + +@UtilityClass +public class OpenSearchIdenterQueryUtils { + + public static BoolQueryBuilder addIdenterIdentifier(SearchRequest request) { + + return request.getIdenter().isEmpty() ? + + QueryBuilders.boolQuery() + .must(addDollyIdentifier()) : + + QueryBuilders.boolQuery() + .must(addIdenterQuery(request.getIdenter())); + } + + private static BoolQueryBuilder addDollyIdentifier() { + + return QueryBuilders.boolQuery() + .should(matchQuery("tags", "DOLLY")) + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(FOLKEREGISTERIDENTIFIKATOR, METADATA_HISTORISK, false)) + .must(nestedRegexpQuery(FOLKEREGISTERIDENTIFIKATOR, "identifikasjonsnummer", "\\d{2}[4-5]\\d{8}"))) + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(NAVSPERSONIDENTIFIKATOR, METADATA_HISTORISK, false)) + .must(nestedRegexpQuery(NAVSPERSONIDENTIFIKATOR, "identifikasjonsnummer", "\\d{2}[6-7]\\d{8}"))); + } + + private static BoolQueryBuilder addIdenterQuery(Set identer) { + + var query = QueryBuilders.boolQuery(); + identer.forEach(ident -> query + .should(nestedMatchQuery(HENT_IDENTER, "ident", ident)) + ); + return query; + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchPersonQueryUtils.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchPersonQueryUtils.java new file mode 100644 index 00000000000..8036c6cbf60 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchPersonQueryUtils.java @@ -0,0 +1,399 @@ +package no.nav.testnav.dollysearchservice.utils; + +import lombok.experimental.UtilityClass; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import no.nav.testnav.libs.data.pdlforvalter.v1.Identtype; +import org.apache.lucene.search.join.ScoreMode; +import org.opensearch.index.query.BoolQueryBuilder; +import org.opensearch.index.query.QueryBuilders; + +import java.time.LocalDate; +import java.util.Optional; + +import static java.util.Objects.nonNull; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.FOLKEREGISTERIDENTIFIKATOR; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.HENT_IDENTER; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.HISTORISK; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.METADATA_HISTORISK; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.NAVSPERSONIDENTIFIKATOR; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.nestedExistQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.nestedMatchQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.rangeQuery; +import static org.apache.commons.lang3.BooleanUtils.isTrue; +import static org.apache.commons.lang3.StringUtils.isNotBlank; + +@UtilityClass +public class OpenSearchPersonQueryUtils { + + private static final String FAMILIE_RELASJON_PATH = "hentPerson.forelderBarnRelasjon"; + private static final String BOSTEDSADRESSE = "hentPerson.bostedsadresse"; + private static final String OPPHOLDSADRESSE = "hentPerson.oppholdsadresse"; + private static final String KONTAKTADRESSE = "hentPerson.kontaktadresse"; + private static final String VEGADRESSE = "vegadresse"; + private static final String MATRIKKELADRESSE = "matrikkeladresse"; + private static final String UTENLANDSKADRESSE = "utenlandskAdresse"; + private static final String KOMMUNENUMMER = "kommunenummer"; + private static final String POSTNUMMER = "postnummer"; + private static final String BYDELSNUMMER = "bydelsnummer"; + private static final String CONCAT = "%s.%s"; + + public static void addAlderQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + var thisYear = LocalDate.now().getYear(); + if (nonNull(request.getPersonRequest().getAlderFom()) || nonNull(request.getPersonRequest().getAlderTom())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.foedselsdato", METADATA_HISTORISK, false)) + .must(QueryBuilders.nestedQuery("hentPerson.foedselsdato", + QueryBuilders.boolQuery().must( + rangeQuery("hentPerson.foedselsdato.foedselsaar", + Optional.ofNullable(request.getPersonRequest().getAlderTom()) + .map(alderTom -> thisYear - alderTom) + .orElse(null), + Optional.ofNullable(request.getPersonRequest().getAlderFom()) + .map(alderFom -> thisYear - alderFom) + .orElse(null))), ScoreMode.Avg))); + } + } + + public static void addHarBarnQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarBarn())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery(FAMILIE_RELASJON_PATH, METADATA_HISTORISK, false)) + .must(nestedMatchQuery(FAMILIE_RELASJON_PATH, "relatertPersonsRolle", "BARN")) + ); + } + } + + public static void addHarForeldreQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarForeldre())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery(FAMILIE_RELASJON_PATH, METADATA_HISTORISK, false)) + .must(nestedMatchQuery(FAMILIE_RELASJON_PATH, "minRolleForPerson", "BARN")) + ); + } + } + + public static void addSivilstandQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (nonNull(request.getPersonRequest().getSivilstand())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.sivilstand", METADATA_HISTORISK, false)) + .must(nestedMatchQuery("hentPerson.sivilstand", "type", + request.getPersonRequest().getSivilstand().name()) + )); + } + } + + public static void addHarDoedfoedtbarnQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarDoedfoedtBarn())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.doedfoedtBarn", METADATA_HISTORISK, false))); + } + } + + public static void addHarForeldreansvarQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarForeldreAnsvar())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.foreldreansvar", METADATA_HISTORISK, false))); + } + } + + public static void addVergemaalQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarVerge())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.vergemaalEllerFremtidsfullmakt", METADATA_HISTORISK, false))); + } + } + + public static void addDoedsfallQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarDoedsfall())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.doedsfall", METADATA_HISTORISK, false))); + } + } + + public static void addHarInnflyttingQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarInnflytting())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.innflyttingTilNorge", METADATA_HISTORISK, false))); + } + } + + public static void addHarUtflyttingQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarUtflytting())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.utflyttingFraNorge", METADATA_HISTORISK, false))); + } + } + + public static void addAdressebeskyttelseQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(adresse -> nonNull(adresse.getAddressebeskyttelse())) + .ifPresent(adresse -> + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.adressebeskyttelse", METADATA_HISTORISK, false)) + .must(nestedMatchQuery("hentPerson.adressebeskyttelse", "gradering", + adresse.getAddressebeskyttelse().name())) + )); + } + + public static void addHarBostedsadresseQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(adresse -> isTrue(adresse.getHarBostedsadresse())) + .ifPresent(adresse -> + queryBuilder.must(nestedMatchQuery(BOSTEDSADRESSE, METADATA_HISTORISK, false)) + ); + } + + public static void addHarOppholdsadresseQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(adresse -> isTrue(adresse.getHarOppholdsadresse())) + .ifPresent(adresse -> + queryBuilder.must(nestedMatchQuery(OPPHOLDSADRESSE, METADATA_HISTORISK, false)) + ); + } + + public static void addHarKontaktadresseQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(adresse -> isTrue(adresse.getHarKontaktadresse())) + .ifPresent(adresse -> + queryBuilder.must(nestedMatchQuery(KONTAKTADRESSE, METADATA_HISTORISK, false)) + ); + } + + public static BoolQueryBuilder addAdresseQuery(String field, String value) { + + return QueryBuilders.boolQuery() + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(BOSTEDSADRESSE, METADATA_HISTORISK, false)) + .must(QueryBuilders.boolQuery() + .should(nestedMatchQuery(BOSTEDSADRESSE, CONCAT.formatted(VEGADRESSE, field), value)) + .should(nestedMatchQuery(BOSTEDSADRESSE, CONCAT.formatted(MATRIKKELADRESSE, field), value)) + )) + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(OPPHOLDSADRESSE, METADATA_HISTORISK, false)) + .must(QueryBuilders.boolQuery() + .should(nestedMatchQuery(OPPHOLDSADRESSE, CONCAT.formatted(VEGADRESSE, field), value)) + .should(nestedMatchQuery(OPPHOLDSADRESSE, CONCAT.formatted(MATRIKKELADRESSE, field), value)) + )) + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(KONTAKTADRESSE, METADATA_HISTORISK, false)) + .must(nestedMatchQuery(KONTAKTADRESSE, CONCAT.formatted(VEGADRESSE, field), value)) + ); + } + + public static void addAdresseKommunenrQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(adresse -> isNotBlank(adresse.getKommunenummer())) + .ifPresent(adresse -> + queryBuilder.must(QueryBuilders.boolQuery() + .should(addAdresseQuery(KOMMUNENUMMER, adresse.getKommunenummer())) + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(BOSTEDSADRESSE, METADATA_HISTORISK, false)) + .must(nestedMatchQuery(BOSTEDSADRESSE, "ukjentBosted.bostedskommune", adresse.getKommunenummer())) + ))); + } + + public static void addAdressePostnrQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(adresse -> isNotBlank(adresse.getPostnummer())) + .ifPresent(adresse -> + queryBuilder.must(QueryBuilders.boolQuery() + .should(addAdresseQuery(POSTNUMMER, adresse.getPostnummer())) + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(KONTAKTADRESSE, METADATA_HISTORISK, false)) + .must(nestedMatchQuery(KONTAKTADRESSE, "postboksadresse." + POSTNUMMER, adresse.getPostnummer())) + ))); + } + + public static void addAdresseBydelsnrQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(adresse -> isNotBlank(adresse.getBydelsnummer())) + .ifPresent(adresse -> + queryBuilder.must(addAdresseQuery(BYDELSNUMMER, adresse.getBydelsnummer()) + )); + } + + public static void addHarAdresseBydelsnummerQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(adresse -> isTrue(adresse.getHarBydelsnummer())) + .ifPresent(adresse -> + queryBuilder.must(QueryBuilders.boolQuery() + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(BOSTEDSADRESSE, METADATA_HISTORISK, false)) + .must(QueryBuilders.boolQuery() + .should(nestedExistQuery(BOSTEDSADRESSE, CONCAT.formatted(VEGADRESSE, BYDELSNUMMER))) + .should(nestedExistQuery(BOSTEDSADRESSE, CONCAT.formatted(MATRIKKELADRESSE, BYDELSNUMMER))))) + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(OPPHOLDSADRESSE, METADATA_HISTORISK, false)) + .must(QueryBuilders.boolQuery() + .should(nestedExistQuery(OPPHOLDSADRESSE, CONCAT.formatted(VEGADRESSE, BYDELSNUMMER))) + .should(nestedExistQuery(OPPHOLDSADRESSE, CONCAT.formatted(MATRIKKELADRESSE, BYDELSNUMMER))))) + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(KONTAKTADRESSE, METADATA_HISTORISK, false)) + .must(nestedExistQuery(KONTAKTADRESSE, CONCAT.formatted(VEGADRESSE, BYDELSNUMMER)))) + )); + } + + public static void addAdresseUtlandQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(boadresse -> isTrue(boadresse.getHarUtenlandsadresse())) + .ifPresent(boadresse -> + queryBuilder.must(QueryBuilders.boolQuery() + .should(QueryBuilders.boolQuery() + .must(nestedExistQuery(BOSTEDSADRESSE, UTENLANDSKADRESSE)) + .must(nestedMatchQuery(BOSTEDSADRESSE, METADATA_HISTORISK, false))) + .should(QueryBuilders.boolQuery() + .must(nestedExistQuery(OPPHOLDSADRESSE, UTENLANDSKADRESSE)) + .must(nestedMatchQuery(OPPHOLDSADRESSE, METADATA_HISTORISK, false))) + .should(QueryBuilders.boolQuery() + .must(nestedExistQuery(KONTAKTADRESSE, UTENLANDSKADRESSE)) + .must(nestedMatchQuery(KONTAKTADRESSE, METADATA_HISTORISK, false)) + ))); + } + + public static void addAdresseMatrikkelQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(boadresse -> isTrue(boadresse.getHarMatrikkeladresse())) + .ifPresent(boadresse -> + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery(BOSTEDSADRESSE, METADATA_HISTORISK, false)) + .must(nestedExistQuery(BOSTEDSADRESSE, MATRIKKELADRESSE)) + )); + } + + public static void addHarBostedUkjentQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(boadresse -> isTrue(boadresse.getHarUkjentAdresse())) + .ifPresent(boadresse -> + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery(BOSTEDSADRESSE, METADATA_HISTORISK, false)) + .must(nestedExistQuery(BOSTEDSADRESSE, "ukjentBosted")) + )); + } + + public static void addHarDeltBostedQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest().getAdresse()) + .filter(adresse -> isTrue(adresse.getHarDeltBosted())) + .ifPresent(adresse -> + queryBuilder.must(nestedMatchQuery("hentPerson.deltBosted", METADATA_HISTORISK, false)) + ); + } + + public static void addHarKontaktinformasjonForDoedsboQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarKontaktinformasjonForDoedsbo())) { + queryBuilder.must(nestedMatchQuery("hentPerson.kontaktinformasjonForDoedsbo", METADATA_HISTORISK, false)); + } + } + + public static void addHarUtenlandskIdentifikasjonsnummerQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarUtenlandskIdentifikasjonsnummer())) { + queryBuilder.must(nestedMatchQuery("hentPerson.utenlandskIdentifikasjonsnummer", METADATA_HISTORISK, false)); + } + } + + public static void addHarFalskIdentitetQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarFalskIdentitet())) { + queryBuilder.must(nestedMatchQuery("hentPerson.falskIdentitet", METADATA_HISTORISK, false)); + } + } + + public static void addHarTilrettelagtKommunikasjonQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarTilrettelagtKommunikasjon())) { + queryBuilder.must(nestedMatchQuery("hentPerson.tilrettelagtKommunikasjon", METADATA_HISTORISK, false)); + } + } + + public static void addHarSikkerhetstiltakQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarSikkerhetstiltak())) { + queryBuilder.must(nestedMatchQuery("hentPerson.sikkerhetstiltak", METADATA_HISTORISK, false)); + } + } + + public static void addStatsborgerskapQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isNotBlank(request.getPersonRequest().getStatsborgerskap())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.statsborgerskap", METADATA_HISTORISK, false)) + .must(nestedMatchQuery("hentPerson.statsborgerskap", "land", + request.getPersonRequest().getStatsborgerskap())) + ); + } + } + + public static void addHarOppholdQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarOpphold())) { + queryBuilder.must(nestedMatchQuery("hentPerson.opphold", METADATA_HISTORISK, false)); + } + } + + public static void addHarNyIdentitetQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (isTrue(request.getPersonRequest().getHarNyIdentitet())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery(HENT_IDENTER, HISTORISK, false)) + .must(nestedMatchQuery(HENT_IDENTER, HISTORISK, true)) + ); + } + } + + public static void addKjoennQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (nonNull(request.getPersonRequest().getKjoenn())) { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery("hentPerson.kjoenn", METADATA_HISTORISK, false)) + .must(nestedMatchQuery("hentPerson.kjoenn", "kjoenn", + request.getPersonRequest().getKjoenn().name())) + ); + } + } + + public static void addIdenttypeQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + if (nonNull(request.getPersonRequest().getIdenttype())) { + if (request.getPersonRequest().getIdenttype() == Identtype.NPID) { + queryBuilder.must(QueryBuilders.boolQuery() + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(NAVSPERSONIDENTIFIKATOR, METADATA_HISTORISK, false)) + .must(nestedExistQuery(NAVSPERSONIDENTIFIKATOR, "identifikasjonsnummer")) + ) + .should(QueryBuilders.boolQuery() + .must(nestedMatchQuery(HENT_IDENTER, HISTORISK, false)) + .must(nestedMatchQuery(HENT_IDENTER, "gruppe", "NPID")) + ) + ); + } else { + queryBuilder.must(QueryBuilders.boolQuery() + .must(nestedMatchQuery(FOLKEREGISTERIDENTIFIKATOR, METADATA_HISTORISK, false)) + .must(nestedMatchQuery(FOLKEREGISTERIDENTIFIKATOR, "type", + request.getPersonRequest().getIdenttype().name()))); + } + } + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryBuilder.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryBuilder.java new file mode 100644 index 00000000000..55aafac8e22 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryBuilder.java @@ -0,0 +1,115 @@ +package no.nav.testnav.dollysearchservice.utils; + +import lombok.experimental.UtilityClass; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import org.opensearch.index.query.BoolQueryBuilder; +import org.opensearch.index.query.QueryBuilders; +import org.opensearch.index.query.functionscore.FunctionScoreQueryBuilder; +import org.opensearch.index.query.functionscore.RandomScoreFunctionBuilder; + +import java.security.SecureRandom; +import java.util.Optional; +import java.util.Random; + +import static java.util.Objects.isNull; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchIdenterQueryUtils.addIdenterIdentifier; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addAdresseBydelsnrQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addAdresseKommunenrQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addAdresseMatrikkelQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addAdressePostnrQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addAdresseUtlandQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addAdressebeskyttelseQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addAlderQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addDoedsfallQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarAdresseBydelsnummerQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarBarnQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarBostedUkjentQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarBostedsadresseQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarDeltBostedQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarDoedfoedtbarnQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarFalskIdentitetQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarForeldreQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarForeldreansvarQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarInnflyttingQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarKontaktadresseQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarKontaktinformasjonForDoedsboQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarNyIdentitetQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarOppholdQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarOppholdsadresseQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarSikkerhetstiltakQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarTilrettelagtKommunikasjonQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarUtenlandskIdentifikasjonsnummerQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addHarUtflyttingQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addIdenttypeQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addKjoennQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addSivilstandQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addStatsborgerskapQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchPersonQueryUtils.addVergemaalQuery; + +@UtilityClass +public class OpenSearchQueryBuilder { + + private static final Random SEED = new SecureRandom(); + + public static BoolQueryBuilder buildSearchQuery(SearchRequest request) { + + var queryBuilder = QueryBuilders.boolQuery() + .must(getRandomScoreQueryBuilder(request)) + .must(addIdenterIdentifier(request)); + + setPersonQuery(queryBuilder, request); + + return queryBuilder; + } + + private static void setPersonQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { + + Optional.ofNullable(request.getPersonRequest()) + .ifPresent(value -> { + + addAlderQuery(queryBuilder, request); + addHarBarnQuery(queryBuilder, request); + addHarForeldreQuery(queryBuilder, request); + addSivilstandQuery(queryBuilder, request); + addHarDoedfoedtbarnQuery(queryBuilder, request); + addHarForeldreansvarQuery(queryBuilder, request); + addVergemaalQuery(queryBuilder, request); + addDoedsfallQuery(queryBuilder, request); + addHarInnflyttingQuery(queryBuilder, request); + addHarUtflyttingQuery(queryBuilder, request); + addAdressebeskyttelseQuery(queryBuilder, request); + addHarBostedsadresseQuery(queryBuilder, request); + addHarOppholdsadresseQuery(queryBuilder, request); + addHarKontaktadresseQuery(queryBuilder, request); + addAdressebeskyttelseQuery(queryBuilder, request); + addAdresseKommunenrQuery(queryBuilder, request); + addAdressePostnrQuery(queryBuilder, request); + addAdresseBydelsnrQuery(queryBuilder, request); + addHarAdresseBydelsnummerQuery(queryBuilder, request); + addAdresseUtlandQuery(queryBuilder, request); + addAdresseMatrikkelQuery(queryBuilder, request); + addHarBostedUkjentQuery(queryBuilder, request); + addHarDeltBostedQuery(queryBuilder, request); + addHarKontaktinformasjonForDoedsboQuery(queryBuilder, request); + addHarUtenlandskIdentifikasjonsnummerQuery(queryBuilder, request); + addHarFalskIdentitetQuery(queryBuilder, request); + addHarTilrettelagtKommunikasjonQuery(queryBuilder, request); + addHarSikkerhetstiltakQuery(queryBuilder, request); + addStatsborgerskapQuery(queryBuilder, request); + addHarOppholdQuery(queryBuilder, request); + addHarNyIdentitetQuery(queryBuilder, request); + addKjoennQuery(queryBuilder, request); + addIdenttypeQuery(queryBuilder, request); + }); + } + + private static FunctionScoreQueryBuilder getRandomScoreQueryBuilder(SearchRequest request) { + + if (isNull(request.getSeed())){ + request.setSeed(SEED.nextInt()); + } + + return QueryBuilders.functionScoreQuery(new RandomScoreFunctionBuilder() + .seed(request.getSeed())); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryUtils.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryUtils.java new file mode 100644 index 00000000000..7cf100b78da --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryUtils.java @@ -0,0 +1,51 @@ +package no.nav.testnav.dollysearchservice.utils; + +import lombok.experimental.UtilityClass; +import org.apache.lucene.search.join.ScoreMode; +import org.opensearch.index.query.QueryBuilder; +import org.opensearch.index.query.QueryBuilders; + +@UtilityClass +public class OpenSearchQueryUtils { + + public static final String HENT_IDENTER = "hentIdenter.identer"; + public static final String HISTORISK = "historisk"; + public static final String METADATA_HISTORISK = "metadata.historisk"; + public static final String FOLKEREGISTERIDENTIFIKATOR = "hentPerson.folkeregisteridentifikator"; + public static final String NAVSPERSONIDENTIFIKATOR = "hentPerson.navspersonidentifikator"; + + public static QueryBuilder rangeQuery(String field, Integer value1, Integer value2) { + + return QueryBuilders.rangeQuery(field).from(value1).to(value2); + } + + public static QueryBuilder matchQuery(String field, Object value) { + + return QueryBuilders.matchQuery(field, value); + } + + public static QueryBuilder existQuery(String field) { + + return QueryBuilders.existsQuery(field); + } + + public static QueryBuilder regexpQuery(String field, String value) { + + return QueryBuilders.regexpQuery(field, value); + } + + public static QueryBuilder nestedRegexpQuery(String path, String field, String value) { + + return QueryBuilders.nestedQuery(path, regexpQuery("%s.%s".formatted(path, field), value), ScoreMode.Avg); + } + + public static QueryBuilder nestedMatchQuery(String path, String field, Object value) { + + return QueryBuilders.nestedQuery(path, matchQuery("%s.%s".formatted(path, field), value), ScoreMode.Avg); + } + + public static QueryBuilder nestedExistQuery(String path, String field) { + + return QueryBuilders.nestedQuery(path, existQuery(path + '.' + field), ScoreMode.Avg); + } +} diff --git a/apps/dolly-search-service/src/main/resources/application-local.yml b/apps/dolly-search-service/src/main/resources/application-local.yml new file mode 100644 index 00000000000..f3ed84e8daf --- /dev/null +++ b/apps/dolly-search-service/src/main/resources/application-local.yml @@ -0,0 +1,13 @@ +AZURE_APP_CLIENT_ID: ${sm\://azure-app-client-id} +AZURE_APP_CLIENT_SECRET: ${sm\://azure-app-client-secret} +TOKEN_X_ISSUER: https://tokenx.dev-gcp.nav.cloud.nais.io + +spring: + config: + import: "sm://" + +consumers: + dolly-backend: + url: https://dolly-backend.intern.dev.nav.no + dolly-backend-dev: + url: https://dolly-backend-dev.intern.dev.nav.no \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/resources/application-prod.yml b/apps/dolly-search-service/src/main/resources/application-prod.yml new file mode 100644 index 00000000000..37735b8c79c --- /dev/null +++ b/apps/dolly-search-service/src/main/resources/application-prod.yml @@ -0,0 +1,3 @@ +testnorge: + analyse: + enabled: true diff --git a/apps/dolly-search-service/src/main/resources/application.yml b/apps/dolly-search-service/src/main/resources/application.yml new file mode 100644 index 00000000000..a55c76a9699 --- /dev/null +++ b/apps/dolly-search-service/src/main/resources/application.yml @@ -0,0 +1,55 @@ +AAD_ISSUER_URI: https://login.microsoftonline.com/62366534-1ec3-4962-8869-9b5535279d0b + +spring: + application: + name: testnav-dolly-search-service + description: Tjeneste for å søke etter Dolly-personer. + security: + oauth2: + resourceserver: + aad: + issuer-uri: ${AAD_ISSUER_URI}/v2.0 + jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + tokenx: + issuer-uri: ${TOKEN_X_ISSUER} + jwk-set-uri: ${TOKEN_X_JWKS_URI} + accepted-audience: ${TOKEN_X_CLIENT_ID} + +springdoc: + swagger-ui: + disable-swagger-default-url: true + url: /v3/api-docs + +consumers: + testnav-pdl-proxy: + name: testnav-pdl-proxy + namespace: dolly + url: https://testnav-pdl-proxy.dev-fss-pub.nais.io + cluster: dev-fss + +management: + health: + elasticsearch: + enabled: false + endpoints: + enabled-by-default: true + web: + base-path: /internal + exposure: + include: prometheus,health + path-mapping: + prometheus: metrics + endpoint: + prometheus: + enabled: true + prometheus: + metrics: + export: + enabled: true +server: + servlet: + encoding: + charset: UTF-8 + error: + include-message: always \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/resources/logback-spring.xml b/apps/dolly-search-service/src/main/resources/logback-spring.xml new file mode 100644 index 00000000000..7f81f72aa83 --- /dev/null +++ b/apps/dolly-search-service/src/main/resources/logback-spring.xml @@ -0,0 +1,41 @@ + + + + + + + true + + 10280 + 20 + ^sun\.reflect\..*\.invoke + ^net\.sf\.cglib\.proxy\.MethodProxy\.invoke + java\.util\.concurrent\..* + org\.apache\.catalina\..* + org\.apache\.coyote\..* + org\.apache\.tomcat\..* + + + + + + + + + + + + + %d{HH:mm:ss.SSS} | %5p | %logger{25} | %m%n + + utf8 + + + + + + + + + \ No newline at end of file diff --git a/apps/dolly-search-service/src/test/java/no/nav/testnav/dollysearchservice/ApplicationContextTest.java b/apps/dolly-search-service/src/test/java/no/nav/testnav/dollysearchservice/ApplicationContextTest.java new file mode 100644 index 00000000000..b8ab4cf8efc --- /dev/null +++ b/apps/dolly-search-service/src/test/java/no/nav/testnav/dollysearchservice/ApplicationContextTest.java @@ -0,0 +1,22 @@ +package no.nav.testnav.dollysearchservice; + +import org.junit.jupiter.api.Disabled; +import org.junit.jupiter.api.Test; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.security.oauth2.jwt.JwtDecoder; +import org.springframework.test.context.ActiveProfiles; +import org.springframework.test.context.bean.override.mockito.MockitoBean; + +@Disabled +@SpringBootTest +@ActiveProfiles("test") +class ApplicationContextTest { + + @MockitoBean + public JwtDecoder jwtDecoder; + + @Test + @SuppressWarnings("java:S2699") + void load_app_context() { + } +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/test/resources/application-test.yml b/apps/dolly-search-service/src/test/resources/application-test.yml new file mode 100644 index 00000000000..34d5811b26d --- /dev/null +++ b/apps/dolly-search-service/src/test/resources/application-test.yml @@ -0,0 +1 @@ +TOKEN_X_ISSUER: https://tokenx.dev-gcp.nav.cloud.nais.io diff --git a/libs/data-transfer-search-objects/build.gradle b/libs/data-transfer-search-objects/build.gradle index 0ed6e488199..0f4335af098 100644 --- a/libs/data-transfer-search-objects/build.gradle +++ b/libs/data-transfer-search-objects/build.gradle @@ -11,6 +11,7 @@ sonarqube { } dependencies { + implementation "no.nav.testnav.libs:data-transfer-objects" implementation 'com.fasterxml.jackson.core:jackson-annotations' implementation 'com.fasterxml.jackson.core:jackson-databind' implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-xml' diff --git a/libs/data-transfer-search-objects/settings.gradle b/libs/data-transfer-search-objects/settings.gradle index a1b6cd81d41..c64e942de3d 100644 --- a/libs/data-transfer-search-objects/settings.gradle +++ b/libs/data-transfer-search-objects/settings.gradle @@ -5,6 +5,7 @@ plugins { rootProject.name = 'data-transfer-search-objects' includeBuild "../../plugins/java" +includeBuild '../../libs/data-transfer-objects' develocity { buildScan { diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/PersonRequest.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/PersonRequest.java new file mode 100644 index 00000000000..4e873f4d09f --- /dev/null +++ b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/PersonRequest.java @@ -0,0 +1,67 @@ +package no.nav.testnav.libs.data.dollysearchservice.v1; + +import io.swagger.v3.oas.annotations.media.Schema; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; +import no.nav.testnav.libs.data.pdlforvalter.v1.AdressebeskyttelseDTO; +import no.nav.testnav.libs.data.pdlforvalter.v1.Identtype; +import no.nav.testnav.libs.data.pdlforvalter.v1.KjoennDTO; +import no.nav.testnav.libs.data.pdlforvalter.v1.SivilstandDTO; + +@Data +@Builder +@AllArgsConstructor +@NoArgsConstructor(force = true) +public class PersonRequest { + + private Identtype identtype; + private KjoennDTO.Kjoenn kjoenn; + private Integer alderFom; + private Integer alderTom; + private SivilstandDTO.Sivilstand sivilstand; + + private Boolean harBarn; + private Boolean harForeldre; + private Boolean harDoedfoedtBarn; + private Boolean harForeldreAnsvar; + private Boolean harVerge; + private Boolean harDoedsfall; + private Boolean harInnflytting; + private Boolean harUtflytting; + private Boolean harKontaktinformasjonForDoedsbo; + private Boolean harUtenlandskIdentifikasjonsnummer; + private Boolean harFalskIdentitet; + private Boolean harTilrettelagtKommunikasjon; + private Boolean harSikkerhetstiltak; + private Boolean harOpphold; + @Schema(description = "landkode") + private String statsborgerskap; + private Boolean harNyIdentitet; + + private AdresseRequest adresse; + + @Data + @Builder + @AllArgsConstructor + @NoArgsConstructor(force = true) + public static class AdresseRequest { + + private AdressebeskyttelseDTO.AdresseBeskyttelse addressebeskyttelse; + + private String kommunenummer; + private String postnummer; + private String bydelsnummer; + + private Boolean harBydelsnummer; + private Boolean harUtenlandsadresse; + private Boolean harMatrikkeladresse; + private Boolean harUkjentAdresse; + private Boolean harDeltBosted; + + private Boolean harBostedsadresse; + private Boolean harKontaktadresse; + private Boolean harOppholdsadresse; + } +} \ No newline at end of file diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchRequest.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchRequest.java new file mode 100644 index 00000000000..53a13db963c --- /dev/null +++ b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchRequest.java @@ -0,0 +1,40 @@ +package no.nav.testnav.libs.data.dollysearchservice.v1; + +import io.swagger.v3.oas.annotations.media.Schema; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.HashSet; +import java.util.Set; + +import static java.util.Objects.isNull; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class SearchRequest { + + @Schema(description = "Sidenummer") + private Integer side; + @Schema(description = "Antall resultater per side") + private Integer antall; + @Schema(description = "Seed for paginering") + private Integer seed; + + @Schema(description = "Persondetaljer") + private PersonRequest personRequest; + + @Schema(description = "Identer fra registre") + private Set identer; + + public Set getIdenter() { + + if (isNull(identer)) { + identer = new HashSet<>(); + } + return identer; + } +} diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchResponse.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchResponse.java new file mode 100644 index 00000000000..d43b4841b42 --- /dev/null +++ b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchResponse.java @@ -0,0 +1,24 @@ +package no.nav.testnav.libs.data.dollysearchservice.v1; + +import com.fasterxml.jackson.databind.JsonNode; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.List; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class SearchResponse { + + private Long totalHits; + private String took; + private Integer side; + private Integer antall; + private Integer seed; + private List personer; + private String error; +} \ No newline at end of file diff --git a/plugins/java/src/main/groovy/dolly-versions.gradle b/plugins/java/src/main/groovy/dolly-versions.gradle index 822c0841829..9979b378763 100644 --- a/plugins/java/src/main/groovy/dolly-versions.gradle +++ b/plugins/java/src/main/groovy/dolly-versions.gradle @@ -31,7 +31,7 @@ class DollyVersionCatalog { String logback = "8.0" String mq = "3.3.5" String okhttp = "4.12.0" - String opensearch = "1.6.0" + String opensearch = "1.6.1" String orika = "1.5.4" String reactorSpring = "1.0.1.RELEASE" String reactorTest = "3.7.1" diff --git a/proxies/pdl-proxy/config.yml b/proxies/pdl-proxy/config.yml index 64a77463673..31d0ff9ecd5 100644 --- a/proxies/pdl-proxy/config.yml +++ b/proxies/pdl-proxy/config.yml @@ -19,8 +19,11 @@ metadata: labels: team: dolly annotations: - nginx.ingress.kubernetes.io/proxy-read-timeout: "2400" - nginx.ingress.kubernetes.io/proxy-send-timeout: "2400" + nginx.ingress.kubernetes.io/proxy-read-timeout: "240" + nginx.ingress.kubernetes.io/proxy-send-timeout: "240" + nginx.ingress.kubernetes.io/proxy-body-size: "8m" + nginx.ingress.kubernetes.io/proxy-buffer-size: "8m" + nginx.ingress.kubernetes.io/client-body-buffer-size: "8m" spec: image: "{{image}}" port: 8080 @@ -65,6 +68,8 @@ spec: cluster: dev-gcp - application: testnav-levende-arbeidsforhold-ansettelse cluster: dev-gcp + - application: testnav-dolly-search-service + cluster: dev-gcp outbound: rules: - application: pdl-testdata diff --git a/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/PdlProxyApplicationStarter.java b/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/PdlProxyApplicationStarter.java index 550ac31e673..33a6b602ef0 100644 --- a/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/PdlProxyApplicationStarter.java +++ b/proxies/pdl-proxy/src/main/java/no/nav/testnav/proxies/pdlproxy/PdlProxyApplicationStarter.java @@ -75,5 +75,4 @@ private Function> createRoute(ServerProperties s .map(AccessToken::getTokenValue)); return createRoute(segment, host, filter); } - -} +} \ No newline at end of file From caa23d010ccd801549e730bdc0645af9e3decc8f Mon Sep 17 00:00:00 2001 From: Cato Olsen Date: Wed, 26 Feb 2025 07:46:09 +0100 Subject: [PATCH 02/13] bugfix/dolly-backend-testing (#3763) * Revert "Revert "Moved dependency on no.nav.testnav.libs:testing from plugins to builds, for consistency and readability. (#3759)"" This reverts commit abd54f5b * Fix: Corrected accepted-audience format in application.yml files across multiple services. * Added AZURE_APP_CLIENT_ID to list of dummy placeholders. * Removed unused jwkSetUri field. * - Added autoconfiguration for subclasses of ResourceServerProperties, with test profile beans. - Added autoconfiguration for GetAuthenticatedResourceServerType, GetAuthenticatedToken. * Removed Test subclasses (now being handled lower in the stack). * - Reverted some common local and test profile configuration that only affected one particular app. - Added AZURE_TRYGDEETATEN_* dummy values for test profile, for proxies using AzureTrygdeetatenTokenService bean. * GetAuthenticatedUserId (as used by autoconfiguration of AzureTrygdeetatenTokenService) is now autoconfigured. * Minor cleanup of four(!) different ResourceServerProperties implementations, one of which is unused. * - Added more output on failing integration test health check. - Added triggers on integration test workflow(s). * - Disabling Secret Manager for tokendings-mock. - Adding required dummy values for testnav-altinn3-tilgang-service/testnav-bruker-service in integration test docker-compose.yml. --- .github/workflows/common.integration-test.yml | 3 +- .github/workflows/integration-tests.yml | 2 + apps/adresse-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/altinn3-tilgang-service/build.gradle | 1 + .../src/main/resources/application-local.yml | 1 + apps/amelding-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/app-tilgang-analyse-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/arbeidsforhold-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/batch-bestilling-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/brreg-stub/build.gradle | 1 + apps/bruker-service/build.gradle | 1 + .../src/main/resources/application-local.yml | 2 + .../src/test/resources/application-test.yml | 3 + apps/budpro-service/build.gradle | 1 + apps/dolly-backend/build.gradle | 66 +++++------ apps/dolly-backend/settings.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/dolly-frontend/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../src/test/resources/application-test.yml | 2 + apps/dollystatus/build.gradle | 2 + apps/endringsmelding-frontend/build.gradle | 5 +- apps/endringsmelding-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/faste-data-frontend/build.gradle | 5 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/generer-navn-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/helsepersonell-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/inntektsmelding-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../jenkins-batch-status-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/joark-dokument-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/kodeverk-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 7 +- .../settings.gradle | 4 +- .../src/main/resources/application.yml | 2 +- apps/miljoer-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/organisasjon-forvalter/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/organisasjon-mottak-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/organisasjon-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/orgnummer-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/oversikt-frontend/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/pdl-forvalter/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/person-faste-data-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/person-search-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/person-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/profil-api/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/skattekort-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/sykemelding-api/build.gradle | 1 + apps/synt-sykemelding-api/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/tenor-search-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/testnav-ident-pool/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/tilbakemelding-api/build.gradle | 1 + .../src/main/resources/application-local.yml | 3 + .../src/main/resources/application.yml | 2 +- apps/tps-messaging-service/build.gradle | 1 + apps/udi-stub/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../src/main/resources/logback-spring.xml | 2 + apps/varslinger-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- docker-compose.yml | 3 + .../GetAuthenticatedAutoConfiguration.java | 49 +++++++++ .../GetAuthenticatedResourceServerType.java | 3 +- .../action/GetAuthenticatedToken.java | 11 +- .../action/GetAuthenticatedUserId.java | 23 ++-- .../TokenServiceAutoConfiguration.java | 43 +------- .../azuread/AzureNavTokenService.java | 1 + .../exchange/azuread/AzureTokenService.java | 1 + .../AzureTrygdeetatenTokenService.java | 1 + .../AzureAdResourceServerProperties.java | 7 +- .../properties/ResourceServerProperties.java | 3 +- ...urceServerPropertiesAutoConfiguration.java | 103 ++++++++++++++++++ .../TokenxResourceServerProperties.java | 7 +- ...etatenAzureAdResourceServerProperties.java | 6 - ...ot.autoconfigure.AutoConfiguration.imports | 4 +- .../properties/ResourceServerProperties.java | 17 --- .../properties/ResourceServerProperties.java | 3 +- .../properties/ResourceServerProperties.java | 3 +- ...ironmentApplicationContextInitializer.java | 17 ++- .../src/main/resources/application.yml | 6 +- .../java/src/main/groovy/dolly-apps.gradle | 1 - .../java/src/main/groovy/dolly-proxies.gradle | 1 - proxies/aareg-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../aareg-synt-services-proxy/build.gradle | 4 + .../src/main/resources/application.yml | 2 +- proxies/altinn3-tilgang-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/arbeidsplassencv-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/arena-forvalteren-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/batch-adeo-proxy/build.gradle | 4 + .../src/main/resources/application.yml | 2 +- proxies/brregstub-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/dokarkiv-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/ereg-proxy/build.gradle | 4 + .../src/main/resources/application.yml | 2 +- proxies/fullmakt-proxy/build.gradle | 1 + proxies/histark-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/inntektstub-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/inst-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../kontoregister-person-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/krrstub-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/medl-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/norg2-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/pdl-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/saf-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/sigrunstub-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/skjermingsregister-proxy/build.gradle | 5 +- .../src/main/resources/application.yml | 2 +- proxies/sykemelding-proxy/build.gradle | 9 +- .../synthdata-meldekort-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/udistub-proxy/build.gradle | 5 +- .../src/main/resources/application.yml | 2 +- proxies/yrkesskade-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- 181 files changed, 422 insertions(+), 237 deletions(-) create mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java create mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java delete mode 100644 libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java diff --git a/.github/workflows/common.integration-test.yml b/.github/workflows/common.integration-test.yml index 8246c29c8d2..a0fc560f8a9 100644 --- a/.github/workflows/common.integration-test.yml +++ b/.github/workflows/common.integration-test.yml @@ -41,8 +41,7 @@ jobs: - name: "Health check" timeout-minutes: 5 run: | - echo Wait on service... - bash -c 'while [[ "$(curl --connect-timeout 2 -s -o /dev/null -w ''%{http_code}'' ${{ inputs.healthcheck }})" != "200" ]]; do echo ...; sleep 5; done; echo Service is up;' + bash -c 'while true; do status=$(curl --connect-timeout 2 -s -o /dev/null -w ''%{http_code}'' ${{ inputs.healthcheck }}); if [ "$status" -eq 200 ]; then echo Service is up; break; else echo "HTTP status: $status"; sleep 5; fi; done;' - name: "Run integration tests" uses: gradle/actions/setup-gradle@v3 with: diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index e7f6e7bb121..4543a7ca9cd 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -2,6 +2,8 @@ name: Integration Tests on: push: paths: + - ".github/workflows/common.integration-test.yml" + - ".github/workflows/integration-tests.yml" - "apps/altinn3-tilgang-service/**" - "apps/bruker-service/**" - "mocks/maskinporten-mock/**" diff --git a/apps/adresse-service/build.gradle b/apps/adresse-service/build.gradle index 3ce1a306707..930229aed1f 100644 --- a/apps/adresse-service/build.gradle +++ b/apps/adresse-service/build.gradle @@ -14,6 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/adresse-service/src/main/resources/application.yml b/apps/adresse-service/src/main/resources/application.yml index 9b742cb296e..f8e6d566064 100644 --- a/apps/adresse-service/src/main/resources/application.yml +++ b/apps/adresse-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/altinn3-tilgang-service/build.gradle b/apps/altinn3-tilgang-service/build.gradle index cf1162f4ca0..e119bd6550e 100644 --- a/apps/altinn3-tilgang-service/build.gradle +++ b/apps/altinn3-tilgang-service/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/altinn3-tilgang-service/src/main/resources/application-local.yml b/apps/altinn3-tilgang-service/src/main/resources/application-local.yml index c5b0c3f2556..14aefd2f0bb 100644 --- a/apps/altinn3-tilgang-service/src/main/resources/application-local.yml +++ b/apps/altinn3-tilgang-service/src/main/resources/application-local.yml @@ -1,3 +1,4 @@ +ALTINN_URL: ${sm\://azure-openid-config-token-endpoint} MASKINPORTEN_CLIENT_ID: ef2960de-7fa6-4396-80a5-2eca00e4af28 MASKINPORTEN_SCOPES: altinn:resourceregistry/accesslist.read altinn:resourceregistry/accesslist.write altinn:accessmanagement/authorizedparties.resourceowner diff --git a/apps/amelding-service/build.gradle b/apps/amelding-service/build.gradle index cbe63f5c3c0..a3c8b11228e 100644 --- a/apps/amelding-service/build.gradle +++ b/apps/amelding-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/amelding-service/src/main/resources/application.yml b/apps/amelding-service/src/main/resources/application.yml index 2ee2afe36e4..7d2b487d7b3 100644 --- a/apps/amelding-service/src/main/resources/application.yml +++ b/apps/amelding-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/app-tilgang-analyse-service/build.gradle b/apps/app-tilgang-analyse-service/build.gradle index aabf1cef55e..44bcccfe361 100644 --- a/apps/app-tilgang-analyse-service/build.gradle +++ b/apps/app-tilgang-analyse-service/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/app-tilgang-analyse-service/src/main/resources/application.yml b/apps/app-tilgang-analyse-service/src/main/resources/application.yml index b9c6c9f0aab..a5e560b2ad7 100644 --- a/apps/app-tilgang-analyse-service/src/main/resources/application.yml +++ b/apps/app-tilgang-analyse-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/arbeidsforhold-service/build.gradle b/apps/arbeidsforhold-service/build.gradle index d63025e02c3..232680b1ac2 100644 --- a/apps/arbeidsforhold-service/build.gradle +++ b/apps/arbeidsforhold-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/arbeidsforhold-service/src/main/resources/application.yml b/apps/arbeidsforhold-service/src/main/resources/application.yml index 226cff6e713..99aafa1f5d4 100644 --- a/apps/arbeidsforhold-service/src/main/resources/application.yml +++ b/apps/arbeidsforhold-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/batch-bestilling-service/build.gradle b/apps/batch-bestilling-service/build.gradle index fd98618053d..02ce90d9971 100644 --- a/apps/batch-bestilling-service/build.gradle +++ b/apps/batch-bestilling-service/build.gradle @@ -18,6 +18,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/batch-bestilling-service/src/main/resources/application.yml b/apps/batch-bestilling-service/src/main/resources/application.yml index abd377c1c07..b7796a56618 100644 --- a/apps/batch-bestilling-service/src/main/resources/application.yml +++ b/apps/batch-bestilling-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/brreg-stub/build.gradle b/apps/brreg-stub/build.gradle index bc61e6fc95b..235490c398d 100644 --- a/apps/brreg-stub/build.gradle +++ b/apps/brreg-stub/build.gradle @@ -27,6 +27,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:vault" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-web-services" diff --git a/apps/bruker-service/build.gradle b/apps/bruker-service/build.gradle index d968fb66030..f183040ae28 100644 --- a/apps/bruker-service/build.gradle +++ b/apps/bruker-service/build.gradle @@ -27,6 +27,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/bruker-service/src/main/resources/application-local.yml b/apps/bruker-service/src/main/resources/application-local.yml index 03ed912b26a..b5ba988c8b6 100644 --- a/apps/bruker-service/src/main/resources/application-local.yml +++ b/apps/bruker-service/src/main/resources/application-local.yml @@ -1,3 +1,5 @@ +CRYPTOGRAPHY_SECRET: dummy +JWT_SECRET: dummy TOKEN_X_CLIENT_ID: dev-gcp:dolly:testnav-bruker-service-dev spring: diff --git a/apps/bruker-service/src/test/resources/application-test.yml b/apps/bruker-service/src/test/resources/application-test.yml index cf96147fb34..b9d16b83133 100644 --- a/apps/bruker-service/src/test/resources/application-test.yml +++ b/apps/bruker-service/src/test/resources/application-test.yml @@ -1,3 +1,6 @@ +CRYPTOGRAPHY_SECRET: dummy +JWT_SECRET: dummy + spring: flyway: url: jdbc:h2:mem:testdb diff --git a/apps/budpro-service/build.gradle b/apps/budpro-service/build.gradle index 4fc43f98721..2b9d223ff1f 100644 --- a/apps/budpro-service/build.gradle +++ b/apps/budpro-service/build.gradle @@ -10,6 +10,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/dolly-backend/build.gradle b/apps/dolly-backend/build.gradle index 3984b2d70ed..8aadfe7b669 100644 --- a/apps/dolly-backend/build.gradle +++ b/apps/dolly-backend/build.gradle @@ -10,54 +10,56 @@ sonarqube { } dependencies { - implementation 'no.nav.testnav.libs:servlet-core' - implementation 'no.nav.testnav.libs:servlet-security' - implementation 'no.nav.testnav.libs:servlet-insecure-security' - implementation 'no.nav.testnav.libs:security-core' - implementation 'no.nav.testnav.libs:data-transfer-objects' - implementation 'no.nav.testnav.libs:data-transfer-search-objects' - implementation 'no.nav.testnav.libs:reactive-core' + implementation "no.nav.testnav.libs:servlet-core" + implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:data-transfer-search-objects" + implementation "no.nav.testnav.libs:reactive-core" + implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" - implementation 'org.springframework.boot:spring-boot-starter-web' - implementation 'org.springframework.boot:spring-boot-starter-oauth2-client' - implementation 'org.springframework.boot:spring-boot-starter-oauth2-resource-server' - implementation 'org.springframework.boot:spring-boot-starter-data-jpa' - implementation 'org.springframework.boot:spring-boot-starter-security' - implementation 'org.springframework.boot:spring-boot-starter-validation' - implementation 'org.springframework.retry:spring-retry' + implementation "org.springframework.boot:spring-boot-starter-web" + implementation "org.springframework.boot:spring-boot-starter-oauth2-client" + implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" + implementation "org.springframework.boot:spring-boot-starter-data-jpa" + implementation "org.springframework.boot:spring-boot-starter-security" + implementation "org.springframework.boot:spring-boot-starter-validation" + implementation "org.springframework.retry:spring-retry" - implementation 'org.springframework.boot:spring-boot-starter-data-elasticsearch' + implementation "org.springframework.boot:spring-boot-starter-data-elasticsearch" implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" - implementation 'org.apache.commons:commons-lang3' - implementation 'org.springframework.boot:spring-boot-starter-cache' - implementation 'com.github.ben-manes.caffeine:caffeine' + implementation "org.apache.commons:commons-lang3" + implementation "org.springframework.boot:spring-boot-starter-cache" + implementation "com.github.ben-manes.caffeine:caffeine" - implementation 'org.ehcache:ehcache:3.10.8' + implementation "org.ehcache:ehcache:3.10.8" implementation "com.fasterxml.jackson.core:jackson-core:$versions.jackson" - implementation 'org.postgresql:postgresql' - implementation 'org.flywaydb:flyway-core' - implementation 'org.flywaydb:flyway-database-postgresql' + implementation "org.postgresql:postgresql" + implementation "org.flywaydb:flyway-core" + implementation "org.flywaydb:flyway-database-postgresql" implementation "ma.glasnost.orika:orika-core:$versions.orika" - implementation 'org.codehaus.jettison:jettison:1.5.4' + implementation "org.codehaus.jettison:jettison:1.5.4" implementation "org.apache.poi:poi:$versions.apachePoi" implementation "org.apache.poi:poi-ooxml:$versions.apachePoi" - testImplementation 'org.opensearch:opensearch-testcontainers:2.1.2' + testImplementation "org.opensearch:opensearch-testcontainers:2.1.2" - testImplementation 'org.springframework.security:spring-security-test' - testImplementation 'org.springframework.cloud:spring-cloud-contract-wiremock' - testImplementation 'com.h2database:h2' + testImplementation "org.springframework.security:spring-security-test" + testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" + testImplementation "com.h2database:h2" testImplementation "io.projectreactor:reactor-test:$versions.reactorTest" - testImplementation 'org.testcontainers:junit-jupiter' - testImplementation 'org.springframework.boot:spring-boot-testcontainers' - testImplementation 'org.testcontainers:postgresql' - testImplementation 'org.bitbucket.b_c:jose4j:0.9.6' + testImplementation "org.testcontainers:junit-jupiter" + testImplementation "org.springframework.boot:spring-boot-testcontainers" + testImplementation "org.testcontainers:postgresql" + testImplementation "org.bitbucket.b_c:jose4j:0.9.6" - implementation 'net.java.dev.jna:jna:5.14.0' + implementation "net.java.dev.jna:jna:5.14.0" } \ No newline at end of file diff --git a/apps/dolly-backend/settings.gradle b/apps/dolly-backend/settings.gradle index 5b948edcd1f..a37687bbf94 100644 --- a/apps/dolly-backend/settings.gradle +++ b/apps/dolly-backend/settings.gradle @@ -9,6 +9,7 @@ includeBuild "../../plugins/java" includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/data-transfer-search-objects" includeBuild "../../libs/reactive-core" +includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" includeBuild "../../libs/servlet-core" includeBuild "../../libs/servlet-insecure-security" diff --git a/apps/dolly-backend/src/main/resources/application.yml b/apps/dolly-backend/src/main/resources/application.yml index 6e8bfedc134..798817b2517 100644 --- a/apps/dolly-backend/src/main/resources/application.yml +++ b/apps/dolly-backend/src/main/resources/application.yml @@ -44,7 +44,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} jackson: parser: include-source-in-location: true diff --git a/apps/dolly-frontend/build.gradle b/apps/dolly-frontend/build.gradle index 6240eedefc0..0e51a299073 100644 --- a/apps/dolly-frontend/build.gradle +++ b/apps/dolly-frontend/build.gradle @@ -26,6 +26,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:reactive-session-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" // Session implementation "redis.clients:jedis:5.2.0" diff --git a/apps/dolly-frontend/src/main/resources/application.yml b/apps/dolly-frontend/src/main/resources/application.yml index 1ef770e5b00..2d791fbaa4b 100644 --- a/apps/dolly-frontend/src/main/resources/application.yml +++ b/apps/dolly-frontend/src/main/resources/application.yml @@ -14,7 +14,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/dolly-frontend/src/test/resources/application-test.yml b/apps/dolly-frontend/src/test/resources/application-test.yml index e69de29bb2d..b5eb20eece4 100644 --- a/apps/dolly-frontend/src/test/resources/application-test.yml +++ b/apps/dolly-frontend/src/test/resources/application-test.yml @@ -0,0 +1,2 @@ +IDPORTEN_CLIENT_ID: dummy +IDPORTEN_CLIENT_JWK: dummy \ No newline at end of file diff --git a/apps/dollystatus/build.gradle b/apps/dollystatus/build.gradle index b8a85394b88..1c654af12e1 100644 --- a/apps/dollystatus/build.gradle +++ b/apps/dollystatus/build.gradle @@ -11,5 +11,7 @@ sonarqube { } dependencies { + implementation "no.nav.testnav.libs:testing" + implementation 'org.springframework.boot:spring-boot-starter-web' } diff --git a/apps/endringsmelding-frontend/build.gradle b/apps/endringsmelding-frontend/build.gradle index e3940d5fc48..52875516b51 100644 --- a/apps/endringsmelding-frontend/build.gradle +++ b/apps/endringsmelding-frontend/build.gradle @@ -18,8 +18,6 @@ configurations { } dependencies { - implementation "io.grpc:grpc-netty:$versions.grpc" - implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" implementation("no.nav.testnav.libs:reactive-session-security") { @@ -29,9 +27,10 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } + implementation "no.nav.testnav.libs:testing" + implementation "io.grpc:grpc-netty:$versions.grpc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" - implementation "org.springframework.cloud:spring-cloud-starter-gateway" testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" diff --git a/apps/endringsmelding-service/build.gradle b/apps/endringsmelding-service/build.gradle index 2ebc0d36af5..7a5085afa4a 100644 --- a/apps/endringsmelding-service/build.gradle +++ b/apps/endringsmelding-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/endringsmelding-service/src/main/resources/application.yml b/apps/endringsmelding-service/src/main/resources/application.yml index 59b3813236c..cae88d56332 100644 --- a/apps/endringsmelding-service/src/main/resources/application.yml +++ b/apps/endringsmelding-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/faste-data-frontend/build.gradle b/apps/faste-data-frontend/build.gradle index f960e48dd39..256be3873d2 100644 --- a/apps/faste-data-frontend/build.gradle +++ b/apps/faste-data-frontend/build.gradle @@ -18,8 +18,6 @@ configurations { } dependencies { - implementation "io.grpc:grpc-netty:$versions.grpc" - implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" implementation("no.nav.testnav.libs:reactive-session-security") { @@ -29,9 +27,10 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } + implementation "no.nav.testnav.libs:testing" + implementation "io.grpc:grpc-netty:$versions.grpc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" - implementation "org.springframework.cloud:spring-cloud-starter-gateway" testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" diff --git a/apps/generer-arbeidsforhold-populasjon-service/build.gradle b/apps/generer-arbeidsforhold-populasjon-service/build.gradle index cfa772f62d0..54c4e17cb22 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/build.gradle +++ b/apps/generer-arbeidsforhold-populasjon-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml index 3fc8e4bea97..449000c7d24 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml +++ b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-navn-service/build.gradle b/apps/generer-navn-service/build.gradle index 96007c01cea..3ad4f100fc9 100644 --- a/apps/generer-navn-service/build.gradle +++ b/apps/generer-navn-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/generer-navn-service/src/main/resources/application.yml b/apps/generer-navn-service/src/main/resources/application.yml index f50592c4259..942b29ed7f8 100644 --- a/apps/generer-navn-service/src/main/resources/application.yml +++ b/apps/generer-navn-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-organisasjon-populasjon-service/build.gradle b/apps/generer-organisasjon-populasjon-service/build.gradle index 301249239a6..c4fb89b1ec9 100644 --- a/apps/generer-organisasjon-populasjon-service/build.gradle +++ b/apps/generer-organisasjon-populasjon-service/build.gradle @@ -19,6 +19,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml b/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml index dddddbefe55..b7bc4e02b39 100644 --- a/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml +++ b/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-synt-amelding-service/build.gradle b/apps/generer-synt-amelding-service/build.gradle index 4ea869df5d5..17e8df431cf 100644 --- a/apps/generer-synt-amelding-service/build.gradle +++ b/apps/generer-synt-amelding-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/generer-synt-amelding-service/src/main/resources/application.yml b/apps/generer-synt-amelding-service/src/main/resources/application.yml index a45951abdff..820d4f2a08b 100644 --- a/apps/generer-synt-amelding-service/src/main/resources/application.yml +++ b/apps/generer-synt-amelding-service/src/main/resources/application.yml @@ -9,7 +9,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/helsepersonell-service/build.gradle b/apps/helsepersonell-service/build.gradle index 5a86c7a8f3c..b05edacb6bd 100644 --- a/apps/helsepersonell-service/build.gradle +++ b/apps/helsepersonell-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/helsepersonell-service/src/main/resources/application.yml b/apps/helsepersonell-service/src/main/resources/application.yml index 21ea5b1a259..4fec57bde8f 100644 --- a/apps/helsepersonell-service/src/main/resources/application.yml +++ b/apps/helsepersonell-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/inntektsmelding-generator-service/build.gradle b/apps/inntektsmelding-generator-service/build.gradle index d0220df6669..4db9b3660ab 100644 --- a/apps/inntektsmelding-generator-service/build.gradle +++ b/apps/inntektsmelding-generator-service/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/inntektsmelding-generator-service/src/main/resources/application.yml b/apps/inntektsmelding-generator-service/src/main/resources/application.yml index 2e9697d655d..4a7dc158c67 100644 --- a/apps/inntektsmelding-generator-service/src/main/resources/application.yml +++ b/apps/inntektsmelding-generator-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/inntektsmelding-service/build.gradle b/apps/inntektsmelding-service/build.gradle index 328840a81c3..26d1ddbfb16 100644 --- a/apps/inntektsmelding-service/build.gradle +++ b/apps/inntektsmelding-service/build.gradle @@ -14,6 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/inntektsmelding-service/src/main/resources/application.yml b/apps/inntektsmelding-service/src/main/resources/application.yml index adabbd20f19..78c313fe281 100644 --- a/apps/inntektsmelding-service/src/main/resources/application.yml +++ b/apps/inntektsmelding-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/jenkins-batch-status-service/build.gradle b/apps/jenkins-batch-status-service/build.gradle index bd05c64823b..6979650f6ce 100644 --- a/apps/jenkins-batch-status-service/build.gradle +++ b/apps/jenkins-batch-status-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/jenkins-batch-status-service/src/main/resources/application.yml b/apps/jenkins-batch-status-service/src/main/resources/application.yml index c09b76ed0d5..06be6a3f0fe 100644 --- a/apps/jenkins-batch-status-service/src/main/resources/application.yml +++ b/apps/jenkins-batch-status-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/joark-dokument-service/build.gradle b/apps/joark-dokument-service/build.gradle index 790106881d9..7dbd10dab9d 100644 --- a/apps/joark-dokument-service/build.gradle +++ b/apps/joark-dokument-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/joark-dokument-service/src/main/resources/application.yml b/apps/joark-dokument-service/src/main/resources/application.yml index 477720a9894..84755000dce 100644 --- a/apps/joark-dokument-service/src/main/resources/application.yml +++ b/apps/joark-dokument-service/src/main/resources/application.yml @@ -15,7 +15,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/kodeverk-service/build.gradle b/apps/kodeverk-service/build.gradle index 37b4afe3181..a5efabcbe81 100644 --- a/apps/kodeverk-service/build.gradle +++ b/apps/kodeverk-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/kodeverk-service/src/main/resources/application.yml b/apps/kodeverk-service/src/main/resources/application.yml index 8560362169b..35636c9e60b 100644 --- a/apps/kodeverk-service/src/main/resources/application.yml +++ b/apps/kodeverk-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/levende-arbeidsforhold-ansettelse/build.gradle b/apps/levende-arbeidsforhold-ansettelse/build.gradle index f0a24a7410d..645c2f5d9fd 100644 --- a/apps/levende-arbeidsforhold-ansettelse/build.gradle +++ b/apps/levende-arbeidsforhold-ansettelse/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml index 538e98af0ae..f4c9a3d2b3b 100644 --- a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} flyway: locations: classpath:db/migration enabled: true diff --git a/apps/levende-arbeidsforhold-scheduler/build.gradle b/apps/levende-arbeidsforhold-scheduler/build.gradle index f0cc5802adc..e252168474e 100644 --- a/apps/levende-arbeidsforhold-scheduler/build.gradle +++ b/apps/levende-arbeidsforhold-scheduler/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-quartz" diff --git a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml index dbf213cd6ce..e990c09338f 100644 --- a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/levende-arbeidsforhold-service/build.gradle b/apps/levende-arbeidsforhold-service/build.gradle index d5e6a11f670..823edbb1aba 100644 --- a/apps/levende-arbeidsforhold-service/build.gradle +++ b/apps/levende-arbeidsforhold-service/build.gradle @@ -10,9 +10,6 @@ sonarqube { } dependencies { - implementation "io.confluent:kafka-avro-serializer:$versions.avroSerializer" - implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" - implementation "no.nav.testnav.libs:avro-schema" implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:kafka-config" @@ -20,10 +17,12 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" + implementation "io.confluent:kafka-avro-serializer:$versions.avroSerializer" + implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" implementation "org.apache.kafka:kafka-clients:$versions.apacheKafka" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" - implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/levende-arbeidsforhold-service/settings.gradle b/apps/levende-arbeidsforhold-service/settings.gradle index 4bd0975147b..71d9e5977ac 100644 --- a/apps/levende-arbeidsforhold-service/settings.gradle +++ b/apps/levende-arbeidsforhold-service/settings.gradle @@ -5,13 +5,13 @@ plugins { rootProject.name = "levende-arbeidsforhold-service" includeBuild "../../libs/avro-schema" -includeBuild "../../libs/kafka-config" -includeBuild "../../libs/testing" includeBuild "../../libs/data-transfer-objects" +includeBuild "../../libs/kafka-config" includeBuild "../../libs/reactive-core" includeBuild "../../libs/security-core" includeBuild "../../libs/servlet-core" includeBuild "../../libs/servlet-insecure-security" +includeBuild "../../libs/testing" develocity { buildScan { diff --git a/apps/levende-arbeidsforhold-service/src/main/resources/application.yml b/apps/levende-arbeidsforhold-service/src/main/resources/application.yml index bde3afafb81..1d7926e10da 100644 --- a/apps/levende-arbeidsforhold-service/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} kafka: consumer: group-id: testnav-levende-arbeidsforhold-service diff --git a/apps/miljoer-service/build.gradle b/apps/miljoer-service/build.gradle index ea53e959c2d..3345c19b12f 100644 --- a/apps/miljoer-service/build.gradle +++ b/apps/miljoer-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/miljoer-service/src/main/resources/application.yml b/apps/miljoer-service/src/main/resources/application.yml index ba046b9b166..b7d615aefde 100644 --- a/apps/miljoer-service/src/main/resources/application.yml +++ b/apps/miljoer-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/oppsummeringsdokument-service/build.gradle b/apps/oppsummeringsdokument-service/build.gradle index 53d2b548a79..a0de4982a5d 100644 --- a/apps/oppsummeringsdokument-service/build.gradle +++ b/apps/oppsummeringsdokument-service/build.gradle @@ -19,6 +19,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.xsd:arbeidsforhold-xsd" + implementation "no.nav.testnav.libs:testing" implementation "com.fasterxml.jackson.dataformat:jackson-dataformat-xml" diff --git a/apps/oppsummeringsdokument-service/src/main/resources/application.yml b/apps/oppsummeringsdokument-service/src/main/resources/application.yml index a49b4ce5f22..5243d12e5f8 100644 --- a/apps/oppsummeringsdokument-service/src/main/resources/application.yml +++ b/apps/oppsummeringsdokument-service/src/main/resources/application.yml @@ -4,7 +4,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} application: name: oppsummeringsdokument-service description: Tjeneste for å sende inn oppsummeringsdokument til aareg og søke i innsendte oppsummeringsdokumenter. diff --git a/apps/organisasjon-bestilling-service/build.gradle b/apps/organisasjon-bestilling-service/build.gradle index ea8c74c4e49..0bdc1cb3ee7 100644 --- a/apps/organisasjon-bestilling-service/build.gradle +++ b/apps/organisasjon-bestilling-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/organisasjon-bestilling-service/src/main/resources/application.yml b/apps/organisasjon-bestilling-service/src/main/resources/application.yml index 54e9361c619..3ee70507ad5 100644 --- a/apps/organisasjon-bestilling-service/src/main/resources/application.yml +++ b/apps/organisasjon-bestilling-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/organisasjon-faste-data-service/build.gradle b/apps/organisasjon-faste-data-service/build.gradle index d4cc105df58..eb6c75c1918 100644 --- a/apps/organisasjon-faste-data-service/build.gradle +++ b/apps/organisasjon-faste-data-service/build.gradle @@ -19,6 +19,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/organisasjon-faste-data-service/src/main/resources/application.yml b/apps/organisasjon-faste-data-service/src/main/resources/application.yml index 620350af387..2899efe8df9 100644 --- a/apps/organisasjon-faste-data-service/src/main/resources/application.yml +++ b/apps/organisasjon-faste-data-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/organisasjon-forvalter/build.gradle b/apps/organisasjon-forvalter/build.gradle index 1fb8803fd77..398122e8fee 100644 --- a/apps/organisasjon-forvalter/build.gradle +++ b/apps/organisasjon-forvalter/build.gradle @@ -22,6 +22,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/organisasjon-forvalter/src/main/resources/application.yml b/apps/organisasjon-forvalter/src/main/resources/application.yml index bf9978fbd94..6ae92ebecac 100644 --- a/apps/organisasjon-forvalter/src/main/resources/application.yml +++ b/apps/organisasjon-forvalter/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/organisasjon-mottak-service/build.gradle b/apps/organisasjon-mottak-service/build.gradle index 220373f5089..a5605299aa8 100644 --- a/apps/organisasjon-mottak-service/build.gradle +++ b/apps/organisasjon-mottak-service/build.gradle @@ -19,6 +19,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/organisasjon-mottak-service/src/main/resources/application.yml b/apps/organisasjon-mottak-service/src/main/resources/application.yml index 697afc71e4c..21f878de592 100644 --- a/apps/organisasjon-mottak-service/src/main/resources/application.yml +++ b/apps/organisasjon-mottak-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/organisasjon-service/build.gradle b/apps/organisasjon-service/build.gradle index 3df14ba3559..2d6ea6c665c 100644 --- a/apps/organisasjon-service/build.gradle +++ b/apps/organisasjon-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/organisasjon-service/src/main/resources/application.yml b/apps/organisasjon-service/src/main/resources/application.yml index 3b8bdf59f81..4f5619ac476 100644 --- a/apps/organisasjon-service/src/main/resources/application.yml +++ b/apps/organisasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/orgnummer-service/build.gradle b/apps/orgnummer-service/build.gradle index 1df3d299209..735d1e0c98c 100644 --- a/apps/orgnummer-service/build.gradle +++ b/apps/orgnummer-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/orgnummer-service/src/main/resources/application.yml b/apps/orgnummer-service/src/main/resources/application.yml index 6fca4621d27..94509373e18 100644 --- a/apps/orgnummer-service/src/main/resources/application.yml +++ b/apps/orgnummer-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: dev-gcp:dolly:testnav-orgnummer-service diff --git a/apps/oversikt-frontend/build.gradle b/apps/oversikt-frontend/build.gradle index 5e50676ce88..d37b2d5822a 100644 --- a/apps/oversikt-frontend/build.gradle +++ b/apps/oversikt-frontend/build.gradle @@ -20,6 +20,7 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.cloud:spring-cloud-starter-gateway" diff --git a/apps/oversikt-frontend/src/main/resources/application.yml b/apps/oversikt-frontend/src/main/resources/application.yml index 4a5600397d2..04ccbd221c0 100644 --- a/apps/oversikt-frontend/src/main/resources/application.yml +++ b/apps/oversikt-frontend/src/main/resources/application.yml @@ -4,7 +4,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} diff --git a/apps/pdl-forvalter/build.gradle b/apps/pdl-forvalter/build.gradle index 73b74c911c1..ab10ad1279d 100644 --- a/apps/pdl-forvalter/build.gradle +++ b/apps/pdl-forvalter/build.gradle @@ -20,6 +20,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/pdl-forvalter/src/main/resources/application.yml b/apps/pdl-forvalter/src/main/resources/application.yml index eb06623452c..5894fa1f8b7 100644 --- a/apps/pdl-forvalter/src/main/resources/application.yml +++ b/apps/pdl-forvalter/src/main/resources/application.yml @@ -41,7 +41,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/person-faste-data-service/build.gradle b/apps/person-faste-data-service/build.gradle index 90effeb93fa..2b18e57f16a 100644 --- a/apps/person-faste-data-service/build.gradle +++ b/apps/person-faste-data-service/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/person-faste-data-service/src/main/resources/application.yml b/apps/person-faste-data-service/src/main/resources/application.yml index 6b5a3494897..45fdf63c8f9 100644 --- a/apps/person-faste-data-service/src/main/resources/application.yml +++ b/apps/person-faste-data-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: dev-gcp:dolly:testnav-person-faste-data-service diff --git a/apps/person-search-service/build.gradle b/apps/person-search-service/build.gradle index 7fb6dbcb708..b56e456f3e2 100644 --- a/apps/person-search-service/build.gradle +++ b/apps/person-search-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-elasticsearch" implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" diff --git a/apps/person-search-service/src/main/resources/application.yml b/apps/person-search-service/src/main/resources/application.yml index 0e7f6440491..89ae1646179 100644 --- a/apps/person-search-service/src/main/resources/application.yml +++ b/apps/person-search-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/person-service/build.gradle b/apps/person-service/build.gradle index 60ed4e286c2..2ce944201a9 100644 --- a/apps/person-service/build.gradle +++ b/apps/person-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/person-service/src/main/resources/application.yml b/apps/person-service/src/main/resources/application.yml index aaaf77bf2b4..4b77cd0a65f 100644 --- a/apps/person-service/src/main/resources/application.yml +++ b/apps/person-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} jackson: serialization: write_dates_as_timestamps: false diff --git a/apps/profil-api/build.gradle b/apps/profil-api/build.gradle index 6a06c4236a6..23932ab9838 100644 --- a/apps/profil-api/build.gradle +++ b/apps/profil-api/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/profil-api/src/main/resources/application.yml b/apps/profil-api/src/main/resources/application.yml index f414c6d8f50..5809abe4591 100644 --- a/apps/profil-api/src/main/resources/application.yml +++ b/apps/profil-api/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/skattekort-service/build.gradle b/apps/skattekort-service/build.gradle index c9ba8298fac..a277d93478e 100644 --- a/apps/skattekort-service/build.gradle +++ b/apps/skattekort-service/build.gradle @@ -27,6 +27,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/skattekort-service/src/main/resources/application.yml b/apps/skattekort-service/src/main/resources/application.yml index 1d3a3af3c76..195fade91c6 100644 --- a/apps/skattekort-service/src/main/resources/application.yml +++ b/apps/skattekort-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/sykemelding-api/build.gradle b/apps/sykemelding-api/build.gradle index bbfe33929d2..cbb59f63251 100644 --- a/apps/sykemelding-api/build.gradle +++ b/apps/sykemelding-api/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/synt-sykemelding-api/build.gradle b/apps/synt-sykemelding-api/build.gradle index d0822af1c9e..5d1e6d3324f 100644 --- a/apps/synt-sykemelding-api/build.gradle +++ b/apps/synt-sykemelding-api/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/synt-sykemelding-api/src/main/resources/application.yml b/apps/synt-sykemelding-api/src/main/resources/application.yml index aee3d690ac4..196a8229a63 100644 --- a/apps/synt-sykemelding-api/src/main/resources/application.yml +++ b/apps/synt-sykemelding-api/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/synt-vedtakshistorikk-service/build.gradle b/apps/synt-vedtakshistorikk-service/build.gradle index 93b257d3563..732aeddab21 100644 --- a/apps/synt-vedtakshistorikk-service/build.gradle +++ b/apps/synt-vedtakshistorikk-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml b/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml index 822d79cd6f7..0086630fc1a 100644 --- a/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml +++ b/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/tenor-search-service/build.gradle b/apps/tenor-search-service/build.gradle index da1b52e4ad7..fc3a17baec1 100644 --- a/apps/tenor-search-service/build.gradle +++ b/apps/tenor-search-service/build.gradle @@ -14,6 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/tenor-search-service/src/main/resources/application.yml b/apps/tenor-search-service/src/main/resources/application.yml index 719d051eda8..720f4d6cb92 100644 --- a/apps/tenor-search-service/src/main/resources/application.yml +++ b/apps/tenor-search-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/testnav-ident-pool/build.gradle b/apps/testnav-ident-pool/build.gradle index d60cee6397a..d3042f49769 100644 --- a/apps/testnav-ident-pool/build.gradle +++ b/apps/testnav-ident-pool/build.gradle @@ -18,6 +18,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/testnav-ident-pool/src/main/resources/application.yml b/apps/testnav-ident-pool/src/main/resources/application.yml index cfbe7200e50..1b8b5f1a876 100644 --- a/apps/testnav-ident-pool/src/main/resources/application.yml +++ b/apps/testnav-ident-pool/src/main/resources/application.yml @@ -43,7 +43,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/testnorge-statisk-data-forvalter/build.gradle b/apps/testnorge-statisk-data-forvalter/build.gradle index 6d4e1d0c37b..1b99d32f5e6 100644 --- a/apps/testnorge-statisk-data-forvalter/build.gradle +++ b/apps/testnorge-statisk-data-forvalter/build.gradle @@ -21,6 +21,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "no.nav.testnav.libs:vault" implementation "org.springframework.kafka:spring-kafka" diff --git a/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml b/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml index b2e5797c322..ae07af84a08 100644 --- a/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml +++ b/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml @@ -13,7 +13,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/tilbakemelding-api/build.gradle b/apps/tilbakemelding-api/build.gradle index 927a20d322d..7c215a05ab8 100644 --- a/apps/tilbakemelding-api/build.gradle +++ b/apps/tilbakemelding-api/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:slack" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/tilbakemelding-api/src/main/resources/application-local.yml b/apps/tilbakemelding-api/src/main/resources/application-local.yml index 9c7acce458c..f2b70d36692 100644 --- a/apps/tilbakemelding-api/src/main/resources/application-local.yml +++ b/apps/tilbakemelding-api/src/main/resources/application-local.yml @@ -1,3 +1,6 @@ +SLACK_CHANNEL: dummy +SLACK_TOKEN: dummy + consumers: profil-api: url: https://testnorge-profil-api.intern.dev.nav.no diff --git a/apps/tilbakemelding-api/src/main/resources/application.yml b/apps/tilbakemelding-api/src/main/resources/application.yml index e0e648809ae..895d51671ce 100644 --- a/apps/tilbakemelding-api/src/main/resources/application.yml +++ b/apps/tilbakemelding-api/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/tps-messaging-service/build.gradle b/apps/tps-messaging-service/build.gradle index 5cae62ac557..6d44b0b9b4b 100644 --- a/apps/tps-messaging-service/build.gradle +++ b/apps/tps-messaging-service/build.gradle @@ -18,6 +18,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "no.nav.repository.fellesreg.tpsws:nav-repository-fellesregister-castor-tps-s018-domain:$versions.navFellesregister" implementation "no.nav.repository.fellesreg.tpsws:nav-repository-fellesregister-jaxb-tps-m201-domain:$versions.navFellesregister" diff --git a/apps/udi-stub/build.gradle b/apps/udi-stub/build.gradle index 1490a7c89f9..53a0ca6aaa9 100644 --- a/apps/udi-stub/build.gradle +++ b/apps/udi-stub/build.gradle @@ -23,6 +23,7 @@ configurations { dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "no.nav.testnav.libs:vault" implementation "com.sun.xml.ws:jaxws-rt:$versions.jaxws" diff --git a/apps/udi-stub/src/main/resources/application.yml b/apps/udi-stub/src/main/resources/application.yml index e8c4b285c1b..dcb18f5ecee 100644 --- a/apps/udi-stub/src/main/resources/application.yml +++ b/apps/udi-stub/src/main/resources/application.yml @@ -18,7 +18,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/udi-stub/src/main/resources/logback-spring.xml b/apps/udi-stub/src/main/resources/logback-spring.xml index f49b192e253..a17fd9b8e5a 100644 --- a/apps/udi-stub/src/main/resources/logback-spring.xml +++ b/apps/udi-stub/src/main/resources/logback-spring.xml @@ -3,6 +3,8 @@ + true + -1 true diff --git a/apps/varslinger-service/build.gradle b/apps/varslinger-service/build.gradle index 2c5ab0be9c0..4c7c5fed68e 100644 --- a/apps/varslinger-service/build.gradle +++ b/apps/varslinger-service/build.gradle @@ -14,6 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/varslinger-service/src/main/resources/application.yml b/apps/varslinger-service/src/main/resources/application.yml index 0743cf2025c..f9dbbcdfd7f 100644 --- a/apps/varslinger-service/src/main/resources/application.yml +++ b/apps/varslinger-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/docker-compose.yml b/docker-compose.yml index 5454a01f6db..365d3007fbb 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,6 +9,7 @@ services: context: ./apps/altinn3-tilgang-service environment: - ALTINN_URL=http//altinn:8080 + - AZURE_APP_CLIENT_ID=dummy - AZURE_OPENID_CONFIG_ISSUER=dummy - JAVA_TOOL_OPTIONS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 - MASKINPORTEN_CLIENT_ID=dummy @@ -16,6 +17,7 @@ services: - MASKINPORTEN_SCOPES=altinn:resourceregistry/accesslist.read altinn:resourceregistry/accesslist.write altinn:accessmanagement/authorizedparties.resourceowner - MASKINPORTEN_WELL_KNOWN_URL=http://maskinporten:8080 - SPRING_PROFILES_ACTIVE=virtual + - TOKEN_X_CLIENT_ID=dev-gcp:dolly:testnav-altinn3-tilgang-service - TOKEN_X_ISSUER=http://tokendings:8080 - TOKEN_X_PRIVATE_JWK=${JWK} ports: @@ -61,6 +63,7 @@ services: build: context: ./apps/bruker-service environment: + - AZURE_APP_CLIENT_ID=dummy - AZURE_OPENID_CONFIG_ISSUER=dummy - CRYPTOGRAPHY_SECRET=dummy - JAVA_TOOL_OPTIONS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java new file mode 100644 index 00000000000..a3c33573182 --- /dev/null +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java @@ -0,0 +1,49 @@ +package no.nav.testnav.libs.reactivesecurity.action; + +import no.nav.testnav.libs.reactivesecurity.properties.AzureAdResourceServerProperties; +import no.nav.testnav.libs.reactivesecurity.properties.ResourceServerProperties; +import no.nav.testnav.libs.reactivesecurity.properties.TokenxResourceServerProperties; +import no.nav.testnav.libs.reactivesecurity.properties.TrygdeetatenAzureAdResourceServerProperties; +import org.springframework.boot.autoconfigure.AutoConfiguration; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.context.annotation.Bean; +import org.springframework.lang.Nullable; + +import java.util.ArrayList; + +@AutoConfiguration +public class GetAuthenticatedAutoConfiguration { + + @Bean + @ConditionalOnMissingBean + GetAuthenticatedResourceServerType getAuthenticatedResourceServerType( + @Nullable AzureAdResourceServerProperties azureAdResourceServerProperties, + @Nullable TokenxResourceServerProperties tokenxResourceServerProperties, + @Nullable TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerProperties + ) { + var list = new ArrayList(3); + if (azureAdResourceServerProperties != null) { + list.add(azureAdResourceServerProperties); + } + if (tokenxResourceServerProperties != null) { + list.add(tokenxResourceServerProperties); + } + if (trygdeetatenAzureAdResourceServerProperties != null) { + list.add(trygdeetatenAzureAdResourceServerProperties); + } + return new GetAuthenticatedResourceServerType(list); + } + + @Bean + @ConditionalOnMissingBean + GetAuthenticatedToken getAuthenticatedToken(GetAuthenticatedResourceServerType getAuthenticatedResourceServerType) { + return new GetAuthenticatedToken(getAuthenticatedResourceServerType); + } + + @Bean + @ConditionalOnMissingBean + GetAuthenticatedUserId getAuthenticatedUserId(GetAuthenticatedResourceServerType getAuthenticatedResourceServerType) { + return new GetAuthenticatedUserId(getAuthenticatedResourceServerType); + } + +} diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java index 8d846ba7708..decd55fd5c3 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java @@ -5,14 +5,12 @@ import no.nav.testnav.libs.securitycore.domain.ResourceServerType; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; -import org.springframework.stereotype.Component; import reactor.core.publisher.Mono; import java.util.List; import java.util.Optional; import java.util.concurrent.Callable; -@Component @RequiredArgsConstructor public class GetAuthenticatedResourceServerType extends JwtResolver implements Callable> { @@ -44,4 +42,5 @@ public Mono call() { return Mono.empty(); }); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java index c69106248ed..c0ca5ab5201 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java @@ -1,22 +1,12 @@ package no.nav.testnav.libs.reactivesecurity.action; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; import lombok.RequiredArgsConstructor; -import lombok.extern.slf4j.Slf4j; import no.nav.testnav.libs.securitycore.domain.Token; -import org.springframework.http.HttpStatus; -import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; -import org.springframework.stereotype.Component; -import org.springframework.web.server.ResponseStatusException; import reactor.core.publisher.Mono; -import java.time.Instant; import java.util.concurrent.Callable; -@Component -@Slf4j @RequiredArgsConstructor public class GetAuthenticatedToken extends JwtResolver implements Callable> { @@ -45,4 +35,5 @@ public Mono call() { .build()); }); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java index b0636ee9c7d..24cb659afdb 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java @@ -1,16 +1,12 @@ package no.nav.testnav.libs.reactivesecurity.action; import lombok.RequiredArgsConstructor; -import lombok.extern.slf4j.Slf4j; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; -import org.springframework.stereotype.Component; import reactor.core.publisher.Mono; import java.util.concurrent.Callable; -@Slf4j -@Component @RequiredArgsConstructor public class GetAuthenticatedUserId extends JwtResolver implements Callable> { @@ -27,20 +23,21 @@ public Mono call() { } private Mono getTokenAttribute(String attribute) { - return getJwtAuthenticationToken() .map(authentication -> - switch (authentication) { - - case JwtAuthenticationToken jwtAuthenticationToken -> - jwtAuthenticationToken.getTokenAttributes().get(attribute).toString(); - - case OAuth2AuthenticationToken oauth2AuthenticationToken -> - oauth2AuthenticationToken.getPrincipal().getAttributes().get("pid").toString(); - + case JwtAuthenticationToken jwtAuthenticationToken -> jwtAuthenticationToken + .getTokenAttributes() + .get(attribute) + .toString(); + case OAuth2AuthenticationToken oauth2AuthenticationToken -> oauth2AuthenticationToken + .getPrincipal() + .getAttributes() + .get("pid") + .toString(); default -> ""; } ); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java index f33c6c1f0f0..e63e16fc9fa 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java @@ -3,37 +3,24 @@ import com.fasterxml.jackson.databind.ObjectMapper; import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedToken; import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedUserId; -import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureTokenService; import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureNavTokenService; +import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureTokenService; import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureTrygdeetatenTokenService; import no.nav.testnav.libs.securitycore.domain.azuread.*; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Primary; -import org.springframework.context.annotation.Profile; -import org.springframework.util.Assert; -@AutoConfiguration(after = ClientCredentialAutoConfiguration.class) +@AutoConfiguration public class TokenServiceAutoConfiguration { @Value("${HTTP_PROXY:#{null}}") private String httpProxy; - @Primary - @Bean - @Profile("test") - AzureTokenService azureAdTokenServiceTest( - AzureClientCredential clientCredential, - GetAuthenticatedToken getAuthenticatedToken - ) { - return new AzureTokenService(null, clientCredential, getAuthenticatedToken); - } - @Bean @ConditionalOnDollyApplicationConfiguredForAzure - @ConditionalOnMissingBean(AzureTokenService.class) + @ConditionalOnMissingBean AzureTokenService azureAdTokenService( AzureClientCredential clientCredential, GetAuthenticatedToken getAuthenticatedToken @@ -41,38 +28,18 @@ AzureTokenService azureAdTokenService( return new AzureTokenService(httpProxy, clientCredential, getAuthenticatedToken); } - @Primary - @Bean - @Profile("test") - AzureNavTokenService azureNavTokenServiceTest( - AzureNavClientCredential azureNavClientCredential - ) { - return new AzureNavTokenService(null, azureNavClientCredential); - } - @Bean @ConditionalOnDollyApplicationConfiguredForNav - @ConditionalOnMissingBean(AzureNavTokenService.class) + @ConditionalOnMissingBean AzureNavTokenService azureNavTokenService( AzureNavClientCredential azureNavClientCredential ) { return new AzureNavTokenService(httpProxy, azureNavClientCredential); } - @Primary - @Bean - @Profile("test") - AzureTrygdeetatenTokenService trygdeetatenAzureAdTokenServiceTest( - AzureTrygdeetatenClientCredential clientCredential, - GetAuthenticatedUserId getAuthenticatedUserId, - ObjectMapper objectMapper - ) { - return new AzureTrygdeetatenTokenService(null, clientCredential, getAuthenticatedUserId, objectMapper); - } - @Bean @ConditionalOnDollyApplicationConfiguredForTrygdeetaten - @ConditionalOnMissingBean(AzureTrygdeetatenTokenService.class) + @ConditionalOnMissingBean AzureTrygdeetatenTokenService trygdeetatenAzureAdTokenService( AzureTrygdeetatenClientCredential clientCredential, GetAuthenticatedUserId getAuthenticatedUserId, diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java index ea7001cafd8..d78522699b2 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java @@ -64,4 +64,5 @@ public Mono exchange(ServerProperties serverProperties) { ).call(); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java index e2a93dd9abf..29240eb5c3a 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java @@ -97,4 +97,5 @@ private Mono generateOnBehalfOfAccessToken(Token token, ServerPrope token ).call(); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java index a6fae4111f7..8223ccb7a7c 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java @@ -114,4 +114,5 @@ private boolean expires(AccessToken accessToken) { .minusSeconds(300) .isBefore(Instant.now()); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java index b2921be6aa1..1fa2c8e5dbe 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java @@ -1,17 +1,12 @@ package no.nav.testnav.libs.reactivesecurity.properties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.context.annotation.Configuration; -@Configuration -@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.aad") -@ConditionalOnProperty("spring.security.oauth2.resourceserver.aad.issuer-uri") public class AzureAdResourceServerProperties extends ResourceServerProperties { @Override public ResourceServerType getType() { return ResourceServerType.AZURE_AD; } + } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java index d4b1cb40b34..2712024cccb 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java @@ -9,9 +9,10 @@ @Getter @Setter public abstract class ResourceServerProperties { + private String issuerUri; - private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); + } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java new file mode 100644 index 00000000000..0b187e20d54 --- /dev/null +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java @@ -0,0 +1,103 @@ +package no.nav.testnav.libs.reactivesecurity.properties; + +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.autoconfigure.AutoConfiguration; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Profile; + +import java.util.List; + +// TODO: Configuration such as spring.security.oauth2.resourceserver is not part of the Spring framework, and should be moved to separate configuration, such as dolly.oauth2 or similar. + +/** + * Auto configuration for resource server properties, e.g. configuration under {@code spring.security.oauth2.resourceserver}. + * Supported properties are: + *
    + *
  • {@code spring.security.oauth2.resourceserver.aad}
    • + *
  • {@code spring.security.oauth2.resourceserver.tokenx}
    • + *
  • {@code spring.security.oauth2.resourceserver.trygdeetaten}
    • + *
+ * which may each have the following properties: + *
    + *
  • {@code issuer-uri}
    • + *
  • {@code accepted-audience}
    • + *
+ */ +@AutoConfiguration +public class ResourceServerPropertiesAutoConfiguration { + + @Bean + @ConditionalOnProperty({ + "spring.security.oauth2.resourceserver.aad.issuer-uri", + "spring.security.oauth2.resourceserver.aad.accepted-audience" + }) + @ConditionalOnMissingBean + AzureAdResourceServerProperties azureAdResourceServerProperties( + @Value("${spring.security.oauth2.resourceserver.aad.issuer-uri}") String issuerUri, + @Value("${spring.security.oauth2.resourceserver.aad.accepted-audience}") List acceptedAudience + ) { + var azureAdResourceServerProperties = new AzureAdResourceServerProperties(); + azureAdResourceServerProperties.setIssuerUri(issuerUri); + azureAdResourceServerProperties.setAcceptedAudience(acceptedAudience); + return azureAdResourceServerProperties; + } + + @Bean + @Profile("test") + @ConditionalOnMissingBean + AzureAdResourceServerProperties azureAdResourceServerPropertiesTest( + ) { + return null; + } + + @Bean + @ConditionalOnProperty({ + "spring.security.oauth2.resourceserver.tokenx.issuer-uri", + "spring.security.oauth2.resourceserver.tokenx.accepted-audience" + }) + @ConditionalOnMissingBean + TokenxResourceServerProperties tokenxResourceServerProperties( + @Value("${spring.security.oauth2.resourceserver.tokenx.issuer-uri}") String issuerUri, + @Value("${spring.security.oauth2.resourceserver.tokenx.accepted-audience}") List acceptedAudience + ) { + var tokenxResourceServerProperties = new TokenxResourceServerProperties(); + tokenxResourceServerProperties.setIssuerUri(issuerUri); + tokenxResourceServerProperties.setAcceptedAudience(acceptedAudience); + return tokenxResourceServerProperties; + } + + @Bean + @Profile("test") + @ConditionalOnMissingBean + TokenxResourceServerProperties tokenxResourceServerPropertiesTest( + ) { + return null; + } + + @Bean + @ConditionalOnProperty({ + "spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri", + "spring.security.oauth2.resourceserver.trygdeetaten.accepted-audience" + }) + @ConditionalOnMissingBean + TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerProperties( + @Value("${spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri}") String issuerUri, + @Value("${spring.security.oauth2.resourceserver.trygdeetaten.accepted-audience}") List acceptedAudience + ) { + var trygdeetatenAzureAdResourceServerProperties = new TrygdeetatenAzureAdResourceServerProperties(); + trygdeetatenAzureAdResourceServerProperties.setIssuerUri(issuerUri); + trygdeetatenAzureAdResourceServerProperties.setAcceptedAudience(acceptedAudience); + return trygdeetatenAzureAdResourceServerProperties; + } + + @Bean + @Profile("test") + @ConditionalOnMissingBean + TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerPropertiesTest( + ) { + return null; + } + +} diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java index 20701fb76bb..b69bc06bea4 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java @@ -2,17 +2,12 @@ import no.nav.testnav.libs.securitycore.domain.ResourceServerType; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.context.annotation.Configuration; -@Configuration -@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.tokenx") -@ConditionalOnProperty("spring.security.oauth2.resourceserver.tokenx.issuer-uri") public class TokenxResourceServerProperties extends ResourceServerProperties { @Override public ResourceServerType getType() { return ResourceServerType.TOKEN_X; } + } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java index 106ff7bae5b..171d9b337be 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java @@ -1,13 +1,7 @@ package no.nav.testnav.libs.reactivesecurity.properties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.context.annotation.Configuration; -@Configuration -@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.trygdeetaten") -@ConditionalOnProperty("spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri") public class TrygdeetatenAzureAdResourceServerProperties extends ResourceServerProperties { @Override diff --git a/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports index 19107bc880b..4c68dc4507a 100644 --- a/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports +++ b/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -1,2 +1,4 @@ +no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedAutoConfiguration no.nav.testnav.libs.reactivesecurity.exchange.TokenServiceAutoConfiguration -no.nav.testnav.libs.reactivesecurity.jwt.ReactiveJwtAutoConfiguration \ No newline at end of file +no.nav.testnav.libs.reactivesecurity.jwt.ReactiveJwtAutoConfiguration +no.nav.testnav.libs.reactivesecurity.properties.ResourceServerPropertiesAutoConfiguration \ No newline at end of file diff --git a/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java b/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java deleted file mode 100644 index 8404d648b18..00000000000 --- a/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java +++ /dev/null @@ -1,17 +0,0 @@ -package no.nav.testnav.libs.reactivesessionsecurity.properties; - -import lombok.Getter; -import lombok.Setter; -import no.nav.testnav.libs.securitycore.domain.ResourceServerType; - -import java.util.List; - -@Getter -@Setter -public abstract class ResourceServerProperties { - private String issuerUri; - private String jwkSetUri; - private List acceptedAudience; - - public abstract ResourceServerType getType(); -} \ No newline at end of file diff --git a/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java b/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java index 859ba2f4b44..8f52a6504f2 100644 --- a/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java +++ b/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java @@ -9,9 +9,10 @@ @Getter @Setter public abstract class ResourceServerProperties { + private String issuerUri; - private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); + } \ No newline at end of file diff --git a/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java b/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java index fc38434dfe5..2c00f476ec6 100644 --- a/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java +++ b/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java @@ -9,9 +9,10 @@ @Getter @Setter public abstract class ResourceServerProperties { + private String issuerUri; - private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); + } \ No newline at end of file diff --git a/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java b/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java index c87a598db65..d808cfcdd7a 100644 --- a/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java +++ b/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java @@ -34,19 +34,14 @@ private static void configureForLocalProfile(Map properties) { log.info("Configuring environment for local profile using Secret Manager"); // Emulating NAIS provided environment variables. - properties.putIfAbsent("ALTINN_URL", "${sm\\://altinn-url}"); // Used by altinn3-tilgang-service only. properties.putIfAbsent("AZURE_APP_CLIENT_ID", "${sm\\://azure-app-client-id}"); properties.putIfAbsent("AZURE_APP_CLIENT_SECRET", "${sm\\://azure-app-client-secret}"); properties.putIfAbsent("AZURE_OPENID_CONFIG_ISSUER", "${sm\\://azure-openid-config-issuer}"); properties.putIfAbsent("AZURE_OPENID_CONFIG_TOKEN_ENDPOINT", "${sm\\://azure-openid-config-token-endpoint}"); - properties.putIfAbsent("CRYPTOGRAPHY_SECRET", DUMMY); // Used by bruker-service only. - properties.putIfAbsent("JWT_SECRET", DUMMY); // Used by bruker-service only. properties.putIfAbsent("MASKINPORTEN_CLIENT_ID", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_CLIENT_JWK", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_SCOPES", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_WELL_KNOWN_URL", "${sm\\://maskinporten-well-known-url}"); // Used by tenor-search-service and altinn3-tilgang-service only. - properties.putIfAbsent("SLACK_CHANNEL", DUMMY); // Used by tilbakemelding-api only. - properties.putIfAbsent("SLACK_TOKEN", DUMMY); // Used by tilbakemelding-api only. properties.putIfAbsent("TOKEN_X_ISSUER", "${sm\\://token-x-issuer}"); } @@ -65,12 +60,16 @@ private static void configureForTestProfile(Map properties) { "ALTINN_API_KEY", "ALTINN_URL", + "AZURE_APP_CLIENT_ID", + "AZURE_APP_CLIENT_SECRET", + "AZURE_NAV_APP_CLIENT_ID", + "AZURE_NAV_APP_CLIENT_SECRET", + "AZURE_NAV_OPENID_CONFIG_TOKEN_ENDPOINT", "AZURE_OPENID_CONFIG_ISSUER", "AZURE_OPENID_CONFIG_TOKEN_ENDPOINT", - "CRYPTOGRAPHY_SECRET", // Used by bruker-service only. - "IDPORTEN_CLIENT_ID", // Used by dolly-frontend only. - "IDPORTEN_CLIENT_JWK", // Used by dolly-frontend only. - "JWT_SECRET", // Used by bruker-service only. + "AZURE_TRYGDEETATEN_APP_CLIENT_ID", + "AZURE_TRYGDEETATEN_APP_CLIENT_SECRET", + "AZURE_TRYGDEETATEN_OPENID_CONFIG_TOKEN_ENDPOINT", "MASKINPORTEN_CLIENT_ID", "MASKINPORTEN_CLIENT_JWK", "MASKINPORTEN_SCOPES", diff --git a/mocks/tokendings-mock/src/main/resources/application.yml b/mocks/tokendings-mock/src/main/resources/application.yml index d1ff1941b4a..d13ac2f473c 100644 --- a/mocks/tokendings-mock/src/main/resources/application.yml +++ b/mocks/tokendings-mock/src/main/resources/application.yml @@ -1,3 +1,7 @@ spring: application: - name: tokendings-mock \ No newline at end of file + name: tokendings-mock + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/plugins/java/src/main/groovy/dolly-apps.gradle b/plugins/java/src/main/groovy/dolly-apps.gradle index 446313b0c82..3db5694cd29 100644 --- a/plugins/java/src/main/groovy/dolly-apps.gradle +++ b/plugins/java/src/main/groovy/dolly-apps.gradle @@ -23,7 +23,6 @@ dependencies { implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" - implementation "no.nav.testnav.libs:testing" implementation "org.hibernate.validator:hibernate-validator" implementation "org.projectlombok:lombok" implementation "org.springframework.boot:spring-boot-starter-actuator" diff --git a/plugins/java/src/main/groovy/dolly-proxies.gradle b/plugins/java/src/main/groovy/dolly-proxies.gradle index cba8c898edb..49e56913c03 100644 --- a/plugins/java/src/main/groovy/dolly-proxies.gradle +++ b/plugins/java/src/main/groovy/dolly-proxies.gradle @@ -25,7 +25,6 @@ dependencies { implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-proxy" - implementation "no.nav.testnav.libs:testing" implementation "org.hibernate.validator:hibernate-validator" implementation "org.projectlombok:lombok" implementation "org.springframework.boot:spring-boot-starter-actuator" diff --git a/proxies/aareg-proxy/build.gradle b/proxies/aareg-proxy/build.gradle index bc14357ff77..e4cdb8c46a6 100644 --- a/proxies/aareg-proxy/build.gradle +++ b/proxies/aareg-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/aareg-proxy/src/main/resources/application.yml b/proxies/aareg-proxy/src/main/resources/application.yml index bfcfa930bac..48dfb6de3b1 100644 --- a/proxies/aareg-proxy/src/main/resources/application.yml +++ b/proxies/aareg-proxy/src/main/resources/application.yml @@ -6,7 +6,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/aareg-synt-services-proxy/build.gradle b/proxies/aareg-synt-services-proxy/build.gradle index 7d905e49431..8f455a7c2cf 100644 --- a/proxies/aareg-synt-services-proxy/build.gradle +++ b/proxies/aareg-synt-services-proxy/build.gradle @@ -7,4 +7,8 @@ sonarqube { property "sonar.projectKey", "aareg-synt-services-proxy" property "sonar.projectName", "aareg-synt-services-proxy" } +} + +dependencies { + implementation "no.nav.testnav.libs:testing" } \ No newline at end of file diff --git a/proxies/aareg-synt-services-proxy/src/main/resources/application.yml b/proxies/aareg-synt-services-proxy/src/main/resources/application.yml index 3df302f75c4..63e92dfbb43 100644 --- a/proxies/aareg-synt-services-proxy/src/main/resources/application.yml +++ b/proxies/aareg-synt-services-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/altinn3-tilgang-proxy/build.gradle b/proxies/altinn3-tilgang-proxy/build.gradle index 6ec916b1237..10a56b450ca 100644 --- a/proxies/altinn3-tilgang-proxy/build.gradle +++ b/proxies/altinn3-tilgang-proxy/build.gradle @@ -14,6 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-proxy" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml b/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml index 1b447904a0e..d6f3df1bd1e 100644 --- a/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml +++ b/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arbeidsplassencv-proxy/build.gradle b/proxies/arbeidsplassencv-proxy/build.gradle index fbe4e0b832c..df1e87aec60 100644 --- a/proxies/arbeidsplassencv-proxy/build.gradle +++ b/proxies/arbeidsplassencv-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml b/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml index 396bd983fbb..7437efb3360 100644 --- a/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml +++ b/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arbeidssoekerregisteret-proxy/build.gradle b/proxies/arbeidssoekerregisteret-proxy/build.gradle index 0f2bb3608a1..e3354b645b6 100644 --- a/proxies/arbeidssoekerregisteret-proxy/build.gradle +++ b/proxies/arbeidssoekerregisteret-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml b/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml index 5c48fdc67e6..44cf41f4cc0 100644 --- a/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml +++ b/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arena-forvalteren-proxy/build.gradle b/proxies/arena-forvalteren-proxy/build.gradle index e4db3059397..f18cbc8785c 100644 --- a/proxies/arena-forvalteren-proxy/build.gradle +++ b/proxies/arena-forvalteren-proxy/build.gradle @@ -12,4 +12,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/arena-forvalteren-proxy/src/main/resources/application.yml b/proxies/arena-forvalteren-proxy/src/main/resources/application.yml index 6b83ff72acb..3d765103d0d 100644 --- a/proxies/arena-forvalteren-proxy/src/main/resources/application.yml +++ b/proxies/arena-forvalteren-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/batch-adeo-proxy/build.gradle b/proxies/batch-adeo-proxy/build.gradle index 12df8fce778..c06cd6698c9 100644 --- a/proxies/batch-adeo-proxy/build.gradle +++ b/proxies/batch-adeo-proxy/build.gradle @@ -8,3 +8,7 @@ sonarqube { property "sonar.projectName", "testnorge-batch-adeo-proxy" } } + +dependencies { + implementation "no.nav.testnav.libs:testing" +} diff --git a/proxies/batch-adeo-proxy/src/main/resources/application.yml b/proxies/batch-adeo-proxy/src/main/resources/application.yml index 8127a1a9ab8..539889845a8 100644 --- a/proxies/batch-adeo-proxy/src/main/resources/application.yml +++ b/proxies/batch-adeo-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/brregstub-proxy/build.gradle b/proxies/brregstub-proxy/build.gradle index 017d06d43ea..2139718e5fc 100644 --- a/proxies/brregstub-proxy/build.gradle +++ b/proxies/brregstub-proxy/build.gradle @@ -11,4 +11,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/brregstub-proxy/src/main/resources/application.yml b/proxies/brregstub-proxy/src/main/resources/application.yml index ec307da4b84..d76e621ed4e 100644 --- a/proxies/brregstub-proxy/src/main/resources/application.yml +++ b/proxies/brregstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/dokarkiv-proxy/build.gradle b/proxies/dokarkiv-proxy/build.gradle index a70fae5d3e5..f0521df929e 100644 --- a/proxies/dokarkiv-proxy/build.gradle +++ b/proxies/dokarkiv-proxy/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/dokarkiv-proxy/src/main/resources/application.yml b/proxies/dokarkiv-proxy/src/main/resources/application.yml index a68feea15c5..45f30d41cdb 100644 --- a/proxies/dokarkiv-proxy/src/main/resources/application.yml +++ b/proxies/dokarkiv-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/ereg-proxy/build.gradle b/proxies/ereg-proxy/build.gradle index baf9c76e4b9..9cd0b4b3634 100644 --- a/proxies/ereg-proxy/build.gradle +++ b/proxies/ereg-proxy/build.gradle @@ -8,3 +8,7 @@ sonarqube { property "sonar.projectName", "testnav-ereg-proxy" } } + +dependencies { + implementation "no.nav.testnav.libs:testing" +} diff --git a/proxies/ereg-proxy/src/main/resources/application.yml b/proxies/ereg-proxy/src/main/resources/application.yml index f08ac6a0323..dc0466df84a 100644 --- a/proxies/ereg-proxy/src/main/resources/application.yml +++ b/proxies/ereg-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/fullmakt-proxy/build.gradle b/proxies/fullmakt-proxy/build.gradle index dfc055280c0..d443c75dcd4 100644 --- a/proxies/fullmakt-proxy/build.gradle +++ b/proxies/fullmakt-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/histark-proxy/build.gradle b/proxies/histark-proxy/build.gradle index e77cab21cd2..260b23ab8bc 100644 --- a/proxies/histark-proxy/build.gradle +++ b/proxies/histark-proxy/build.gradle @@ -11,4 +11,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/histark-proxy/src/main/resources/application.yml b/proxies/histark-proxy/src/main/resources/application.yml index 98fb18c7983..b8c751f278d 100644 --- a/proxies/histark-proxy/src/main/resources/application.yml +++ b/proxies/histark-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/inntektstub-proxy/build.gradle b/proxies/inntektstub-proxy/build.gradle index 2b0947f58d0..4febca762cf 100644 --- a/proxies/inntektstub-proxy/build.gradle +++ b/proxies/inntektstub-proxy/build.gradle @@ -11,4 +11,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/inntektstub-proxy/src/main/resources/application.yml b/proxies/inntektstub-proxy/src/main/resources/application.yml index 58e31a734b6..a4e1d6c3a71 100644 --- a/proxies/inntektstub-proxy/src/main/resources/application.yml +++ b/proxies/inntektstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/inst-proxy/build.gradle b/proxies/inst-proxy/build.gradle index 001bbf62428..3560e67b8dc 100644 --- a/proxies/inst-proxy/build.gradle +++ b/proxies/inst-proxy/build.gradle @@ -13,4 +13,5 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" } \ No newline at end of file diff --git a/proxies/inst-proxy/src/main/resources/application.yml b/proxies/inst-proxy/src/main/resources/application.yml index 41c31d4446f..ecc17c9d286 100644 --- a/proxies/inst-proxy/src/main/resources/application.yml +++ b/proxies/inst-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/kontoregister-person-proxy/build.gradle b/proxies/kontoregister-person-proxy/build.gradle index 516d518b93a..97d57dc1540 100644 --- a/proxies/kontoregister-person-proxy/build.gradle +++ b/proxies/kontoregister-person-proxy/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/kontoregister-person-proxy/src/main/resources/application.yml b/proxies/kontoregister-person-proxy/src/main/resources/application.yml index efb36e9b16d..42ac63a3251 100644 --- a/proxies/kontoregister-person-proxy/src/main/resources/application.yml +++ b/proxies/kontoregister-person-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/krrstub-proxy/build.gradle b/proxies/krrstub-proxy/build.gradle index c1e2ce31706..750236e8d79 100644 --- a/proxies/krrstub-proxy/build.gradle +++ b/proxies/krrstub-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/krrstub-proxy/src/main/resources/application.yml b/proxies/krrstub-proxy/src/main/resources/application.yml index 2bb6c48a788..bda6590b667 100644 --- a/proxies/krrstub-proxy/src/main/resources/application.yml +++ b/proxies/krrstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/medl-proxy/build.gradle b/proxies/medl-proxy/build.gradle index 88115d2aa7b..fff39aab17a 100644 --- a/proxies/medl-proxy/build.gradle +++ b/proxies/medl-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/medl-proxy/src/main/resources/application.yml b/proxies/medl-proxy/src/main/resources/application.yml index 5917152982f..47b6ae0d411 100644 --- a/proxies/medl-proxy/src/main/resources/application.yml +++ b/proxies/medl-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/norg2-proxy/build.gradle b/proxies/norg2-proxy/build.gradle index 414d34ac1e3..6851bb606f9 100644 --- a/proxies/norg2-proxy/build.gradle +++ b/proxies/norg2-proxy/build.gradle @@ -11,4 +11,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/norg2-proxy/src/main/resources/application.yml b/proxies/norg2-proxy/src/main/resources/application.yml index 6524f4f2ff6..e440f3fb8ff 100644 --- a/proxies/norg2-proxy/src/main/resources/application.yml +++ b/proxies/norg2-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/pdl-proxy/build.gradle b/proxies/pdl-proxy/build.gradle index b88f07def05..53aeea80b10 100644 --- a/proxies/pdl-proxy/build.gradle +++ b/proxies/pdl-proxy/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/pdl-proxy/src/main/resources/application.yml b/proxies/pdl-proxy/src/main/resources/application.yml index 3ceee0ee89f..670f0a384bc 100644 --- a/proxies/pdl-proxy/src/main/resources/application.yml +++ b/proxies/pdl-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/pensjon-testdata-facade-proxy/build.gradle b/proxies/pensjon-testdata-facade-proxy/build.gradle index c4710ef518d..8e6a15b8f00 100644 --- a/proxies/pensjon-testdata-facade-proxy/build.gradle +++ b/proxies/pensjon-testdata-facade-proxy/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml index c9e0eaaebf1..04650326219 100644 --- a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml +++ b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} cloud: gateway: httpclient: diff --git a/proxies/saf-proxy/build.gradle b/proxies/saf-proxy/build.gradle index ceba6e612a2..0584ef5f32e 100644 --- a/proxies/saf-proxy/build.gradle +++ b/proxies/saf-proxy/build.gradle @@ -13,4 +13,5 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/saf-proxy/src/main/resources/application.yml b/proxies/saf-proxy/src/main/resources/application.yml index f487b0a263f..48f28386541 100644 --- a/proxies/saf-proxy/src/main/resources/application.yml +++ b/proxies/saf-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/sigrunstub-proxy/build.gradle b/proxies/sigrunstub-proxy/build.gradle index b6c1e5e936a..e0dd09380c0 100644 --- a/proxies/sigrunstub-proxy/build.gradle +++ b/proxies/sigrunstub-proxy/build.gradle @@ -11,4 +11,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/sigrunstub-proxy/src/main/resources/application.yml b/proxies/sigrunstub-proxy/src/main/resources/application.yml index 0f6542d1626..e7837bc80a6 100644 --- a/proxies/sigrunstub-proxy/src/main/resources/application.yml +++ b/proxies/sigrunstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/skjermingsregister-proxy/build.gradle b/proxies/skjermingsregister-proxy/build.gradle index 920b573d608..b7c6c17e61a 100644 --- a/proxies/skjermingsregister-proxy/build.gradle +++ b/proxies/skjermingsregister-proxy/build.gradle @@ -10,9 +10,10 @@ sonarqube { } dependencies { - implementation 'no.nav.testnav.libs:security-core' - implementation 'no.nav.testnav.libs:reactive-security' + implementation "no.nav.testnav.libs:testing" implementation 'no.nav.testnav.libs:data-transfer-objects' + implementation 'no.nav.testnav.libs:reactive-security' + implementation 'no.nav.testnav.libs:security-core' testImplementation 'org.springframework.security:spring-security-test' } diff --git a/proxies/skjermingsregister-proxy/src/main/resources/application.yml b/proxies/skjermingsregister-proxy/src/main/resources/application.yml index 2f08d4b8909..a5f98abea94 100644 --- a/proxies/skjermingsregister-proxy/src/main/resources/application.yml +++ b/proxies/skjermingsregister-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/sykemelding-proxy/build.gradle b/proxies/sykemelding-proxy/build.gradle index 748b5a264f1..77ba5d43b4e 100644 --- a/proxies/sykemelding-proxy/build.gradle +++ b/proxies/sykemelding-proxy/build.gradle @@ -10,9 +10,10 @@ sonarqube { } dependencies { - implementation 'no.nav.testnav.libs:security-core' - implementation 'no.nav.testnav.libs:reactive-security' - implementation 'no.nav.testnav.libs:data-transfer-objects' + implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" - testImplementation 'org.springframework.security:spring-security-test' + testImplementation "org.springframework.security:spring-security-test" } diff --git a/proxies/synthdata-meldekort-proxy/build.gradle b/proxies/synthdata-meldekort-proxy/build.gradle index 66ce73cf9ae..5123d9432b0 100644 --- a/proxies/synthdata-meldekort-proxy/build.gradle +++ b/proxies/synthdata-meldekort-proxy/build.gradle @@ -19,6 +19,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } \ No newline at end of file diff --git a/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml b/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml index 8d9b1938bb0..81e3c4d967b 100644 --- a/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml +++ b/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: trygdeetaten: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} codec: max-in-memory-size: 15MB cloud: diff --git a/proxies/udistub-proxy/build.gradle b/proxies/udistub-proxy/build.gradle index e309c212e92..c60013cd596 100644 --- a/proxies/udistub-proxy/build.gradle +++ b/proxies/udistub-proxy/build.gradle @@ -10,7 +10,8 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/udistub-proxy/src/main/resources/application.yml b/proxies/udistub-proxy/src/main/resources/application.yml index 7964c5d4848..ba26d48bd34 100644 --- a/proxies/udistub-proxy/src/main/resources/application.yml +++ b/proxies/udistub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/yrkesskade-proxy/build.gradle b/proxies/yrkesskade-proxy/build.gradle index 8ed97fe8337..d306c2a1907 100644 --- a/proxies/yrkesskade-proxy/build.gradle +++ b/proxies/yrkesskade-proxy/build.gradle @@ -12,4 +12,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/yrkesskade-proxy/src/main/resources/application.yml b/proxies/yrkesskade-proxy/src/main/resources/application.yml index 62a44b12d4f..39cd187f4ec 100644 --- a/proxies/yrkesskade-proxy/src/main/resources/application.yml +++ b/proxies/yrkesskade-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} cloud: gateway: httpclient: From 4dbc6fec5376389a82958dd3b769d80fc24bbc1e Mon Sep 17 00:00:00 2001 From: Cato Olsen Date: Wed, 26 Feb 2025 08:08:57 +0100 Subject: [PATCH 03/13] Removes stackTraceIncludePrefix, for increased logging. --- apps/dolly-frontend/src/main/resources/logback-spring.xml | 1 - 1 file changed, 1 deletion(-) diff --git a/apps/dolly-frontend/src/main/resources/logback-spring.xml b/apps/dolly-frontend/src/main/resources/logback-spring.xml index b80ca79b071..abac7af4a59 100644 --- a/apps/dolly-frontend/src/main/resources/logback-spring.xml +++ b/apps/dolly-frontend/src/main/resources/logback-spring.xml @@ -5,7 +5,6 @@ -1 true - - From 3fe649b45af8057f5299e42153af78a197cceaa6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristen=20H=C3=A6rum?= Date: Wed, 26 Feb 2025 08:19:54 +0100 Subject: [PATCH 04/13] Revert "bugfix/dolly-backend-testing (#3763)" This reverts commit caa23d010ccd801549e730bdc0645af9e3decc8f. --- .github/workflows/common.integration-test.yml | 3 +- .github/workflows/integration-tests.yml | 2 - apps/adresse-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/altinn3-tilgang-service/build.gradle | 1 - .../src/main/resources/application-local.yml | 1 - apps/amelding-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/app-tilgang-analyse-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/arbeidsforhold-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/batch-bestilling-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/brreg-stub/build.gradle | 1 - apps/bruker-service/build.gradle | 1 - .../src/main/resources/application-local.yml | 2 - .../src/test/resources/application-test.yml | 3 - apps/budpro-service/build.gradle | 1 - apps/dolly-backend/build.gradle | 66 ++++++----- apps/dolly-backend/settings.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/dolly-frontend/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../src/test/resources/application-test.yml | 2 - apps/dollystatus/build.gradle | 2 - apps/endringsmelding-frontend/build.gradle | 5 +- apps/endringsmelding-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/faste-data-frontend/build.gradle | 5 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/generer-navn-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/helsepersonell-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/inntektsmelding-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../jenkins-batch-status-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/joark-dokument-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/kodeverk-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 7 +- .../settings.gradle | 4 +- .../src/main/resources/application.yml | 2 +- apps/miljoer-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/organisasjon-forvalter/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/organisasjon-mottak-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/organisasjon-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/orgnummer-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/oversikt-frontend/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/pdl-forvalter/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/person-faste-data-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/person-search-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/person-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/profil-api/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/skattekort-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/sykemelding-api/build.gradle | 1 - apps/synt-sykemelding-api/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/tenor-search-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/testnav-ident-pool/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/tilbakemelding-api/build.gradle | 1 - .../src/main/resources/application-local.yml | 3 - .../src/main/resources/application.yml | 2 +- apps/tps-messaging-service/build.gradle | 1 - apps/udi-stub/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../src/main/resources/logback-spring.xml | 2 - apps/varslinger-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- docker-compose.yml | 3 - .../GetAuthenticatedAutoConfiguration.java | 49 --------- .../GetAuthenticatedResourceServerType.java | 3 +- .../action/GetAuthenticatedToken.java | 11 +- .../action/GetAuthenticatedUserId.java | 23 ++-- .../TokenServiceAutoConfiguration.java | 43 +++++++- .../azuread/AzureNavTokenService.java | 1 - .../exchange/azuread/AzureTokenService.java | 1 - .../AzureTrygdeetatenTokenService.java | 1 - .../AzureAdResourceServerProperties.java | 7 +- .../properties/ResourceServerProperties.java | 3 +- ...urceServerPropertiesAutoConfiguration.java | 103 ------------------ .../TokenxResourceServerProperties.java | 7 +- ...etatenAzureAdResourceServerProperties.java | 6 + ...ot.autoconfigure.AutoConfiguration.imports | 4 +- .../properties/ResourceServerProperties.java | 17 +++ .../properties/ResourceServerProperties.java | 3 +- .../properties/ResourceServerProperties.java | 3 +- ...ironmentApplicationContextInitializer.java | 17 +-- .../src/main/resources/application.yml | 6 +- .../java/src/main/groovy/dolly-apps.gradle | 1 + .../java/src/main/groovy/dolly-proxies.gradle | 1 + proxies/aareg-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../aareg-synt-services-proxy/build.gradle | 4 - .../src/main/resources/application.yml | 2 +- proxies/altinn3-tilgang-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/arbeidsplassencv-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/arena-forvalteren-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/batch-adeo-proxy/build.gradle | 4 - .../src/main/resources/application.yml | 2 +- proxies/brregstub-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/dokarkiv-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/ereg-proxy/build.gradle | 4 - .../src/main/resources/application.yml | 2 +- proxies/fullmakt-proxy/build.gradle | 1 - proxies/histark-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/inntektstub-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/inst-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../kontoregister-person-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/krrstub-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/medl-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/norg2-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/pdl-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/saf-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/sigrunstub-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/skjermingsregister-proxy/build.gradle | 5 +- .../src/main/resources/application.yml | 2 +- proxies/sykemelding-proxy/build.gradle | 9 +- .../synthdata-meldekort-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/udistub-proxy/build.gradle | 5 +- .../src/main/resources/application.yml | 2 +- proxies/yrkesskade-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- 181 files changed, 237 insertions(+), 422 deletions(-) delete mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java delete mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java create mode 100644 libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java diff --git a/.github/workflows/common.integration-test.yml b/.github/workflows/common.integration-test.yml index a0fc560f8a9..8246c29c8d2 100644 --- a/.github/workflows/common.integration-test.yml +++ b/.github/workflows/common.integration-test.yml @@ -41,7 +41,8 @@ jobs: - name: "Health check" timeout-minutes: 5 run: | - bash -c 'while true; do status=$(curl --connect-timeout 2 -s -o /dev/null -w ''%{http_code}'' ${{ inputs.healthcheck }}); if [ "$status" -eq 200 ]; then echo Service is up; break; else echo "HTTP status: $status"; sleep 5; fi; done;' + echo Wait on service... + bash -c 'while [[ "$(curl --connect-timeout 2 -s -o /dev/null -w ''%{http_code}'' ${{ inputs.healthcheck }})" != "200" ]]; do echo ...; sleep 5; done; echo Service is up;' - name: "Run integration tests" uses: gradle/actions/setup-gradle@v3 with: diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 4543a7ca9cd..e7f6e7bb121 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -2,8 +2,6 @@ name: Integration Tests on: push: paths: - - ".github/workflows/common.integration-test.yml" - - ".github/workflows/integration-tests.yml" - "apps/altinn3-tilgang-service/**" - "apps/bruker-service/**" - "mocks/maskinporten-mock/**" diff --git a/apps/adresse-service/build.gradle b/apps/adresse-service/build.gradle index 930229aed1f..3ce1a306707 100644 --- a/apps/adresse-service/build.gradle +++ b/apps/adresse-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/adresse-service/src/main/resources/application.yml b/apps/adresse-service/src/main/resources/application.yml index f8e6d566064..9b742cb296e 100644 --- a/apps/adresse-service/src/main/resources/application.yml +++ b/apps/adresse-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/altinn3-tilgang-service/build.gradle b/apps/altinn3-tilgang-service/build.gradle index e119bd6550e..cf1162f4ca0 100644 --- a/apps/altinn3-tilgang-service/build.gradle +++ b/apps/altinn3-tilgang-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/altinn3-tilgang-service/src/main/resources/application-local.yml b/apps/altinn3-tilgang-service/src/main/resources/application-local.yml index 14aefd2f0bb..c5b0c3f2556 100644 --- a/apps/altinn3-tilgang-service/src/main/resources/application-local.yml +++ b/apps/altinn3-tilgang-service/src/main/resources/application-local.yml @@ -1,4 +1,3 @@ -ALTINN_URL: ${sm\://azure-openid-config-token-endpoint} MASKINPORTEN_CLIENT_ID: ef2960de-7fa6-4396-80a5-2eca00e4af28 MASKINPORTEN_SCOPES: altinn:resourceregistry/accesslist.read altinn:resourceregistry/accesslist.write altinn:accessmanagement/authorizedparties.resourceowner diff --git a/apps/amelding-service/build.gradle b/apps/amelding-service/build.gradle index a3c8b11228e..cbe63f5c3c0 100644 --- a/apps/amelding-service/build.gradle +++ b/apps/amelding-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/amelding-service/src/main/resources/application.yml b/apps/amelding-service/src/main/resources/application.yml index 7d2b487d7b3..2ee2afe36e4 100644 --- a/apps/amelding-service/src/main/resources/application.yml +++ b/apps/amelding-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/app-tilgang-analyse-service/build.gradle b/apps/app-tilgang-analyse-service/build.gradle index 44bcccfe361..aabf1cef55e 100644 --- a/apps/app-tilgang-analyse-service/build.gradle +++ b/apps/app-tilgang-analyse-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/app-tilgang-analyse-service/src/main/resources/application.yml b/apps/app-tilgang-analyse-service/src/main/resources/application.yml index a5e560b2ad7..b9c6c9f0aab 100644 --- a/apps/app-tilgang-analyse-service/src/main/resources/application.yml +++ b/apps/app-tilgang-analyse-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/arbeidsforhold-service/build.gradle b/apps/arbeidsforhold-service/build.gradle index 232680b1ac2..d63025e02c3 100644 --- a/apps/arbeidsforhold-service/build.gradle +++ b/apps/arbeidsforhold-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/arbeidsforhold-service/src/main/resources/application.yml b/apps/arbeidsforhold-service/src/main/resources/application.yml index 99aafa1f5d4..226cff6e713 100644 --- a/apps/arbeidsforhold-service/src/main/resources/application.yml +++ b/apps/arbeidsforhold-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/batch-bestilling-service/build.gradle b/apps/batch-bestilling-service/build.gradle index 02ce90d9971..fd98618053d 100644 --- a/apps/batch-bestilling-service/build.gradle +++ b/apps/batch-bestilling-service/build.gradle @@ -18,7 +18,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/batch-bestilling-service/src/main/resources/application.yml b/apps/batch-bestilling-service/src/main/resources/application.yml index b7796a56618..abd377c1c07 100644 --- a/apps/batch-bestilling-service/src/main/resources/application.yml +++ b/apps/batch-bestilling-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/brreg-stub/build.gradle b/apps/brreg-stub/build.gradle index 235490c398d..bc61e6fc95b 100644 --- a/apps/brreg-stub/build.gradle +++ b/apps/brreg-stub/build.gradle @@ -27,7 +27,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:vault" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-web-services" diff --git a/apps/bruker-service/build.gradle b/apps/bruker-service/build.gradle index f183040ae28..d968fb66030 100644 --- a/apps/bruker-service/build.gradle +++ b/apps/bruker-service/build.gradle @@ -27,7 +27,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/bruker-service/src/main/resources/application-local.yml b/apps/bruker-service/src/main/resources/application-local.yml index b5ba988c8b6..03ed912b26a 100644 --- a/apps/bruker-service/src/main/resources/application-local.yml +++ b/apps/bruker-service/src/main/resources/application-local.yml @@ -1,5 +1,3 @@ -CRYPTOGRAPHY_SECRET: dummy -JWT_SECRET: dummy TOKEN_X_CLIENT_ID: dev-gcp:dolly:testnav-bruker-service-dev spring: diff --git a/apps/bruker-service/src/test/resources/application-test.yml b/apps/bruker-service/src/test/resources/application-test.yml index b9d16b83133..cf96147fb34 100644 --- a/apps/bruker-service/src/test/resources/application-test.yml +++ b/apps/bruker-service/src/test/resources/application-test.yml @@ -1,6 +1,3 @@ -CRYPTOGRAPHY_SECRET: dummy -JWT_SECRET: dummy - spring: flyway: url: jdbc:h2:mem:testdb diff --git a/apps/budpro-service/build.gradle b/apps/budpro-service/build.gradle index 2b9d223ff1f..4fc43f98721 100644 --- a/apps/budpro-service/build.gradle +++ b/apps/budpro-service/build.gradle @@ -10,7 +10,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/dolly-backend/build.gradle b/apps/dolly-backend/build.gradle index 8aadfe7b669..3984b2d70ed 100644 --- a/apps/dolly-backend/build.gradle +++ b/apps/dolly-backend/build.gradle @@ -10,56 +10,54 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:servlet-core" - implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:data-transfer-search-objects" - implementation "no.nav.testnav.libs:reactive-core" - implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:testing" + implementation 'no.nav.testnav.libs:servlet-core' + implementation 'no.nav.testnav.libs:servlet-security' + implementation 'no.nav.testnav.libs:servlet-insecure-security' + implementation 'no.nav.testnav.libs:security-core' + implementation 'no.nav.testnav.libs:data-transfer-objects' + implementation 'no.nav.testnav.libs:data-transfer-search-objects' + implementation 'no.nav.testnav.libs:reactive-core' implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" - implementation "org.springframework.boot:spring-boot-starter-web" - implementation "org.springframework.boot:spring-boot-starter-oauth2-client" - implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" - implementation "org.springframework.boot:spring-boot-starter-data-jpa" - implementation "org.springframework.boot:spring-boot-starter-security" - implementation "org.springframework.boot:spring-boot-starter-validation" - implementation "org.springframework.retry:spring-retry" + implementation 'org.springframework.boot:spring-boot-starter-web' + implementation 'org.springframework.boot:spring-boot-starter-oauth2-client' + implementation 'org.springframework.boot:spring-boot-starter-oauth2-resource-server' + implementation 'org.springframework.boot:spring-boot-starter-data-jpa' + implementation 'org.springframework.boot:spring-boot-starter-security' + implementation 'org.springframework.boot:spring-boot-starter-validation' + implementation 'org.springframework.retry:spring-retry' - implementation "org.springframework.boot:spring-boot-starter-data-elasticsearch" + implementation 'org.springframework.boot:spring-boot-starter-data-elasticsearch' implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" - implementation "org.apache.commons:commons-lang3" - implementation "org.springframework.boot:spring-boot-starter-cache" - implementation "com.github.ben-manes.caffeine:caffeine" + implementation 'org.apache.commons:commons-lang3' + implementation 'org.springframework.boot:spring-boot-starter-cache' + implementation 'com.github.ben-manes.caffeine:caffeine' - implementation "org.ehcache:ehcache:3.10.8" + implementation 'org.ehcache:ehcache:3.10.8' implementation "com.fasterxml.jackson.core:jackson-core:$versions.jackson" - implementation "org.postgresql:postgresql" - implementation "org.flywaydb:flyway-core" - implementation "org.flywaydb:flyway-database-postgresql" + implementation 'org.postgresql:postgresql' + implementation 'org.flywaydb:flyway-core' + implementation 'org.flywaydb:flyway-database-postgresql' implementation "ma.glasnost.orika:orika-core:$versions.orika" - implementation "org.codehaus.jettison:jettison:1.5.4" + implementation 'org.codehaus.jettison:jettison:1.5.4' implementation "org.apache.poi:poi:$versions.apachePoi" implementation "org.apache.poi:poi-ooxml:$versions.apachePoi" - testImplementation "org.opensearch:opensearch-testcontainers:2.1.2" + testImplementation 'org.opensearch:opensearch-testcontainers:2.1.2' - testImplementation "org.springframework.security:spring-security-test" - testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" - testImplementation "com.h2database:h2" + testImplementation 'org.springframework.security:spring-security-test' + testImplementation 'org.springframework.cloud:spring-cloud-contract-wiremock' + testImplementation 'com.h2database:h2' testImplementation "io.projectreactor:reactor-test:$versions.reactorTest" - testImplementation "org.testcontainers:junit-jupiter" - testImplementation "org.springframework.boot:spring-boot-testcontainers" - testImplementation "org.testcontainers:postgresql" - testImplementation "org.bitbucket.b_c:jose4j:0.9.6" + testImplementation 'org.testcontainers:junit-jupiter' + testImplementation 'org.springframework.boot:spring-boot-testcontainers' + testImplementation 'org.testcontainers:postgresql' + testImplementation 'org.bitbucket.b_c:jose4j:0.9.6' - implementation "net.java.dev.jna:jna:5.14.0" + implementation 'net.java.dev.jna:jna:5.14.0' } \ No newline at end of file diff --git a/apps/dolly-backend/settings.gradle b/apps/dolly-backend/settings.gradle index a37687bbf94..5b948edcd1f 100644 --- a/apps/dolly-backend/settings.gradle +++ b/apps/dolly-backend/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/data-transfer-search-objects" includeBuild "../../libs/reactive-core" -includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" includeBuild "../../libs/servlet-core" includeBuild "../../libs/servlet-insecure-security" diff --git a/apps/dolly-backend/src/main/resources/application.yml b/apps/dolly-backend/src/main/resources/application.yml index 798817b2517..6e8bfedc134 100644 --- a/apps/dolly-backend/src/main/resources/application.yml +++ b/apps/dolly-backend/src/main/resources/application.yml @@ -44,7 +44,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} jackson: parser: include-source-in-location: true diff --git a/apps/dolly-frontend/build.gradle b/apps/dolly-frontend/build.gradle index 0e51a299073..6240eedefc0 100644 --- a/apps/dolly-frontend/build.gradle +++ b/apps/dolly-frontend/build.gradle @@ -26,7 +26,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:reactive-session-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" // Session implementation "redis.clients:jedis:5.2.0" diff --git a/apps/dolly-frontend/src/main/resources/application.yml b/apps/dolly-frontend/src/main/resources/application.yml index 2d791fbaa4b..1ef770e5b00 100644 --- a/apps/dolly-frontend/src/main/resources/application.yml +++ b/apps/dolly-frontend/src/main/resources/application.yml @@ -14,7 +14,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/dolly-frontend/src/test/resources/application-test.yml b/apps/dolly-frontend/src/test/resources/application-test.yml index b5eb20eece4..e69de29bb2d 100644 --- a/apps/dolly-frontend/src/test/resources/application-test.yml +++ b/apps/dolly-frontend/src/test/resources/application-test.yml @@ -1,2 +0,0 @@ -IDPORTEN_CLIENT_ID: dummy -IDPORTEN_CLIENT_JWK: dummy \ No newline at end of file diff --git a/apps/dollystatus/build.gradle b/apps/dollystatus/build.gradle index 1c654af12e1..b8a85394b88 100644 --- a/apps/dollystatus/build.gradle +++ b/apps/dollystatus/build.gradle @@ -11,7 +11,5 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:testing" - implementation 'org.springframework.boot:spring-boot-starter-web' } diff --git a/apps/endringsmelding-frontend/build.gradle b/apps/endringsmelding-frontend/build.gradle index 52875516b51..e3940d5fc48 100644 --- a/apps/endringsmelding-frontend/build.gradle +++ b/apps/endringsmelding-frontend/build.gradle @@ -18,6 +18,8 @@ configurations { } dependencies { + implementation "io.grpc:grpc-netty:$versions.grpc" + implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" implementation("no.nav.testnav.libs:reactive-session-security") { @@ -27,10 +29,9 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } - implementation "no.nav.testnav.libs:testing" - implementation "io.grpc:grpc-netty:$versions.grpc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" + implementation "org.springframework.cloud:spring-cloud-starter-gateway" testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" diff --git a/apps/endringsmelding-service/build.gradle b/apps/endringsmelding-service/build.gradle index 7a5085afa4a..2ebc0d36af5 100644 --- a/apps/endringsmelding-service/build.gradle +++ b/apps/endringsmelding-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/endringsmelding-service/src/main/resources/application.yml b/apps/endringsmelding-service/src/main/resources/application.yml index cae88d56332..59b3813236c 100644 --- a/apps/endringsmelding-service/src/main/resources/application.yml +++ b/apps/endringsmelding-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/faste-data-frontend/build.gradle b/apps/faste-data-frontend/build.gradle index 256be3873d2..f960e48dd39 100644 --- a/apps/faste-data-frontend/build.gradle +++ b/apps/faste-data-frontend/build.gradle @@ -18,6 +18,8 @@ configurations { } dependencies { + implementation "io.grpc:grpc-netty:$versions.grpc" + implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" implementation("no.nav.testnav.libs:reactive-session-security") { @@ -27,10 +29,9 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } - implementation "no.nav.testnav.libs:testing" - implementation "io.grpc:grpc-netty:$versions.grpc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" + implementation "org.springframework.cloud:spring-cloud-starter-gateway" testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" diff --git a/apps/generer-arbeidsforhold-populasjon-service/build.gradle b/apps/generer-arbeidsforhold-populasjon-service/build.gradle index 54c4e17cb22..cfa772f62d0 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/build.gradle +++ b/apps/generer-arbeidsforhold-populasjon-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml index 449000c7d24..3fc8e4bea97 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml +++ b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-navn-service/build.gradle b/apps/generer-navn-service/build.gradle index 3ad4f100fc9..96007c01cea 100644 --- a/apps/generer-navn-service/build.gradle +++ b/apps/generer-navn-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/generer-navn-service/src/main/resources/application.yml b/apps/generer-navn-service/src/main/resources/application.yml index 942b29ed7f8..f50592c4259 100644 --- a/apps/generer-navn-service/src/main/resources/application.yml +++ b/apps/generer-navn-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-organisasjon-populasjon-service/build.gradle b/apps/generer-organisasjon-populasjon-service/build.gradle index c4fb89b1ec9..301249239a6 100644 --- a/apps/generer-organisasjon-populasjon-service/build.gradle +++ b/apps/generer-organisasjon-populasjon-service/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml b/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml index b7bc4e02b39..dddddbefe55 100644 --- a/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml +++ b/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-synt-amelding-service/build.gradle b/apps/generer-synt-amelding-service/build.gradle index 17e8df431cf..4ea869df5d5 100644 --- a/apps/generer-synt-amelding-service/build.gradle +++ b/apps/generer-synt-amelding-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/generer-synt-amelding-service/src/main/resources/application.yml b/apps/generer-synt-amelding-service/src/main/resources/application.yml index 820d4f2a08b..a45951abdff 100644 --- a/apps/generer-synt-amelding-service/src/main/resources/application.yml +++ b/apps/generer-synt-amelding-service/src/main/resources/application.yml @@ -9,7 +9,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/helsepersonell-service/build.gradle b/apps/helsepersonell-service/build.gradle index b05edacb6bd..5a86c7a8f3c 100644 --- a/apps/helsepersonell-service/build.gradle +++ b/apps/helsepersonell-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/helsepersonell-service/src/main/resources/application.yml b/apps/helsepersonell-service/src/main/resources/application.yml index 4fec57bde8f..21ea5b1a259 100644 --- a/apps/helsepersonell-service/src/main/resources/application.yml +++ b/apps/helsepersonell-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/inntektsmelding-generator-service/build.gradle b/apps/inntektsmelding-generator-service/build.gradle index 4db9b3660ab..d0220df6669 100644 --- a/apps/inntektsmelding-generator-service/build.gradle +++ b/apps/inntektsmelding-generator-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/inntektsmelding-generator-service/src/main/resources/application.yml b/apps/inntektsmelding-generator-service/src/main/resources/application.yml index 4a7dc158c67..2e9697d655d 100644 --- a/apps/inntektsmelding-generator-service/src/main/resources/application.yml +++ b/apps/inntektsmelding-generator-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/inntektsmelding-service/build.gradle b/apps/inntektsmelding-service/build.gradle index 26d1ddbfb16..328840a81c3 100644 --- a/apps/inntektsmelding-service/build.gradle +++ b/apps/inntektsmelding-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/inntektsmelding-service/src/main/resources/application.yml b/apps/inntektsmelding-service/src/main/resources/application.yml index 78c313fe281..adabbd20f19 100644 --- a/apps/inntektsmelding-service/src/main/resources/application.yml +++ b/apps/inntektsmelding-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/jenkins-batch-status-service/build.gradle b/apps/jenkins-batch-status-service/build.gradle index 6979650f6ce..bd05c64823b 100644 --- a/apps/jenkins-batch-status-service/build.gradle +++ b/apps/jenkins-batch-status-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/jenkins-batch-status-service/src/main/resources/application.yml b/apps/jenkins-batch-status-service/src/main/resources/application.yml index 06be6a3f0fe..c09b76ed0d5 100644 --- a/apps/jenkins-batch-status-service/src/main/resources/application.yml +++ b/apps/jenkins-batch-status-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/joark-dokument-service/build.gradle b/apps/joark-dokument-service/build.gradle index 7dbd10dab9d..790106881d9 100644 --- a/apps/joark-dokument-service/build.gradle +++ b/apps/joark-dokument-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/joark-dokument-service/src/main/resources/application.yml b/apps/joark-dokument-service/src/main/resources/application.yml index 84755000dce..477720a9894 100644 --- a/apps/joark-dokument-service/src/main/resources/application.yml +++ b/apps/joark-dokument-service/src/main/resources/application.yml @@ -15,7 +15,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/kodeverk-service/build.gradle b/apps/kodeverk-service/build.gradle index a5efabcbe81..37b4afe3181 100644 --- a/apps/kodeverk-service/build.gradle +++ b/apps/kodeverk-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/kodeverk-service/src/main/resources/application.yml b/apps/kodeverk-service/src/main/resources/application.yml index 35636c9e60b..8560362169b 100644 --- a/apps/kodeverk-service/src/main/resources/application.yml +++ b/apps/kodeverk-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/levende-arbeidsforhold-ansettelse/build.gradle b/apps/levende-arbeidsforhold-ansettelse/build.gradle index 645c2f5d9fd..f0a24a7410d 100644 --- a/apps/levende-arbeidsforhold-ansettelse/build.gradle +++ b/apps/levende-arbeidsforhold-ansettelse/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml index f4c9a3d2b3b..538e98af0ae 100644 --- a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} flyway: locations: classpath:db/migration enabled: true diff --git a/apps/levende-arbeidsforhold-scheduler/build.gradle b/apps/levende-arbeidsforhold-scheduler/build.gradle index e252168474e..f0cc5802adc 100644 --- a/apps/levende-arbeidsforhold-scheduler/build.gradle +++ b/apps/levende-arbeidsforhold-scheduler/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-quartz" diff --git a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml index e990c09338f..dbf213cd6ce 100644 --- a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/levende-arbeidsforhold-service/build.gradle b/apps/levende-arbeidsforhold-service/build.gradle index 823edbb1aba..d5e6a11f670 100644 --- a/apps/levende-arbeidsforhold-service/build.gradle +++ b/apps/levende-arbeidsforhold-service/build.gradle @@ -10,6 +10,9 @@ sonarqube { } dependencies { + implementation "io.confluent:kafka-avro-serializer:$versions.avroSerializer" + implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" + implementation "no.nav.testnav.libs:avro-schema" implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:kafka-config" @@ -17,12 +20,10 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" - implementation "io.confluent:kafka-avro-serializer:$versions.avroSerializer" - implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" implementation "org.apache.kafka:kafka-clients:$versions.apacheKafka" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" + implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/levende-arbeidsforhold-service/settings.gradle b/apps/levende-arbeidsforhold-service/settings.gradle index 71d9e5977ac..4bd0975147b 100644 --- a/apps/levende-arbeidsforhold-service/settings.gradle +++ b/apps/levende-arbeidsforhold-service/settings.gradle @@ -5,13 +5,13 @@ plugins { rootProject.name = "levende-arbeidsforhold-service" includeBuild "../../libs/avro-schema" -includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/kafka-config" +includeBuild "../../libs/testing" +includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/reactive-core" includeBuild "../../libs/security-core" includeBuild "../../libs/servlet-core" includeBuild "../../libs/servlet-insecure-security" -includeBuild "../../libs/testing" develocity { buildScan { diff --git a/apps/levende-arbeidsforhold-service/src/main/resources/application.yml b/apps/levende-arbeidsforhold-service/src/main/resources/application.yml index 1d7926e10da..bde3afafb81 100644 --- a/apps/levende-arbeidsforhold-service/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} kafka: consumer: group-id: testnav-levende-arbeidsforhold-service diff --git a/apps/miljoer-service/build.gradle b/apps/miljoer-service/build.gradle index 3345c19b12f..ea53e959c2d 100644 --- a/apps/miljoer-service/build.gradle +++ b/apps/miljoer-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/miljoer-service/src/main/resources/application.yml b/apps/miljoer-service/src/main/resources/application.yml index b7d615aefde..ba046b9b166 100644 --- a/apps/miljoer-service/src/main/resources/application.yml +++ b/apps/miljoer-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/oppsummeringsdokument-service/build.gradle b/apps/oppsummeringsdokument-service/build.gradle index a0de4982a5d..53d2b548a79 100644 --- a/apps/oppsummeringsdokument-service/build.gradle +++ b/apps/oppsummeringsdokument-service/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.xsd:arbeidsforhold-xsd" - implementation "no.nav.testnav.libs:testing" implementation "com.fasterxml.jackson.dataformat:jackson-dataformat-xml" diff --git a/apps/oppsummeringsdokument-service/src/main/resources/application.yml b/apps/oppsummeringsdokument-service/src/main/resources/application.yml index 5243d12e5f8..a49b4ce5f22 100644 --- a/apps/oppsummeringsdokument-service/src/main/resources/application.yml +++ b/apps/oppsummeringsdokument-service/src/main/resources/application.yml @@ -4,7 +4,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} application: name: oppsummeringsdokument-service description: Tjeneste for å sende inn oppsummeringsdokument til aareg og søke i innsendte oppsummeringsdokumenter. diff --git a/apps/organisasjon-bestilling-service/build.gradle b/apps/organisasjon-bestilling-service/build.gradle index 0bdc1cb3ee7..ea8c74c4e49 100644 --- a/apps/organisasjon-bestilling-service/build.gradle +++ b/apps/organisasjon-bestilling-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/organisasjon-bestilling-service/src/main/resources/application.yml b/apps/organisasjon-bestilling-service/src/main/resources/application.yml index 3ee70507ad5..54e9361c619 100644 --- a/apps/organisasjon-bestilling-service/src/main/resources/application.yml +++ b/apps/organisasjon-bestilling-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/organisasjon-faste-data-service/build.gradle b/apps/organisasjon-faste-data-service/build.gradle index eb6c75c1918..d4cc105df58 100644 --- a/apps/organisasjon-faste-data-service/build.gradle +++ b/apps/organisasjon-faste-data-service/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/organisasjon-faste-data-service/src/main/resources/application.yml b/apps/organisasjon-faste-data-service/src/main/resources/application.yml index 2899efe8df9..620350af387 100644 --- a/apps/organisasjon-faste-data-service/src/main/resources/application.yml +++ b/apps/organisasjon-faste-data-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/organisasjon-forvalter/build.gradle b/apps/organisasjon-forvalter/build.gradle index 398122e8fee..1fb8803fd77 100644 --- a/apps/organisasjon-forvalter/build.gradle +++ b/apps/organisasjon-forvalter/build.gradle @@ -22,7 +22,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/organisasjon-forvalter/src/main/resources/application.yml b/apps/organisasjon-forvalter/src/main/resources/application.yml index 6ae92ebecac..bf9978fbd94 100644 --- a/apps/organisasjon-forvalter/src/main/resources/application.yml +++ b/apps/organisasjon-forvalter/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/organisasjon-mottak-service/build.gradle b/apps/organisasjon-mottak-service/build.gradle index a5605299aa8..220373f5089 100644 --- a/apps/organisasjon-mottak-service/build.gradle +++ b/apps/organisasjon-mottak-service/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/organisasjon-mottak-service/src/main/resources/application.yml b/apps/organisasjon-mottak-service/src/main/resources/application.yml index 21f878de592..697afc71e4c 100644 --- a/apps/organisasjon-mottak-service/src/main/resources/application.yml +++ b/apps/organisasjon-mottak-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/organisasjon-service/build.gradle b/apps/organisasjon-service/build.gradle index 2d6ea6c665c..3df14ba3559 100644 --- a/apps/organisasjon-service/build.gradle +++ b/apps/organisasjon-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/organisasjon-service/src/main/resources/application.yml b/apps/organisasjon-service/src/main/resources/application.yml index 4f5619ac476..3b8bdf59f81 100644 --- a/apps/organisasjon-service/src/main/resources/application.yml +++ b/apps/organisasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/orgnummer-service/build.gradle b/apps/orgnummer-service/build.gradle index 735d1e0c98c..1df3d299209 100644 --- a/apps/orgnummer-service/build.gradle +++ b/apps/orgnummer-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/orgnummer-service/src/main/resources/application.yml b/apps/orgnummer-service/src/main/resources/application.yml index 94509373e18..6fca4621d27 100644 --- a/apps/orgnummer-service/src/main/resources/application.yml +++ b/apps/orgnummer-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: dev-gcp:dolly:testnav-orgnummer-service diff --git a/apps/oversikt-frontend/build.gradle b/apps/oversikt-frontend/build.gradle index d37b2d5822a..5e50676ce88 100644 --- a/apps/oversikt-frontend/build.gradle +++ b/apps/oversikt-frontend/build.gradle @@ -20,7 +20,6 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.cloud:spring-cloud-starter-gateway" diff --git a/apps/oversikt-frontend/src/main/resources/application.yml b/apps/oversikt-frontend/src/main/resources/application.yml index 04ccbd221c0..4a5600397d2 100644 --- a/apps/oversikt-frontend/src/main/resources/application.yml +++ b/apps/oversikt-frontend/src/main/resources/application.yml @@ -4,7 +4,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} diff --git a/apps/pdl-forvalter/build.gradle b/apps/pdl-forvalter/build.gradle index ab10ad1279d..73b74c911c1 100644 --- a/apps/pdl-forvalter/build.gradle +++ b/apps/pdl-forvalter/build.gradle @@ -20,7 +20,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/pdl-forvalter/src/main/resources/application.yml b/apps/pdl-forvalter/src/main/resources/application.yml index 5894fa1f8b7..eb06623452c 100644 --- a/apps/pdl-forvalter/src/main/resources/application.yml +++ b/apps/pdl-forvalter/src/main/resources/application.yml @@ -41,7 +41,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/person-faste-data-service/build.gradle b/apps/person-faste-data-service/build.gradle index 2b18e57f16a..90effeb93fa 100644 --- a/apps/person-faste-data-service/build.gradle +++ b/apps/person-faste-data-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/person-faste-data-service/src/main/resources/application.yml b/apps/person-faste-data-service/src/main/resources/application.yml index 45fdf63c8f9..6b5a3494897 100644 --- a/apps/person-faste-data-service/src/main/resources/application.yml +++ b/apps/person-faste-data-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: dev-gcp:dolly:testnav-person-faste-data-service diff --git a/apps/person-search-service/build.gradle b/apps/person-search-service/build.gradle index b56e456f3e2..7fb6dbcb708 100644 --- a/apps/person-search-service/build.gradle +++ b/apps/person-search-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-elasticsearch" implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" diff --git a/apps/person-search-service/src/main/resources/application.yml b/apps/person-search-service/src/main/resources/application.yml index 89ae1646179..0e7f6440491 100644 --- a/apps/person-search-service/src/main/resources/application.yml +++ b/apps/person-search-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/person-service/build.gradle b/apps/person-service/build.gradle index 2ce944201a9..60ed4e286c2 100644 --- a/apps/person-service/build.gradle +++ b/apps/person-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/person-service/src/main/resources/application.yml b/apps/person-service/src/main/resources/application.yml index 4b77cd0a65f..aaaf77bf2b4 100644 --- a/apps/person-service/src/main/resources/application.yml +++ b/apps/person-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} jackson: serialization: write_dates_as_timestamps: false diff --git a/apps/profil-api/build.gradle b/apps/profil-api/build.gradle index 23932ab9838..6a06c4236a6 100644 --- a/apps/profil-api/build.gradle +++ b/apps/profil-api/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/profil-api/src/main/resources/application.yml b/apps/profil-api/src/main/resources/application.yml index 5809abe4591..f414c6d8f50 100644 --- a/apps/profil-api/src/main/resources/application.yml +++ b/apps/profil-api/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/skattekort-service/build.gradle b/apps/skattekort-service/build.gradle index a277d93478e..c9ba8298fac 100644 --- a/apps/skattekort-service/build.gradle +++ b/apps/skattekort-service/build.gradle @@ -27,7 +27,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/skattekort-service/src/main/resources/application.yml b/apps/skattekort-service/src/main/resources/application.yml index 195fade91c6..1d3a3af3c76 100644 --- a/apps/skattekort-service/src/main/resources/application.yml +++ b/apps/skattekort-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/sykemelding-api/build.gradle b/apps/sykemelding-api/build.gradle index cbb59f63251..bbfe33929d2 100644 --- a/apps/sykemelding-api/build.gradle +++ b/apps/sykemelding-api/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/synt-sykemelding-api/build.gradle b/apps/synt-sykemelding-api/build.gradle index 5d1e6d3324f..d0822af1c9e 100644 --- a/apps/synt-sykemelding-api/build.gradle +++ b/apps/synt-sykemelding-api/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/synt-sykemelding-api/src/main/resources/application.yml b/apps/synt-sykemelding-api/src/main/resources/application.yml index 196a8229a63..aee3d690ac4 100644 --- a/apps/synt-sykemelding-api/src/main/resources/application.yml +++ b/apps/synt-sykemelding-api/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/synt-vedtakshistorikk-service/build.gradle b/apps/synt-vedtakshistorikk-service/build.gradle index 732aeddab21..93b257d3563 100644 --- a/apps/synt-vedtakshistorikk-service/build.gradle +++ b/apps/synt-vedtakshistorikk-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml b/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml index 0086630fc1a..822d79cd6f7 100644 --- a/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml +++ b/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/tenor-search-service/build.gradle b/apps/tenor-search-service/build.gradle index fc3a17baec1..da1b52e4ad7 100644 --- a/apps/tenor-search-service/build.gradle +++ b/apps/tenor-search-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/tenor-search-service/src/main/resources/application.yml b/apps/tenor-search-service/src/main/resources/application.yml index 720f4d6cb92..719d051eda8 100644 --- a/apps/tenor-search-service/src/main/resources/application.yml +++ b/apps/tenor-search-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/testnav-ident-pool/build.gradle b/apps/testnav-ident-pool/build.gradle index d3042f49769..d60cee6397a 100644 --- a/apps/testnav-ident-pool/build.gradle +++ b/apps/testnav-ident-pool/build.gradle @@ -18,7 +18,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/testnav-ident-pool/src/main/resources/application.yml b/apps/testnav-ident-pool/src/main/resources/application.yml index 1b8b5f1a876..cfbe7200e50 100644 --- a/apps/testnav-ident-pool/src/main/resources/application.yml +++ b/apps/testnav-ident-pool/src/main/resources/application.yml @@ -43,7 +43,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/testnorge-statisk-data-forvalter/build.gradle b/apps/testnorge-statisk-data-forvalter/build.gradle index 1b99d32f5e6..6d4e1d0c37b 100644 --- a/apps/testnorge-statisk-data-forvalter/build.gradle +++ b/apps/testnorge-statisk-data-forvalter/build.gradle @@ -21,7 +21,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "no.nav.testnav.libs:vault" implementation "org.springframework.kafka:spring-kafka" diff --git a/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml b/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml index ae07af84a08..b2e5797c322 100644 --- a/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml +++ b/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml @@ -13,7 +13,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/tilbakemelding-api/build.gradle b/apps/tilbakemelding-api/build.gradle index 7c215a05ab8..927a20d322d 100644 --- a/apps/tilbakemelding-api/build.gradle +++ b/apps/tilbakemelding-api/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:slack" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/tilbakemelding-api/src/main/resources/application-local.yml b/apps/tilbakemelding-api/src/main/resources/application-local.yml index f2b70d36692..9c7acce458c 100644 --- a/apps/tilbakemelding-api/src/main/resources/application-local.yml +++ b/apps/tilbakemelding-api/src/main/resources/application-local.yml @@ -1,6 +1,3 @@ -SLACK_CHANNEL: dummy -SLACK_TOKEN: dummy - consumers: profil-api: url: https://testnorge-profil-api.intern.dev.nav.no diff --git a/apps/tilbakemelding-api/src/main/resources/application.yml b/apps/tilbakemelding-api/src/main/resources/application.yml index 895d51671ce..e0e648809ae 100644 --- a/apps/tilbakemelding-api/src/main/resources/application.yml +++ b/apps/tilbakemelding-api/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/tps-messaging-service/build.gradle b/apps/tps-messaging-service/build.gradle index 6d44b0b9b4b..5cae62ac557 100644 --- a/apps/tps-messaging-service/build.gradle +++ b/apps/tps-messaging-service/build.gradle @@ -18,7 +18,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "no.nav.repository.fellesreg.tpsws:nav-repository-fellesregister-castor-tps-s018-domain:$versions.navFellesregister" implementation "no.nav.repository.fellesreg.tpsws:nav-repository-fellesregister-jaxb-tps-m201-domain:$versions.navFellesregister" diff --git a/apps/udi-stub/build.gradle b/apps/udi-stub/build.gradle index 53a0ca6aaa9..1490a7c89f9 100644 --- a/apps/udi-stub/build.gradle +++ b/apps/udi-stub/build.gradle @@ -23,7 +23,6 @@ configurations { dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "no.nav.testnav.libs:vault" implementation "com.sun.xml.ws:jaxws-rt:$versions.jaxws" diff --git a/apps/udi-stub/src/main/resources/application.yml b/apps/udi-stub/src/main/resources/application.yml index dcb18f5ecee..e8c4b285c1b 100644 --- a/apps/udi-stub/src/main/resources/application.yml +++ b/apps/udi-stub/src/main/resources/application.yml @@ -18,7 +18,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/udi-stub/src/main/resources/logback-spring.xml b/apps/udi-stub/src/main/resources/logback-spring.xml index a17fd9b8e5a..f49b192e253 100644 --- a/apps/udi-stub/src/main/resources/logback-spring.xml +++ b/apps/udi-stub/src/main/resources/logback-spring.xml @@ -3,8 +3,6 @@ - true - -1 true diff --git a/apps/varslinger-service/build.gradle b/apps/varslinger-service/build.gradle index 4c7c5fed68e..2c5ab0be9c0 100644 --- a/apps/varslinger-service/build.gradle +++ b/apps/varslinger-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/varslinger-service/src/main/resources/application.yml b/apps/varslinger-service/src/main/resources/application.yml index f9dbbcdfd7f..0743cf2025c 100644 --- a/apps/varslinger-service/src/main/resources/application.yml +++ b/apps/varslinger-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/docker-compose.yml b/docker-compose.yml index 365d3007fbb..5454a01f6db 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,7 +9,6 @@ services: context: ./apps/altinn3-tilgang-service environment: - ALTINN_URL=http//altinn:8080 - - AZURE_APP_CLIENT_ID=dummy - AZURE_OPENID_CONFIG_ISSUER=dummy - JAVA_TOOL_OPTIONS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 - MASKINPORTEN_CLIENT_ID=dummy @@ -17,7 +16,6 @@ services: - MASKINPORTEN_SCOPES=altinn:resourceregistry/accesslist.read altinn:resourceregistry/accesslist.write altinn:accessmanagement/authorizedparties.resourceowner - MASKINPORTEN_WELL_KNOWN_URL=http://maskinporten:8080 - SPRING_PROFILES_ACTIVE=virtual - - TOKEN_X_CLIENT_ID=dev-gcp:dolly:testnav-altinn3-tilgang-service - TOKEN_X_ISSUER=http://tokendings:8080 - TOKEN_X_PRIVATE_JWK=${JWK} ports: @@ -63,7 +61,6 @@ services: build: context: ./apps/bruker-service environment: - - AZURE_APP_CLIENT_ID=dummy - AZURE_OPENID_CONFIG_ISSUER=dummy - CRYPTOGRAPHY_SECRET=dummy - JAVA_TOOL_OPTIONS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java deleted file mode 100644 index a3c33573182..00000000000 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java +++ /dev/null @@ -1,49 +0,0 @@ -package no.nav.testnav.libs.reactivesecurity.action; - -import no.nav.testnav.libs.reactivesecurity.properties.AzureAdResourceServerProperties; -import no.nav.testnav.libs.reactivesecurity.properties.ResourceServerProperties; -import no.nav.testnav.libs.reactivesecurity.properties.TokenxResourceServerProperties; -import no.nav.testnav.libs.reactivesecurity.properties.TrygdeetatenAzureAdResourceServerProperties; -import org.springframework.boot.autoconfigure.AutoConfiguration; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.context.annotation.Bean; -import org.springframework.lang.Nullable; - -import java.util.ArrayList; - -@AutoConfiguration -public class GetAuthenticatedAutoConfiguration { - - @Bean - @ConditionalOnMissingBean - GetAuthenticatedResourceServerType getAuthenticatedResourceServerType( - @Nullable AzureAdResourceServerProperties azureAdResourceServerProperties, - @Nullable TokenxResourceServerProperties tokenxResourceServerProperties, - @Nullable TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerProperties - ) { - var list = new ArrayList(3); - if (azureAdResourceServerProperties != null) { - list.add(azureAdResourceServerProperties); - } - if (tokenxResourceServerProperties != null) { - list.add(tokenxResourceServerProperties); - } - if (trygdeetatenAzureAdResourceServerProperties != null) { - list.add(trygdeetatenAzureAdResourceServerProperties); - } - return new GetAuthenticatedResourceServerType(list); - } - - @Bean - @ConditionalOnMissingBean - GetAuthenticatedToken getAuthenticatedToken(GetAuthenticatedResourceServerType getAuthenticatedResourceServerType) { - return new GetAuthenticatedToken(getAuthenticatedResourceServerType); - } - - @Bean - @ConditionalOnMissingBean - GetAuthenticatedUserId getAuthenticatedUserId(GetAuthenticatedResourceServerType getAuthenticatedResourceServerType) { - return new GetAuthenticatedUserId(getAuthenticatedResourceServerType); - } - -} diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java index decd55fd5c3..8d846ba7708 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java @@ -5,12 +5,14 @@ import no.nav.testnav.libs.securitycore.domain.ResourceServerType; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; +import org.springframework.stereotype.Component; import reactor.core.publisher.Mono; import java.util.List; import java.util.Optional; import java.util.concurrent.Callable; +@Component @RequiredArgsConstructor public class GetAuthenticatedResourceServerType extends JwtResolver implements Callable> { @@ -42,5 +44,4 @@ public Mono call() { return Mono.empty(); }); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java index c0ca5ab5201..c69106248ed 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java @@ -1,12 +1,22 @@ package no.nav.testnav.libs.reactivesecurity.action; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; import no.nav.testnav.libs.securitycore.domain.Token; +import org.springframework.http.HttpStatus; +import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; +import org.springframework.stereotype.Component; +import org.springframework.web.server.ResponseStatusException; import reactor.core.publisher.Mono; +import java.time.Instant; import java.util.concurrent.Callable; +@Component +@Slf4j @RequiredArgsConstructor public class GetAuthenticatedToken extends JwtResolver implements Callable> { @@ -35,5 +45,4 @@ public Mono call() { .build()); }); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java index 24cb659afdb..b0636ee9c7d 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java @@ -1,12 +1,16 @@ package no.nav.testnav.libs.reactivesecurity.action; import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; +import org.springframework.stereotype.Component; import reactor.core.publisher.Mono; import java.util.concurrent.Callable; +@Slf4j +@Component @RequiredArgsConstructor public class GetAuthenticatedUserId extends JwtResolver implements Callable> { @@ -23,21 +27,20 @@ public Mono call() { } private Mono getTokenAttribute(String attribute) { + return getJwtAuthenticationToken() .map(authentication -> + switch (authentication) { - case JwtAuthenticationToken jwtAuthenticationToken -> jwtAuthenticationToken - .getTokenAttributes() - .get(attribute) - .toString(); - case OAuth2AuthenticationToken oauth2AuthenticationToken -> oauth2AuthenticationToken - .getPrincipal() - .getAttributes() - .get("pid") - .toString(); + + case JwtAuthenticationToken jwtAuthenticationToken -> + jwtAuthenticationToken.getTokenAttributes().get(attribute).toString(); + + case OAuth2AuthenticationToken oauth2AuthenticationToken -> + oauth2AuthenticationToken.getPrincipal().getAttributes().get("pid").toString(); + default -> ""; } ); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java index e63e16fc9fa..f33c6c1f0f0 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java @@ -3,24 +3,37 @@ import com.fasterxml.jackson.databind.ObjectMapper; import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedToken; import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedUserId; -import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureNavTokenService; import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureTokenService; +import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureNavTokenService; import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureTrygdeetatenTokenService; import no.nav.testnav.libs.securitycore.domain.azuread.*; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Primary; +import org.springframework.context.annotation.Profile; +import org.springframework.util.Assert; -@AutoConfiguration +@AutoConfiguration(after = ClientCredentialAutoConfiguration.class) public class TokenServiceAutoConfiguration { @Value("${HTTP_PROXY:#{null}}") private String httpProxy; + @Primary + @Bean + @Profile("test") + AzureTokenService azureAdTokenServiceTest( + AzureClientCredential clientCredential, + GetAuthenticatedToken getAuthenticatedToken + ) { + return new AzureTokenService(null, clientCredential, getAuthenticatedToken); + } + @Bean @ConditionalOnDollyApplicationConfiguredForAzure - @ConditionalOnMissingBean + @ConditionalOnMissingBean(AzureTokenService.class) AzureTokenService azureAdTokenService( AzureClientCredential clientCredential, GetAuthenticatedToken getAuthenticatedToken @@ -28,18 +41,38 @@ AzureTokenService azureAdTokenService( return new AzureTokenService(httpProxy, clientCredential, getAuthenticatedToken); } + @Primary + @Bean + @Profile("test") + AzureNavTokenService azureNavTokenServiceTest( + AzureNavClientCredential azureNavClientCredential + ) { + return new AzureNavTokenService(null, azureNavClientCredential); + } + @Bean @ConditionalOnDollyApplicationConfiguredForNav - @ConditionalOnMissingBean + @ConditionalOnMissingBean(AzureNavTokenService.class) AzureNavTokenService azureNavTokenService( AzureNavClientCredential azureNavClientCredential ) { return new AzureNavTokenService(httpProxy, azureNavClientCredential); } + @Primary + @Bean + @Profile("test") + AzureTrygdeetatenTokenService trygdeetatenAzureAdTokenServiceTest( + AzureTrygdeetatenClientCredential clientCredential, + GetAuthenticatedUserId getAuthenticatedUserId, + ObjectMapper objectMapper + ) { + return new AzureTrygdeetatenTokenService(null, clientCredential, getAuthenticatedUserId, objectMapper); + } + @Bean @ConditionalOnDollyApplicationConfiguredForTrygdeetaten - @ConditionalOnMissingBean + @ConditionalOnMissingBean(AzureTrygdeetatenTokenService.class) AzureTrygdeetatenTokenService trygdeetatenAzureAdTokenService( AzureTrygdeetatenClientCredential clientCredential, GetAuthenticatedUserId getAuthenticatedUserId, diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java index d78522699b2..ea7001cafd8 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java @@ -64,5 +64,4 @@ public Mono exchange(ServerProperties serverProperties) { ).call(); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java index 29240eb5c3a..e2a93dd9abf 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java @@ -97,5 +97,4 @@ private Mono generateOnBehalfOfAccessToken(Token token, ServerPrope token ).call(); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java index 8223ccb7a7c..a6fae4111f7 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java @@ -114,5 +114,4 @@ private boolean expires(AccessToken accessToken) { .minusSeconds(300) .isBefore(Instant.now()); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java index 1fa2c8e5dbe..b2921be6aa1 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java @@ -1,12 +1,17 @@ package no.nav.testnav.libs.reactivesecurity.properties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; +@Configuration +@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.aad") +@ConditionalOnProperty("spring.security.oauth2.resourceserver.aad.issuer-uri") public class AzureAdResourceServerProperties extends ResourceServerProperties { @Override public ResourceServerType getType() { return ResourceServerType.AZURE_AD; } - } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java index 2712024cccb..d4b1cb40b34 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java @@ -9,10 +9,9 @@ @Getter @Setter public abstract class ResourceServerProperties { - private String issuerUri; + private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); - } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java deleted file mode 100644 index 0b187e20d54..00000000000 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java +++ /dev/null @@ -1,103 +0,0 @@ -package no.nav.testnav.libs.reactivesecurity.properties; - -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.autoconfigure.AutoConfiguration; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Profile; - -import java.util.List; - -// TODO: Configuration such as spring.security.oauth2.resourceserver is not part of the Spring framework, and should be moved to separate configuration, such as dolly.oauth2 or similar. - -/** - * Auto configuration for resource server properties, e.g. configuration under {@code spring.security.oauth2.resourceserver}. - * Supported properties are: - *
    - *
  • {@code spring.security.oauth2.resourceserver.aad}
    • - *
  • {@code spring.security.oauth2.resourceserver.tokenx}
    • - *
  • {@code spring.security.oauth2.resourceserver.trygdeetaten}
    • - *
- * which may each have the following properties: - *
    - *
  • {@code issuer-uri}
    • - *
  • {@code accepted-audience}
    • - *
- */ -@AutoConfiguration -public class ResourceServerPropertiesAutoConfiguration { - - @Bean - @ConditionalOnProperty({ - "spring.security.oauth2.resourceserver.aad.issuer-uri", - "spring.security.oauth2.resourceserver.aad.accepted-audience" - }) - @ConditionalOnMissingBean - AzureAdResourceServerProperties azureAdResourceServerProperties( - @Value("${spring.security.oauth2.resourceserver.aad.issuer-uri}") String issuerUri, - @Value("${spring.security.oauth2.resourceserver.aad.accepted-audience}") List acceptedAudience - ) { - var azureAdResourceServerProperties = new AzureAdResourceServerProperties(); - azureAdResourceServerProperties.setIssuerUri(issuerUri); - azureAdResourceServerProperties.setAcceptedAudience(acceptedAudience); - return azureAdResourceServerProperties; - } - - @Bean - @Profile("test") - @ConditionalOnMissingBean - AzureAdResourceServerProperties azureAdResourceServerPropertiesTest( - ) { - return null; - } - - @Bean - @ConditionalOnProperty({ - "spring.security.oauth2.resourceserver.tokenx.issuer-uri", - "spring.security.oauth2.resourceserver.tokenx.accepted-audience" - }) - @ConditionalOnMissingBean - TokenxResourceServerProperties tokenxResourceServerProperties( - @Value("${spring.security.oauth2.resourceserver.tokenx.issuer-uri}") String issuerUri, - @Value("${spring.security.oauth2.resourceserver.tokenx.accepted-audience}") List acceptedAudience - ) { - var tokenxResourceServerProperties = new TokenxResourceServerProperties(); - tokenxResourceServerProperties.setIssuerUri(issuerUri); - tokenxResourceServerProperties.setAcceptedAudience(acceptedAudience); - return tokenxResourceServerProperties; - } - - @Bean - @Profile("test") - @ConditionalOnMissingBean - TokenxResourceServerProperties tokenxResourceServerPropertiesTest( - ) { - return null; - } - - @Bean - @ConditionalOnProperty({ - "spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri", - "spring.security.oauth2.resourceserver.trygdeetaten.accepted-audience" - }) - @ConditionalOnMissingBean - TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerProperties( - @Value("${spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri}") String issuerUri, - @Value("${spring.security.oauth2.resourceserver.trygdeetaten.accepted-audience}") List acceptedAudience - ) { - var trygdeetatenAzureAdResourceServerProperties = new TrygdeetatenAzureAdResourceServerProperties(); - trygdeetatenAzureAdResourceServerProperties.setIssuerUri(issuerUri); - trygdeetatenAzureAdResourceServerProperties.setAcceptedAudience(acceptedAudience); - return trygdeetatenAzureAdResourceServerProperties; - } - - @Bean - @Profile("test") - @ConditionalOnMissingBean - TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerPropertiesTest( - ) { - return null; - } - -} diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java index b69bc06bea4..20701fb76bb 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java @@ -2,12 +2,17 @@ import no.nav.testnav.libs.securitycore.domain.ResourceServerType; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; +@Configuration +@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.tokenx") +@ConditionalOnProperty("spring.security.oauth2.resourceserver.tokenx.issuer-uri") public class TokenxResourceServerProperties extends ResourceServerProperties { @Override public ResourceServerType getType() { return ResourceServerType.TOKEN_X; } - } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java index 171d9b337be..106ff7bae5b 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java @@ -1,7 +1,13 @@ package no.nav.testnav.libs.reactivesecurity.properties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; +@Configuration +@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.trygdeetaten") +@ConditionalOnProperty("spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri") public class TrygdeetatenAzureAdResourceServerProperties extends ResourceServerProperties { @Override diff --git a/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports index 4c68dc4507a..19107bc880b 100644 --- a/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports +++ b/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -1,4 +1,2 @@ -no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedAutoConfiguration no.nav.testnav.libs.reactivesecurity.exchange.TokenServiceAutoConfiguration -no.nav.testnav.libs.reactivesecurity.jwt.ReactiveJwtAutoConfiguration -no.nav.testnav.libs.reactivesecurity.properties.ResourceServerPropertiesAutoConfiguration \ No newline at end of file +no.nav.testnav.libs.reactivesecurity.jwt.ReactiveJwtAutoConfiguration \ No newline at end of file diff --git a/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java b/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java new file mode 100644 index 00000000000..8404d648b18 --- /dev/null +++ b/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java @@ -0,0 +1,17 @@ +package no.nav.testnav.libs.reactivesessionsecurity.properties; + +import lombok.Getter; +import lombok.Setter; +import no.nav.testnav.libs.securitycore.domain.ResourceServerType; + +import java.util.List; + +@Getter +@Setter +public abstract class ResourceServerProperties { + private String issuerUri; + private String jwkSetUri; + private List acceptedAudience; + + public abstract ResourceServerType getType(); +} \ No newline at end of file diff --git a/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java b/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java index 8f52a6504f2..859ba2f4b44 100644 --- a/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java +++ b/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java @@ -9,10 +9,9 @@ @Getter @Setter public abstract class ResourceServerProperties { - private String issuerUri; + private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); - } \ No newline at end of file diff --git a/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java b/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java index 2c00f476ec6..fc38434dfe5 100644 --- a/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java +++ b/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java @@ -9,10 +9,9 @@ @Getter @Setter public abstract class ResourceServerProperties { - private String issuerUri; + private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); - } \ No newline at end of file diff --git a/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java b/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java index d808cfcdd7a..c87a598db65 100644 --- a/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java +++ b/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java @@ -34,14 +34,19 @@ private static void configureForLocalProfile(Map properties) { log.info("Configuring environment for local profile using Secret Manager"); // Emulating NAIS provided environment variables. + properties.putIfAbsent("ALTINN_URL", "${sm\\://altinn-url}"); // Used by altinn3-tilgang-service only. properties.putIfAbsent("AZURE_APP_CLIENT_ID", "${sm\\://azure-app-client-id}"); properties.putIfAbsent("AZURE_APP_CLIENT_SECRET", "${sm\\://azure-app-client-secret}"); properties.putIfAbsent("AZURE_OPENID_CONFIG_ISSUER", "${sm\\://azure-openid-config-issuer}"); properties.putIfAbsent("AZURE_OPENID_CONFIG_TOKEN_ENDPOINT", "${sm\\://azure-openid-config-token-endpoint}"); + properties.putIfAbsent("CRYPTOGRAPHY_SECRET", DUMMY); // Used by bruker-service only. + properties.putIfAbsent("JWT_SECRET", DUMMY); // Used by bruker-service only. properties.putIfAbsent("MASKINPORTEN_CLIENT_ID", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_CLIENT_JWK", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_SCOPES", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_WELL_KNOWN_URL", "${sm\\://maskinporten-well-known-url}"); // Used by tenor-search-service and altinn3-tilgang-service only. + properties.putIfAbsent("SLACK_CHANNEL", DUMMY); // Used by tilbakemelding-api only. + properties.putIfAbsent("SLACK_TOKEN", DUMMY); // Used by tilbakemelding-api only. properties.putIfAbsent("TOKEN_X_ISSUER", "${sm\\://token-x-issuer}"); } @@ -60,16 +65,12 @@ private static void configureForTestProfile(Map properties) { "ALTINN_API_KEY", "ALTINN_URL", - "AZURE_APP_CLIENT_ID", - "AZURE_APP_CLIENT_SECRET", - "AZURE_NAV_APP_CLIENT_ID", - "AZURE_NAV_APP_CLIENT_SECRET", - "AZURE_NAV_OPENID_CONFIG_TOKEN_ENDPOINT", "AZURE_OPENID_CONFIG_ISSUER", "AZURE_OPENID_CONFIG_TOKEN_ENDPOINT", - "AZURE_TRYGDEETATEN_APP_CLIENT_ID", - "AZURE_TRYGDEETATEN_APP_CLIENT_SECRET", - "AZURE_TRYGDEETATEN_OPENID_CONFIG_TOKEN_ENDPOINT", + "CRYPTOGRAPHY_SECRET", // Used by bruker-service only. + "IDPORTEN_CLIENT_ID", // Used by dolly-frontend only. + "IDPORTEN_CLIENT_JWK", // Used by dolly-frontend only. + "JWT_SECRET", // Used by bruker-service only. "MASKINPORTEN_CLIENT_ID", "MASKINPORTEN_CLIENT_JWK", "MASKINPORTEN_SCOPES", diff --git a/mocks/tokendings-mock/src/main/resources/application.yml b/mocks/tokendings-mock/src/main/resources/application.yml index d13ac2f473c..d1ff1941b4a 100644 --- a/mocks/tokendings-mock/src/main/resources/application.yml +++ b/mocks/tokendings-mock/src/main/resources/application.yml @@ -1,7 +1,3 @@ spring: application: - name: tokendings-mock - cloud: - gcp: - secretmanager: - enabled: false \ No newline at end of file + name: tokendings-mock \ No newline at end of file diff --git a/plugins/java/src/main/groovy/dolly-apps.gradle b/plugins/java/src/main/groovy/dolly-apps.gradle index 3db5694cd29..446313b0c82 100644 --- a/plugins/java/src/main/groovy/dolly-apps.gradle +++ b/plugins/java/src/main/groovy/dolly-apps.gradle @@ -23,6 +23,7 @@ dependencies { implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" + implementation "no.nav.testnav.libs:testing" implementation "org.hibernate.validator:hibernate-validator" implementation "org.projectlombok:lombok" implementation "org.springframework.boot:spring-boot-starter-actuator" diff --git a/plugins/java/src/main/groovy/dolly-proxies.gradle b/plugins/java/src/main/groovy/dolly-proxies.gradle index 49e56913c03..cba8c898edb 100644 --- a/plugins/java/src/main/groovy/dolly-proxies.gradle +++ b/plugins/java/src/main/groovy/dolly-proxies.gradle @@ -25,6 +25,7 @@ dependencies { implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-proxy" + implementation "no.nav.testnav.libs:testing" implementation "org.hibernate.validator:hibernate-validator" implementation "org.projectlombok:lombok" implementation "org.springframework.boot:spring-boot-starter-actuator" diff --git a/proxies/aareg-proxy/build.gradle b/proxies/aareg-proxy/build.gradle index e4cdb8c46a6..bc14357ff77 100644 --- a/proxies/aareg-proxy/build.gradle +++ b/proxies/aareg-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/aareg-proxy/src/main/resources/application.yml b/proxies/aareg-proxy/src/main/resources/application.yml index 48dfb6de3b1..bfcfa930bac 100644 --- a/proxies/aareg-proxy/src/main/resources/application.yml +++ b/proxies/aareg-proxy/src/main/resources/application.yml @@ -6,7 +6,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/aareg-synt-services-proxy/build.gradle b/proxies/aareg-synt-services-proxy/build.gradle index 8f455a7c2cf..7d905e49431 100644 --- a/proxies/aareg-synt-services-proxy/build.gradle +++ b/proxies/aareg-synt-services-proxy/build.gradle @@ -7,8 +7,4 @@ sonarqube { property "sonar.projectKey", "aareg-synt-services-proxy" property "sonar.projectName", "aareg-synt-services-proxy" } -} - -dependencies { - implementation "no.nav.testnav.libs:testing" } \ No newline at end of file diff --git a/proxies/aareg-synt-services-proxy/src/main/resources/application.yml b/proxies/aareg-synt-services-proxy/src/main/resources/application.yml index 63e92dfbb43..3df302f75c4 100644 --- a/proxies/aareg-synt-services-proxy/src/main/resources/application.yml +++ b/proxies/aareg-synt-services-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/altinn3-tilgang-proxy/build.gradle b/proxies/altinn3-tilgang-proxy/build.gradle index 10a56b450ca..6ec916b1237 100644 --- a/proxies/altinn3-tilgang-proxy/build.gradle +++ b/proxies/altinn3-tilgang-proxy/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-proxy" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml b/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml index d6f3df1bd1e..1b447904a0e 100644 --- a/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml +++ b/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arbeidsplassencv-proxy/build.gradle b/proxies/arbeidsplassencv-proxy/build.gradle index df1e87aec60..fbe4e0b832c 100644 --- a/proxies/arbeidsplassencv-proxy/build.gradle +++ b/proxies/arbeidsplassencv-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml b/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml index 7437efb3360..396bd983fbb 100644 --- a/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml +++ b/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arbeidssoekerregisteret-proxy/build.gradle b/proxies/arbeidssoekerregisteret-proxy/build.gradle index e3354b645b6..0f2bb3608a1 100644 --- a/proxies/arbeidssoekerregisteret-proxy/build.gradle +++ b/proxies/arbeidssoekerregisteret-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml b/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml index 44cf41f4cc0..5c48fdc67e6 100644 --- a/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml +++ b/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arena-forvalteren-proxy/build.gradle b/proxies/arena-forvalteren-proxy/build.gradle index f18cbc8785c..e4db3059397 100644 --- a/proxies/arena-forvalteren-proxy/build.gradle +++ b/proxies/arena-forvalteren-proxy/build.gradle @@ -12,5 +12,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/arena-forvalteren-proxy/src/main/resources/application.yml b/proxies/arena-forvalteren-proxy/src/main/resources/application.yml index 3d765103d0d..6b83ff72acb 100644 --- a/proxies/arena-forvalteren-proxy/src/main/resources/application.yml +++ b/proxies/arena-forvalteren-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/batch-adeo-proxy/build.gradle b/proxies/batch-adeo-proxy/build.gradle index c06cd6698c9..12df8fce778 100644 --- a/proxies/batch-adeo-proxy/build.gradle +++ b/proxies/batch-adeo-proxy/build.gradle @@ -8,7 +8,3 @@ sonarqube { property "sonar.projectName", "testnorge-batch-adeo-proxy" } } - -dependencies { - implementation "no.nav.testnav.libs:testing" -} diff --git a/proxies/batch-adeo-proxy/src/main/resources/application.yml b/proxies/batch-adeo-proxy/src/main/resources/application.yml index 539889845a8..8127a1a9ab8 100644 --- a/proxies/batch-adeo-proxy/src/main/resources/application.yml +++ b/proxies/batch-adeo-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/brregstub-proxy/build.gradle b/proxies/brregstub-proxy/build.gradle index 2139718e5fc..017d06d43ea 100644 --- a/proxies/brregstub-proxy/build.gradle +++ b/proxies/brregstub-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/brregstub-proxy/src/main/resources/application.yml b/proxies/brregstub-proxy/src/main/resources/application.yml index d76e621ed4e..ec307da4b84 100644 --- a/proxies/brregstub-proxy/src/main/resources/application.yml +++ b/proxies/brregstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/dokarkiv-proxy/build.gradle b/proxies/dokarkiv-proxy/build.gradle index f0521df929e..a70fae5d3e5 100644 --- a/proxies/dokarkiv-proxy/build.gradle +++ b/proxies/dokarkiv-proxy/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/dokarkiv-proxy/src/main/resources/application.yml b/proxies/dokarkiv-proxy/src/main/resources/application.yml index 45f30d41cdb..a68feea15c5 100644 --- a/proxies/dokarkiv-proxy/src/main/resources/application.yml +++ b/proxies/dokarkiv-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/ereg-proxy/build.gradle b/proxies/ereg-proxy/build.gradle index 9cd0b4b3634..baf9c76e4b9 100644 --- a/proxies/ereg-proxy/build.gradle +++ b/proxies/ereg-proxy/build.gradle @@ -8,7 +8,3 @@ sonarqube { property "sonar.projectName", "testnav-ereg-proxy" } } - -dependencies { - implementation "no.nav.testnav.libs:testing" -} diff --git a/proxies/ereg-proxy/src/main/resources/application.yml b/proxies/ereg-proxy/src/main/resources/application.yml index dc0466df84a..f08ac6a0323 100644 --- a/proxies/ereg-proxy/src/main/resources/application.yml +++ b/proxies/ereg-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/fullmakt-proxy/build.gradle b/proxies/fullmakt-proxy/build.gradle index d443c75dcd4..dfc055280c0 100644 --- a/proxies/fullmakt-proxy/build.gradle +++ b/proxies/fullmakt-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/histark-proxy/build.gradle b/proxies/histark-proxy/build.gradle index 260b23ab8bc..e77cab21cd2 100644 --- a/proxies/histark-proxy/build.gradle +++ b/proxies/histark-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/histark-proxy/src/main/resources/application.yml b/proxies/histark-proxy/src/main/resources/application.yml index b8c751f278d..98fb18c7983 100644 --- a/proxies/histark-proxy/src/main/resources/application.yml +++ b/proxies/histark-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/inntektstub-proxy/build.gradle b/proxies/inntektstub-proxy/build.gradle index 4febca762cf..2b0947f58d0 100644 --- a/proxies/inntektstub-proxy/build.gradle +++ b/proxies/inntektstub-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/inntektstub-proxy/src/main/resources/application.yml b/proxies/inntektstub-proxy/src/main/resources/application.yml index a4e1d6c3a71..58e31a734b6 100644 --- a/proxies/inntektstub-proxy/src/main/resources/application.yml +++ b/proxies/inntektstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/inst-proxy/build.gradle b/proxies/inst-proxy/build.gradle index 3560e67b8dc..001bbf62428 100644 --- a/proxies/inst-proxy/build.gradle +++ b/proxies/inst-proxy/build.gradle @@ -13,5 +13,4 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" } \ No newline at end of file diff --git a/proxies/inst-proxy/src/main/resources/application.yml b/proxies/inst-proxy/src/main/resources/application.yml index ecc17c9d286..41c31d4446f 100644 --- a/proxies/inst-proxy/src/main/resources/application.yml +++ b/proxies/inst-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/kontoregister-person-proxy/build.gradle b/proxies/kontoregister-person-proxy/build.gradle index 97d57dc1540..516d518b93a 100644 --- a/proxies/kontoregister-person-proxy/build.gradle +++ b/proxies/kontoregister-person-proxy/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/kontoregister-person-proxy/src/main/resources/application.yml b/proxies/kontoregister-person-proxy/src/main/resources/application.yml index 42ac63a3251..efb36e9b16d 100644 --- a/proxies/kontoregister-person-proxy/src/main/resources/application.yml +++ b/proxies/kontoregister-person-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/krrstub-proxy/build.gradle b/proxies/krrstub-proxy/build.gradle index 750236e8d79..c1e2ce31706 100644 --- a/proxies/krrstub-proxy/build.gradle +++ b/proxies/krrstub-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/krrstub-proxy/src/main/resources/application.yml b/proxies/krrstub-proxy/src/main/resources/application.yml index bda6590b667..2bb6c48a788 100644 --- a/proxies/krrstub-proxy/src/main/resources/application.yml +++ b/proxies/krrstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/medl-proxy/build.gradle b/proxies/medl-proxy/build.gradle index fff39aab17a..88115d2aa7b 100644 --- a/proxies/medl-proxy/build.gradle +++ b/proxies/medl-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/medl-proxy/src/main/resources/application.yml b/proxies/medl-proxy/src/main/resources/application.yml index 47b6ae0d411..5917152982f 100644 --- a/proxies/medl-proxy/src/main/resources/application.yml +++ b/proxies/medl-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/norg2-proxy/build.gradle b/proxies/norg2-proxy/build.gradle index 6851bb606f9..414d34ac1e3 100644 --- a/proxies/norg2-proxy/build.gradle +++ b/proxies/norg2-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/norg2-proxy/src/main/resources/application.yml b/proxies/norg2-proxy/src/main/resources/application.yml index e440f3fb8ff..6524f4f2ff6 100644 --- a/proxies/norg2-proxy/src/main/resources/application.yml +++ b/proxies/norg2-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/pdl-proxy/build.gradle b/proxies/pdl-proxy/build.gradle index 53aeea80b10..b88f07def05 100644 --- a/proxies/pdl-proxy/build.gradle +++ b/proxies/pdl-proxy/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/pdl-proxy/src/main/resources/application.yml b/proxies/pdl-proxy/src/main/resources/application.yml index 670f0a384bc..3ceee0ee89f 100644 --- a/proxies/pdl-proxy/src/main/resources/application.yml +++ b/proxies/pdl-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/pensjon-testdata-facade-proxy/build.gradle b/proxies/pensjon-testdata-facade-proxy/build.gradle index 8e6a15b8f00..c4710ef518d 100644 --- a/proxies/pensjon-testdata-facade-proxy/build.gradle +++ b/proxies/pensjon-testdata-facade-proxy/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml index 04650326219..c9e0eaaebf1 100644 --- a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml +++ b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} cloud: gateway: httpclient: diff --git a/proxies/saf-proxy/build.gradle b/proxies/saf-proxy/build.gradle index 0584ef5f32e..ceba6e612a2 100644 --- a/proxies/saf-proxy/build.gradle +++ b/proxies/saf-proxy/build.gradle @@ -13,5 +13,4 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/saf-proxy/src/main/resources/application.yml b/proxies/saf-proxy/src/main/resources/application.yml index 48f28386541..f487b0a263f 100644 --- a/proxies/saf-proxy/src/main/resources/application.yml +++ b/proxies/saf-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/sigrunstub-proxy/build.gradle b/proxies/sigrunstub-proxy/build.gradle index e0dd09380c0..b6c1e5e936a 100644 --- a/proxies/sigrunstub-proxy/build.gradle +++ b/proxies/sigrunstub-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/sigrunstub-proxy/src/main/resources/application.yml b/proxies/sigrunstub-proxy/src/main/resources/application.yml index e7837bc80a6..0f6542d1626 100644 --- a/proxies/sigrunstub-proxy/src/main/resources/application.yml +++ b/proxies/sigrunstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/skjermingsregister-proxy/build.gradle b/proxies/skjermingsregister-proxy/build.gradle index b7c6c17e61a..920b573d608 100644 --- a/proxies/skjermingsregister-proxy/build.gradle +++ b/proxies/skjermingsregister-proxy/build.gradle @@ -10,10 +10,9 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:testing" - implementation 'no.nav.testnav.libs:data-transfer-objects' - implementation 'no.nav.testnav.libs:reactive-security' implementation 'no.nav.testnav.libs:security-core' + implementation 'no.nav.testnav.libs:reactive-security' + implementation 'no.nav.testnav.libs:data-transfer-objects' testImplementation 'org.springframework.security:spring-security-test' } diff --git a/proxies/skjermingsregister-proxy/src/main/resources/application.yml b/proxies/skjermingsregister-proxy/src/main/resources/application.yml index a5f98abea94..2f08d4b8909 100644 --- a/proxies/skjermingsregister-proxy/src/main/resources/application.yml +++ b/proxies/skjermingsregister-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/sykemelding-proxy/build.gradle b/proxies/sykemelding-proxy/build.gradle index 77ba5d43b4e..748b5a264f1 100644 --- a/proxies/sykemelding-proxy/build.gradle +++ b/proxies/sykemelding-proxy/build.gradle @@ -10,10 +10,9 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" + implementation 'no.nav.testnav.libs:security-core' + implementation 'no.nav.testnav.libs:reactive-security' + implementation 'no.nav.testnav.libs:data-transfer-objects' - testImplementation "org.springframework.security:spring-security-test" + testImplementation 'org.springframework.security:spring-security-test' } diff --git a/proxies/synthdata-meldekort-proxy/build.gradle b/proxies/synthdata-meldekort-proxy/build.gradle index 5123d9432b0..66ce73cf9ae 100644 --- a/proxies/synthdata-meldekort-proxy/build.gradle +++ b/proxies/synthdata-meldekort-proxy/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } \ No newline at end of file diff --git a/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml b/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml index 81e3c4d967b..8d9b1938bb0 100644 --- a/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml +++ b/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: trygdeetaten: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} codec: max-in-memory-size: 15MB cloud: diff --git a/proxies/udistub-proxy/build.gradle b/proxies/udistub-proxy/build.gradle index c60013cd596..e309c212e92 100644 --- a/proxies/udistub-proxy/build.gradle +++ b/proxies/udistub-proxy/build.gradle @@ -10,8 +10,7 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" + implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:data-transfer-objects" } diff --git a/proxies/udistub-proxy/src/main/resources/application.yml b/proxies/udistub-proxy/src/main/resources/application.yml index ba26d48bd34..7964c5d4848 100644 --- a/proxies/udistub-proxy/src/main/resources/application.yml +++ b/proxies/udistub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/yrkesskade-proxy/build.gradle b/proxies/yrkesskade-proxy/build.gradle index d306c2a1907..8ed97fe8337 100644 --- a/proxies/yrkesskade-proxy/build.gradle +++ b/proxies/yrkesskade-proxy/build.gradle @@ -12,5 +12,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/yrkesskade-proxy/src/main/resources/application.yml b/proxies/yrkesskade-proxy/src/main/resources/application.yml index 39cd187f4ec..62a44b12d4f 100644 --- a/proxies/yrkesskade-proxy/src/main/resources/application.yml +++ b/proxies/yrkesskade-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} cloud: gateway: httpclient: From 2b9c829b715bb37a94b7443d7766b0b1b2243371 Mon Sep 17 00:00:00 2001 From: Cato Olsen Date: Wed, 26 Feb 2025 08:22:21 +0100 Subject: [PATCH 05/13] Added more logging/asserts for resolving token handling. --- .../action/GetAuthenticatedResourceServerType.java | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java index 8d846ba7708..d0cd0d617d6 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java @@ -1,6 +1,7 @@ package no.nav.testnav.libs.reactivesecurity.action; import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; import no.nav.testnav.libs.reactivesecurity.properties.ResourceServerProperties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; @@ -14,6 +15,7 @@ @Component @RequiredArgsConstructor +@Slf4j public class GetAuthenticatedResourceServerType extends JwtResolver implements Callable> { private final List resourceServerProperties; @@ -21,9 +23,16 @@ public class GetAuthenticatedResourceServerType extends JwtResolver implements C private Optional getResourceTypeForm(JwtAuthenticationToken token) { return resourceServerProperties .stream() - .filter(properties -> properties + .filter(properties -> { + log.info("Configured issuer: {}", properties.getIssuerUri()); + assert token != null; + assert token.getToken() != null; + assert token.getToken().getIssuer() != null; + assert token.getToken().getIssuer().toString() != null; + log.info("Token issuer: {}", token.getToken().getIssuer().toString()); + return properties .getIssuerUri() - .equalsIgnoreCase(token.getToken().getIssuer().toString())) + .equalsIgnoreCase(token.getToken().getIssuer().toString()); }) .findFirst() .map(ResourceServerProperties::getType); } From 0e61064870436dec920d273201de113bcf943b15 Mon Sep 17 00:00:00 2001 From: Cato Olsen Date: Wed, 26 Feb 2025 09:30:23 +0100 Subject: [PATCH 06/13] Removes asserts to avoid problems, adds logging for paranoia. --- .../GetAuthenticatedResourceServerType.java | 21 ++++++++++++------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java index d0cd0d617d6..ada4a4d6068 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java @@ -24,15 +24,20 @@ private Optional getResourceTypeForm(JwtAuthenticationToken return resourceServerProperties .stream() .filter(properties -> { - log.info("Configured issuer: {}", properties.getIssuerUri()); - assert token != null; - assert token.getToken() != null; - assert token.getToken().getIssuer() != null; - assert token.getToken().getIssuer().toString() != null; - log.info("Token issuer: {}", token.getToken().getIssuer().toString()); + if (token == null) { + log.error("Token is null"); + } + if (token.getToken() == null) { + log.error("Token.getToken() is null"); + } + if (token.getToken().getIssuer() == null) { + log.error("Token.getToken().getIssuer() is null"); + } + log.info("Configured issuer, token issuer: {}, {}", properties.getIssuerUri(), token.getToken().getIssuer().toString()); return properties - .getIssuerUri() - .equalsIgnoreCase(token.getToken().getIssuer().toString()); }) + .getIssuerUri() + .equalsIgnoreCase(token.getToken().getIssuer().toString()); + }) .findFirst() .map(ResourceServerProperties::getType); } From 5adcfacbf95d83222b2d88a9cdd0429ab980a2e7 Mon Sep 17 00:00:00 2001 From: Cato Olsen Date: Wed, 26 Feb 2025 10:20:17 +0100 Subject: [PATCH 07/13] cleanup/vault_autoconfigured (#3766) * Normalizing import statements. * Refactored Vault code as autoconfigured beans. * Removed unnecessary @Import statements related to Vault autoconfiguration. * Fixed dependencies. * Now getting datasource URL from Spring DataSource config, not from Vault Database config. * Removed explicit imports to avoid polluting application context (which is autoconfigured in the actual apps, but not understood by IntelliJ). * Removed hanging comment. * Reenabled DataSourceProperties, VaultDatabaseProperties. --- .../no/nav/brregstub/config/AppConfig.java | 6 +- .../src/main/resources/application-prod.yml | 5 +- .../sdforvalter/config/DbProdConfig.java | 17 ----- .../src/main/resources/application-prod.yml | 2 +- .../java/no/nav/udistub/config/AppConfig.java | 6 +- .../src/main/resources/application-prod.yml | 4 +- libs/vault/build.gradle | 5 +- .../VaultDatabaseAutoConfiguration.java | 76 +++++++++++++++++++ .../VaultFlywayConfigurationCustomizer.java | 40 ++++++++++ .../database/config/FlywayConfiguration.java | 44 ----------- .../config/VaultHikariConfiguration.java | 57 -------------- ...ot.autoconfigure.AutoConfiguration.imports | 1 + 12 files changed, 126 insertions(+), 137 deletions(-) delete mode 100644 apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/config/DbProdConfig.java create mode 100644 libs/vault/src/main/java/no/nav/dolly/libs/vault/database/VaultDatabaseAutoConfiguration.java create mode 100644 libs/vault/src/main/java/no/nav/dolly/libs/vault/database/VaultFlywayConfigurationCustomizer.java delete mode 100644 libs/vault/src/main/java/no/nav/testnav/libs/database/config/FlywayConfiguration.java delete mode 100644 libs/vault/src/main/java/no/nav/testnav/libs/database/config/VaultHikariConfiguration.java create mode 100644 libs/vault/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports diff --git a/apps/brreg-stub/src/main/java/no/nav/brregstub/config/AppConfig.java b/apps/brreg-stub/src/main/java/no/nav/brregstub/config/AppConfig.java index 0460469fb27..1d2ba46a107 100644 --- a/apps/brreg-stub/src/main/java/no/nav/brregstub/config/AppConfig.java +++ b/apps/brreg-stub/src/main/java/no/nav/brregstub/config/AppConfig.java @@ -6,16 +6,12 @@ import org.springframework.data.jpa.repository.config.EnableJpaRepositories; import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig; -import no.nav.testnav.libs.database.config.FlywayConfiguration; -import no.nav.testnav.libs.database.config.VaultHikariConfiguration; @Configuration @EnableJpaAuditing @EnableJpaRepositories(basePackages = "no.nav.brregstub.database.repository") @Import({ - ApplicationCoreConfig.class, - VaultHikariConfiguration.class, - FlywayConfiguration.class, + ApplicationCoreConfig.class }) public class AppConfig { } diff --git a/apps/brreg-stub/src/main/resources/application-prod.yml b/apps/brreg-stub/src/main/resources/application-prod.yml index 9cb104eb99f..82462e8ea15 100644 --- a/apps/brreg-stub/src/main/resources/application-prod.yml +++ b/apps/brreg-stub/src/main/resources/application-prod.yml @@ -1,5 +1,6 @@ - spring: + config: + import: "vault://" flyway: locations: classpath:db/migration/postgresql datasource: @@ -30,5 +31,3 @@ spring: role: testnav-brregstub-admin backend: postgresql/preprod-fss fail-fast: true - config: - import: vault:// diff --git a/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/config/DbProdConfig.java b/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/config/DbProdConfig.java deleted file mode 100644 index 4a5034cb62f..00000000000 --- a/apps/testnorge-statisk-data-forvalter/src/main/java/no/nav/registre/sdforvalter/config/DbProdConfig.java +++ /dev/null @@ -1,17 +0,0 @@ -package no.nav.registre.sdforvalter.config; - -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.context.annotation.Profile; - -import no.nav.testnav.libs.database.config.FlywayConfiguration; -import no.nav.testnav.libs.database.config.VaultHikariConfiguration; - -@Profile("prod") -@Import({ - VaultHikariConfiguration.class, - FlywayConfiguration.class, -}) -@Configuration -public class DbProdConfig { -} diff --git a/apps/testnorge-statisk-data-forvalter/src/main/resources/application-prod.yml b/apps/testnorge-statisk-data-forvalter/src/main/resources/application-prod.yml index f1797b7c158..70101010b7c 100644 --- a/apps/testnorge-statisk-data-forvalter/src/main/resources/application-prod.yml +++ b/apps/testnorge-statisk-data-forvalter/src/main/resources/application-prod.yml @@ -1,6 +1,6 @@ spring: config: - import: vault:// + import: "vault://" datasource: url: jdbc:postgresql://b27dbvl032.preprod.local:5432/testnav-statisk-data?useUnicode=yes&characterEncoding=UTF-8 hikari: diff --git a/apps/udi-stub/src/main/java/no/nav/udistub/config/AppConfig.java b/apps/udi-stub/src/main/java/no/nav/udistub/config/AppConfig.java index 9946964f300..6a66df8c90b 100644 --- a/apps/udi-stub/src/main/java/no/nav/udistub/config/AppConfig.java +++ b/apps/udi-stub/src/main/java/no/nav/udistub/config/AppConfig.java @@ -1,16 +1,12 @@ package no.nav.udistub.config; -import no.nav.testnav.libs.database.config.FlywayConfiguration; -import no.nav.testnav.libs.database.config.VaultHikariConfiguration; import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Import; @Configuration @Import({ - ApplicationCoreConfig.class, - FlywayConfiguration.class, - VaultHikariConfiguration.class + ApplicationCoreConfig.class }) public class AppConfig { diff --git a/apps/udi-stub/src/main/resources/application-prod.yml b/apps/udi-stub/src/main/resources/application-prod.yml index 70c46e646f7..954002062de 100644 --- a/apps/udi-stub/src/main/resources/application-prod.yml +++ b/apps/udi-stub/src/main/resources/application-prod.yml @@ -1,4 +1,6 @@ spring: + config: + import: "vault://" datasource: url: jdbc:postgresql://b27dbvl032.preprod.local:5432/testnav-udistub?autoReconnect=true&useSSL=false hikari: @@ -23,8 +25,6 @@ spring: backend: postgresql/preprod-fss role: testnav-udistub-admin enabled: true - config: - import: vault:// security: oauth2: resourceserver: diff --git a/libs/vault/build.gradle b/libs/vault/build.gradle index e524b72f38a..562d3fe24d8 100644 --- a/libs/vault/build.gradle +++ b/libs/vault/build.gradle @@ -3,11 +3,10 @@ plugins { } dependencies { - api "org.springframework.cloud:spring-cloud-starter-vault-config" - implementation "org.springframework.boot:spring-boot-starter-data-jpa" + implementation "org.springframework.cloud:spring-cloud-vault-config-databases" - + implementation "org.flywaydb:flyway-core" implementation "org.flywaydb:flyway-database-postgresql" } \ No newline at end of file diff --git a/libs/vault/src/main/java/no/nav/dolly/libs/vault/database/VaultDatabaseAutoConfiguration.java b/libs/vault/src/main/java/no/nav/dolly/libs/vault/database/VaultDatabaseAutoConfiguration.java new file mode 100644 index 00000000000..f0a42d9e16f --- /dev/null +++ b/libs/vault/src/main/java/no/nav/dolly/libs/vault/database/VaultDatabaseAutoConfiguration.java @@ -0,0 +1,76 @@ +package no.nav.dolly.libs.vault.database; + +import com.zaxxer.hikari.HikariDataSource; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.boot.autoconfigure.AutoConfiguration; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.autoconfigure.flyway.FlywayConfigurationCustomizer; +import org.springframework.boot.autoconfigure.jdbc.DataSourceProperties; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.cloud.vault.config.databases.VaultDatabaseProperties; +import org.springframework.context.annotation.Bean; +import org.springframework.vault.core.VaultTemplate; +import org.springframework.vault.core.lease.SecretLeaseContainer; +import org.springframework.vault.core.lease.domain.RequestedSecret; +import org.springframework.vault.core.lease.event.SecretLeaseCreatedEvent; + +@AutoConfiguration +@ConditionalOnProperty("spring.cloud.vault.database.enabled") +@RequiredArgsConstructor +@EnableConfigurationProperties({ + DataSourceProperties.class, + VaultDatabaseProperties.class +}) +@Slf4j +public class VaultDatabaseAutoConfiguration implements InitializingBean { + + private final DataSourceProperties dataSourceProperties; + + @SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection") + private final HikariDataSource dataSource; + + @SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection") + private final SecretLeaseContainer container; + + private final VaultDatabaseProperties vaultDatabaseProperties; + + @SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection") + private final VaultTemplate vault; + + /** + * Setup a rotating lease for the database credentials in Vault. + * Not configurable as a bean. + */ + @Override + public void afterPropertiesSet() { + + var secret = RequestedSecret.rotating(vaultDatabaseProperties.getBackend() + "/creds/" + vaultDatabaseProperties.getRole()); + log.info("Setup vault lease for {}", secret); + container + .addLeaseListener( + event -> { + log.info("Triggering on event: {}", event); + if (event.getSource() == secret && event instanceof SecretLeaseCreatedEvent lease) { + log.info("Rotating username/password on event: {}", event); + var username = lease.getSecrets().get("username").toString(); + var password = lease.getSecrets().get("password").toString(); + dataSource.setUsername(username); + dataSource.setPassword(password); + if (dataSource.getHikariPoolMXBean() != null) { + dataSource.getHikariPoolMXBean().softEvictConnections(); + } + + } + }); + container.addRequestedSecret(secret); + + } + + @Bean + FlywayConfigurationCustomizer flywayConfigurationCustomizer() { + return new VaultFlywayConfigurationCustomizer(vault, dataSourceProperties, vaultDatabaseProperties); + } + +} diff --git a/libs/vault/src/main/java/no/nav/dolly/libs/vault/database/VaultFlywayConfigurationCustomizer.java b/libs/vault/src/main/java/no/nav/dolly/libs/vault/database/VaultFlywayConfigurationCustomizer.java new file mode 100644 index 00000000000..857a56492ff --- /dev/null +++ b/libs/vault/src/main/java/no/nav/dolly/libs/vault/database/VaultFlywayConfigurationCustomizer.java @@ -0,0 +1,40 @@ +package no.nav.dolly.libs.vault.database; + +import lombok.AccessLevel; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.flywaydb.core.api.configuration.FluentConfiguration; +import org.springframework.boot.autoconfigure.flyway.FlywayConfigurationCustomizer; +import org.springframework.boot.autoconfigure.jdbc.DataSourceProperties; +import org.springframework.cloud.vault.config.databases.VaultDatabaseProperties; +import org.springframework.vault.core.VaultTemplate; +import org.springframework.vault.support.VaultResponse; + +import java.util.Optional; + +@RequiredArgsConstructor(access = AccessLevel.PACKAGE) +@Slf4j +class VaultFlywayConfigurationCustomizer implements FlywayConfigurationCustomizer { + + private final VaultTemplate vault; + private final DataSourceProperties dataSourceProperties; + private final VaultDatabaseProperties vaultDatabaseProperties; + + @Override + public void customize(FluentConfiguration configuration) { + + var secretPath = "%s/creds/%s".formatted(vaultDatabaseProperties.getBackend(), vaultDatabaseProperties.getRole()); + var response = Optional + .of(vault.read(secretPath)) + .map(VaultResponse::getData) + .orElseThrow(() -> new IllegalStateException("Could not read credentials from Vault path %s".formatted(secretPath))); + var username = response.get("username").toString(); + var password = response.get("password").toString(); + configuration + .dataSource(dataSourceProperties.getUrl(), username, password) + .initSql("SET ROLE \"%s\"".formatted(vaultDatabaseProperties.getRole())); + log.info("Flyway configured with credentials from Vault path {}", secretPath); + + } + +} diff --git a/libs/vault/src/main/java/no/nav/testnav/libs/database/config/FlywayConfiguration.java b/libs/vault/src/main/java/no/nav/testnav/libs/database/config/FlywayConfiguration.java deleted file mode 100644 index 116891c47e5..00000000000 --- a/libs/vault/src/main/java/no/nav/testnav/libs/database/config/FlywayConfiguration.java +++ /dev/null @@ -1,44 +0,0 @@ -package no.nav.testnav.libs.database.config; - -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.boot.autoconfigure.flyway.FlywayConfigurationCustomizer; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.vault.core.VaultOperations; -import org.springframework.vault.support.VaultResponse; - -import java.util.Optional; - -import static java.lang.String.format; - -@Slf4j -@Configuration -@ConditionalOnProperty("spring.cloud.vault.database.enabled") -public class FlywayConfiguration { - - @Bean - public FlywayConfigurationCustomizer flywayConfig( - VaultOperations vaultOperations, - @Value("${spring.cloud.vault.database.role}") String role, - @Value("${spring.cloud.vault.database.backend}") String backend, - @Value("${spring.datasource.url}") String url - ) { - return configuration -> { - var secretPath = format("%s/creds/%s", backend, role); - var vaultResponse = Optional.ofNullable(vaultOperations.read(secretPath)) - .map(VaultResponse::getData) - .orElseThrow(() -> new IllegalStateException( - format("Could not read credentials from Vault. Credential path: %s", secretPath))); - - var username = vaultResponse.get("username").toString(); - var password = vaultResponse.get("password").toString(); - - configuration - .dataSource(url, username, password) - .initSql(format("SET ROLE \"%s\"", role)); - log.info("Flyway configured. With secret path {}", secretPath); - }; - } -} diff --git a/libs/vault/src/main/java/no/nav/testnav/libs/database/config/VaultHikariConfiguration.java b/libs/vault/src/main/java/no/nav/testnav/libs/database/config/VaultHikariConfiguration.java deleted file mode 100644 index 9042dd4bea6..00000000000 --- a/libs/vault/src/main/java/no/nav/testnav/libs/database/config/VaultHikariConfiguration.java +++ /dev/null @@ -1,57 +0,0 @@ -package no.nav.testnav.libs.database.config; - -import com.zaxxer.hikari.HikariDataSource; -import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.InitializingBean; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.context.annotation.Configuration; -import org.springframework.vault.core.lease.SecretLeaseContainer; -import org.springframework.vault.core.lease.domain.RequestedSecret; -import org.springframework.vault.core.lease.event.SecretLeaseCreatedEvent; - -@Slf4j -@Configuration -@ConditionalOnProperty("spring.cloud.vault.database.enabled") -public class VaultHikariConfiguration implements InitializingBean { - - private final SecretLeaseContainer container; - private final HikariDataSource hikariDataSource; - private final String role; - private final String backend; - - public VaultHikariConfiguration( - SecretLeaseContainer container, - @Value("${spring.cloud.vault.database.role}") String role, - @Value("${spring.cloud.vault.database.backend}") String backend, - HikariDataSource hikariDataSource) { - this.role = role; - this.backend = backend; - this.container = container; - this.hikariDataSource = hikariDataSource; - } - - @Override - public void afterPropertiesSet() { - RequestedSecret secret = RequestedSecret.rotating(backend + "/creds/" + role); - log.info("Setup vault lease for {}", secret); - - container.addLeaseListener(leaseEvent -> { - log.info("Vault: Lease Event: {}", leaseEvent); - if (leaseEvent.getSource() == secret && leaseEvent instanceof SecretLeaseCreatedEvent lease) { - log.info("Roterer brukernavn/passord for: {}", leaseEvent); - - var username = lease.getSecrets().get("username").toString(); - var password = lease.getSecrets().get("password").toString(); - hikariDataSource.setUsername(username); - hikariDataSource.setPassword(password); - if (hikariDataSource.getHikariPoolMXBean() != null) { - hikariDataSource.getHikariPoolMXBean().softEvictConnections(); - } - - } - }); - container.addRequestedSecret(secret); - } - -} \ No newline at end of file diff --git a/libs/vault/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/libs/vault/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports new file mode 100644 index 00000000000..41e3871dca3 --- /dev/null +++ b/libs/vault/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -0,0 +1 @@ +no.nav.dolly.libs.vault.database.VaultDatabaseAutoConfiguration \ No newline at end of file From ce5f305bf8f0482551f638cd94c44ae195f3de41 Mon Sep 17 00:00:00 2001 From: Cato Olsen Date: Wed, 26 Feb 2025 19:38:16 +0100 Subject: [PATCH 08/13] bugfix/getgeneratedresourceservertype_npe (#3773) * Reapply "bugfix/dolly-backend-testing (#3763)" This reverts commit 3fe649b45af8057f5299e42153af78a197cceaa6. * Renamed exception (only used internally in package). * Refactored to handle null values from token when resolving issuer, with improved logging. * Removes unused utility class. * Makes EmptyReactiveSecurityContextException a subclass of JwtResolver, as this is the only place it's now in use (and only internally in package). --- .github/workflows/common.integration-test.yml | 3 +- .github/workflows/integration-tests.yml | 2 + apps/adresse-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/altinn3-tilgang-service/build.gradle | 1 + .../src/main/resources/application-local.yml | 1 + apps/amelding-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/app-tilgang-analyse-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/arbeidsforhold-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/batch-bestilling-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/brreg-stub/build.gradle | 1 + apps/bruker-service/build.gradle | 1 + .../src/main/resources/application-local.yml | 2 + .../src/test/resources/application-test.yml | 3 + apps/budpro-service/build.gradle | 1 + apps/dolly-backend/build.gradle | 66 +++++------ apps/dolly-backend/settings.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/dolly-frontend/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../src/test/resources/application-test.yml | 2 + apps/dollystatus/build.gradle | 2 + apps/endringsmelding-frontend/build.gradle | 5 +- apps/endringsmelding-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/faste-data-frontend/build.gradle | 5 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/generer-navn-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/helsepersonell-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/inntektsmelding-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../jenkins-batch-status-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/joark-dokument-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/kodeverk-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 7 +- .../settings.gradle | 4 +- .../src/main/resources/application.yml | 2 +- apps/miljoer-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/organisasjon-forvalter/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/organisasjon-mottak-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/organisasjon-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/orgnummer-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/oversikt-frontend/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/pdl-forvalter/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/person-faste-data-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/person-search-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/person-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/profil-api/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/skattekort-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/sykemelding-api/build.gradle | 1 + apps/synt-sykemelding-api/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/tenor-search-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/testnav-ident-pool/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- apps/tilbakemelding-api/build.gradle | 1 + .../src/main/resources/application-local.yml | 3 + .../src/main/resources/application.yml | 2 +- apps/tps-messaging-service/build.gradle | 1 + apps/udi-stub/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../src/main/resources/logback-spring.xml | 2 + apps/varslinger-service/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- docker-compose.yml | 3 + .../GetAuthenticatedAutoConfiguration.java | 49 +++++++++ .../GetAuthenticatedResourceServerType.java | 43 ++++---- .../action/GetAuthenticatedToken.java | 11 +- .../action/GetAuthenticatedUserId.java | 23 ++-- .../reactivesecurity/action/JwtResolver.java | 11 +- .../action/JwtResolverException.java | 9 -- .../action/Oauth2Resolver.java | 35 ------ .../TokenServiceAutoConfiguration.java | 43 +------- .../azuread/AzureNavTokenService.java | 1 + .../exchange/azuread/AzureTokenService.java | 1 + .../AzureTrygdeetatenTokenService.java | 1 + .../AzureAdResourceServerProperties.java | 7 +- .../properties/ResourceServerProperties.java | 3 +- ...urceServerPropertiesAutoConfiguration.java | 103 ++++++++++++++++++ .../TokenxResourceServerProperties.java | 7 +- ...etatenAzureAdResourceServerProperties.java | 6 - ...ot.autoconfigure.AutoConfiguration.imports | 4 +- .../properties/ResourceServerProperties.java | 17 --- .../properties/ResourceServerProperties.java | 3 +- .../properties/ResourceServerProperties.java | 3 +- ...ironmentApplicationContextInitializer.java | 17 ++- .../src/main/resources/application.yml | 6 +- .../java/src/main/groovy/dolly-apps.gradle | 1 - .../java/src/main/groovy/dolly-proxies.gradle | 1 - proxies/aareg-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../aareg-synt-services-proxy/build.gradle | 4 + .../src/main/resources/application.yml | 2 +- proxies/altinn3-tilgang-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/arbeidsplassencv-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/arena-forvalteren-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/batch-adeo-proxy/build.gradle | 4 + .../src/main/resources/application.yml | 2 +- proxies/brregstub-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/dokarkiv-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/ereg-proxy/build.gradle | 4 + .../src/main/resources/application.yml | 2 +- proxies/fullmakt-proxy/build.gradle | 1 + proxies/histark-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/inntektstub-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/inst-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../kontoregister-person-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/krrstub-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/medl-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/norg2-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/pdl-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/saf-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/sigrunstub-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/skjermingsregister-proxy/build.gradle | 5 +- .../src/main/resources/application.yml | 2 +- proxies/sykemelding-proxy/build.gradle | 9 +- .../synthdata-meldekort-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- proxies/udistub-proxy/build.gradle | 5 +- .../src/main/resources/application.yml | 2 +- proxies/yrkesskade-proxy/build.gradle | 1 + .../src/main/resources/application.yml | 2 +- 184 files changed, 454 insertions(+), 300 deletions(-) create mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java delete mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolverException.java delete mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/Oauth2Resolver.java create mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java delete mode 100644 libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java diff --git a/.github/workflows/common.integration-test.yml b/.github/workflows/common.integration-test.yml index 8246c29c8d2..a0fc560f8a9 100644 --- a/.github/workflows/common.integration-test.yml +++ b/.github/workflows/common.integration-test.yml @@ -41,8 +41,7 @@ jobs: - name: "Health check" timeout-minutes: 5 run: | - echo Wait on service... - bash -c 'while [[ "$(curl --connect-timeout 2 -s -o /dev/null -w ''%{http_code}'' ${{ inputs.healthcheck }})" != "200" ]]; do echo ...; sleep 5; done; echo Service is up;' + bash -c 'while true; do status=$(curl --connect-timeout 2 -s -o /dev/null -w ''%{http_code}'' ${{ inputs.healthcheck }}); if [ "$status" -eq 200 ]; then echo Service is up; break; else echo "HTTP status: $status"; sleep 5; fi; done;' - name: "Run integration tests" uses: gradle/actions/setup-gradle@v3 with: diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index e7f6e7bb121..4543a7ca9cd 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -2,6 +2,8 @@ name: Integration Tests on: push: paths: + - ".github/workflows/common.integration-test.yml" + - ".github/workflows/integration-tests.yml" - "apps/altinn3-tilgang-service/**" - "apps/bruker-service/**" - "mocks/maskinporten-mock/**" diff --git a/apps/adresse-service/build.gradle b/apps/adresse-service/build.gradle index 3ce1a306707..930229aed1f 100644 --- a/apps/adresse-service/build.gradle +++ b/apps/adresse-service/build.gradle @@ -14,6 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/adresse-service/src/main/resources/application.yml b/apps/adresse-service/src/main/resources/application.yml index 9b742cb296e..f8e6d566064 100644 --- a/apps/adresse-service/src/main/resources/application.yml +++ b/apps/adresse-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/altinn3-tilgang-service/build.gradle b/apps/altinn3-tilgang-service/build.gradle index cf1162f4ca0..e119bd6550e 100644 --- a/apps/altinn3-tilgang-service/build.gradle +++ b/apps/altinn3-tilgang-service/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/altinn3-tilgang-service/src/main/resources/application-local.yml b/apps/altinn3-tilgang-service/src/main/resources/application-local.yml index c5b0c3f2556..14aefd2f0bb 100644 --- a/apps/altinn3-tilgang-service/src/main/resources/application-local.yml +++ b/apps/altinn3-tilgang-service/src/main/resources/application-local.yml @@ -1,3 +1,4 @@ +ALTINN_URL: ${sm\://azure-openid-config-token-endpoint} MASKINPORTEN_CLIENT_ID: ef2960de-7fa6-4396-80a5-2eca00e4af28 MASKINPORTEN_SCOPES: altinn:resourceregistry/accesslist.read altinn:resourceregistry/accesslist.write altinn:accessmanagement/authorizedparties.resourceowner diff --git a/apps/amelding-service/build.gradle b/apps/amelding-service/build.gradle index cbe63f5c3c0..a3c8b11228e 100644 --- a/apps/amelding-service/build.gradle +++ b/apps/amelding-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/amelding-service/src/main/resources/application.yml b/apps/amelding-service/src/main/resources/application.yml index 2ee2afe36e4..7d2b487d7b3 100644 --- a/apps/amelding-service/src/main/resources/application.yml +++ b/apps/amelding-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/app-tilgang-analyse-service/build.gradle b/apps/app-tilgang-analyse-service/build.gradle index aabf1cef55e..44bcccfe361 100644 --- a/apps/app-tilgang-analyse-service/build.gradle +++ b/apps/app-tilgang-analyse-service/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/app-tilgang-analyse-service/src/main/resources/application.yml b/apps/app-tilgang-analyse-service/src/main/resources/application.yml index b9c6c9f0aab..a5e560b2ad7 100644 --- a/apps/app-tilgang-analyse-service/src/main/resources/application.yml +++ b/apps/app-tilgang-analyse-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/arbeidsforhold-service/build.gradle b/apps/arbeidsforhold-service/build.gradle index d63025e02c3..232680b1ac2 100644 --- a/apps/arbeidsforhold-service/build.gradle +++ b/apps/arbeidsforhold-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/arbeidsforhold-service/src/main/resources/application.yml b/apps/arbeidsforhold-service/src/main/resources/application.yml index 226cff6e713..99aafa1f5d4 100644 --- a/apps/arbeidsforhold-service/src/main/resources/application.yml +++ b/apps/arbeidsforhold-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/batch-bestilling-service/build.gradle b/apps/batch-bestilling-service/build.gradle index fd98618053d..02ce90d9971 100644 --- a/apps/batch-bestilling-service/build.gradle +++ b/apps/batch-bestilling-service/build.gradle @@ -18,6 +18,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/batch-bestilling-service/src/main/resources/application.yml b/apps/batch-bestilling-service/src/main/resources/application.yml index abd377c1c07..b7796a56618 100644 --- a/apps/batch-bestilling-service/src/main/resources/application.yml +++ b/apps/batch-bestilling-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/brreg-stub/build.gradle b/apps/brreg-stub/build.gradle index bc61e6fc95b..235490c398d 100644 --- a/apps/brreg-stub/build.gradle +++ b/apps/brreg-stub/build.gradle @@ -27,6 +27,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:vault" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-web-services" diff --git a/apps/bruker-service/build.gradle b/apps/bruker-service/build.gradle index d968fb66030..f183040ae28 100644 --- a/apps/bruker-service/build.gradle +++ b/apps/bruker-service/build.gradle @@ -27,6 +27,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/bruker-service/src/main/resources/application-local.yml b/apps/bruker-service/src/main/resources/application-local.yml index 03ed912b26a..b5ba988c8b6 100644 --- a/apps/bruker-service/src/main/resources/application-local.yml +++ b/apps/bruker-service/src/main/resources/application-local.yml @@ -1,3 +1,5 @@ +CRYPTOGRAPHY_SECRET: dummy +JWT_SECRET: dummy TOKEN_X_CLIENT_ID: dev-gcp:dolly:testnav-bruker-service-dev spring: diff --git a/apps/bruker-service/src/test/resources/application-test.yml b/apps/bruker-service/src/test/resources/application-test.yml index cf96147fb34..b9d16b83133 100644 --- a/apps/bruker-service/src/test/resources/application-test.yml +++ b/apps/bruker-service/src/test/resources/application-test.yml @@ -1,3 +1,6 @@ +CRYPTOGRAPHY_SECRET: dummy +JWT_SECRET: dummy + spring: flyway: url: jdbc:h2:mem:testdb diff --git a/apps/budpro-service/build.gradle b/apps/budpro-service/build.gradle index 4fc43f98721..2b9d223ff1f 100644 --- a/apps/budpro-service/build.gradle +++ b/apps/budpro-service/build.gradle @@ -10,6 +10,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/dolly-backend/build.gradle b/apps/dolly-backend/build.gradle index 3984b2d70ed..8aadfe7b669 100644 --- a/apps/dolly-backend/build.gradle +++ b/apps/dolly-backend/build.gradle @@ -10,54 +10,56 @@ sonarqube { } dependencies { - implementation 'no.nav.testnav.libs:servlet-core' - implementation 'no.nav.testnav.libs:servlet-security' - implementation 'no.nav.testnav.libs:servlet-insecure-security' - implementation 'no.nav.testnav.libs:security-core' - implementation 'no.nav.testnav.libs:data-transfer-objects' - implementation 'no.nav.testnav.libs:data-transfer-search-objects' - implementation 'no.nav.testnav.libs:reactive-core' + implementation "no.nav.testnav.libs:servlet-core" + implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:data-transfer-search-objects" + implementation "no.nav.testnav.libs:reactive-core" + implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" - implementation 'org.springframework.boot:spring-boot-starter-web' - implementation 'org.springframework.boot:spring-boot-starter-oauth2-client' - implementation 'org.springframework.boot:spring-boot-starter-oauth2-resource-server' - implementation 'org.springframework.boot:spring-boot-starter-data-jpa' - implementation 'org.springframework.boot:spring-boot-starter-security' - implementation 'org.springframework.boot:spring-boot-starter-validation' - implementation 'org.springframework.retry:spring-retry' + implementation "org.springframework.boot:spring-boot-starter-web" + implementation "org.springframework.boot:spring-boot-starter-oauth2-client" + implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" + implementation "org.springframework.boot:spring-boot-starter-data-jpa" + implementation "org.springframework.boot:spring-boot-starter-security" + implementation "org.springframework.boot:spring-boot-starter-validation" + implementation "org.springframework.retry:spring-retry" - implementation 'org.springframework.boot:spring-boot-starter-data-elasticsearch' + implementation "org.springframework.boot:spring-boot-starter-data-elasticsearch" implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" - implementation 'org.apache.commons:commons-lang3' - implementation 'org.springframework.boot:spring-boot-starter-cache' - implementation 'com.github.ben-manes.caffeine:caffeine' + implementation "org.apache.commons:commons-lang3" + implementation "org.springframework.boot:spring-boot-starter-cache" + implementation "com.github.ben-manes.caffeine:caffeine" - implementation 'org.ehcache:ehcache:3.10.8' + implementation "org.ehcache:ehcache:3.10.8" implementation "com.fasterxml.jackson.core:jackson-core:$versions.jackson" - implementation 'org.postgresql:postgresql' - implementation 'org.flywaydb:flyway-core' - implementation 'org.flywaydb:flyway-database-postgresql' + implementation "org.postgresql:postgresql" + implementation "org.flywaydb:flyway-core" + implementation "org.flywaydb:flyway-database-postgresql" implementation "ma.glasnost.orika:orika-core:$versions.orika" - implementation 'org.codehaus.jettison:jettison:1.5.4' + implementation "org.codehaus.jettison:jettison:1.5.4" implementation "org.apache.poi:poi:$versions.apachePoi" implementation "org.apache.poi:poi-ooxml:$versions.apachePoi" - testImplementation 'org.opensearch:opensearch-testcontainers:2.1.2' + testImplementation "org.opensearch:opensearch-testcontainers:2.1.2" - testImplementation 'org.springframework.security:spring-security-test' - testImplementation 'org.springframework.cloud:spring-cloud-contract-wiremock' - testImplementation 'com.h2database:h2' + testImplementation "org.springframework.security:spring-security-test" + testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" + testImplementation "com.h2database:h2" testImplementation "io.projectreactor:reactor-test:$versions.reactorTest" - testImplementation 'org.testcontainers:junit-jupiter' - testImplementation 'org.springframework.boot:spring-boot-testcontainers' - testImplementation 'org.testcontainers:postgresql' - testImplementation 'org.bitbucket.b_c:jose4j:0.9.6' + testImplementation "org.testcontainers:junit-jupiter" + testImplementation "org.springframework.boot:spring-boot-testcontainers" + testImplementation "org.testcontainers:postgresql" + testImplementation "org.bitbucket.b_c:jose4j:0.9.6" - implementation 'net.java.dev.jna:jna:5.14.0' + implementation "net.java.dev.jna:jna:5.14.0" } \ No newline at end of file diff --git a/apps/dolly-backend/settings.gradle b/apps/dolly-backend/settings.gradle index 5b948edcd1f..a37687bbf94 100644 --- a/apps/dolly-backend/settings.gradle +++ b/apps/dolly-backend/settings.gradle @@ -9,6 +9,7 @@ includeBuild "../../plugins/java" includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/data-transfer-search-objects" includeBuild "../../libs/reactive-core" +includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" includeBuild "../../libs/servlet-core" includeBuild "../../libs/servlet-insecure-security" diff --git a/apps/dolly-backend/src/main/resources/application.yml b/apps/dolly-backend/src/main/resources/application.yml index 6e8bfedc134..798817b2517 100644 --- a/apps/dolly-backend/src/main/resources/application.yml +++ b/apps/dolly-backend/src/main/resources/application.yml @@ -44,7 +44,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} jackson: parser: include-source-in-location: true diff --git a/apps/dolly-frontend/build.gradle b/apps/dolly-frontend/build.gradle index 6240eedefc0..0e51a299073 100644 --- a/apps/dolly-frontend/build.gradle +++ b/apps/dolly-frontend/build.gradle @@ -26,6 +26,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:reactive-session-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" // Session implementation "redis.clients:jedis:5.2.0" diff --git a/apps/dolly-frontend/src/main/resources/application.yml b/apps/dolly-frontend/src/main/resources/application.yml index 1ef770e5b00..2d791fbaa4b 100644 --- a/apps/dolly-frontend/src/main/resources/application.yml +++ b/apps/dolly-frontend/src/main/resources/application.yml @@ -14,7 +14,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/dolly-frontend/src/test/resources/application-test.yml b/apps/dolly-frontend/src/test/resources/application-test.yml index e69de29bb2d..b5eb20eece4 100644 --- a/apps/dolly-frontend/src/test/resources/application-test.yml +++ b/apps/dolly-frontend/src/test/resources/application-test.yml @@ -0,0 +1,2 @@ +IDPORTEN_CLIENT_ID: dummy +IDPORTEN_CLIENT_JWK: dummy \ No newline at end of file diff --git a/apps/dollystatus/build.gradle b/apps/dollystatus/build.gradle index b8a85394b88..1c654af12e1 100644 --- a/apps/dollystatus/build.gradle +++ b/apps/dollystatus/build.gradle @@ -11,5 +11,7 @@ sonarqube { } dependencies { + implementation "no.nav.testnav.libs:testing" + implementation 'org.springframework.boot:spring-boot-starter-web' } diff --git a/apps/endringsmelding-frontend/build.gradle b/apps/endringsmelding-frontend/build.gradle index e3940d5fc48..52875516b51 100644 --- a/apps/endringsmelding-frontend/build.gradle +++ b/apps/endringsmelding-frontend/build.gradle @@ -18,8 +18,6 @@ configurations { } dependencies { - implementation "io.grpc:grpc-netty:$versions.grpc" - implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" implementation("no.nav.testnav.libs:reactive-session-security") { @@ -29,9 +27,10 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } + implementation "no.nav.testnav.libs:testing" + implementation "io.grpc:grpc-netty:$versions.grpc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" - implementation "org.springframework.cloud:spring-cloud-starter-gateway" testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" diff --git a/apps/endringsmelding-service/build.gradle b/apps/endringsmelding-service/build.gradle index 2ebc0d36af5..7a5085afa4a 100644 --- a/apps/endringsmelding-service/build.gradle +++ b/apps/endringsmelding-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/endringsmelding-service/src/main/resources/application.yml b/apps/endringsmelding-service/src/main/resources/application.yml index 59b3813236c..cae88d56332 100644 --- a/apps/endringsmelding-service/src/main/resources/application.yml +++ b/apps/endringsmelding-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/faste-data-frontend/build.gradle b/apps/faste-data-frontend/build.gradle index f960e48dd39..256be3873d2 100644 --- a/apps/faste-data-frontend/build.gradle +++ b/apps/faste-data-frontend/build.gradle @@ -18,8 +18,6 @@ configurations { } dependencies { - implementation "io.grpc:grpc-netty:$versions.grpc" - implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" implementation("no.nav.testnav.libs:reactive-session-security") { @@ -29,9 +27,10 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } + implementation "no.nav.testnav.libs:testing" + implementation "io.grpc:grpc-netty:$versions.grpc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" - implementation "org.springframework.cloud:spring-cloud-starter-gateway" testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" diff --git a/apps/generer-arbeidsforhold-populasjon-service/build.gradle b/apps/generer-arbeidsforhold-populasjon-service/build.gradle index cfa772f62d0..54c4e17cb22 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/build.gradle +++ b/apps/generer-arbeidsforhold-populasjon-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml index 3fc8e4bea97..449000c7d24 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml +++ b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-navn-service/build.gradle b/apps/generer-navn-service/build.gradle index 96007c01cea..3ad4f100fc9 100644 --- a/apps/generer-navn-service/build.gradle +++ b/apps/generer-navn-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/generer-navn-service/src/main/resources/application.yml b/apps/generer-navn-service/src/main/resources/application.yml index f50592c4259..942b29ed7f8 100644 --- a/apps/generer-navn-service/src/main/resources/application.yml +++ b/apps/generer-navn-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-organisasjon-populasjon-service/build.gradle b/apps/generer-organisasjon-populasjon-service/build.gradle index 301249239a6..c4fb89b1ec9 100644 --- a/apps/generer-organisasjon-populasjon-service/build.gradle +++ b/apps/generer-organisasjon-populasjon-service/build.gradle @@ -19,6 +19,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml b/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml index dddddbefe55..b7bc4e02b39 100644 --- a/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml +++ b/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-synt-amelding-service/build.gradle b/apps/generer-synt-amelding-service/build.gradle index 4ea869df5d5..17e8df431cf 100644 --- a/apps/generer-synt-amelding-service/build.gradle +++ b/apps/generer-synt-amelding-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/generer-synt-amelding-service/src/main/resources/application.yml b/apps/generer-synt-amelding-service/src/main/resources/application.yml index a45951abdff..820d4f2a08b 100644 --- a/apps/generer-synt-amelding-service/src/main/resources/application.yml +++ b/apps/generer-synt-amelding-service/src/main/resources/application.yml @@ -9,7 +9,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/helsepersonell-service/build.gradle b/apps/helsepersonell-service/build.gradle index 5a86c7a8f3c..b05edacb6bd 100644 --- a/apps/helsepersonell-service/build.gradle +++ b/apps/helsepersonell-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/helsepersonell-service/src/main/resources/application.yml b/apps/helsepersonell-service/src/main/resources/application.yml index 21ea5b1a259..4fec57bde8f 100644 --- a/apps/helsepersonell-service/src/main/resources/application.yml +++ b/apps/helsepersonell-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/inntektsmelding-generator-service/build.gradle b/apps/inntektsmelding-generator-service/build.gradle index d0220df6669..4db9b3660ab 100644 --- a/apps/inntektsmelding-generator-service/build.gradle +++ b/apps/inntektsmelding-generator-service/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/inntektsmelding-generator-service/src/main/resources/application.yml b/apps/inntektsmelding-generator-service/src/main/resources/application.yml index 2e9697d655d..4a7dc158c67 100644 --- a/apps/inntektsmelding-generator-service/src/main/resources/application.yml +++ b/apps/inntektsmelding-generator-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/inntektsmelding-service/build.gradle b/apps/inntektsmelding-service/build.gradle index 328840a81c3..26d1ddbfb16 100644 --- a/apps/inntektsmelding-service/build.gradle +++ b/apps/inntektsmelding-service/build.gradle @@ -14,6 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/inntektsmelding-service/src/main/resources/application.yml b/apps/inntektsmelding-service/src/main/resources/application.yml index adabbd20f19..78c313fe281 100644 --- a/apps/inntektsmelding-service/src/main/resources/application.yml +++ b/apps/inntektsmelding-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/jenkins-batch-status-service/build.gradle b/apps/jenkins-batch-status-service/build.gradle index bd05c64823b..6979650f6ce 100644 --- a/apps/jenkins-batch-status-service/build.gradle +++ b/apps/jenkins-batch-status-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/jenkins-batch-status-service/src/main/resources/application.yml b/apps/jenkins-batch-status-service/src/main/resources/application.yml index c09b76ed0d5..06be6a3f0fe 100644 --- a/apps/jenkins-batch-status-service/src/main/resources/application.yml +++ b/apps/jenkins-batch-status-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/joark-dokument-service/build.gradle b/apps/joark-dokument-service/build.gradle index 790106881d9..7dbd10dab9d 100644 --- a/apps/joark-dokument-service/build.gradle +++ b/apps/joark-dokument-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/joark-dokument-service/src/main/resources/application.yml b/apps/joark-dokument-service/src/main/resources/application.yml index 477720a9894..84755000dce 100644 --- a/apps/joark-dokument-service/src/main/resources/application.yml +++ b/apps/joark-dokument-service/src/main/resources/application.yml @@ -15,7 +15,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/kodeverk-service/build.gradle b/apps/kodeverk-service/build.gradle index 37b4afe3181..a5efabcbe81 100644 --- a/apps/kodeverk-service/build.gradle +++ b/apps/kodeverk-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/kodeverk-service/src/main/resources/application.yml b/apps/kodeverk-service/src/main/resources/application.yml index 8560362169b..35636c9e60b 100644 --- a/apps/kodeverk-service/src/main/resources/application.yml +++ b/apps/kodeverk-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/levende-arbeidsforhold-ansettelse/build.gradle b/apps/levende-arbeidsforhold-ansettelse/build.gradle index f0a24a7410d..645c2f5d9fd 100644 --- a/apps/levende-arbeidsforhold-ansettelse/build.gradle +++ b/apps/levende-arbeidsforhold-ansettelse/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml index 538e98af0ae..f4c9a3d2b3b 100644 --- a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} flyway: locations: classpath:db/migration enabled: true diff --git a/apps/levende-arbeidsforhold-scheduler/build.gradle b/apps/levende-arbeidsforhold-scheduler/build.gradle index f0cc5802adc..e252168474e 100644 --- a/apps/levende-arbeidsforhold-scheduler/build.gradle +++ b/apps/levende-arbeidsforhold-scheduler/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-quartz" diff --git a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml index dbf213cd6ce..e990c09338f 100644 --- a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/levende-arbeidsforhold-service/build.gradle b/apps/levende-arbeidsforhold-service/build.gradle index d5e6a11f670..823edbb1aba 100644 --- a/apps/levende-arbeidsforhold-service/build.gradle +++ b/apps/levende-arbeidsforhold-service/build.gradle @@ -10,9 +10,6 @@ sonarqube { } dependencies { - implementation "io.confluent:kafka-avro-serializer:$versions.avroSerializer" - implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" - implementation "no.nav.testnav.libs:avro-schema" implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:kafka-config" @@ -20,10 +17,12 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" + implementation "io.confluent:kafka-avro-serializer:$versions.avroSerializer" + implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" implementation "org.apache.kafka:kafka-clients:$versions.apacheKafka" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" - implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/levende-arbeidsforhold-service/settings.gradle b/apps/levende-arbeidsforhold-service/settings.gradle index 4bd0975147b..71d9e5977ac 100644 --- a/apps/levende-arbeidsforhold-service/settings.gradle +++ b/apps/levende-arbeidsforhold-service/settings.gradle @@ -5,13 +5,13 @@ plugins { rootProject.name = "levende-arbeidsforhold-service" includeBuild "../../libs/avro-schema" -includeBuild "../../libs/kafka-config" -includeBuild "../../libs/testing" includeBuild "../../libs/data-transfer-objects" +includeBuild "../../libs/kafka-config" includeBuild "../../libs/reactive-core" includeBuild "../../libs/security-core" includeBuild "../../libs/servlet-core" includeBuild "../../libs/servlet-insecure-security" +includeBuild "../../libs/testing" develocity { buildScan { diff --git a/apps/levende-arbeidsforhold-service/src/main/resources/application.yml b/apps/levende-arbeidsforhold-service/src/main/resources/application.yml index bde3afafb81..1d7926e10da 100644 --- a/apps/levende-arbeidsforhold-service/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} kafka: consumer: group-id: testnav-levende-arbeidsforhold-service diff --git a/apps/miljoer-service/build.gradle b/apps/miljoer-service/build.gradle index ea53e959c2d..3345c19b12f 100644 --- a/apps/miljoer-service/build.gradle +++ b/apps/miljoer-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/miljoer-service/src/main/resources/application.yml b/apps/miljoer-service/src/main/resources/application.yml index ba046b9b166..b7d615aefde 100644 --- a/apps/miljoer-service/src/main/resources/application.yml +++ b/apps/miljoer-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/oppsummeringsdokument-service/build.gradle b/apps/oppsummeringsdokument-service/build.gradle index 53d2b548a79..a0de4982a5d 100644 --- a/apps/oppsummeringsdokument-service/build.gradle +++ b/apps/oppsummeringsdokument-service/build.gradle @@ -19,6 +19,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.xsd:arbeidsforhold-xsd" + implementation "no.nav.testnav.libs:testing" implementation "com.fasterxml.jackson.dataformat:jackson-dataformat-xml" diff --git a/apps/oppsummeringsdokument-service/src/main/resources/application.yml b/apps/oppsummeringsdokument-service/src/main/resources/application.yml index a49b4ce5f22..5243d12e5f8 100644 --- a/apps/oppsummeringsdokument-service/src/main/resources/application.yml +++ b/apps/oppsummeringsdokument-service/src/main/resources/application.yml @@ -4,7 +4,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} application: name: oppsummeringsdokument-service description: Tjeneste for å sende inn oppsummeringsdokument til aareg og søke i innsendte oppsummeringsdokumenter. diff --git a/apps/organisasjon-bestilling-service/build.gradle b/apps/organisasjon-bestilling-service/build.gradle index ea8c74c4e49..0bdc1cb3ee7 100644 --- a/apps/organisasjon-bestilling-service/build.gradle +++ b/apps/organisasjon-bestilling-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/organisasjon-bestilling-service/src/main/resources/application.yml b/apps/organisasjon-bestilling-service/src/main/resources/application.yml index 54e9361c619..3ee70507ad5 100644 --- a/apps/organisasjon-bestilling-service/src/main/resources/application.yml +++ b/apps/organisasjon-bestilling-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/organisasjon-faste-data-service/build.gradle b/apps/organisasjon-faste-data-service/build.gradle index d4cc105df58..eb6c75c1918 100644 --- a/apps/organisasjon-faste-data-service/build.gradle +++ b/apps/organisasjon-faste-data-service/build.gradle @@ -19,6 +19,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/organisasjon-faste-data-service/src/main/resources/application.yml b/apps/organisasjon-faste-data-service/src/main/resources/application.yml index 620350af387..2899efe8df9 100644 --- a/apps/organisasjon-faste-data-service/src/main/resources/application.yml +++ b/apps/organisasjon-faste-data-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/organisasjon-forvalter/build.gradle b/apps/organisasjon-forvalter/build.gradle index 1fb8803fd77..398122e8fee 100644 --- a/apps/organisasjon-forvalter/build.gradle +++ b/apps/organisasjon-forvalter/build.gradle @@ -22,6 +22,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/organisasjon-forvalter/src/main/resources/application.yml b/apps/organisasjon-forvalter/src/main/resources/application.yml index bf9978fbd94..6ae92ebecac 100644 --- a/apps/organisasjon-forvalter/src/main/resources/application.yml +++ b/apps/organisasjon-forvalter/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/organisasjon-mottak-service/build.gradle b/apps/organisasjon-mottak-service/build.gradle index 220373f5089..a5605299aa8 100644 --- a/apps/organisasjon-mottak-service/build.gradle +++ b/apps/organisasjon-mottak-service/build.gradle @@ -19,6 +19,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/organisasjon-mottak-service/src/main/resources/application.yml b/apps/organisasjon-mottak-service/src/main/resources/application.yml index 697afc71e4c..21f878de592 100644 --- a/apps/organisasjon-mottak-service/src/main/resources/application.yml +++ b/apps/organisasjon-mottak-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/organisasjon-service/build.gradle b/apps/organisasjon-service/build.gradle index 3df14ba3559..2d6ea6c665c 100644 --- a/apps/organisasjon-service/build.gradle +++ b/apps/organisasjon-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/organisasjon-service/src/main/resources/application.yml b/apps/organisasjon-service/src/main/resources/application.yml index 3b8bdf59f81..4f5619ac476 100644 --- a/apps/organisasjon-service/src/main/resources/application.yml +++ b/apps/organisasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/orgnummer-service/build.gradle b/apps/orgnummer-service/build.gradle index 1df3d299209..735d1e0c98c 100644 --- a/apps/orgnummer-service/build.gradle +++ b/apps/orgnummer-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/orgnummer-service/src/main/resources/application.yml b/apps/orgnummer-service/src/main/resources/application.yml index 6fca4621d27..94509373e18 100644 --- a/apps/orgnummer-service/src/main/resources/application.yml +++ b/apps/orgnummer-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: dev-gcp:dolly:testnav-orgnummer-service diff --git a/apps/oversikt-frontend/build.gradle b/apps/oversikt-frontend/build.gradle index 5e50676ce88..d37b2d5822a 100644 --- a/apps/oversikt-frontend/build.gradle +++ b/apps/oversikt-frontend/build.gradle @@ -20,6 +20,7 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.cloud:spring-cloud-starter-gateway" diff --git a/apps/oversikt-frontend/src/main/resources/application.yml b/apps/oversikt-frontend/src/main/resources/application.yml index 4a5600397d2..04ccbd221c0 100644 --- a/apps/oversikt-frontend/src/main/resources/application.yml +++ b/apps/oversikt-frontend/src/main/resources/application.yml @@ -4,7 +4,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} diff --git a/apps/pdl-forvalter/build.gradle b/apps/pdl-forvalter/build.gradle index 73b74c911c1..ab10ad1279d 100644 --- a/apps/pdl-forvalter/build.gradle +++ b/apps/pdl-forvalter/build.gradle @@ -20,6 +20,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/pdl-forvalter/src/main/resources/application.yml b/apps/pdl-forvalter/src/main/resources/application.yml index eb06623452c..5894fa1f8b7 100644 --- a/apps/pdl-forvalter/src/main/resources/application.yml +++ b/apps/pdl-forvalter/src/main/resources/application.yml @@ -41,7 +41,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/person-faste-data-service/build.gradle b/apps/person-faste-data-service/build.gradle index 90effeb93fa..2b18e57f16a 100644 --- a/apps/person-faste-data-service/build.gradle +++ b/apps/person-faste-data-service/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/person-faste-data-service/src/main/resources/application.yml b/apps/person-faste-data-service/src/main/resources/application.yml index 6b5a3494897..45fdf63c8f9 100644 --- a/apps/person-faste-data-service/src/main/resources/application.yml +++ b/apps/person-faste-data-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: dev-gcp:dolly:testnav-person-faste-data-service diff --git a/apps/person-search-service/build.gradle b/apps/person-search-service/build.gradle index 7fb6dbcb708..b56e456f3e2 100644 --- a/apps/person-search-service/build.gradle +++ b/apps/person-search-service/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-elasticsearch" implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" diff --git a/apps/person-search-service/src/main/resources/application.yml b/apps/person-search-service/src/main/resources/application.yml index 0e7f6440491..89ae1646179 100644 --- a/apps/person-search-service/src/main/resources/application.yml +++ b/apps/person-search-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/person-service/build.gradle b/apps/person-service/build.gradle index 60ed4e286c2..2ce944201a9 100644 --- a/apps/person-service/build.gradle +++ b/apps/person-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/person-service/src/main/resources/application.yml b/apps/person-service/src/main/resources/application.yml index aaaf77bf2b4..4b77cd0a65f 100644 --- a/apps/person-service/src/main/resources/application.yml +++ b/apps/person-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} jackson: serialization: write_dates_as_timestamps: false diff --git a/apps/profil-api/build.gradle b/apps/profil-api/build.gradle index 6a06c4236a6..23932ab9838 100644 --- a/apps/profil-api/build.gradle +++ b/apps/profil-api/build.gradle @@ -15,6 +15,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/profil-api/src/main/resources/application.yml b/apps/profil-api/src/main/resources/application.yml index f414c6d8f50..5809abe4591 100644 --- a/apps/profil-api/src/main/resources/application.yml +++ b/apps/profil-api/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/skattekort-service/build.gradle b/apps/skattekort-service/build.gradle index c9ba8298fac..a277d93478e 100644 --- a/apps/skattekort-service/build.gradle +++ b/apps/skattekort-service/build.gradle @@ -27,6 +27,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/skattekort-service/src/main/resources/application.yml b/apps/skattekort-service/src/main/resources/application.yml index 1d3a3af3c76..195fade91c6 100644 --- a/apps/skattekort-service/src/main/resources/application.yml +++ b/apps/skattekort-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/sykemelding-api/build.gradle b/apps/sykemelding-api/build.gradle index bbfe33929d2..cbb59f63251 100644 --- a/apps/sykemelding-api/build.gradle +++ b/apps/sykemelding-api/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/synt-sykemelding-api/build.gradle b/apps/synt-sykemelding-api/build.gradle index d0822af1c9e..5d1e6d3324f 100644 --- a/apps/synt-sykemelding-api/build.gradle +++ b/apps/synt-sykemelding-api/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/synt-sykemelding-api/src/main/resources/application.yml b/apps/synt-sykemelding-api/src/main/resources/application.yml index aee3d690ac4..196a8229a63 100644 --- a/apps/synt-sykemelding-api/src/main/resources/application.yml +++ b/apps/synt-sykemelding-api/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/synt-vedtakshistorikk-service/build.gradle b/apps/synt-vedtakshistorikk-service/build.gradle index 93b257d3563..732aeddab21 100644 --- a/apps/synt-vedtakshistorikk-service/build.gradle +++ b/apps/synt-vedtakshistorikk-service/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml b/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml index 822d79cd6f7..0086630fc1a 100644 --- a/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml +++ b/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/tenor-search-service/build.gradle b/apps/tenor-search-service/build.gradle index da1b52e4ad7..fc3a17baec1 100644 --- a/apps/tenor-search-service/build.gradle +++ b/apps/tenor-search-service/build.gradle @@ -14,6 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/tenor-search-service/src/main/resources/application.yml b/apps/tenor-search-service/src/main/resources/application.yml index 719d051eda8..720f4d6cb92 100644 --- a/apps/tenor-search-service/src/main/resources/application.yml +++ b/apps/tenor-search-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/testnav-ident-pool/build.gradle b/apps/testnav-ident-pool/build.gradle index d60cee6397a..d3042f49769 100644 --- a/apps/testnav-ident-pool/build.gradle +++ b/apps/testnav-ident-pool/build.gradle @@ -18,6 +18,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/testnav-ident-pool/src/main/resources/application.yml b/apps/testnav-ident-pool/src/main/resources/application.yml index cfbe7200e50..1b8b5f1a876 100644 --- a/apps/testnav-ident-pool/src/main/resources/application.yml +++ b/apps/testnav-ident-pool/src/main/resources/application.yml @@ -43,7 +43,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/testnorge-statisk-data-forvalter/build.gradle b/apps/testnorge-statisk-data-forvalter/build.gradle index 6d4e1d0c37b..1b99d32f5e6 100644 --- a/apps/testnorge-statisk-data-forvalter/build.gradle +++ b/apps/testnorge-statisk-data-forvalter/build.gradle @@ -21,6 +21,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "no.nav.testnav.libs:vault" implementation "org.springframework.kafka:spring-kafka" diff --git a/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml b/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml index b2e5797c322..ae07af84a08 100644 --- a/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml +++ b/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml @@ -13,7 +13,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/tilbakemelding-api/build.gradle b/apps/tilbakemelding-api/build.gradle index 927a20d322d..7c215a05ab8 100644 --- a/apps/tilbakemelding-api/build.gradle +++ b/apps/tilbakemelding-api/build.gradle @@ -16,6 +16,7 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:slack" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/tilbakemelding-api/src/main/resources/application-local.yml b/apps/tilbakemelding-api/src/main/resources/application-local.yml index 9c7acce458c..f2b70d36692 100644 --- a/apps/tilbakemelding-api/src/main/resources/application-local.yml +++ b/apps/tilbakemelding-api/src/main/resources/application-local.yml @@ -1,3 +1,6 @@ +SLACK_CHANNEL: dummy +SLACK_TOKEN: dummy + consumers: profil-api: url: https://testnorge-profil-api.intern.dev.nav.no diff --git a/apps/tilbakemelding-api/src/main/resources/application.yml b/apps/tilbakemelding-api/src/main/resources/application.yml index e0e648809ae..895d51671ce 100644 --- a/apps/tilbakemelding-api/src/main/resources/application.yml +++ b/apps/tilbakemelding-api/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/tps-messaging-service/build.gradle b/apps/tps-messaging-service/build.gradle index 5cae62ac557..6d44b0b9b4b 100644 --- a/apps/tps-messaging-service/build.gradle +++ b/apps/tps-messaging-service/build.gradle @@ -18,6 +18,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "no.nav.repository.fellesreg.tpsws:nav-repository-fellesregister-castor-tps-s018-domain:$versions.navFellesregister" implementation "no.nav.repository.fellesreg.tpsws:nav-repository-fellesregister-jaxb-tps-m201-domain:$versions.navFellesregister" diff --git a/apps/udi-stub/build.gradle b/apps/udi-stub/build.gradle index 1490a7c89f9..53a0ca6aaa9 100644 --- a/apps/udi-stub/build.gradle +++ b/apps/udi-stub/build.gradle @@ -23,6 +23,7 @@ configurations { dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "no.nav.testnav.libs:vault" implementation "com.sun.xml.ws:jaxws-rt:$versions.jaxws" diff --git a/apps/udi-stub/src/main/resources/application.yml b/apps/udi-stub/src/main/resources/application.yml index e8c4b285c1b..dcb18f5ecee 100644 --- a/apps/udi-stub/src/main/resources/application.yml +++ b/apps/udi-stub/src/main/resources/application.yml @@ -18,7 +18,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/udi-stub/src/main/resources/logback-spring.xml b/apps/udi-stub/src/main/resources/logback-spring.xml index f49b192e253..a17fd9b8e5a 100644 --- a/apps/udi-stub/src/main/resources/logback-spring.xml +++ b/apps/udi-stub/src/main/resources/logback-spring.xml @@ -3,6 +3,8 @@ + true + -1 true diff --git a/apps/varslinger-service/build.gradle b/apps/varslinger-service/build.gradle index 2c5ab0be9c0..4c7c5fed68e 100644 --- a/apps/varslinger-service/build.gradle +++ b/apps/varslinger-service/build.gradle @@ -14,6 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/varslinger-service/src/main/resources/application.yml b/apps/varslinger-service/src/main/resources/application.yml index 0743cf2025c..f9dbbcdfd7f 100644 --- a/apps/varslinger-service/src/main/resources/application.yml +++ b/apps/varslinger-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/docker-compose.yml b/docker-compose.yml index 5454a01f6db..365d3007fbb 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,6 +9,7 @@ services: context: ./apps/altinn3-tilgang-service environment: - ALTINN_URL=http//altinn:8080 + - AZURE_APP_CLIENT_ID=dummy - AZURE_OPENID_CONFIG_ISSUER=dummy - JAVA_TOOL_OPTIONS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 - MASKINPORTEN_CLIENT_ID=dummy @@ -16,6 +17,7 @@ services: - MASKINPORTEN_SCOPES=altinn:resourceregistry/accesslist.read altinn:resourceregistry/accesslist.write altinn:accessmanagement/authorizedparties.resourceowner - MASKINPORTEN_WELL_KNOWN_URL=http://maskinporten:8080 - SPRING_PROFILES_ACTIVE=virtual + - TOKEN_X_CLIENT_ID=dev-gcp:dolly:testnav-altinn3-tilgang-service - TOKEN_X_ISSUER=http://tokendings:8080 - TOKEN_X_PRIVATE_JWK=${JWK} ports: @@ -61,6 +63,7 @@ services: build: context: ./apps/bruker-service environment: + - AZURE_APP_CLIENT_ID=dummy - AZURE_OPENID_CONFIG_ISSUER=dummy - CRYPTOGRAPHY_SECRET=dummy - JAVA_TOOL_OPTIONS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java new file mode 100644 index 00000000000..a3c33573182 --- /dev/null +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java @@ -0,0 +1,49 @@ +package no.nav.testnav.libs.reactivesecurity.action; + +import no.nav.testnav.libs.reactivesecurity.properties.AzureAdResourceServerProperties; +import no.nav.testnav.libs.reactivesecurity.properties.ResourceServerProperties; +import no.nav.testnav.libs.reactivesecurity.properties.TokenxResourceServerProperties; +import no.nav.testnav.libs.reactivesecurity.properties.TrygdeetatenAzureAdResourceServerProperties; +import org.springframework.boot.autoconfigure.AutoConfiguration; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.context.annotation.Bean; +import org.springframework.lang.Nullable; + +import java.util.ArrayList; + +@AutoConfiguration +public class GetAuthenticatedAutoConfiguration { + + @Bean + @ConditionalOnMissingBean + GetAuthenticatedResourceServerType getAuthenticatedResourceServerType( + @Nullable AzureAdResourceServerProperties azureAdResourceServerProperties, + @Nullable TokenxResourceServerProperties tokenxResourceServerProperties, + @Nullable TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerProperties + ) { + var list = new ArrayList(3); + if (azureAdResourceServerProperties != null) { + list.add(azureAdResourceServerProperties); + } + if (tokenxResourceServerProperties != null) { + list.add(tokenxResourceServerProperties); + } + if (trygdeetatenAzureAdResourceServerProperties != null) { + list.add(trygdeetatenAzureAdResourceServerProperties); + } + return new GetAuthenticatedResourceServerType(list); + } + + @Bean + @ConditionalOnMissingBean + GetAuthenticatedToken getAuthenticatedToken(GetAuthenticatedResourceServerType getAuthenticatedResourceServerType) { + return new GetAuthenticatedToken(getAuthenticatedResourceServerType); + } + + @Bean + @ConditionalOnMissingBean + GetAuthenticatedUserId getAuthenticatedUserId(GetAuthenticatedResourceServerType getAuthenticatedResourceServerType) { + return new GetAuthenticatedUserId(getAuthenticatedResourceServerType); + } + +} diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java index ada4a4d6068..e4a2ab06b52 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java @@ -5,38 +5,37 @@ import no.nav.testnav.libs.reactivesecurity.properties.ResourceServerProperties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; +import org.springframework.security.oauth2.jwt.JwtClaimAccessor; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; -import org.springframework.stereotype.Component; import reactor.core.publisher.Mono; import java.util.List; import java.util.Optional; import java.util.concurrent.Callable; -@Component @RequiredArgsConstructor @Slf4j public class GetAuthenticatedResourceServerType extends JwtResolver implements Callable> { private final List resourceServerProperties; - private Optional getResourceTypeForm(JwtAuthenticationToken token) { + private Optional getResourceTypeFrom(JwtAuthenticationToken token) { return resourceServerProperties .stream() .filter(properties -> { if (token == null) { - log.error("Token is null"); + log.warn("Token is null"); + } else if (token.getToken() == null) { + log.warn("Token.getToken() is null"); + } else if (token.getToken().getIssuer() == null) { + log.warn("Token.getToken().getIssuer() is null"); } - if (token.getToken() == null) { - log.error("Token.getToken() is null"); - } - if (token.getToken().getIssuer() == null) { - log.error("Token.getToken().getIssuer() is null"); - } - log.info("Configured issuer, token issuer: {}, {}", properties.getIssuerUri(), token.getToken().getIssuer().toString()); - return properties - .getIssuerUri() - .equalsIgnoreCase(token.getToken().getIssuer().toString()); + return Optional + .ofNullable(token) + .map(JwtAuthenticationToken::getToken) + .map(JwtClaimAccessor::getIssuer) + .map(issuerFromToken -> issuerFromToken.toString().equalsIgnoreCase(properties.getIssuerUri())) + .orElse(false); }) .findFirst() .map(ResourceServerProperties::getType); @@ -46,16 +45,20 @@ private Optional getResourceTypeForm(JwtAuthenticationToken public Mono call() { return getJwtAuthenticationToken() - .onErrorResume(JwtResolverException.class, throwable -> Mono.empty()) + .onErrorResume(EmptyReactiveSecurityContextException.class, exception -> { + log.error("Failed to get JWT token", exception); + return Mono.empty(); + }) .flatMap(authentication -> { - if (authentication instanceof JwtAuthenticationToken jwtAuthenticationTokentoken) { - return getResourceTypeForm(jwtAuthenticationTokentoken) - .map(Mono::just) - .orElseGet(Mono::empty); - } else if (authentication instanceof OAuth2AuthenticationToken) { + if (authentication instanceof JwtAuthenticationToken token) { + return Mono.justOrEmpty(getResourceTypeFrom(token)); + } + if (authentication instanceof OAuth2AuthenticationToken) { return Mono.just(ResourceServerType.TOKEN_X); } return Mono.empty(); }); + } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java index c69106248ed..c0ca5ab5201 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java @@ -1,22 +1,12 @@ package no.nav.testnav.libs.reactivesecurity.action; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; import lombok.RequiredArgsConstructor; -import lombok.extern.slf4j.Slf4j; import no.nav.testnav.libs.securitycore.domain.Token; -import org.springframework.http.HttpStatus; -import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; -import org.springframework.stereotype.Component; -import org.springframework.web.server.ResponseStatusException; import reactor.core.publisher.Mono; -import java.time.Instant; import java.util.concurrent.Callable; -@Component -@Slf4j @RequiredArgsConstructor public class GetAuthenticatedToken extends JwtResolver implements Callable> { @@ -45,4 +35,5 @@ public Mono call() { .build()); }); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java index b0636ee9c7d..24cb659afdb 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java @@ -1,16 +1,12 @@ package no.nav.testnav.libs.reactivesecurity.action; import lombok.RequiredArgsConstructor; -import lombok.extern.slf4j.Slf4j; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; -import org.springframework.stereotype.Component; import reactor.core.publisher.Mono; import java.util.concurrent.Callable; -@Slf4j -@Component @RequiredArgsConstructor public class GetAuthenticatedUserId extends JwtResolver implements Callable> { @@ -27,20 +23,21 @@ public Mono call() { } private Mono getTokenAttribute(String attribute) { - return getJwtAuthenticationToken() .map(authentication -> - switch (authentication) { - - case JwtAuthenticationToken jwtAuthenticationToken -> - jwtAuthenticationToken.getTokenAttributes().get(attribute).toString(); - - case OAuth2AuthenticationToken oauth2AuthenticationToken -> - oauth2AuthenticationToken.getPrincipal().getAttributes().get("pid").toString(); - + case JwtAuthenticationToken jwtAuthenticationToken -> jwtAuthenticationToken + .getTokenAttributes() + .get(attribute) + .toString(); + case OAuth2AuthenticationToken oauth2AuthenticationToken -> oauth2AuthenticationToken + .getPrincipal() + .getAttributes() + .get("pid") + .toString(); default -> ""; } ); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolver.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolver.java index 5b19c554aa1..77a2e52b2ca 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolver.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolver.java @@ -12,8 +12,17 @@ abstract class JwtResolver { Mono getJwtAuthenticationToken() { return ReactiveSecurityContextHolder .getContext() - .switchIfEmpty(Mono.error(new JwtResolverException("ReactiveSecurityContext is empty"))) + .switchIfEmpty(Mono.error(new EmptyReactiveSecurityContextException())) .doOnNext(context -> log.info("JwtResolver context.authentication {} {}", context.getAuthentication().getClass().getCanonicalName(), context.getAuthentication())) .map(SecurityContext::getAuthentication); } + + static class EmptyReactiveSecurityContextException extends IllegalStateException { + + EmptyReactiveSecurityContextException() { + super(); + } + + } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolverException.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolverException.java deleted file mode 100644 index bcaef662c36..00000000000 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolverException.java +++ /dev/null @@ -1,9 +0,0 @@ -package no.nav.testnav.libs.reactivesecurity.action; - -public class JwtResolverException extends IllegalStateException { - - JwtResolverException(String s) { - super(s); - } - -} \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/Oauth2Resolver.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/Oauth2Resolver.java deleted file mode 100644 index 68dac390a55..00000000000 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/Oauth2Resolver.java +++ /dev/null @@ -1,35 +0,0 @@ -package no.nav.testnav.libs.reactivesecurity.action; - -import lombok.experimental.UtilityClass; -import lombok.extern.slf4j.Slf4j; -import org.springframework.security.authentication.CredentialsExpiredException; -import org.springframework.security.core.context.ReactiveSecurityContextHolder; -import org.springframework.security.core.context.SecurityContext; -import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; -import org.springframework.security.oauth2.jwt.Jwt; -import reactor.core.publisher.Mono; - -import java.time.Instant; -import java.time.ZonedDateTime; - -@Slf4j -@UtilityClass -public class Oauth2Resolver { - - public static Mono getOauth2AuthenticationToken() { - return ReactiveSecurityContextHolder - .getContext() - .switchIfEmpty(Mono.error(new JwtResolverException("ReactiveSecurityContext is empty"))) - .doOnNext(context -> log.info("Oauth2Resolver context.authentication {} {}", context.getAuthentication().getClass().getCanonicalName(), context.getAuthentication())) - .map(SecurityContext::getAuthentication) - .map(OAuth2AuthenticationToken.class::cast) - .doOnError(throwable -> log.warn("Klarte ikke hente Jwt Auth Token", throwable)) - .doOnSuccess(jwtAuthenticationToken -> { - Jwt credentials = (Jwt) jwtAuthenticationToken.getCredentials(); - Instant expiresAt = credentials.getExpiresAt(); - if (expiresAt == null || expiresAt.isBefore(ZonedDateTime.now().toInstant().plusSeconds(120))) { - throw new CredentialsExpiredException("Jwt er utløpt eller utløper innen kort tid"); - } - }); - } -} diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java index f33c6c1f0f0..e63e16fc9fa 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java @@ -3,37 +3,24 @@ import com.fasterxml.jackson.databind.ObjectMapper; import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedToken; import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedUserId; -import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureTokenService; import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureNavTokenService; +import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureTokenService; import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureTrygdeetatenTokenService; import no.nav.testnav.libs.securitycore.domain.azuread.*; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Primary; -import org.springframework.context.annotation.Profile; -import org.springframework.util.Assert; -@AutoConfiguration(after = ClientCredentialAutoConfiguration.class) +@AutoConfiguration public class TokenServiceAutoConfiguration { @Value("${HTTP_PROXY:#{null}}") private String httpProxy; - @Primary - @Bean - @Profile("test") - AzureTokenService azureAdTokenServiceTest( - AzureClientCredential clientCredential, - GetAuthenticatedToken getAuthenticatedToken - ) { - return new AzureTokenService(null, clientCredential, getAuthenticatedToken); - } - @Bean @ConditionalOnDollyApplicationConfiguredForAzure - @ConditionalOnMissingBean(AzureTokenService.class) + @ConditionalOnMissingBean AzureTokenService azureAdTokenService( AzureClientCredential clientCredential, GetAuthenticatedToken getAuthenticatedToken @@ -41,38 +28,18 @@ AzureTokenService azureAdTokenService( return new AzureTokenService(httpProxy, clientCredential, getAuthenticatedToken); } - @Primary - @Bean - @Profile("test") - AzureNavTokenService azureNavTokenServiceTest( - AzureNavClientCredential azureNavClientCredential - ) { - return new AzureNavTokenService(null, azureNavClientCredential); - } - @Bean @ConditionalOnDollyApplicationConfiguredForNav - @ConditionalOnMissingBean(AzureNavTokenService.class) + @ConditionalOnMissingBean AzureNavTokenService azureNavTokenService( AzureNavClientCredential azureNavClientCredential ) { return new AzureNavTokenService(httpProxy, azureNavClientCredential); } - @Primary - @Bean - @Profile("test") - AzureTrygdeetatenTokenService trygdeetatenAzureAdTokenServiceTest( - AzureTrygdeetatenClientCredential clientCredential, - GetAuthenticatedUserId getAuthenticatedUserId, - ObjectMapper objectMapper - ) { - return new AzureTrygdeetatenTokenService(null, clientCredential, getAuthenticatedUserId, objectMapper); - } - @Bean @ConditionalOnDollyApplicationConfiguredForTrygdeetaten - @ConditionalOnMissingBean(AzureTrygdeetatenTokenService.class) + @ConditionalOnMissingBean AzureTrygdeetatenTokenService trygdeetatenAzureAdTokenService( AzureTrygdeetatenClientCredential clientCredential, GetAuthenticatedUserId getAuthenticatedUserId, diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java index ea7001cafd8..d78522699b2 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java @@ -64,4 +64,5 @@ public Mono exchange(ServerProperties serverProperties) { ).call(); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java index e2a93dd9abf..29240eb5c3a 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java @@ -97,4 +97,5 @@ private Mono generateOnBehalfOfAccessToken(Token token, ServerPrope token ).call(); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java index a6fae4111f7..8223ccb7a7c 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java @@ -114,4 +114,5 @@ private boolean expires(AccessToken accessToken) { .minusSeconds(300) .isBefore(Instant.now()); } + } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java index b2921be6aa1..1fa2c8e5dbe 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java @@ -1,17 +1,12 @@ package no.nav.testnav.libs.reactivesecurity.properties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.context.annotation.Configuration; -@Configuration -@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.aad") -@ConditionalOnProperty("spring.security.oauth2.resourceserver.aad.issuer-uri") public class AzureAdResourceServerProperties extends ResourceServerProperties { @Override public ResourceServerType getType() { return ResourceServerType.AZURE_AD; } + } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java index d4b1cb40b34..2712024cccb 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java @@ -9,9 +9,10 @@ @Getter @Setter public abstract class ResourceServerProperties { + private String issuerUri; - private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); + } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java new file mode 100644 index 00000000000..0b187e20d54 --- /dev/null +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java @@ -0,0 +1,103 @@ +package no.nav.testnav.libs.reactivesecurity.properties; + +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.autoconfigure.AutoConfiguration; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Profile; + +import java.util.List; + +// TODO: Configuration such as spring.security.oauth2.resourceserver is not part of the Spring framework, and should be moved to separate configuration, such as dolly.oauth2 or similar. + +/** + * Auto configuration for resource server properties, e.g. configuration under {@code spring.security.oauth2.resourceserver}. + * Supported properties are: + *
    + *
  • {@code spring.security.oauth2.resourceserver.aad}
    • + *
  • {@code spring.security.oauth2.resourceserver.tokenx}
    • + *
  • {@code spring.security.oauth2.resourceserver.trygdeetaten}
    • + *
+ * which may each have the following properties: + *
    + *
  • {@code issuer-uri}
    • + *
  • {@code accepted-audience}
    • + *
+ */ +@AutoConfiguration +public class ResourceServerPropertiesAutoConfiguration { + + @Bean + @ConditionalOnProperty({ + "spring.security.oauth2.resourceserver.aad.issuer-uri", + "spring.security.oauth2.resourceserver.aad.accepted-audience" + }) + @ConditionalOnMissingBean + AzureAdResourceServerProperties azureAdResourceServerProperties( + @Value("${spring.security.oauth2.resourceserver.aad.issuer-uri}") String issuerUri, + @Value("${spring.security.oauth2.resourceserver.aad.accepted-audience}") List acceptedAudience + ) { + var azureAdResourceServerProperties = new AzureAdResourceServerProperties(); + azureAdResourceServerProperties.setIssuerUri(issuerUri); + azureAdResourceServerProperties.setAcceptedAudience(acceptedAudience); + return azureAdResourceServerProperties; + } + + @Bean + @Profile("test") + @ConditionalOnMissingBean + AzureAdResourceServerProperties azureAdResourceServerPropertiesTest( + ) { + return null; + } + + @Bean + @ConditionalOnProperty({ + "spring.security.oauth2.resourceserver.tokenx.issuer-uri", + "spring.security.oauth2.resourceserver.tokenx.accepted-audience" + }) + @ConditionalOnMissingBean + TokenxResourceServerProperties tokenxResourceServerProperties( + @Value("${spring.security.oauth2.resourceserver.tokenx.issuer-uri}") String issuerUri, + @Value("${spring.security.oauth2.resourceserver.tokenx.accepted-audience}") List acceptedAudience + ) { + var tokenxResourceServerProperties = new TokenxResourceServerProperties(); + tokenxResourceServerProperties.setIssuerUri(issuerUri); + tokenxResourceServerProperties.setAcceptedAudience(acceptedAudience); + return tokenxResourceServerProperties; + } + + @Bean + @Profile("test") + @ConditionalOnMissingBean + TokenxResourceServerProperties tokenxResourceServerPropertiesTest( + ) { + return null; + } + + @Bean + @ConditionalOnProperty({ + "spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri", + "spring.security.oauth2.resourceserver.trygdeetaten.accepted-audience" + }) + @ConditionalOnMissingBean + TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerProperties( + @Value("${spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri}") String issuerUri, + @Value("${spring.security.oauth2.resourceserver.trygdeetaten.accepted-audience}") List acceptedAudience + ) { + var trygdeetatenAzureAdResourceServerProperties = new TrygdeetatenAzureAdResourceServerProperties(); + trygdeetatenAzureAdResourceServerProperties.setIssuerUri(issuerUri); + trygdeetatenAzureAdResourceServerProperties.setAcceptedAudience(acceptedAudience); + return trygdeetatenAzureAdResourceServerProperties; + } + + @Bean + @Profile("test") + @ConditionalOnMissingBean + TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerPropertiesTest( + ) { + return null; + } + +} diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java index 20701fb76bb..b69bc06bea4 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java @@ -2,17 +2,12 @@ import no.nav.testnav.libs.securitycore.domain.ResourceServerType; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.context.annotation.Configuration; -@Configuration -@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.tokenx") -@ConditionalOnProperty("spring.security.oauth2.resourceserver.tokenx.issuer-uri") public class TokenxResourceServerProperties extends ResourceServerProperties { @Override public ResourceServerType getType() { return ResourceServerType.TOKEN_X; } + } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java index 106ff7bae5b..171d9b337be 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java @@ -1,13 +1,7 @@ package no.nav.testnav.libs.reactivesecurity.properties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.context.annotation.Configuration; -@Configuration -@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.trygdeetaten") -@ConditionalOnProperty("spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri") public class TrygdeetatenAzureAdResourceServerProperties extends ResourceServerProperties { @Override diff --git a/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports index 19107bc880b..4c68dc4507a 100644 --- a/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports +++ b/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -1,2 +1,4 @@ +no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedAutoConfiguration no.nav.testnav.libs.reactivesecurity.exchange.TokenServiceAutoConfiguration -no.nav.testnav.libs.reactivesecurity.jwt.ReactiveJwtAutoConfiguration \ No newline at end of file +no.nav.testnav.libs.reactivesecurity.jwt.ReactiveJwtAutoConfiguration +no.nav.testnav.libs.reactivesecurity.properties.ResourceServerPropertiesAutoConfiguration \ No newline at end of file diff --git a/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java b/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java deleted file mode 100644 index 8404d648b18..00000000000 --- a/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java +++ /dev/null @@ -1,17 +0,0 @@ -package no.nav.testnav.libs.reactivesessionsecurity.properties; - -import lombok.Getter; -import lombok.Setter; -import no.nav.testnav.libs.securitycore.domain.ResourceServerType; - -import java.util.List; - -@Getter -@Setter -public abstract class ResourceServerProperties { - private String issuerUri; - private String jwkSetUri; - private List acceptedAudience; - - public abstract ResourceServerType getType(); -} \ No newline at end of file diff --git a/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java b/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java index 859ba2f4b44..8f52a6504f2 100644 --- a/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java +++ b/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java @@ -9,9 +9,10 @@ @Getter @Setter public abstract class ResourceServerProperties { + private String issuerUri; - private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); + } \ No newline at end of file diff --git a/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java b/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java index fc38434dfe5..2c00f476ec6 100644 --- a/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java +++ b/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java @@ -9,9 +9,10 @@ @Getter @Setter public abstract class ResourceServerProperties { + private String issuerUri; - private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); + } \ No newline at end of file diff --git a/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java b/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java index c87a598db65..d808cfcdd7a 100644 --- a/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java +++ b/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java @@ -34,19 +34,14 @@ private static void configureForLocalProfile(Map properties) { log.info("Configuring environment for local profile using Secret Manager"); // Emulating NAIS provided environment variables. - properties.putIfAbsent("ALTINN_URL", "${sm\\://altinn-url}"); // Used by altinn3-tilgang-service only. properties.putIfAbsent("AZURE_APP_CLIENT_ID", "${sm\\://azure-app-client-id}"); properties.putIfAbsent("AZURE_APP_CLIENT_SECRET", "${sm\\://azure-app-client-secret}"); properties.putIfAbsent("AZURE_OPENID_CONFIG_ISSUER", "${sm\\://azure-openid-config-issuer}"); properties.putIfAbsent("AZURE_OPENID_CONFIG_TOKEN_ENDPOINT", "${sm\\://azure-openid-config-token-endpoint}"); - properties.putIfAbsent("CRYPTOGRAPHY_SECRET", DUMMY); // Used by bruker-service only. - properties.putIfAbsent("JWT_SECRET", DUMMY); // Used by bruker-service only. properties.putIfAbsent("MASKINPORTEN_CLIENT_ID", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_CLIENT_JWK", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_SCOPES", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_WELL_KNOWN_URL", "${sm\\://maskinporten-well-known-url}"); // Used by tenor-search-service and altinn3-tilgang-service only. - properties.putIfAbsent("SLACK_CHANNEL", DUMMY); // Used by tilbakemelding-api only. - properties.putIfAbsent("SLACK_TOKEN", DUMMY); // Used by tilbakemelding-api only. properties.putIfAbsent("TOKEN_X_ISSUER", "${sm\\://token-x-issuer}"); } @@ -65,12 +60,16 @@ private static void configureForTestProfile(Map properties) { "ALTINN_API_KEY", "ALTINN_URL", + "AZURE_APP_CLIENT_ID", + "AZURE_APP_CLIENT_SECRET", + "AZURE_NAV_APP_CLIENT_ID", + "AZURE_NAV_APP_CLIENT_SECRET", + "AZURE_NAV_OPENID_CONFIG_TOKEN_ENDPOINT", "AZURE_OPENID_CONFIG_ISSUER", "AZURE_OPENID_CONFIG_TOKEN_ENDPOINT", - "CRYPTOGRAPHY_SECRET", // Used by bruker-service only. - "IDPORTEN_CLIENT_ID", // Used by dolly-frontend only. - "IDPORTEN_CLIENT_JWK", // Used by dolly-frontend only. - "JWT_SECRET", // Used by bruker-service only. + "AZURE_TRYGDEETATEN_APP_CLIENT_ID", + "AZURE_TRYGDEETATEN_APP_CLIENT_SECRET", + "AZURE_TRYGDEETATEN_OPENID_CONFIG_TOKEN_ENDPOINT", "MASKINPORTEN_CLIENT_ID", "MASKINPORTEN_CLIENT_JWK", "MASKINPORTEN_SCOPES", diff --git a/mocks/tokendings-mock/src/main/resources/application.yml b/mocks/tokendings-mock/src/main/resources/application.yml index d1ff1941b4a..d13ac2f473c 100644 --- a/mocks/tokendings-mock/src/main/resources/application.yml +++ b/mocks/tokendings-mock/src/main/resources/application.yml @@ -1,3 +1,7 @@ spring: application: - name: tokendings-mock \ No newline at end of file + name: tokendings-mock + cloud: + gcp: + secretmanager: + enabled: false \ No newline at end of file diff --git a/plugins/java/src/main/groovy/dolly-apps.gradle b/plugins/java/src/main/groovy/dolly-apps.gradle index 446313b0c82..3db5694cd29 100644 --- a/plugins/java/src/main/groovy/dolly-apps.gradle +++ b/plugins/java/src/main/groovy/dolly-apps.gradle @@ -23,7 +23,6 @@ dependencies { implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" - implementation "no.nav.testnav.libs:testing" implementation "org.hibernate.validator:hibernate-validator" implementation "org.projectlombok:lombok" implementation "org.springframework.boot:spring-boot-starter-actuator" diff --git a/plugins/java/src/main/groovy/dolly-proxies.gradle b/plugins/java/src/main/groovy/dolly-proxies.gradle index cba8c898edb..49e56913c03 100644 --- a/plugins/java/src/main/groovy/dolly-proxies.gradle +++ b/plugins/java/src/main/groovy/dolly-proxies.gradle @@ -25,7 +25,6 @@ dependencies { implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-proxy" - implementation "no.nav.testnav.libs:testing" implementation "org.hibernate.validator:hibernate-validator" implementation "org.projectlombok:lombok" implementation "org.springframework.boot:spring-boot-starter-actuator" diff --git a/proxies/aareg-proxy/build.gradle b/proxies/aareg-proxy/build.gradle index bc14357ff77..e4cdb8c46a6 100644 --- a/proxies/aareg-proxy/build.gradle +++ b/proxies/aareg-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/aareg-proxy/src/main/resources/application.yml b/proxies/aareg-proxy/src/main/resources/application.yml index bfcfa930bac..48dfb6de3b1 100644 --- a/proxies/aareg-proxy/src/main/resources/application.yml +++ b/proxies/aareg-proxy/src/main/resources/application.yml @@ -6,7 +6,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/aareg-synt-services-proxy/build.gradle b/proxies/aareg-synt-services-proxy/build.gradle index 7d905e49431..8f455a7c2cf 100644 --- a/proxies/aareg-synt-services-proxy/build.gradle +++ b/proxies/aareg-synt-services-proxy/build.gradle @@ -7,4 +7,8 @@ sonarqube { property "sonar.projectKey", "aareg-synt-services-proxy" property "sonar.projectName", "aareg-synt-services-proxy" } +} + +dependencies { + implementation "no.nav.testnav.libs:testing" } \ No newline at end of file diff --git a/proxies/aareg-synt-services-proxy/src/main/resources/application.yml b/proxies/aareg-synt-services-proxy/src/main/resources/application.yml index 3df302f75c4..63e92dfbb43 100644 --- a/proxies/aareg-synt-services-proxy/src/main/resources/application.yml +++ b/proxies/aareg-synt-services-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/altinn3-tilgang-proxy/build.gradle b/proxies/altinn3-tilgang-proxy/build.gradle index 6ec916b1237..10a56b450ca 100644 --- a/proxies/altinn3-tilgang-proxy/build.gradle +++ b/proxies/altinn3-tilgang-proxy/build.gradle @@ -14,6 +14,7 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-proxy" implementation "no.nav.testnav.libs:servlet-insecure-security" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml b/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml index 1b447904a0e..d6f3df1bd1e 100644 --- a/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml +++ b/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arbeidsplassencv-proxy/build.gradle b/proxies/arbeidsplassencv-proxy/build.gradle index fbe4e0b832c..df1e87aec60 100644 --- a/proxies/arbeidsplassencv-proxy/build.gradle +++ b/proxies/arbeidsplassencv-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml b/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml index 396bd983fbb..7437efb3360 100644 --- a/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml +++ b/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arbeidssoekerregisteret-proxy/build.gradle b/proxies/arbeidssoekerregisteret-proxy/build.gradle index 0f2bb3608a1..e3354b645b6 100644 --- a/proxies/arbeidssoekerregisteret-proxy/build.gradle +++ b/proxies/arbeidssoekerregisteret-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml b/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml index 5c48fdc67e6..44cf41f4cc0 100644 --- a/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml +++ b/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arena-forvalteren-proxy/build.gradle b/proxies/arena-forvalteren-proxy/build.gradle index e4db3059397..f18cbc8785c 100644 --- a/proxies/arena-forvalteren-proxy/build.gradle +++ b/proxies/arena-forvalteren-proxy/build.gradle @@ -12,4 +12,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/arena-forvalteren-proxy/src/main/resources/application.yml b/proxies/arena-forvalteren-proxy/src/main/resources/application.yml index 6b83ff72acb..3d765103d0d 100644 --- a/proxies/arena-forvalteren-proxy/src/main/resources/application.yml +++ b/proxies/arena-forvalteren-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/batch-adeo-proxy/build.gradle b/proxies/batch-adeo-proxy/build.gradle index 12df8fce778..c06cd6698c9 100644 --- a/proxies/batch-adeo-proxy/build.gradle +++ b/proxies/batch-adeo-proxy/build.gradle @@ -8,3 +8,7 @@ sonarqube { property "sonar.projectName", "testnorge-batch-adeo-proxy" } } + +dependencies { + implementation "no.nav.testnav.libs:testing" +} diff --git a/proxies/batch-adeo-proxy/src/main/resources/application.yml b/proxies/batch-adeo-proxy/src/main/resources/application.yml index 8127a1a9ab8..539889845a8 100644 --- a/proxies/batch-adeo-proxy/src/main/resources/application.yml +++ b/proxies/batch-adeo-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/brregstub-proxy/build.gradle b/proxies/brregstub-proxy/build.gradle index 017d06d43ea..2139718e5fc 100644 --- a/proxies/brregstub-proxy/build.gradle +++ b/proxies/brregstub-proxy/build.gradle @@ -11,4 +11,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/brregstub-proxy/src/main/resources/application.yml b/proxies/brregstub-proxy/src/main/resources/application.yml index ec307da4b84..d76e621ed4e 100644 --- a/proxies/brregstub-proxy/src/main/resources/application.yml +++ b/proxies/brregstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/dokarkiv-proxy/build.gradle b/proxies/dokarkiv-proxy/build.gradle index a70fae5d3e5..f0521df929e 100644 --- a/proxies/dokarkiv-proxy/build.gradle +++ b/proxies/dokarkiv-proxy/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/dokarkiv-proxy/src/main/resources/application.yml b/proxies/dokarkiv-proxy/src/main/resources/application.yml index a68feea15c5..45f30d41cdb 100644 --- a/proxies/dokarkiv-proxy/src/main/resources/application.yml +++ b/proxies/dokarkiv-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/ereg-proxy/build.gradle b/proxies/ereg-proxy/build.gradle index baf9c76e4b9..9cd0b4b3634 100644 --- a/proxies/ereg-proxy/build.gradle +++ b/proxies/ereg-proxy/build.gradle @@ -8,3 +8,7 @@ sonarqube { property "sonar.projectName", "testnav-ereg-proxy" } } + +dependencies { + implementation "no.nav.testnav.libs:testing" +} diff --git a/proxies/ereg-proxy/src/main/resources/application.yml b/proxies/ereg-proxy/src/main/resources/application.yml index f08ac6a0323..dc0466df84a 100644 --- a/proxies/ereg-proxy/src/main/resources/application.yml +++ b/proxies/ereg-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/fullmakt-proxy/build.gradle b/proxies/fullmakt-proxy/build.gradle index dfc055280c0..d443c75dcd4 100644 --- a/proxies/fullmakt-proxy/build.gradle +++ b/proxies/fullmakt-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/histark-proxy/build.gradle b/proxies/histark-proxy/build.gradle index e77cab21cd2..260b23ab8bc 100644 --- a/proxies/histark-proxy/build.gradle +++ b/proxies/histark-proxy/build.gradle @@ -11,4 +11,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/histark-proxy/src/main/resources/application.yml b/proxies/histark-proxy/src/main/resources/application.yml index 98fb18c7983..b8c751f278d 100644 --- a/proxies/histark-proxy/src/main/resources/application.yml +++ b/proxies/histark-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/inntektstub-proxy/build.gradle b/proxies/inntektstub-proxy/build.gradle index 2b0947f58d0..4febca762cf 100644 --- a/proxies/inntektstub-proxy/build.gradle +++ b/proxies/inntektstub-proxy/build.gradle @@ -11,4 +11,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/inntektstub-proxy/src/main/resources/application.yml b/proxies/inntektstub-proxy/src/main/resources/application.yml index 58e31a734b6..a4e1d6c3a71 100644 --- a/proxies/inntektstub-proxy/src/main/resources/application.yml +++ b/proxies/inntektstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/inst-proxy/build.gradle b/proxies/inst-proxy/build.gradle index 001bbf62428..3560e67b8dc 100644 --- a/proxies/inst-proxy/build.gradle +++ b/proxies/inst-proxy/build.gradle @@ -13,4 +13,5 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" } \ No newline at end of file diff --git a/proxies/inst-proxy/src/main/resources/application.yml b/proxies/inst-proxy/src/main/resources/application.yml index 41c31d4446f..ecc17c9d286 100644 --- a/proxies/inst-proxy/src/main/resources/application.yml +++ b/proxies/inst-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/kontoregister-person-proxy/build.gradle b/proxies/kontoregister-person-proxy/build.gradle index 516d518b93a..97d57dc1540 100644 --- a/proxies/kontoregister-person-proxy/build.gradle +++ b/proxies/kontoregister-person-proxy/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/kontoregister-person-proxy/src/main/resources/application.yml b/proxies/kontoregister-person-proxy/src/main/resources/application.yml index efb36e9b16d..42ac63a3251 100644 --- a/proxies/kontoregister-person-proxy/src/main/resources/application.yml +++ b/proxies/kontoregister-person-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/krrstub-proxy/build.gradle b/proxies/krrstub-proxy/build.gradle index c1e2ce31706..750236e8d79 100644 --- a/proxies/krrstub-proxy/build.gradle +++ b/proxies/krrstub-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/krrstub-proxy/src/main/resources/application.yml b/proxies/krrstub-proxy/src/main/resources/application.yml index 2bb6c48a788..bda6590b667 100644 --- a/proxies/krrstub-proxy/src/main/resources/application.yml +++ b/proxies/krrstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/medl-proxy/build.gradle b/proxies/medl-proxy/build.gradle index 88115d2aa7b..fff39aab17a 100644 --- a/proxies/medl-proxy/build.gradle +++ b/proxies/medl-proxy/build.gradle @@ -12,6 +12,7 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/medl-proxy/src/main/resources/application.yml b/proxies/medl-proxy/src/main/resources/application.yml index 5917152982f..47b6ae0d411 100644 --- a/proxies/medl-proxy/src/main/resources/application.yml +++ b/proxies/medl-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/norg2-proxy/build.gradle b/proxies/norg2-proxy/build.gradle index 414d34ac1e3..6851bb606f9 100644 --- a/proxies/norg2-proxy/build.gradle +++ b/proxies/norg2-proxy/build.gradle @@ -11,4 +11,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/norg2-proxy/src/main/resources/application.yml b/proxies/norg2-proxy/src/main/resources/application.yml index 6524f4f2ff6..e440f3fb8ff 100644 --- a/proxies/norg2-proxy/src/main/resources/application.yml +++ b/proxies/norg2-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/pdl-proxy/build.gradle b/proxies/pdl-proxy/build.gradle index b88f07def05..53aeea80b10 100644 --- a/proxies/pdl-proxy/build.gradle +++ b/proxies/pdl-proxy/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/pdl-proxy/src/main/resources/application.yml b/proxies/pdl-proxy/src/main/resources/application.yml index 3ceee0ee89f..670f0a384bc 100644 --- a/proxies/pdl-proxy/src/main/resources/application.yml +++ b/proxies/pdl-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/pensjon-testdata-facade-proxy/build.gradle b/proxies/pensjon-testdata-facade-proxy/build.gradle index c4710ef518d..8e6a15b8f00 100644 --- a/proxies/pensjon-testdata-facade-proxy/build.gradle +++ b/proxies/pensjon-testdata-facade-proxy/build.gradle @@ -13,6 +13,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml index c9e0eaaebf1..04650326219 100644 --- a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml +++ b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} cloud: gateway: httpclient: diff --git a/proxies/saf-proxy/build.gradle b/proxies/saf-proxy/build.gradle index ceba6e612a2..0584ef5f32e 100644 --- a/proxies/saf-proxy/build.gradle +++ b/proxies/saf-proxy/build.gradle @@ -13,4 +13,5 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/saf-proxy/src/main/resources/application.yml b/proxies/saf-proxy/src/main/resources/application.yml index f487b0a263f..48f28386541 100644 --- a/proxies/saf-proxy/src/main/resources/application.yml +++ b/proxies/saf-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/sigrunstub-proxy/build.gradle b/proxies/sigrunstub-proxy/build.gradle index b6c1e5e936a..e0dd09380c0 100644 --- a/proxies/sigrunstub-proxy/build.gradle +++ b/proxies/sigrunstub-proxy/build.gradle @@ -11,4 +11,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/sigrunstub-proxy/src/main/resources/application.yml b/proxies/sigrunstub-proxy/src/main/resources/application.yml index 0f6542d1626..e7837bc80a6 100644 --- a/proxies/sigrunstub-proxy/src/main/resources/application.yml +++ b/proxies/sigrunstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/skjermingsregister-proxy/build.gradle b/proxies/skjermingsregister-proxy/build.gradle index 920b573d608..b7c6c17e61a 100644 --- a/proxies/skjermingsregister-proxy/build.gradle +++ b/proxies/skjermingsregister-proxy/build.gradle @@ -10,9 +10,10 @@ sonarqube { } dependencies { - implementation 'no.nav.testnav.libs:security-core' - implementation 'no.nav.testnav.libs:reactive-security' + implementation "no.nav.testnav.libs:testing" implementation 'no.nav.testnav.libs:data-transfer-objects' + implementation 'no.nav.testnav.libs:reactive-security' + implementation 'no.nav.testnav.libs:security-core' testImplementation 'org.springframework.security:spring-security-test' } diff --git a/proxies/skjermingsregister-proxy/src/main/resources/application.yml b/proxies/skjermingsregister-proxy/src/main/resources/application.yml index 2f08d4b8909..a5f98abea94 100644 --- a/proxies/skjermingsregister-proxy/src/main/resources/application.yml +++ b/proxies/skjermingsregister-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/sykemelding-proxy/build.gradle b/proxies/sykemelding-proxy/build.gradle index 748b5a264f1..77ba5d43b4e 100644 --- a/proxies/sykemelding-proxy/build.gradle +++ b/proxies/sykemelding-proxy/build.gradle @@ -10,9 +10,10 @@ sonarqube { } dependencies { - implementation 'no.nav.testnav.libs:security-core' - implementation 'no.nav.testnav.libs:reactive-security' - implementation 'no.nav.testnav.libs:data-transfer-objects' + implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" - testImplementation 'org.springframework.security:spring-security-test' + testImplementation "org.springframework.security:spring-security-test" } diff --git a/proxies/synthdata-meldekort-proxy/build.gradle b/proxies/synthdata-meldekort-proxy/build.gradle index 66ce73cf9ae..5123d9432b0 100644 --- a/proxies/synthdata-meldekort-proxy/build.gradle +++ b/proxies/synthdata-meldekort-proxy/build.gradle @@ -19,6 +19,7 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } \ No newline at end of file diff --git a/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml b/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml index 8d9b1938bb0..81e3c4d967b 100644 --- a/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml +++ b/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: trygdeetaten: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} codec: max-in-memory-size: 15MB cloud: diff --git a/proxies/udistub-proxy/build.gradle b/proxies/udistub-proxy/build.gradle index e309c212e92..c60013cd596 100644 --- a/proxies/udistub-proxy/build.gradle +++ b/proxies/udistub-proxy/build.gradle @@ -10,7 +10,8 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:data-transfer-objects" + implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/udistub-proxy/src/main/resources/application.yml b/proxies/udistub-proxy/src/main/resources/application.yml index 7964c5d4848..ba26d48bd34 100644 --- a/proxies/udistub-proxy/src/main/resources/application.yml +++ b/proxies/udistub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/yrkesskade-proxy/build.gradle b/proxies/yrkesskade-proxy/build.gradle index 8ed97fe8337..d306c2a1907 100644 --- a/proxies/yrkesskade-proxy/build.gradle +++ b/proxies/yrkesskade-proxy/build.gradle @@ -12,4 +12,5 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/yrkesskade-proxy/src/main/resources/application.yml b/proxies/yrkesskade-proxy/src/main/resources/application.yml index 62a44b12d4f..39cd187f4ec 100644 --- a/proxies/yrkesskade-proxy/src/main/resources/application.yml +++ b/proxies/yrkesskade-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} cloud: gateway: httpclient: From ab7d11db90b9effefba8c4fff2681f39325b8e3d Mon Sep 17 00:00:00 2001 From: Cato Olsen Date: Wed, 26 Feb 2025 23:19:39 +0100 Subject: [PATCH 09/13] Revert "bugfix/getgeneratedresourceservertype_npe (#3773)" This reverts commit ce5f305bf8f0482551f638cd94c44ae195f3de41. --- .github/workflows/common.integration-test.yml | 3 +- .github/workflows/integration-tests.yml | 2 - apps/adresse-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/altinn3-tilgang-service/build.gradle | 1 - .../src/main/resources/application-local.yml | 1 - apps/amelding-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/app-tilgang-analyse-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/arbeidsforhold-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/batch-bestilling-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/brreg-stub/build.gradle | 1 - apps/bruker-service/build.gradle | 1 - .../src/main/resources/application-local.yml | 2 - .../src/test/resources/application-test.yml | 3 - apps/budpro-service/build.gradle | 1 - apps/dolly-backend/build.gradle | 66 ++++++----- apps/dolly-backend/settings.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/dolly-frontend/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../src/test/resources/application-test.yml | 2 - apps/dollystatus/build.gradle | 2 - apps/endringsmelding-frontend/build.gradle | 5 +- apps/endringsmelding-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/faste-data-frontend/build.gradle | 5 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/generer-navn-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/helsepersonell-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/inntektsmelding-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../jenkins-batch-status-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/joark-dokument-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/kodeverk-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 7 +- .../settings.gradle | 4 +- .../src/main/resources/application.yml | 2 +- apps/miljoer-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/organisasjon-forvalter/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/organisasjon-mottak-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/organisasjon-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/orgnummer-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/oversikt-frontend/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/pdl-forvalter/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/person-faste-data-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/person-search-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/person-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/profil-api/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/skattekort-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/sykemelding-api/build.gradle | 1 - apps/synt-sykemelding-api/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/tenor-search-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/testnav-ident-pool/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- apps/tilbakemelding-api/build.gradle | 1 - .../src/main/resources/application-local.yml | 3 - .../src/main/resources/application.yml | 2 +- apps/tps-messaging-service/build.gradle | 1 - apps/udi-stub/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../src/main/resources/logback-spring.xml | 2 - apps/varslinger-service/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- docker-compose.yml | 3 - .../GetAuthenticatedAutoConfiguration.java | 49 --------- .../GetAuthenticatedResourceServerType.java | 43 ++++---- .../action/GetAuthenticatedToken.java | 11 +- .../action/GetAuthenticatedUserId.java | 23 ++-- .../reactivesecurity/action/JwtResolver.java | 11 +- .../action/JwtResolverException.java | 9 ++ .../action/Oauth2Resolver.java | 35 ++++++ .../TokenServiceAutoConfiguration.java | 43 +++++++- .../azuread/AzureNavTokenService.java | 1 - .../exchange/azuread/AzureTokenService.java | 1 - .../AzureTrygdeetatenTokenService.java | 1 - .../AzureAdResourceServerProperties.java | 7 +- .../properties/ResourceServerProperties.java | 3 +- ...urceServerPropertiesAutoConfiguration.java | 103 ------------------ .../TokenxResourceServerProperties.java | 7 +- ...etatenAzureAdResourceServerProperties.java | 6 + ...ot.autoconfigure.AutoConfiguration.imports | 4 +- .../properties/ResourceServerProperties.java | 17 +++ .../properties/ResourceServerProperties.java | 3 +- .../properties/ResourceServerProperties.java | 3 +- ...ironmentApplicationContextInitializer.java | 17 +-- .../src/main/resources/application.yml | 6 +- .../java/src/main/groovy/dolly-apps.gradle | 1 + .../java/src/main/groovy/dolly-proxies.gradle | 1 + proxies/aareg-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../aareg-synt-services-proxy/build.gradle | 4 - .../src/main/resources/application.yml | 2 +- proxies/altinn3-tilgang-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/arbeidsplassencv-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/arena-forvalteren-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/batch-adeo-proxy/build.gradle | 4 - .../src/main/resources/application.yml | 2 +- proxies/brregstub-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/dokarkiv-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/ereg-proxy/build.gradle | 4 - .../src/main/resources/application.yml | 2 +- proxies/fullmakt-proxy/build.gradle | 1 - proxies/histark-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/inntektstub-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/inst-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../kontoregister-person-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/krrstub-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/medl-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/norg2-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/pdl-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- .../build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/saf-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/sigrunstub-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/skjermingsregister-proxy/build.gradle | 5 +- .../src/main/resources/application.yml | 2 +- proxies/sykemelding-proxy/build.gradle | 9 +- .../synthdata-meldekort-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- proxies/udistub-proxy/build.gradle | 5 +- .../src/main/resources/application.yml | 2 +- proxies/yrkesskade-proxy/build.gradle | 1 - .../src/main/resources/application.yml | 2 +- 184 files changed, 300 insertions(+), 454 deletions(-) delete mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java create mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolverException.java create mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/Oauth2Resolver.java delete mode 100644 libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java create mode 100644 libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java diff --git a/.github/workflows/common.integration-test.yml b/.github/workflows/common.integration-test.yml index a0fc560f8a9..8246c29c8d2 100644 --- a/.github/workflows/common.integration-test.yml +++ b/.github/workflows/common.integration-test.yml @@ -41,7 +41,8 @@ jobs: - name: "Health check" timeout-minutes: 5 run: | - bash -c 'while true; do status=$(curl --connect-timeout 2 -s -o /dev/null -w ''%{http_code}'' ${{ inputs.healthcheck }}); if [ "$status" -eq 200 ]; then echo Service is up; break; else echo "HTTP status: $status"; sleep 5; fi; done;' + echo Wait on service... + bash -c 'while [[ "$(curl --connect-timeout 2 -s -o /dev/null -w ''%{http_code}'' ${{ inputs.healthcheck }})" != "200" ]]; do echo ...; sleep 5; done; echo Service is up;' - name: "Run integration tests" uses: gradle/actions/setup-gradle@v3 with: diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 4543a7ca9cd..e7f6e7bb121 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -2,8 +2,6 @@ name: Integration Tests on: push: paths: - - ".github/workflows/common.integration-test.yml" - - ".github/workflows/integration-tests.yml" - "apps/altinn3-tilgang-service/**" - "apps/bruker-service/**" - "mocks/maskinporten-mock/**" diff --git a/apps/adresse-service/build.gradle b/apps/adresse-service/build.gradle index 930229aed1f..3ce1a306707 100644 --- a/apps/adresse-service/build.gradle +++ b/apps/adresse-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/adresse-service/src/main/resources/application.yml b/apps/adresse-service/src/main/resources/application.yml index f8e6d566064..9b742cb296e 100644 --- a/apps/adresse-service/src/main/resources/application.yml +++ b/apps/adresse-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/altinn3-tilgang-service/build.gradle b/apps/altinn3-tilgang-service/build.gradle index e119bd6550e..cf1162f4ca0 100644 --- a/apps/altinn3-tilgang-service/build.gradle +++ b/apps/altinn3-tilgang-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/altinn3-tilgang-service/src/main/resources/application-local.yml b/apps/altinn3-tilgang-service/src/main/resources/application-local.yml index 14aefd2f0bb..c5b0c3f2556 100644 --- a/apps/altinn3-tilgang-service/src/main/resources/application-local.yml +++ b/apps/altinn3-tilgang-service/src/main/resources/application-local.yml @@ -1,4 +1,3 @@ -ALTINN_URL: ${sm\://azure-openid-config-token-endpoint} MASKINPORTEN_CLIENT_ID: ef2960de-7fa6-4396-80a5-2eca00e4af28 MASKINPORTEN_SCOPES: altinn:resourceregistry/accesslist.read altinn:resourceregistry/accesslist.write altinn:accessmanagement/authorizedparties.resourceowner diff --git a/apps/amelding-service/build.gradle b/apps/amelding-service/build.gradle index a3c8b11228e..cbe63f5c3c0 100644 --- a/apps/amelding-service/build.gradle +++ b/apps/amelding-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/amelding-service/src/main/resources/application.yml b/apps/amelding-service/src/main/resources/application.yml index 7d2b487d7b3..2ee2afe36e4 100644 --- a/apps/amelding-service/src/main/resources/application.yml +++ b/apps/amelding-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/app-tilgang-analyse-service/build.gradle b/apps/app-tilgang-analyse-service/build.gradle index 44bcccfe361..aabf1cef55e 100644 --- a/apps/app-tilgang-analyse-service/build.gradle +++ b/apps/app-tilgang-analyse-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/app-tilgang-analyse-service/src/main/resources/application.yml b/apps/app-tilgang-analyse-service/src/main/resources/application.yml index a5e560b2ad7..b9c6c9f0aab 100644 --- a/apps/app-tilgang-analyse-service/src/main/resources/application.yml +++ b/apps/app-tilgang-analyse-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/arbeidsforhold-service/build.gradle b/apps/arbeidsforhold-service/build.gradle index 232680b1ac2..d63025e02c3 100644 --- a/apps/arbeidsforhold-service/build.gradle +++ b/apps/arbeidsforhold-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/arbeidsforhold-service/src/main/resources/application.yml b/apps/arbeidsforhold-service/src/main/resources/application.yml index 99aafa1f5d4..226cff6e713 100644 --- a/apps/arbeidsforhold-service/src/main/resources/application.yml +++ b/apps/arbeidsforhold-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/batch-bestilling-service/build.gradle b/apps/batch-bestilling-service/build.gradle index 02ce90d9971..fd98618053d 100644 --- a/apps/batch-bestilling-service/build.gradle +++ b/apps/batch-bestilling-service/build.gradle @@ -18,7 +18,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/batch-bestilling-service/src/main/resources/application.yml b/apps/batch-bestilling-service/src/main/resources/application.yml index b7796a56618..abd377c1c07 100644 --- a/apps/batch-bestilling-service/src/main/resources/application.yml +++ b/apps/batch-bestilling-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/brreg-stub/build.gradle b/apps/brreg-stub/build.gradle index 235490c398d..bc61e6fc95b 100644 --- a/apps/brreg-stub/build.gradle +++ b/apps/brreg-stub/build.gradle @@ -27,7 +27,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:vault" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-web-services" diff --git a/apps/bruker-service/build.gradle b/apps/bruker-service/build.gradle index f183040ae28..d968fb66030 100644 --- a/apps/bruker-service/build.gradle +++ b/apps/bruker-service/build.gradle @@ -27,7 +27,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/bruker-service/src/main/resources/application-local.yml b/apps/bruker-service/src/main/resources/application-local.yml index b5ba988c8b6..03ed912b26a 100644 --- a/apps/bruker-service/src/main/resources/application-local.yml +++ b/apps/bruker-service/src/main/resources/application-local.yml @@ -1,5 +1,3 @@ -CRYPTOGRAPHY_SECRET: dummy -JWT_SECRET: dummy TOKEN_X_CLIENT_ID: dev-gcp:dolly:testnav-bruker-service-dev spring: diff --git a/apps/bruker-service/src/test/resources/application-test.yml b/apps/bruker-service/src/test/resources/application-test.yml index b9d16b83133..cf96147fb34 100644 --- a/apps/bruker-service/src/test/resources/application-test.yml +++ b/apps/bruker-service/src/test/resources/application-test.yml @@ -1,6 +1,3 @@ -CRYPTOGRAPHY_SECRET: dummy -JWT_SECRET: dummy - spring: flyway: url: jdbc:h2:mem:testdb diff --git a/apps/budpro-service/build.gradle b/apps/budpro-service/build.gradle index 2b9d223ff1f..4fc43f98721 100644 --- a/apps/budpro-service/build.gradle +++ b/apps/budpro-service/build.gradle @@ -10,7 +10,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/dolly-backend/build.gradle b/apps/dolly-backend/build.gradle index 8aadfe7b669..3984b2d70ed 100644 --- a/apps/dolly-backend/build.gradle +++ b/apps/dolly-backend/build.gradle @@ -10,56 +10,54 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:servlet-core" - implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:data-transfer-search-objects" - implementation "no.nav.testnav.libs:reactive-core" - implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:testing" + implementation 'no.nav.testnav.libs:servlet-core' + implementation 'no.nav.testnav.libs:servlet-security' + implementation 'no.nav.testnav.libs:servlet-insecure-security' + implementation 'no.nav.testnav.libs:security-core' + implementation 'no.nav.testnav.libs:data-transfer-objects' + implementation 'no.nav.testnav.libs:data-transfer-search-objects' + implementation 'no.nav.testnav.libs:reactive-core' implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" - implementation "org.springframework.boot:spring-boot-starter-web" - implementation "org.springframework.boot:spring-boot-starter-oauth2-client" - implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" - implementation "org.springframework.boot:spring-boot-starter-data-jpa" - implementation "org.springframework.boot:spring-boot-starter-security" - implementation "org.springframework.boot:spring-boot-starter-validation" - implementation "org.springframework.retry:spring-retry" + implementation 'org.springframework.boot:spring-boot-starter-web' + implementation 'org.springframework.boot:spring-boot-starter-oauth2-client' + implementation 'org.springframework.boot:spring-boot-starter-oauth2-resource-server' + implementation 'org.springframework.boot:spring-boot-starter-data-jpa' + implementation 'org.springframework.boot:spring-boot-starter-security' + implementation 'org.springframework.boot:spring-boot-starter-validation' + implementation 'org.springframework.retry:spring-retry' - implementation "org.springframework.boot:spring-boot-starter-data-elasticsearch" + implementation 'org.springframework.boot:spring-boot-starter-data-elasticsearch' implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" - implementation "org.apache.commons:commons-lang3" - implementation "org.springframework.boot:spring-boot-starter-cache" - implementation "com.github.ben-manes.caffeine:caffeine" + implementation 'org.apache.commons:commons-lang3' + implementation 'org.springframework.boot:spring-boot-starter-cache' + implementation 'com.github.ben-manes.caffeine:caffeine' - implementation "org.ehcache:ehcache:3.10.8" + implementation 'org.ehcache:ehcache:3.10.8' implementation "com.fasterxml.jackson.core:jackson-core:$versions.jackson" - implementation "org.postgresql:postgresql" - implementation "org.flywaydb:flyway-core" - implementation "org.flywaydb:flyway-database-postgresql" + implementation 'org.postgresql:postgresql' + implementation 'org.flywaydb:flyway-core' + implementation 'org.flywaydb:flyway-database-postgresql' implementation "ma.glasnost.orika:orika-core:$versions.orika" - implementation "org.codehaus.jettison:jettison:1.5.4" + implementation 'org.codehaus.jettison:jettison:1.5.4' implementation "org.apache.poi:poi:$versions.apachePoi" implementation "org.apache.poi:poi-ooxml:$versions.apachePoi" - testImplementation "org.opensearch:opensearch-testcontainers:2.1.2" + testImplementation 'org.opensearch:opensearch-testcontainers:2.1.2' - testImplementation "org.springframework.security:spring-security-test" - testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" - testImplementation "com.h2database:h2" + testImplementation 'org.springframework.security:spring-security-test' + testImplementation 'org.springframework.cloud:spring-cloud-contract-wiremock' + testImplementation 'com.h2database:h2' testImplementation "io.projectreactor:reactor-test:$versions.reactorTest" - testImplementation "org.testcontainers:junit-jupiter" - testImplementation "org.springframework.boot:spring-boot-testcontainers" - testImplementation "org.testcontainers:postgresql" - testImplementation "org.bitbucket.b_c:jose4j:0.9.6" + testImplementation 'org.testcontainers:junit-jupiter' + testImplementation 'org.springframework.boot:spring-boot-testcontainers' + testImplementation 'org.testcontainers:postgresql' + testImplementation 'org.bitbucket.b_c:jose4j:0.9.6' - implementation "net.java.dev.jna:jna:5.14.0" + implementation 'net.java.dev.jna:jna:5.14.0' } \ No newline at end of file diff --git a/apps/dolly-backend/settings.gradle b/apps/dolly-backend/settings.gradle index a37687bbf94..5b948edcd1f 100644 --- a/apps/dolly-backend/settings.gradle +++ b/apps/dolly-backend/settings.gradle @@ -9,7 +9,6 @@ includeBuild "../../plugins/java" includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/data-transfer-search-objects" includeBuild "../../libs/reactive-core" -includeBuild "../../libs/reactive-security" includeBuild "../../libs/security-core" includeBuild "../../libs/servlet-core" includeBuild "../../libs/servlet-insecure-security" diff --git a/apps/dolly-backend/src/main/resources/application.yml b/apps/dolly-backend/src/main/resources/application.yml index 798817b2517..6e8bfedc134 100644 --- a/apps/dolly-backend/src/main/resources/application.yml +++ b/apps/dolly-backend/src/main/resources/application.yml @@ -44,7 +44,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} jackson: parser: include-source-in-location: true diff --git a/apps/dolly-frontend/build.gradle b/apps/dolly-frontend/build.gradle index 0e51a299073..6240eedefc0 100644 --- a/apps/dolly-frontend/build.gradle +++ b/apps/dolly-frontend/build.gradle @@ -26,7 +26,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:reactive-session-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" // Session implementation "redis.clients:jedis:5.2.0" diff --git a/apps/dolly-frontend/src/main/resources/application.yml b/apps/dolly-frontend/src/main/resources/application.yml index 2d791fbaa4b..1ef770e5b00 100644 --- a/apps/dolly-frontend/src/main/resources/application.yml +++ b/apps/dolly-frontend/src/main/resources/application.yml @@ -14,7 +14,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/dolly-frontend/src/test/resources/application-test.yml b/apps/dolly-frontend/src/test/resources/application-test.yml index b5eb20eece4..e69de29bb2d 100644 --- a/apps/dolly-frontend/src/test/resources/application-test.yml +++ b/apps/dolly-frontend/src/test/resources/application-test.yml @@ -1,2 +0,0 @@ -IDPORTEN_CLIENT_ID: dummy -IDPORTEN_CLIENT_JWK: dummy \ No newline at end of file diff --git a/apps/dollystatus/build.gradle b/apps/dollystatus/build.gradle index 1c654af12e1..b8a85394b88 100644 --- a/apps/dollystatus/build.gradle +++ b/apps/dollystatus/build.gradle @@ -11,7 +11,5 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:testing" - implementation 'org.springframework.boot:spring-boot-starter-web' } diff --git a/apps/endringsmelding-frontend/build.gradle b/apps/endringsmelding-frontend/build.gradle index 52875516b51..e3940d5fc48 100644 --- a/apps/endringsmelding-frontend/build.gradle +++ b/apps/endringsmelding-frontend/build.gradle @@ -18,6 +18,8 @@ configurations { } dependencies { + implementation "io.grpc:grpc-netty:$versions.grpc" + implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" implementation("no.nav.testnav.libs:reactive-session-security") { @@ -27,10 +29,9 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } - implementation "no.nav.testnav.libs:testing" - implementation "io.grpc:grpc-netty:$versions.grpc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" + implementation "org.springframework.cloud:spring-cloud-starter-gateway" testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" diff --git a/apps/endringsmelding-service/build.gradle b/apps/endringsmelding-service/build.gradle index 7a5085afa4a..2ebc0d36af5 100644 --- a/apps/endringsmelding-service/build.gradle +++ b/apps/endringsmelding-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/endringsmelding-service/src/main/resources/application.yml b/apps/endringsmelding-service/src/main/resources/application.yml index cae88d56332..59b3813236c 100644 --- a/apps/endringsmelding-service/src/main/resources/application.yml +++ b/apps/endringsmelding-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/faste-data-frontend/build.gradle b/apps/faste-data-frontend/build.gradle index 256be3873d2..f960e48dd39 100644 --- a/apps/faste-data-frontend/build.gradle +++ b/apps/faste-data-frontend/build.gradle @@ -18,6 +18,8 @@ configurations { } dependencies { + implementation "io.grpc:grpc-netty:$versions.grpc" + implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-frontend" implementation("no.nav.testnav.libs:reactive-session-security") { @@ -27,10 +29,9 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } - implementation "no.nav.testnav.libs:testing" - implementation "io.grpc:grpc-netty:$versions.grpc" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" + implementation "org.springframework.cloud:spring-cloud-starter-gateway" testImplementation "org.springframework.cloud:spring-cloud-contract-wiremock" diff --git a/apps/generer-arbeidsforhold-populasjon-service/build.gradle b/apps/generer-arbeidsforhold-populasjon-service/build.gradle index 54c4e17cb22..cfa772f62d0 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/build.gradle +++ b/apps/generer-arbeidsforhold-populasjon-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml index 449000c7d24..3fc8e4bea97 100644 --- a/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml +++ b/apps/generer-arbeidsforhold-populasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-navn-service/build.gradle b/apps/generer-navn-service/build.gradle index 3ad4f100fc9..96007c01cea 100644 --- a/apps/generer-navn-service/build.gradle +++ b/apps/generer-navn-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/generer-navn-service/src/main/resources/application.yml b/apps/generer-navn-service/src/main/resources/application.yml index 942b29ed7f8..f50592c4259 100644 --- a/apps/generer-navn-service/src/main/resources/application.yml +++ b/apps/generer-navn-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-organisasjon-populasjon-service/build.gradle b/apps/generer-organisasjon-populasjon-service/build.gradle index c4fb89b1ec9..301249239a6 100644 --- a/apps/generer-organisasjon-populasjon-service/build.gradle +++ b/apps/generer-organisasjon-populasjon-service/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml b/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml index b7bc4e02b39..dddddbefe55 100644 --- a/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml +++ b/apps/generer-organisasjon-populasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/generer-synt-amelding-service/build.gradle b/apps/generer-synt-amelding-service/build.gradle index 17e8df431cf..4ea869df5d5 100644 --- a/apps/generer-synt-amelding-service/build.gradle +++ b/apps/generer-synt-amelding-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/generer-synt-amelding-service/src/main/resources/application.yml b/apps/generer-synt-amelding-service/src/main/resources/application.yml index 820d4f2a08b..a45951abdff 100644 --- a/apps/generer-synt-amelding-service/src/main/resources/application.yml +++ b/apps/generer-synt-amelding-service/src/main/resources/application.yml @@ -9,7 +9,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/helsepersonell-service/build.gradle b/apps/helsepersonell-service/build.gradle index b05edacb6bd..5a86c7a8f3c 100644 --- a/apps/helsepersonell-service/build.gradle +++ b/apps/helsepersonell-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/helsepersonell-service/src/main/resources/application.yml b/apps/helsepersonell-service/src/main/resources/application.yml index 4fec57bde8f..21ea5b1a259 100644 --- a/apps/helsepersonell-service/src/main/resources/application.yml +++ b/apps/helsepersonell-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/inntektsmelding-generator-service/build.gradle b/apps/inntektsmelding-generator-service/build.gradle index 4db9b3660ab..d0220df6669 100644 --- a/apps/inntektsmelding-generator-service/build.gradle +++ b/apps/inntektsmelding-generator-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/inntektsmelding-generator-service/src/main/resources/application.yml b/apps/inntektsmelding-generator-service/src/main/resources/application.yml index 4a7dc158c67..2e9697d655d 100644 --- a/apps/inntektsmelding-generator-service/src/main/resources/application.yml +++ b/apps/inntektsmelding-generator-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/inntektsmelding-service/build.gradle b/apps/inntektsmelding-service/build.gradle index 26d1ddbfb16..328840a81c3 100644 --- a/apps/inntektsmelding-service/build.gradle +++ b/apps/inntektsmelding-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/inntektsmelding-service/src/main/resources/application.yml b/apps/inntektsmelding-service/src/main/resources/application.yml index 78c313fe281..adabbd20f19 100644 --- a/apps/inntektsmelding-service/src/main/resources/application.yml +++ b/apps/inntektsmelding-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/jenkins-batch-status-service/build.gradle b/apps/jenkins-batch-status-service/build.gradle index 6979650f6ce..bd05c64823b 100644 --- a/apps/jenkins-batch-status-service/build.gradle +++ b/apps/jenkins-batch-status-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/jenkins-batch-status-service/src/main/resources/application.yml b/apps/jenkins-batch-status-service/src/main/resources/application.yml index 06be6a3f0fe..c09b76ed0d5 100644 --- a/apps/jenkins-batch-status-service/src/main/resources/application.yml +++ b/apps/jenkins-batch-status-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/joark-dokument-service/build.gradle b/apps/joark-dokument-service/build.gradle index 7dbd10dab9d..790106881d9 100644 --- a/apps/joark-dokument-service/build.gradle +++ b/apps/joark-dokument-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/joark-dokument-service/src/main/resources/application.yml b/apps/joark-dokument-service/src/main/resources/application.yml index 84755000dce..477720a9894 100644 --- a/apps/joark-dokument-service/src/main/resources/application.yml +++ b/apps/joark-dokument-service/src/main/resources/application.yml @@ -15,7 +15,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/kodeverk-service/build.gradle b/apps/kodeverk-service/build.gradle index a5efabcbe81..37b4afe3181 100644 --- a/apps/kodeverk-service/build.gradle +++ b/apps/kodeverk-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/kodeverk-service/src/main/resources/application.yml b/apps/kodeverk-service/src/main/resources/application.yml index 35636c9e60b..8560362169b 100644 --- a/apps/kodeverk-service/src/main/resources/application.yml +++ b/apps/kodeverk-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/levende-arbeidsforhold-ansettelse/build.gradle b/apps/levende-arbeidsforhold-ansettelse/build.gradle index 645c2f5d9fd..f0a24a7410d 100644 --- a/apps/levende-arbeidsforhold-ansettelse/build.gradle +++ b/apps/levende-arbeidsforhold-ansettelse/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-r2dbc" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml index f4c9a3d2b3b..538e98af0ae 100644 --- a/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-ansettelse/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} flyway: locations: classpath:db/migration enabled: true diff --git a/apps/levende-arbeidsforhold-scheduler/build.gradle b/apps/levende-arbeidsforhold-scheduler/build.gradle index e252168474e..f0cc5802adc 100644 --- a/apps/levende-arbeidsforhold-scheduler/build.gradle +++ b/apps/levende-arbeidsforhold-scheduler/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-quartz" diff --git a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml index e990c09338f..dbf213cd6ce 100644 --- a/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-scheduler/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/levende-arbeidsforhold-service/build.gradle b/apps/levende-arbeidsforhold-service/build.gradle index 823edbb1aba..d5e6a11f670 100644 --- a/apps/levende-arbeidsforhold-service/build.gradle +++ b/apps/levende-arbeidsforhold-service/build.gradle @@ -10,6 +10,9 @@ sonarqube { } dependencies { + implementation "io.confluent:kafka-avro-serializer:$versions.avroSerializer" + implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" + implementation "no.nav.testnav.libs:avro-schema" implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:kafka-config" @@ -17,12 +20,10 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" - implementation "io.confluent:kafka-avro-serializer:$versions.avroSerializer" - implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger" implementation "org.apache.kafka:kafka-clients:$versions.apacheKafka" implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" + implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/levende-arbeidsforhold-service/settings.gradle b/apps/levende-arbeidsforhold-service/settings.gradle index 71d9e5977ac..4bd0975147b 100644 --- a/apps/levende-arbeidsforhold-service/settings.gradle +++ b/apps/levende-arbeidsforhold-service/settings.gradle @@ -5,13 +5,13 @@ plugins { rootProject.name = "levende-arbeidsforhold-service" includeBuild "../../libs/avro-schema" -includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/kafka-config" +includeBuild "../../libs/testing" +includeBuild "../../libs/data-transfer-objects" includeBuild "../../libs/reactive-core" includeBuild "../../libs/security-core" includeBuild "../../libs/servlet-core" includeBuild "../../libs/servlet-insecure-security" -includeBuild "../../libs/testing" develocity { buildScan { diff --git a/apps/levende-arbeidsforhold-service/src/main/resources/application.yml b/apps/levende-arbeidsforhold-service/src/main/resources/application.yml index 1d7926e10da..bde3afafb81 100644 --- a/apps/levende-arbeidsforhold-service/src/main/resources/application.yml +++ b/apps/levende-arbeidsforhold-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} kafka: consumer: group-id: testnav-levende-arbeidsforhold-service diff --git a/apps/miljoer-service/build.gradle b/apps/miljoer-service/build.gradle index 3345c19b12f..ea53e959c2d 100644 --- a/apps/miljoer-service/build.gradle +++ b/apps/miljoer-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/miljoer-service/src/main/resources/application.yml b/apps/miljoer-service/src/main/resources/application.yml index b7d615aefde..ba046b9b166 100644 --- a/apps/miljoer-service/src/main/resources/application.yml +++ b/apps/miljoer-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/oppsummeringsdokument-service/build.gradle b/apps/oppsummeringsdokument-service/build.gradle index a0de4982a5d..53d2b548a79 100644 --- a/apps/oppsummeringsdokument-service/build.gradle +++ b/apps/oppsummeringsdokument-service/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.xsd:arbeidsforhold-xsd" - implementation "no.nav.testnav.libs:testing" implementation "com.fasterxml.jackson.dataformat:jackson-dataformat-xml" diff --git a/apps/oppsummeringsdokument-service/src/main/resources/application.yml b/apps/oppsummeringsdokument-service/src/main/resources/application.yml index 5243d12e5f8..a49b4ce5f22 100644 --- a/apps/oppsummeringsdokument-service/src/main/resources/application.yml +++ b/apps/oppsummeringsdokument-service/src/main/resources/application.yml @@ -4,7 +4,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} application: name: oppsummeringsdokument-service description: Tjeneste for å sende inn oppsummeringsdokument til aareg og søke i innsendte oppsummeringsdokumenter. diff --git a/apps/organisasjon-bestilling-service/build.gradle b/apps/organisasjon-bestilling-service/build.gradle index 0bdc1cb3ee7..ea8c74c4e49 100644 --- a/apps/organisasjon-bestilling-service/build.gradle +++ b/apps/organisasjon-bestilling-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/organisasjon-bestilling-service/src/main/resources/application.yml b/apps/organisasjon-bestilling-service/src/main/resources/application.yml index 3ee70507ad5..54e9361c619 100644 --- a/apps/organisasjon-bestilling-service/src/main/resources/application.yml +++ b/apps/organisasjon-bestilling-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/organisasjon-faste-data-service/build.gradle b/apps/organisasjon-faste-data-service/build.gradle index eb6c75c1918..d4cc105df58 100644 --- a/apps/organisasjon-faste-data-service/build.gradle +++ b/apps/organisasjon-faste-data-service/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/organisasjon-faste-data-service/src/main/resources/application.yml b/apps/organisasjon-faste-data-service/src/main/resources/application.yml index 2899efe8df9..620350af387 100644 --- a/apps/organisasjon-faste-data-service/src/main/resources/application.yml +++ b/apps/organisasjon-faste-data-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/organisasjon-forvalter/build.gradle b/apps/organisasjon-forvalter/build.gradle index 398122e8fee..1fb8803fd77 100644 --- a/apps/organisasjon-forvalter/build.gradle +++ b/apps/organisasjon-forvalter/build.gradle @@ -22,7 +22,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-web" diff --git a/apps/organisasjon-forvalter/src/main/resources/application.yml b/apps/organisasjon-forvalter/src/main/resources/application.yml index 6ae92ebecac..bf9978fbd94 100644 --- a/apps/organisasjon-forvalter/src/main/resources/application.yml +++ b/apps/organisasjon-forvalter/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/organisasjon-mottak-service/build.gradle b/apps/organisasjon-mottak-service/build.gradle index a5605299aa8..220373f5089 100644 --- a/apps/organisasjon-mottak-service/build.gradle +++ b/apps/organisasjon-mottak-service/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/organisasjon-mottak-service/src/main/resources/application.yml b/apps/organisasjon-mottak-service/src/main/resources/application.yml index 21f878de592..697afc71e4c 100644 --- a/apps/organisasjon-mottak-service/src/main/resources/application.yml +++ b/apps/organisasjon-mottak-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/organisasjon-service/build.gradle b/apps/organisasjon-service/build.gradle index 2d6ea6c665c..3df14ba3559 100644 --- a/apps/organisasjon-service/build.gradle +++ b/apps/organisasjon-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/organisasjon-service/src/main/resources/application.yml b/apps/organisasjon-service/src/main/resources/application.yml index 4f5619ac476..3b8bdf59f81 100644 --- a/apps/organisasjon-service/src/main/resources/application.yml +++ b/apps/organisasjon-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/orgnummer-service/build.gradle b/apps/orgnummer-service/build.gradle index 735d1e0c98c..1df3d299209 100644 --- a/apps/orgnummer-service/build.gradle +++ b/apps/orgnummer-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/orgnummer-service/src/main/resources/application.yml b/apps/orgnummer-service/src/main/resources/application.yml index 94509373e18..6fca4621d27 100644 --- a/apps/orgnummer-service/src/main/resources/application.yml +++ b/apps/orgnummer-service/src/main/resources/application.yml @@ -10,7 +10,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: dev-gcp:dolly:testnav-orgnummer-service diff --git a/apps/oversikt-frontend/build.gradle b/apps/oversikt-frontend/build.gradle index d37b2d5822a..5e50676ce88 100644 --- a/apps/oversikt-frontend/build.gradle +++ b/apps/oversikt-frontend/build.gradle @@ -20,7 +20,6 @@ dependencies { implementation("no.nav.testnav.libs:security-core") { exclude group: "org.springframework.session", module: "spring-session-data-redis" } - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.cloud:spring-cloud-starter-gateway" diff --git a/apps/oversikt-frontend/src/main/resources/application.yml b/apps/oversikt-frontend/src/main/resources/application.yml index 04ccbd221c0..4a5600397d2 100644 --- a/apps/oversikt-frontend/src/main/resources/application.yml +++ b/apps/oversikt-frontend/src/main/resources/application.yml @@ -4,7 +4,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} diff --git a/apps/pdl-forvalter/build.gradle b/apps/pdl-forvalter/build.gradle index ab10ad1279d..73b74c911c1 100644 --- a/apps/pdl-forvalter/build.gradle +++ b/apps/pdl-forvalter/build.gradle @@ -20,7 +20,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/pdl-forvalter/src/main/resources/application.yml b/apps/pdl-forvalter/src/main/resources/application.yml index 5894fa1f8b7..eb06623452c 100644 --- a/apps/pdl-forvalter/src/main/resources/application.yml +++ b/apps/pdl-forvalter/src/main/resources/application.yml @@ -41,7 +41,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/person-faste-data-service/build.gradle b/apps/person-faste-data-service/build.gradle index 2b18e57f16a..90effeb93fa 100644 --- a/apps/person-faste-data-service/build.gradle +++ b/apps/person-faste-data-service/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/person-faste-data-service/src/main/resources/application.yml b/apps/person-faste-data-service/src/main/resources/application.yml index 45fdf63c8f9..6b5a3494897 100644 --- a/apps/person-faste-data-service/src/main/resources/application.yml +++ b/apps/person-faste-data-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: dev-gcp:dolly:testnav-person-faste-data-service diff --git a/apps/person-search-service/build.gradle b/apps/person-search-service/build.gradle index b56e456f3e2..7fb6dbcb708 100644 --- a/apps/person-search-service/build.gradle +++ b/apps/person-search-service/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-elasticsearch" implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" diff --git a/apps/person-search-service/src/main/resources/application.yml b/apps/person-search-service/src/main/resources/application.yml index 89ae1646179..0e7f6440491 100644 --- a/apps/person-search-service/src/main/resources/application.yml +++ b/apps/person-search-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/person-service/build.gradle b/apps/person-service/build.gradle index 2ce944201a9..60ed4e286c2 100644 --- a/apps/person-service/build.gradle +++ b/apps/person-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/person-service/src/main/resources/application.yml b/apps/person-service/src/main/resources/application.yml index 4b77cd0a65f..aaaf77bf2b4 100644 --- a/apps/person-service/src/main/resources/application.yml +++ b/apps/person-service/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} jackson: serialization: write_dates_as_timestamps: false diff --git a/apps/profil-api/build.gradle b/apps/profil-api/build.gradle index 23932ab9838..6a06c4236a6 100644 --- a/apps/profil-api/build.gradle +++ b/apps/profil-api/build.gradle @@ -15,7 +15,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/profil-api/src/main/resources/application.yml b/apps/profil-api/src/main/resources/application.yml index 5809abe4591..f414c6d8f50 100644 --- a/apps/profil-api/src/main/resources/application.yml +++ b/apps/profil-api/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/skattekort-service/build.gradle b/apps/skattekort-service/build.gradle index a277d93478e..c9ba8298fac 100644 --- a/apps/skattekort-service/build.gradle +++ b/apps/skattekort-service/build.gradle @@ -27,7 +27,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/skattekort-service/src/main/resources/application.yml b/apps/skattekort-service/src/main/resources/application.yml index 195fade91c6..1d3a3af3c76 100644 --- a/apps/skattekort-service/src/main/resources/application.yml +++ b/apps/skattekort-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/sykemelding-api/build.gradle b/apps/sykemelding-api/build.gradle index cbb59f63251..bbfe33929d2 100644 --- a/apps/sykemelding-api/build.gradle +++ b/apps/sykemelding-api/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/synt-sykemelding-api/build.gradle b/apps/synt-sykemelding-api/build.gradle index 5d1e6d3324f..d0822af1c9e 100644 --- a/apps/synt-sykemelding-api/build.gradle +++ b/apps/synt-sykemelding-api/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/synt-sykemelding-api/src/main/resources/application.yml b/apps/synt-sykemelding-api/src/main/resources/application.yml index 196a8229a63..aee3d690ac4 100644 --- a/apps/synt-sykemelding-api/src/main/resources/application.yml +++ b/apps/synt-sykemelding-api/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/synt-vedtakshistorikk-service/build.gradle b/apps/synt-vedtakshistorikk-service/build.gradle index 732aeddab21..93b257d3563 100644 --- a/apps/synt-vedtakshistorikk-service/build.gradle +++ b/apps/synt-vedtakshistorikk-service/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-web" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" diff --git a/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml b/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml index 0086630fc1a..822d79cd6f7 100644 --- a/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml +++ b/apps/synt-vedtakshistorikk-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/tenor-search-service/build.gradle b/apps/tenor-search-service/build.gradle index fc3a17baec1..da1b52e4ad7 100644 --- a/apps/tenor-search-service/build.gradle +++ b/apps/tenor-search-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/tenor-search-service/src/main/resources/application.yml b/apps/tenor-search-service/src/main/resources/application.yml index 720f4d6cb92..719d051eda8 100644 --- a/apps/tenor-search-service/src/main/resources/application.yml +++ b/apps/tenor-search-service/src/main/resources/application.yml @@ -8,7 +8,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/testnav-ident-pool/build.gradle b/apps/testnav-ident-pool/build.gradle index d3042f49769..d60cee6397a 100644 --- a/apps/testnav-ident-pool/build.gradle +++ b/apps/testnav-ident-pool/build.gradle @@ -18,7 +18,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-insecure-security" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/testnav-ident-pool/src/main/resources/application.yml b/apps/testnav-ident-pool/src/main/resources/application.yml index 1b8b5f1a876..cfbe7200e50 100644 --- a/apps/testnav-ident-pool/src/main/resources/application.yml +++ b/apps/testnav-ident-pool/src/main/resources/application.yml @@ -43,7 +43,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/testnorge-statisk-data-forvalter/build.gradle b/apps/testnorge-statisk-data-forvalter/build.gradle index 1b99d32f5e6..6d4e1d0c37b 100644 --- a/apps/testnorge-statisk-data-forvalter/build.gradle +++ b/apps/testnorge-statisk-data-forvalter/build.gradle @@ -21,7 +21,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "no.nav.testnav.libs:vault" implementation "org.springframework.kafka:spring-kafka" diff --git a/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml b/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml index ae07af84a08..b2e5797c322 100644 --- a/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml +++ b/apps/testnorge-statisk-data-forvalter/src/main/resources/application.yml @@ -13,7 +13,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/tilbakemelding-api/build.gradle b/apps/tilbakemelding-api/build.gradle index 7c215a05ab8..927a20d322d 100644 --- a/apps/tilbakemelding-api/build.gradle +++ b/apps/tilbakemelding-api/build.gradle @@ -16,7 +16,6 @@ dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" implementation "no.nav.testnav.libs:slack" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" implementation "org.springframework.boot:spring-boot-starter-security" diff --git a/apps/tilbakemelding-api/src/main/resources/application-local.yml b/apps/tilbakemelding-api/src/main/resources/application-local.yml index f2b70d36692..9c7acce458c 100644 --- a/apps/tilbakemelding-api/src/main/resources/application-local.yml +++ b/apps/tilbakemelding-api/src/main/resources/application-local.yml @@ -1,6 +1,3 @@ -SLACK_CHANNEL: dummy -SLACK_TOKEN: dummy - consumers: profil-api: url: https://testnorge-profil-api.intern.dev.nav.no diff --git a/apps/tilbakemelding-api/src/main/resources/application.yml b/apps/tilbakemelding-api/src/main/resources/application.yml index 895d51671ce..e0e648809ae 100644 --- a/apps/tilbakemelding-api/src/main/resources/application.yml +++ b/apps/tilbakemelding-api/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/apps/tps-messaging-service/build.gradle b/apps/tps-messaging-service/build.gradle index 6d44b0b9b4b..5cae62ac557 100644 --- a/apps/tps-messaging-service/build.gradle +++ b/apps/tps-messaging-service/build.gradle @@ -18,7 +18,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "no.nav.repository.fellesreg.tpsws:nav-repository-fellesregister-castor-tps-s018-domain:$versions.navFellesregister" implementation "no.nav.repository.fellesreg.tpsws:nav-repository-fellesregister-jaxb-tps-m201-domain:$versions.navFellesregister" diff --git a/apps/udi-stub/build.gradle b/apps/udi-stub/build.gradle index 53a0ca6aaa9..1490a7c89f9 100644 --- a/apps/udi-stub/build.gradle +++ b/apps/udi-stub/build.gradle @@ -23,7 +23,6 @@ configurations { dependencies { implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "no.nav.testnav.libs:vault" implementation "com.sun.xml.ws:jaxws-rt:$versions.jaxws" diff --git a/apps/udi-stub/src/main/resources/application.yml b/apps/udi-stub/src/main/resources/application.yml index dcb18f5ecee..e8c4b285c1b 100644 --- a/apps/udi-stub/src/main/resources/application.yml +++ b/apps/udi-stub/src/main/resources/application.yml @@ -18,7 +18,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} springdoc: swagger-ui: diff --git a/apps/udi-stub/src/main/resources/logback-spring.xml b/apps/udi-stub/src/main/resources/logback-spring.xml index a17fd9b8e5a..f49b192e253 100644 --- a/apps/udi-stub/src/main/resources/logback-spring.xml +++ b/apps/udi-stub/src/main/resources/logback-spring.xml @@ -3,8 +3,6 @@ - true - -1 true diff --git a/apps/varslinger-service/build.gradle b/apps/varslinger-service/build.gradle index 4c7c5fed68e..2c5ab0be9c0 100644 --- a/apps/varslinger-service/build.gradle +++ b/apps/varslinger-service/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:servlet-core" implementation "no.nav.testnav.libs:servlet-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-data-jpa" implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server" diff --git a/apps/varslinger-service/src/main/resources/application.yml b/apps/varslinger-service/src/main/resources/application.yml index f9dbbcdfd7f..0743cf2025c 100644 --- a/apps/varslinger-service/src/main/resources/application.yml +++ b/apps/varslinger-service/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/docker-compose.yml b/docker-compose.yml index 365d3007fbb..5454a01f6db 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,7 +9,6 @@ services: context: ./apps/altinn3-tilgang-service environment: - ALTINN_URL=http//altinn:8080 - - AZURE_APP_CLIENT_ID=dummy - AZURE_OPENID_CONFIG_ISSUER=dummy - JAVA_TOOL_OPTIONS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 - MASKINPORTEN_CLIENT_ID=dummy @@ -17,7 +16,6 @@ services: - MASKINPORTEN_SCOPES=altinn:resourceregistry/accesslist.read altinn:resourceregistry/accesslist.write altinn:accessmanagement/authorizedparties.resourceowner - MASKINPORTEN_WELL_KNOWN_URL=http://maskinporten:8080 - SPRING_PROFILES_ACTIVE=virtual - - TOKEN_X_CLIENT_ID=dev-gcp:dolly:testnav-altinn3-tilgang-service - TOKEN_X_ISSUER=http://tokendings:8080 - TOKEN_X_PRIVATE_JWK=${JWK} ports: @@ -63,7 +61,6 @@ services: build: context: ./apps/bruker-service environment: - - AZURE_APP_CLIENT_ID=dummy - AZURE_OPENID_CONFIG_ISSUER=dummy - CRYPTOGRAPHY_SECRET=dummy - JAVA_TOOL_OPTIONS=-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005 diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java deleted file mode 100644 index a3c33573182..00000000000 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedAutoConfiguration.java +++ /dev/null @@ -1,49 +0,0 @@ -package no.nav.testnav.libs.reactivesecurity.action; - -import no.nav.testnav.libs.reactivesecurity.properties.AzureAdResourceServerProperties; -import no.nav.testnav.libs.reactivesecurity.properties.ResourceServerProperties; -import no.nav.testnav.libs.reactivesecurity.properties.TokenxResourceServerProperties; -import no.nav.testnav.libs.reactivesecurity.properties.TrygdeetatenAzureAdResourceServerProperties; -import org.springframework.boot.autoconfigure.AutoConfiguration; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.context.annotation.Bean; -import org.springframework.lang.Nullable; - -import java.util.ArrayList; - -@AutoConfiguration -public class GetAuthenticatedAutoConfiguration { - - @Bean - @ConditionalOnMissingBean - GetAuthenticatedResourceServerType getAuthenticatedResourceServerType( - @Nullable AzureAdResourceServerProperties azureAdResourceServerProperties, - @Nullable TokenxResourceServerProperties tokenxResourceServerProperties, - @Nullable TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerProperties - ) { - var list = new ArrayList(3); - if (azureAdResourceServerProperties != null) { - list.add(azureAdResourceServerProperties); - } - if (tokenxResourceServerProperties != null) { - list.add(tokenxResourceServerProperties); - } - if (trygdeetatenAzureAdResourceServerProperties != null) { - list.add(trygdeetatenAzureAdResourceServerProperties); - } - return new GetAuthenticatedResourceServerType(list); - } - - @Bean - @ConditionalOnMissingBean - GetAuthenticatedToken getAuthenticatedToken(GetAuthenticatedResourceServerType getAuthenticatedResourceServerType) { - return new GetAuthenticatedToken(getAuthenticatedResourceServerType); - } - - @Bean - @ConditionalOnMissingBean - GetAuthenticatedUserId getAuthenticatedUserId(GetAuthenticatedResourceServerType getAuthenticatedResourceServerType) { - return new GetAuthenticatedUserId(getAuthenticatedResourceServerType); - } - -} diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java index e4a2ab06b52..ada4a4d6068 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedResourceServerType.java @@ -5,37 +5,38 @@ import no.nav.testnav.libs.reactivesecurity.properties.ResourceServerProperties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; -import org.springframework.security.oauth2.jwt.JwtClaimAccessor; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; +import org.springframework.stereotype.Component; import reactor.core.publisher.Mono; import java.util.List; import java.util.Optional; import java.util.concurrent.Callable; +@Component @RequiredArgsConstructor @Slf4j public class GetAuthenticatedResourceServerType extends JwtResolver implements Callable> { private final List resourceServerProperties; - private Optional getResourceTypeFrom(JwtAuthenticationToken token) { + private Optional getResourceTypeForm(JwtAuthenticationToken token) { return resourceServerProperties .stream() .filter(properties -> { if (token == null) { - log.warn("Token is null"); - } else if (token.getToken() == null) { - log.warn("Token.getToken() is null"); - } else if (token.getToken().getIssuer() == null) { - log.warn("Token.getToken().getIssuer() is null"); + log.error("Token is null"); } - return Optional - .ofNullable(token) - .map(JwtAuthenticationToken::getToken) - .map(JwtClaimAccessor::getIssuer) - .map(issuerFromToken -> issuerFromToken.toString().equalsIgnoreCase(properties.getIssuerUri())) - .orElse(false); + if (token.getToken() == null) { + log.error("Token.getToken() is null"); + } + if (token.getToken().getIssuer() == null) { + log.error("Token.getToken().getIssuer() is null"); + } + log.info("Configured issuer, token issuer: {}, {}", properties.getIssuerUri(), token.getToken().getIssuer().toString()); + return properties + .getIssuerUri() + .equalsIgnoreCase(token.getToken().getIssuer().toString()); }) .findFirst() .map(ResourceServerProperties::getType); @@ -45,20 +46,16 @@ private Optional getResourceTypeFrom(JwtAuthenticationToken public Mono call() { return getJwtAuthenticationToken() - .onErrorResume(EmptyReactiveSecurityContextException.class, exception -> { - log.error("Failed to get JWT token", exception); - return Mono.empty(); - }) + .onErrorResume(JwtResolverException.class, throwable -> Mono.empty()) .flatMap(authentication -> { - if (authentication instanceof JwtAuthenticationToken token) { - return Mono.justOrEmpty(getResourceTypeFrom(token)); - } - if (authentication instanceof OAuth2AuthenticationToken) { + if (authentication instanceof JwtAuthenticationToken jwtAuthenticationTokentoken) { + return getResourceTypeForm(jwtAuthenticationTokentoken) + .map(Mono::just) + .orElseGet(Mono::empty); + } else if (authentication instanceof OAuth2AuthenticationToken) { return Mono.just(ResourceServerType.TOKEN_X); } return Mono.empty(); }); - } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java index c0ca5ab5201..c69106248ed 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedToken.java @@ -1,12 +1,22 @@ package no.nav.testnav.libs.reactivesecurity.action; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; import no.nav.testnav.libs.securitycore.domain.Token; +import org.springframework.http.HttpStatus; +import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; +import org.springframework.stereotype.Component; +import org.springframework.web.server.ResponseStatusException; import reactor.core.publisher.Mono; +import java.time.Instant; import java.util.concurrent.Callable; +@Component +@Slf4j @RequiredArgsConstructor public class GetAuthenticatedToken extends JwtResolver implements Callable> { @@ -35,5 +45,4 @@ public Mono call() { .build()); }); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java index 24cb659afdb..b0636ee9c7d 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/GetAuthenticatedUserId.java @@ -1,12 +1,16 @@ package no.nav.testnav.libs.reactivesecurity.action; import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; +import org.springframework.stereotype.Component; import reactor.core.publisher.Mono; import java.util.concurrent.Callable; +@Slf4j +@Component @RequiredArgsConstructor public class GetAuthenticatedUserId extends JwtResolver implements Callable> { @@ -23,21 +27,20 @@ public Mono call() { } private Mono getTokenAttribute(String attribute) { + return getJwtAuthenticationToken() .map(authentication -> + switch (authentication) { - case JwtAuthenticationToken jwtAuthenticationToken -> jwtAuthenticationToken - .getTokenAttributes() - .get(attribute) - .toString(); - case OAuth2AuthenticationToken oauth2AuthenticationToken -> oauth2AuthenticationToken - .getPrincipal() - .getAttributes() - .get("pid") - .toString(); + + case JwtAuthenticationToken jwtAuthenticationToken -> + jwtAuthenticationToken.getTokenAttributes().get(attribute).toString(); + + case OAuth2AuthenticationToken oauth2AuthenticationToken -> + oauth2AuthenticationToken.getPrincipal().getAttributes().get("pid").toString(); + default -> ""; } ); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolver.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolver.java index 77a2e52b2ca..5b19c554aa1 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolver.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolver.java @@ -12,17 +12,8 @@ abstract class JwtResolver { Mono getJwtAuthenticationToken() { return ReactiveSecurityContextHolder .getContext() - .switchIfEmpty(Mono.error(new EmptyReactiveSecurityContextException())) + .switchIfEmpty(Mono.error(new JwtResolverException("ReactiveSecurityContext is empty"))) .doOnNext(context -> log.info("JwtResolver context.authentication {} {}", context.getAuthentication().getClass().getCanonicalName(), context.getAuthentication())) .map(SecurityContext::getAuthentication); } - - static class EmptyReactiveSecurityContextException extends IllegalStateException { - - EmptyReactiveSecurityContextException() { - super(); - } - - } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolverException.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolverException.java new file mode 100644 index 00000000000..bcaef662c36 --- /dev/null +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/JwtResolverException.java @@ -0,0 +1,9 @@ +package no.nav.testnav.libs.reactivesecurity.action; + +public class JwtResolverException extends IllegalStateException { + + JwtResolverException(String s) { + super(s); + } + +} \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/Oauth2Resolver.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/Oauth2Resolver.java new file mode 100644 index 00000000000..68dac390a55 --- /dev/null +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/action/Oauth2Resolver.java @@ -0,0 +1,35 @@ +package no.nav.testnav.libs.reactivesecurity.action; + +import lombok.experimental.UtilityClass; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.authentication.CredentialsExpiredException; +import org.springframework.security.core.context.ReactiveSecurityContextHolder; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; +import org.springframework.security.oauth2.jwt.Jwt; +import reactor.core.publisher.Mono; + +import java.time.Instant; +import java.time.ZonedDateTime; + +@Slf4j +@UtilityClass +public class Oauth2Resolver { + + public static Mono getOauth2AuthenticationToken() { + return ReactiveSecurityContextHolder + .getContext() + .switchIfEmpty(Mono.error(new JwtResolverException("ReactiveSecurityContext is empty"))) + .doOnNext(context -> log.info("Oauth2Resolver context.authentication {} {}", context.getAuthentication().getClass().getCanonicalName(), context.getAuthentication())) + .map(SecurityContext::getAuthentication) + .map(OAuth2AuthenticationToken.class::cast) + .doOnError(throwable -> log.warn("Klarte ikke hente Jwt Auth Token", throwable)) + .doOnSuccess(jwtAuthenticationToken -> { + Jwt credentials = (Jwt) jwtAuthenticationToken.getCredentials(); + Instant expiresAt = credentials.getExpiresAt(); + if (expiresAt == null || expiresAt.isBefore(ZonedDateTime.now().toInstant().plusSeconds(120))) { + throw new CredentialsExpiredException("Jwt er utløpt eller utløper innen kort tid"); + } + }); + } +} diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java index e63e16fc9fa..f33c6c1f0f0 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/TokenServiceAutoConfiguration.java @@ -3,24 +3,37 @@ import com.fasterxml.jackson.databind.ObjectMapper; import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedToken; import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedUserId; -import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureNavTokenService; import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureTokenService; +import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureNavTokenService; import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureTrygdeetatenTokenService; import no.nav.testnav.libs.securitycore.domain.azuread.*; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Primary; +import org.springframework.context.annotation.Profile; +import org.springframework.util.Assert; -@AutoConfiguration +@AutoConfiguration(after = ClientCredentialAutoConfiguration.class) public class TokenServiceAutoConfiguration { @Value("${HTTP_PROXY:#{null}}") private String httpProxy; + @Primary + @Bean + @Profile("test") + AzureTokenService azureAdTokenServiceTest( + AzureClientCredential clientCredential, + GetAuthenticatedToken getAuthenticatedToken + ) { + return new AzureTokenService(null, clientCredential, getAuthenticatedToken); + } + @Bean @ConditionalOnDollyApplicationConfiguredForAzure - @ConditionalOnMissingBean + @ConditionalOnMissingBean(AzureTokenService.class) AzureTokenService azureAdTokenService( AzureClientCredential clientCredential, GetAuthenticatedToken getAuthenticatedToken @@ -28,18 +41,38 @@ AzureTokenService azureAdTokenService( return new AzureTokenService(httpProxy, clientCredential, getAuthenticatedToken); } + @Primary + @Bean + @Profile("test") + AzureNavTokenService azureNavTokenServiceTest( + AzureNavClientCredential azureNavClientCredential + ) { + return new AzureNavTokenService(null, azureNavClientCredential); + } + @Bean @ConditionalOnDollyApplicationConfiguredForNav - @ConditionalOnMissingBean + @ConditionalOnMissingBean(AzureNavTokenService.class) AzureNavTokenService azureNavTokenService( AzureNavClientCredential azureNavClientCredential ) { return new AzureNavTokenService(httpProxy, azureNavClientCredential); } + @Primary + @Bean + @Profile("test") + AzureTrygdeetatenTokenService trygdeetatenAzureAdTokenServiceTest( + AzureTrygdeetatenClientCredential clientCredential, + GetAuthenticatedUserId getAuthenticatedUserId, + ObjectMapper objectMapper + ) { + return new AzureTrygdeetatenTokenService(null, clientCredential, getAuthenticatedUserId, objectMapper); + } + @Bean @ConditionalOnDollyApplicationConfiguredForTrygdeetaten - @ConditionalOnMissingBean + @ConditionalOnMissingBean(AzureTrygdeetatenTokenService.class) AzureTrygdeetatenTokenService trygdeetatenAzureAdTokenService( AzureTrygdeetatenClientCredential clientCredential, GetAuthenticatedUserId getAuthenticatedUserId, diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java index d78522699b2..ea7001cafd8 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureNavTokenService.java @@ -64,5 +64,4 @@ public Mono exchange(ServerProperties serverProperties) { ).call(); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java index 29240eb5c3a..e2a93dd9abf 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTokenService.java @@ -97,5 +97,4 @@ private Mono generateOnBehalfOfAccessToken(Token token, ServerPrope token ).call(); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java index 8223ccb7a7c..a6fae4111f7 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/exchange/azuread/AzureTrygdeetatenTokenService.java @@ -114,5 +114,4 @@ private boolean expires(AccessToken accessToken) { .minusSeconds(300) .isBefore(Instant.now()); } - } diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java index 1fa2c8e5dbe..b2921be6aa1 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/AzureAdResourceServerProperties.java @@ -1,12 +1,17 @@ package no.nav.testnav.libs.reactivesecurity.properties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; +@Configuration +@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.aad") +@ConditionalOnProperty("spring.security.oauth2.resourceserver.aad.issuer-uri") public class AzureAdResourceServerProperties extends ResourceServerProperties { @Override public ResourceServerType getType() { return ResourceServerType.AZURE_AD; } - } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java index 2712024cccb..d4b1cb40b34 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerProperties.java @@ -9,10 +9,9 @@ @Getter @Setter public abstract class ResourceServerProperties { - private String issuerUri; + private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); - } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java deleted file mode 100644 index 0b187e20d54..00000000000 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/ResourceServerPropertiesAutoConfiguration.java +++ /dev/null @@ -1,103 +0,0 @@ -package no.nav.testnav.libs.reactivesecurity.properties; - -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.autoconfigure.AutoConfiguration; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Profile; - -import java.util.List; - -// TODO: Configuration such as spring.security.oauth2.resourceserver is not part of the Spring framework, and should be moved to separate configuration, such as dolly.oauth2 or similar. - -/** - * Auto configuration for resource server properties, e.g. configuration under {@code spring.security.oauth2.resourceserver}. - * Supported properties are: - *
    - *
  • {@code spring.security.oauth2.resourceserver.aad}
    • - *
  • {@code spring.security.oauth2.resourceserver.tokenx}
    • - *
  • {@code spring.security.oauth2.resourceserver.trygdeetaten}
    • - *
- * which may each have the following properties: - *
    - *
  • {@code issuer-uri}
    • - *
  • {@code accepted-audience}
    • - *
- */ -@AutoConfiguration -public class ResourceServerPropertiesAutoConfiguration { - - @Bean - @ConditionalOnProperty({ - "spring.security.oauth2.resourceserver.aad.issuer-uri", - "spring.security.oauth2.resourceserver.aad.accepted-audience" - }) - @ConditionalOnMissingBean - AzureAdResourceServerProperties azureAdResourceServerProperties( - @Value("${spring.security.oauth2.resourceserver.aad.issuer-uri}") String issuerUri, - @Value("${spring.security.oauth2.resourceserver.aad.accepted-audience}") List acceptedAudience - ) { - var azureAdResourceServerProperties = new AzureAdResourceServerProperties(); - azureAdResourceServerProperties.setIssuerUri(issuerUri); - azureAdResourceServerProperties.setAcceptedAudience(acceptedAudience); - return azureAdResourceServerProperties; - } - - @Bean - @Profile("test") - @ConditionalOnMissingBean - AzureAdResourceServerProperties azureAdResourceServerPropertiesTest( - ) { - return null; - } - - @Bean - @ConditionalOnProperty({ - "spring.security.oauth2.resourceserver.tokenx.issuer-uri", - "spring.security.oauth2.resourceserver.tokenx.accepted-audience" - }) - @ConditionalOnMissingBean - TokenxResourceServerProperties tokenxResourceServerProperties( - @Value("${spring.security.oauth2.resourceserver.tokenx.issuer-uri}") String issuerUri, - @Value("${spring.security.oauth2.resourceserver.tokenx.accepted-audience}") List acceptedAudience - ) { - var tokenxResourceServerProperties = new TokenxResourceServerProperties(); - tokenxResourceServerProperties.setIssuerUri(issuerUri); - tokenxResourceServerProperties.setAcceptedAudience(acceptedAudience); - return tokenxResourceServerProperties; - } - - @Bean - @Profile("test") - @ConditionalOnMissingBean - TokenxResourceServerProperties tokenxResourceServerPropertiesTest( - ) { - return null; - } - - @Bean - @ConditionalOnProperty({ - "spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri", - "spring.security.oauth2.resourceserver.trygdeetaten.accepted-audience" - }) - @ConditionalOnMissingBean - TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerProperties( - @Value("${spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri}") String issuerUri, - @Value("${spring.security.oauth2.resourceserver.trygdeetaten.accepted-audience}") List acceptedAudience - ) { - var trygdeetatenAzureAdResourceServerProperties = new TrygdeetatenAzureAdResourceServerProperties(); - trygdeetatenAzureAdResourceServerProperties.setIssuerUri(issuerUri); - trygdeetatenAzureAdResourceServerProperties.setAcceptedAudience(acceptedAudience); - return trygdeetatenAzureAdResourceServerProperties; - } - - @Bean - @Profile("test") - @ConditionalOnMissingBean - TrygdeetatenAzureAdResourceServerProperties trygdeetatenAzureAdResourceServerPropertiesTest( - ) { - return null; - } - -} diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java index b69bc06bea4..20701fb76bb 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TokenxResourceServerProperties.java @@ -2,12 +2,17 @@ import no.nav.testnav.libs.securitycore.domain.ResourceServerType; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; +@Configuration +@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.tokenx") +@ConditionalOnProperty("spring.security.oauth2.resourceserver.tokenx.issuer-uri") public class TokenxResourceServerProperties extends ResourceServerProperties { @Override public ResourceServerType getType() { return ResourceServerType.TOKEN_X; } - } \ No newline at end of file diff --git a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java index 171d9b337be..106ff7bae5b 100644 --- a/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java +++ b/libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/properties/TrygdeetatenAzureAdResourceServerProperties.java @@ -1,7 +1,13 @@ package no.nav.testnav.libs.reactivesecurity.properties; import no.nav.testnav.libs.securitycore.domain.ResourceServerType; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; +@Configuration +@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver.trygdeetaten") +@ConditionalOnProperty("spring.security.oauth2.resourceserver.trygdeetaten.issuer-uri") public class TrygdeetatenAzureAdResourceServerProperties extends ResourceServerProperties { @Override diff --git a/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports index 4c68dc4507a..19107bc880b 100644 --- a/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports +++ b/libs/reactive-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -1,4 +1,2 @@ -no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedAutoConfiguration no.nav.testnav.libs.reactivesecurity.exchange.TokenServiceAutoConfiguration -no.nav.testnav.libs.reactivesecurity.jwt.ReactiveJwtAutoConfiguration -no.nav.testnav.libs.reactivesecurity.properties.ResourceServerPropertiesAutoConfiguration \ No newline at end of file +no.nav.testnav.libs.reactivesecurity.jwt.ReactiveJwtAutoConfiguration \ No newline at end of file diff --git a/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java b/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java new file mode 100644 index 00000000000..8404d648b18 --- /dev/null +++ b/libs/reactive-session-security/src/main/java/no/nav/testnav/libs/reactivesessionsecurity/properties/ResourceServerProperties.java @@ -0,0 +1,17 @@ +package no.nav.testnav.libs.reactivesessionsecurity.properties; + +import lombok.Getter; +import lombok.Setter; +import no.nav.testnav.libs.securitycore.domain.ResourceServerType; + +import java.util.List; + +@Getter +@Setter +public abstract class ResourceServerProperties { + private String issuerUri; + private String jwkSetUri; + private List acceptedAudience; + + public abstract ResourceServerType getType(); +} \ No newline at end of file diff --git a/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java b/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java index 8f52a6504f2..859ba2f4b44 100644 --- a/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java +++ b/libs/servlet-insecure-security/src/main/java/no/nav/testnav/libs/standalone/servletsecurity/properties/ResourceServerProperties.java @@ -9,10 +9,9 @@ @Getter @Setter public abstract class ResourceServerProperties { - private String issuerUri; + private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); - } \ No newline at end of file diff --git a/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java b/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java index 2c00f476ec6..fc38434dfe5 100644 --- a/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java +++ b/libs/servlet-security/src/main/java/no/nav/testnav/libs/servletsecurity/properties/ResourceServerProperties.java @@ -9,10 +9,9 @@ @Getter @Setter public abstract class ResourceServerProperties { - private String issuerUri; + private String jwkSetUri; private List acceptedAudience; public abstract ResourceServerType getType(); - } \ No newline at end of file diff --git a/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java b/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java index d808cfcdd7a..c87a598db65 100644 --- a/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java +++ b/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java @@ -34,14 +34,19 @@ private static void configureForLocalProfile(Map properties) { log.info("Configuring environment for local profile using Secret Manager"); // Emulating NAIS provided environment variables. + properties.putIfAbsent("ALTINN_URL", "${sm\\://altinn-url}"); // Used by altinn3-tilgang-service only. properties.putIfAbsent("AZURE_APP_CLIENT_ID", "${sm\\://azure-app-client-id}"); properties.putIfAbsent("AZURE_APP_CLIENT_SECRET", "${sm\\://azure-app-client-secret}"); properties.putIfAbsent("AZURE_OPENID_CONFIG_ISSUER", "${sm\\://azure-openid-config-issuer}"); properties.putIfAbsent("AZURE_OPENID_CONFIG_TOKEN_ENDPOINT", "${sm\\://azure-openid-config-token-endpoint}"); + properties.putIfAbsent("CRYPTOGRAPHY_SECRET", DUMMY); // Used by bruker-service only. + properties.putIfAbsent("JWT_SECRET", DUMMY); // Used by bruker-service only. properties.putIfAbsent("MASKINPORTEN_CLIENT_ID", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_CLIENT_JWK", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_SCOPES", DUMMY); // Used by tenor-search-service and altinn3-tilgang-service only. properties.putIfAbsent("MASKINPORTEN_WELL_KNOWN_URL", "${sm\\://maskinporten-well-known-url}"); // Used by tenor-search-service and altinn3-tilgang-service only. + properties.putIfAbsent("SLACK_CHANNEL", DUMMY); // Used by tilbakemelding-api only. + properties.putIfAbsent("SLACK_TOKEN", DUMMY); // Used by tilbakemelding-api only. properties.putIfAbsent("TOKEN_X_ISSUER", "${sm\\://token-x-issuer}"); } @@ -60,16 +65,12 @@ private static void configureForTestProfile(Map properties) { "ALTINN_API_KEY", "ALTINN_URL", - "AZURE_APP_CLIENT_ID", - "AZURE_APP_CLIENT_SECRET", - "AZURE_NAV_APP_CLIENT_ID", - "AZURE_NAV_APP_CLIENT_SECRET", - "AZURE_NAV_OPENID_CONFIG_TOKEN_ENDPOINT", "AZURE_OPENID_CONFIG_ISSUER", "AZURE_OPENID_CONFIG_TOKEN_ENDPOINT", - "AZURE_TRYGDEETATEN_APP_CLIENT_ID", - "AZURE_TRYGDEETATEN_APP_CLIENT_SECRET", - "AZURE_TRYGDEETATEN_OPENID_CONFIG_TOKEN_ENDPOINT", + "CRYPTOGRAPHY_SECRET", // Used by bruker-service only. + "IDPORTEN_CLIENT_ID", // Used by dolly-frontend only. + "IDPORTEN_CLIENT_JWK", // Used by dolly-frontend only. + "JWT_SECRET", // Used by bruker-service only. "MASKINPORTEN_CLIENT_ID", "MASKINPORTEN_CLIENT_JWK", "MASKINPORTEN_SCOPES", diff --git a/mocks/tokendings-mock/src/main/resources/application.yml b/mocks/tokendings-mock/src/main/resources/application.yml index d13ac2f473c..d1ff1941b4a 100644 --- a/mocks/tokendings-mock/src/main/resources/application.yml +++ b/mocks/tokendings-mock/src/main/resources/application.yml @@ -1,7 +1,3 @@ spring: application: - name: tokendings-mock - cloud: - gcp: - secretmanager: - enabled: false \ No newline at end of file + name: tokendings-mock \ No newline at end of file diff --git a/plugins/java/src/main/groovy/dolly-apps.gradle b/plugins/java/src/main/groovy/dolly-apps.gradle index 3db5694cd29..446313b0c82 100644 --- a/plugins/java/src/main/groovy/dolly-apps.gradle +++ b/plugins/java/src/main/groovy/dolly-apps.gradle @@ -23,6 +23,7 @@ dependencies { implementation "com.google.cloud:spring-cloud-gcp-starter-secretmanager:$versions.gcpSecretManager" implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" + implementation "no.nav.testnav.libs:testing" implementation "org.hibernate.validator:hibernate-validator" implementation "org.projectlombok:lombok" implementation "org.springframework.boot:spring-boot-starter-actuator" diff --git a/plugins/java/src/main/groovy/dolly-proxies.gradle b/plugins/java/src/main/groovy/dolly-proxies.gradle index 49e56913c03..cba8c898edb 100644 --- a/plugins/java/src/main/groovy/dolly-proxies.gradle +++ b/plugins/java/src/main/groovy/dolly-proxies.gradle @@ -25,6 +25,7 @@ dependencies { implementation "net.logstash.logback:logstash-logback-encoder:$versions.logback" implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-proxy" + implementation "no.nav.testnav.libs:testing" implementation "org.hibernate.validator:hibernate-validator" implementation "org.projectlombok:lombok" implementation "org.springframework.boot:spring-boot-starter-actuator" diff --git a/proxies/aareg-proxy/build.gradle b/proxies/aareg-proxy/build.gradle index e4cdb8c46a6..bc14357ff77 100644 --- a/proxies/aareg-proxy/build.gradle +++ b/proxies/aareg-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/aareg-proxy/src/main/resources/application.yml b/proxies/aareg-proxy/src/main/resources/application.yml index 48dfb6de3b1..bfcfa930bac 100644 --- a/proxies/aareg-proxy/src/main/resources/application.yml +++ b/proxies/aareg-proxy/src/main/resources/application.yml @@ -6,7 +6,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/aareg-synt-services-proxy/build.gradle b/proxies/aareg-synt-services-proxy/build.gradle index 8f455a7c2cf..7d905e49431 100644 --- a/proxies/aareg-synt-services-proxy/build.gradle +++ b/proxies/aareg-synt-services-proxy/build.gradle @@ -7,8 +7,4 @@ sonarqube { property "sonar.projectKey", "aareg-synt-services-proxy" property "sonar.projectName", "aareg-synt-services-proxy" } -} - -dependencies { - implementation "no.nav.testnav.libs:testing" } \ No newline at end of file diff --git a/proxies/aareg-synt-services-proxy/src/main/resources/application.yml b/proxies/aareg-synt-services-proxy/src/main/resources/application.yml index 63e92dfbb43..3df302f75c4 100644 --- a/proxies/aareg-synt-services-proxy/src/main/resources/application.yml +++ b/proxies/aareg-synt-services-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/altinn3-tilgang-proxy/build.gradle b/proxies/altinn3-tilgang-proxy/build.gradle index 10a56b450ca..6ec916b1237 100644 --- a/proxies/altinn3-tilgang-proxy/build.gradle +++ b/proxies/altinn3-tilgang-proxy/build.gradle @@ -14,7 +14,6 @@ dependencies { implementation "no.nav.testnav.libs:reactive-core" implementation "no.nav.testnav.libs:reactive-proxy" implementation "no.nav.testnav.libs:servlet-insecure-security" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml b/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml index d6f3df1bd1e..1b447904a0e 100644 --- a/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml +++ b/proxies/altinn3-tilgang-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arbeidsplassencv-proxy/build.gradle b/proxies/arbeidsplassencv-proxy/build.gradle index df1e87aec60..fbe4e0b832c 100644 --- a/proxies/arbeidsplassencv-proxy/build.gradle +++ b/proxies/arbeidsplassencv-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml b/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml index 7437efb3360..396bd983fbb 100644 --- a/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml +++ b/proxies/arbeidsplassencv-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arbeidssoekerregisteret-proxy/build.gradle b/proxies/arbeidssoekerregisteret-proxy/build.gradle index e3354b645b6..0f2bb3608a1 100644 --- a/proxies/arbeidssoekerregisteret-proxy/build.gradle +++ b/proxies/arbeidssoekerregisteret-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml b/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml index 44cf41f4cc0..5c48fdc67e6 100644 --- a/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml +++ b/proxies/arbeidssoekerregisteret-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/arena-forvalteren-proxy/build.gradle b/proxies/arena-forvalteren-proxy/build.gradle index f18cbc8785c..e4db3059397 100644 --- a/proxies/arena-forvalteren-proxy/build.gradle +++ b/proxies/arena-forvalteren-proxy/build.gradle @@ -12,5 +12,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:security-core" implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/arena-forvalteren-proxy/src/main/resources/application.yml b/proxies/arena-forvalteren-proxy/src/main/resources/application.yml index 3d765103d0d..6b83ff72acb 100644 --- a/proxies/arena-forvalteren-proxy/src/main/resources/application.yml +++ b/proxies/arena-forvalteren-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/batch-adeo-proxy/build.gradle b/proxies/batch-adeo-proxy/build.gradle index c06cd6698c9..12df8fce778 100644 --- a/proxies/batch-adeo-proxy/build.gradle +++ b/proxies/batch-adeo-proxy/build.gradle @@ -8,7 +8,3 @@ sonarqube { property "sonar.projectName", "testnorge-batch-adeo-proxy" } } - -dependencies { - implementation "no.nav.testnav.libs:testing" -} diff --git a/proxies/batch-adeo-proxy/src/main/resources/application.yml b/proxies/batch-adeo-proxy/src/main/resources/application.yml index 539889845a8..8127a1a9ab8 100644 --- a/proxies/batch-adeo-proxy/src/main/resources/application.yml +++ b/proxies/batch-adeo-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/brregstub-proxy/build.gradle b/proxies/brregstub-proxy/build.gradle index 2139718e5fc..017d06d43ea 100644 --- a/proxies/brregstub-proxy/build.gradle +++ b/proxies/brregstub-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/brregstub-proxy/src/main/resources/application.yml b/proxies/brregstub-proxy/src/main/resources/application.yml index d76e621ed4e..ec307da4b84 100644 --- a/proxies/brregstub-proxy/src/main/resources/application.yml +++ b/proxies/brregstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/dokarkiv-proxy/build.gradle b/proxies/dokarkiv-proxy/build.gradle index f0521df929e..a70fae5d3e5 100644 --- a/proxies/dokarkiv-proxy/build.gradle +++ b/proxies/dokarkiv-proxy/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/dokarkiv-proxy/src/main/resources/application.yml b/proxies/dokarkiv-proxy/src/main/resources/application.yml index 45f30d41cdb..a68feea15c5 100644 --- a/proxies/dokarkiv-proxy/src/main/resources/application.yml +++ b/proxies/dokarkiv-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/ereg-proxy/build.gradle b/proxies/ereg-proxy/build.gradle index 9cd0b4b3634..baf9c76e4b9 100644 --- a/proxies/ereg-proxy/build.gradle +++ b/proxies/ereg-proxy/build.gradle @@ -8,7 +8,3 @@ sonarqube { property "sonar.projectName", "testnav-ereg-proxy" } } - -dependencies { - implementation "no.nav.testnav.libs:testing" -} diff --git a/proxies/ereg-proxy/src/main/resources/application.yml b/proxies/ereg-proxy/src/main/resources/application.yml index dc0466df84a..f08ac6a0323 100644 --- a/proxies/ereg-proxy/src/main/resources/application.yml +++ b/proxies/ereg-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/fullmakt-proxy/build.gradle b/proxies/fullmakt-proxy/build.gradle index d443c75dcd4..dfc055280c0 100644 --- a/proxies/fullmakt-proxy/build.gradle +++ b/proxies/fullmakt-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/histark-proxy/build.gradle b/proxies/histark-proxy/build.gradle index 260b23ab8bc..e77cab21cd2 100644 --- a/proxies/histark-proxy/build.gradle +++ b/proxies/histark-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/histark-proxy/src/main/resources/application.yml b/proxies/histark-proxy/src/main/resources/application.yml index b8c751f278d..98fb18c7983 100644 --- a/proxies/histark-proxy/src/main/resources/application.yml +++ b/proxies/histark-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/inntektstub-proxy/build.gradle b/proxies/inntektstub-proxy/build.gradle index 4febca762cf..2b0947f58d0 100644 --- a/proxies/inntektstub-proxy/build.gradle +++ b/proxies/inntektstub-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/inntektstub-proxy/src/main/resources/application.yml b/proxies/inntektstub-proxy/src/main/resources/application.yml index a4e1d6c3a71..58e31a734b6 100644 --- a/proxies/inntektstub-proxy/src/main/resources/application.yml +++ b/proxies/inntektstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/inst-proxy/build.gradle b/proxies/inst-proxy/build.gradle index 3560e67b8dc..001bbf62428 100644 --- a/proxies/inst-proxy/build.gradle +++ b/proxies/inst-proxy/build.gradle @@ -13,5 +13,4 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" } \ No newline at end of file diff --git a/proxies/inst-proxy/src/main/resources/application.yml b/proxies/inst-proxy/src/main/resources/application.yml index ecc17c9d286..41c31d4446f 100644 --- a/proxies/inst-proxy/src/main/resources/application.yml +++ b/proxies/inst-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/kontoregister-person-proxy/build.gradle b/proxies/kontoregister-person-proxy/build.gradle index 97d57dc1540..516d518b93a 100644 --- a/proxies/kontoregister-person-proxy/build.gradle +++ b/proxies/kontoregister-person-proxy/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/kontoregister-person-proxy/src/main/resources/application.yml b/proxies/kontoregister-person-proxy/src/main/resources/application.yml index 42ac63a3251..efb36e9b16d 100644 --- a/proxies/kontoregister-person-proxy/src/main/resources/application.yml +++ b/proxies/kontoregister-person-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/krrstub-proxy/build.gradle b/proxies/krrstub-proxy/build.gradle index 750236e8d79..c1e2ce31706 100644 --- a/proxies/krrstub-proxy/build.gradle +++ b/proxies/krrstub-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/krrstub-proxy/src/main/resources/application.yml b/proxies/krrstub-proxy/src/main/resources/application.yml index bda6590b667..2bb6c48a788 100644 --- a/proxies/krrstub-proxy/src/main/resources/application.yml +++ b/proxies/krrstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/medl-proxy/build.gradle b/proxies/medl-proxy/build.gradle index fff39aab17a..88115d2aa7b 100644 --- a/proxies/medl-proxy/build.gradle +++ b/proxies/medl-proxy/build.gradle @@ -12,7 +12,6 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/medl-proxy/src/main/resources/application.yml b/proxies/medl-proxy/src/main/resources/application.yml index 47b6ae0d411..5917152982f 100644 --- a/proxies/medl-proxy/src/main/resources/application.yml +++ b/proxies/medl-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/norg2-proxy/build.gradle b/proxies/norg2-proxy/build.gradle index 6851bb606f9..414d34ac1e3 100644 --- a/proxies/norg2-proxy/build.gradle +++ b/proxies/norg2-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/norg2-proxy/src/main/resources/application.yml b/proxies/norg2-proxy/src/main/resources/application.yml index e440f3fb8ff..6524f4f2ff6 100644 --- a/proxies/norg2-proxy/src/main/resources/application.yml +++ b/proxies/norg2-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/pdl-proxy/build.gradle b/proxies/pdl-proxy/build.gradle index 53aeea80b10..b88f07def05 100644 --- a/proxies/pdl-proxy/build.gradle +++ b/proxies/pdl-proxy/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/pdl-proxy/src/main/resources/application.yml b/proxies/pdl-proxy/src/main/resources/application.yml index 670f0a384bc..3ceee0ee89f 100644 --- a/proxies/pdl-proxy/src/main/resources/application.yml +++ b/proxies/pdl-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/pensjon-testdata-facade-proxy/build.gradle b/proxies/pensjon-testdata-facade-proxy/build.gradle index 8e6a15b8f00..c4710ef518d 100644 --- a/proxies/pensjon-testdata-facade-proxy/build.gradle +++ b/proxies/pensjon-testdata-facade-proxy/build.gradle @@ -13,7 +13,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } diff --git a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml index 04650326219..c9e0eaaebf1 100644 --- a/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml +++ b/proxies/pensjon-testdata-facade-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} cloud: gateway: httpclient: diff --git a/proxies/saf-proxy/build.gradle b/proxies/saf-proxy/build.gradle index 0584ef5f32e..ceba6e612a2 100644 --- a/proxies/saf-proxy/build.gradle +++ b/proxies/saf-proxy/build.gradle @@ -13,5 +13,4 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/saf-proxy/src/main/resources/application.yml b/proxies/saf-proxy/src/main/resources/application.yml index 48f28386541..f487b0a263f 100644 --- a/proxies/saf-proxy/src/main/resources/application.yml +++ b/proxies/saf-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/sigrunstub-proxy/build.gradle b/proxies/sigrunstub-proxy/build.gradle index e0dd09380c0..b6c1e5e936a 100644 --- a/proxies/sigrunstub-proxy/build.gradle +++ b/proxies/sigrunstub-proxy/build.gradle @@ -11,5 +11,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/sigrunstub-proxy/src/main/resources/application.yml b/proxies/sigrunstub-proxy/src/main/resources/application.yml index e7837bc80a6..0f6542d1626 100644 --- a/proxies/sigrunstub-proxy/src/main/resources/application.yml +++ b/proxies/sigrunstub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/skjermingsregister-proxy/build.gradle b/proxies/skjermingsregister-proxy/build.gradle index b7c6c17e61a..920b573d608 100644 --- a/proxies/skjermingsregister-proxy/build.gradle +++ b/proxies/skjermingsregister-proxy/build.gradle @@ -10,10 +10,9 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:testing" - implementation 'no.nav.testnav.libs:data-transfer-objects' - implementation 'no.nav.testnav.libs:reactive-security' implementation 'no.nav.testnav.libs:security-core' + implementation 'no.nav.testnav.libs:reactive-security' + implementation 'no.nav.testnav.libs:data-transfer-objects' testImplementation 'org.springframework.security:spring-security-test' } diff --git a/proxies/skjermingsregister-proxy/src/main/resources/application.yml b/proxies/skjermingsregister-proxy/src/main/resources/application.yml index a5f98abea94..2f08d4b8909 100644 --- a/proxies/skjermingsregister-proxy/src/main/resources/application.yml +++ b/proxies/skjermingsregister-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/sykemelding-proxy/build.gradle b/proxies/sykemelding-proxy/build.gradle index 77ba5d43b4e..748b5a264f1 100644 --- a/proxies/sykemelding-proxy/build.gradle +++ b/proxies/sykemelding-proxy/build.gradle @@ -10,10 +10,9 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:reactive-security" - implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" + implementation 'no.nav.testnav.libs:security-core' + implementation 'no.nav.testnav.libs:reactive-security' + implementation 'no.nav.testnav.libs:data-transfer-objects' - testImplementation "org.springframework.security:spring-security-test" + testImplementation 'org.springframework.security:spring-security-test' } diff --git a/proxies/synthdata-meldekort-proxy/build.gradle b/proxies/synthdata-meldekort-proxy/build.gradle index 5123d9432b0..66ce73cf9ae 100644 --- a/proxies/synthdata-meldekort-proxy/build.gradle +++ b/proxies/synthdata-meldekort-proxy/build.gradle @@ -19,7 +19,6 @@ dependencies { implementation "no.nav.testnav.libs:data-transfer-objects" implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" implementation "org.springframework.boot:spring-boot-starter-webflux" } \ No newline at end of file diff --git a/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml b/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml index 81e3c4d967b..8d9b1938bb0 100644 --- a/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml +++ b/proxies/synthdata-meldekort-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: trygdeetaten: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} codec: max-in-memory-size: 15MB cloud: diff --git a/proxies/udistub-proxy/build.gradle b/proxies/udistub-proxy/build.gradle index c60013cd596..e309c212e92 100644 --- a/proxies/udistub-proxy/build.gradle +++ b/proxies/udistub-proxy/build.gradle @@ -10,8 +10,7 @@ sonarqube { } dependencies { - implementation "no.nav.testnav.libs:data-transfer-objects" - implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" + implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:data-transfer-objects" } diff --git a/proxies/udistub-proxy/src/main/resources/application.yml b/proxies/udistub-proxy/src/main/resources/application.yml index ba26d48bd34..7964c5d4848 100644 --- a/proxies/udistub-proxy/src/main/resources/application.yml +++ b/proxies/udistub-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} tokenx: issuer-uri: ${TOKEN_X_ISSUER} accepted-audience: ${TOKEN_X_CLIENT_ID} diff --git a/proxies/yrkesskade-proxy/build.gradle b/proxies/yrkesskade-proxy/build.gradle index d306c2a1907..8ed97fe8337 100644 --- a/proxies/yrkesskade-proxy/build.gradle +++ b/proxies/yrkesskade-proxy/build.gradle @@ -12,5 +12,4 @@ sonarqube { dependencies { implementation "no.nav.testnav.libs:reactive-security" implementation "no.nav.testnav.libs:security-core" - implementation "no.nav.testnav.libs:testing" } diff --git a/proxies/yrkesskade-proxy/src/main/resources/application.yml b/proxies/yrkesskade-proxy/src/main/resources/application.yml index 39cd187f4ec..62a44b12d4f 100644 --- a/proxies/yrkesskade-proxy/src/main/resources/application.yml +++ b/proxies/yrkesskade-proxy/src/main/resources/application.yml @@ -7,7 +7,7 @@ spring: resourceserver: aad: issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} - accepted-audience: ${AZURE_APP_CLIENT_ID}, api://${AZURE_APP_CLIENT_ID} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} cloud: gateway: httpclient: From 4a365d2c43a85f454cfda5349e967d227441cbfb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristen=20H=C3=A6rum?= Date: Thu, 27 Feb 2025 07:17:32 +0100 Subject: [PATCH 10/13] Feature/DollySearchService opensearch query on dual indexes (#3772) --- .../workflows/app.dolly-search-service.yml | 1 + apps/dolly-search-service/Dockerfile | 4 +- apps/dolly-search-service/build.gradle | 4 + apps/dolly-search-service/config.test.yml | 72 ++++++++++ apps/dolly-search-service/config.yml | 10 +- .../DollySearchServiceApplicationStarter.java | 2 +- .../config/CachingConfig.java | 41 ++++++ .../config/MapperFacadeConfig.java | 36 +++++ .../config/OpenSearchConfig.java | 43 ++++++ .../config/OpenSearchLocalConfig.java | 35 +++++ .../config/SecurityConfig.java | 2 +- .../consumer/OpenSearchConsumer.java | 2 - .../dto/BestillingIdenter.java | 17 +++ .../dto/SearchInternalResponse.java | 24 ++++ .../dollysearchservice/dto/SearchRequest.java | 37 ++++- .../dto/SearchResponse.java | 1 - .../mapper/MappingStrategy.java | 19 +++ .../OpenSearchResponseMappingStrategy.java | 31 +++++ .../OpenSearchV2ResponseMappingStrategy.java | 31 +++++ .../OpensearchEnhancedController.java | 34 +++++ .../service/BestillingQueryService.java | 108 +++++++++++++++ .../service/OpenSearchService.java | 65 +-------- .../service/OpenSearchV2Service.java | 41 ++++++ .../service/PersonQueryService.java | 84 ++++++++++++ .../utils/FagsystemQuereyUtils.java | 47 +++++++ .../utils/OpenSearchIdenterQueryUtils.java | 16 ++- .../utils/OpenSearchPersonQueryUtils.java | 70 +++++----- .../utils/OpenSearchQueryBuilder.java | 2 +- .../utils/OpenSearchQueryUtils.java | 19 ++- .../src/main/resources/application-dev.yml | 7 + .../src/main/resources/application-local.yml | 11 +- .../src/main/resources/application-prod.yml | 4 + .../src/main/resources/application.yml | 7 +- .../src/main/resources/logback-spring.xml | 2 +- .../v2/ElasticBestilling.java | 129 ++++++++++++++++++ .../dollysearchservice/v2/ElasticTyper.java | 45 ++++++ .../dollysearchservice/v2/SearchRequest.java | 25 ++++ .../dollysearchservice/v2/SearchResponse.java | 24 ++++ proxies/pdl-proxy/config.yml | 2 + 39 files changed, 1034 insertions(+), 120 deletions(-) create mode 100644 apps/dolly-search-service/config.test.yml create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/CachingConfig.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/MapperFacadeConfig.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenSearchConfig.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenSearchLocalConfig.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/BestillingIdenter.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchInternalResponse.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/MappingStrategy.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchResponseMappingStrategy.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchV2ResponseMappingStrategy.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchEnhancedController.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/BestillingQueryService.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchV2Service.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/PersonQueryService.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/FagsystemQuereyUtils.java create mode 100644 apps/dolly-search-service/src/main/resources/application-dev.yml create mode 100644 libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticBestilling.java create mode 100644 libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticTyper.java create mode 100644 libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchRequest.java create mode 100644 libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchResponse.java diff --git a/.github/workflows/app.dolly-search-service.yml b/.github/workflows/app.dolly-search-service.yml index 65f242870f3..d678fa95aca 100644 --- a/.github/workflows/app.dolly-search-service.yml +++ b/.github/workflows/app.dolly-search-service.yml @@ -19,6 +19,7 @@ jobs: with: working-directory: "apps/dolly-search-service" deploy-tag: "#deploy-dolly-search-service" + deploy-tag-test: "#deploy-test-dolly-search-service" permissions: contents: read id-token: write diff --git a/apps/dolly-search-service/Dockerfile b/apps/dolly-search-service/Dockerfile index 4a36f93546f..b0285c37332 100644 --- a/apps/dolly-search-service/Dockerfile +++ b/apps/dolly-search-service/Dockerfile @@ -1,8 +1,8 @@ FROM ghcr.io/navikt/baseimages/temurin:21 LABEL maintainer="Team Dolly" -ENV JAVA_OPTS="-Dspring.profiles.active=prod" +ENV JAVA_OPTS="--add-opens java.base/java.lang=ALL-UNNAMED" -ADD /build/libs/app.jar /app/app.jar +COPY /build/libs/app.jar /app/app.jar EXPOSE 8080 diff --git a/apps/dolly-search-service/build.gradle b/apps/dolly-search-service/build.gradle index bcc3647ab12..a4e389c36f1 100644 --- a/apps/dolly-search-service/build.gradle +++ b/apps/dolly-search-service/build.gradle @@ -20,10 +20,14 @@ dependencies { implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch" implementation "com.fasterxml.jackson.core:jackson-core:$versions.jackson" + implementation 'org.springframework.boot:spring-boot-starter-cache' + implementation 'com.github.ben-manes.caffeine:caffeine' implementation "org.springframework.boot:spring-boot-starter-security" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" implementation "org.springframework.boot:spring-boot-starter-web" + implementation "ma.glasnost.orika:orika-core:$versions.orika" + implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc" } \ No newline at end of file diff --git a/apps/dolly-search-service/config.test.yml b/apps/dolly-search-service/config.test.yml new file mode 100644 index 00000000000..cd363c5c723 --- /dev/null +++ b/apps/dolly-search-service/config.test.yml @@ -0,0 +1,72 @@ +apiVersion: "nais.io/v1alpha1" +kind: "Application" +metadata: + name: testnav-dolly-search-service-dev + namespace: dolly + labels: + team: dolly + annotations: + nginx.ingress.kubernetes.io/proxy-body-size: "8m" + nginx.ingress.kubernetes.io/proxy-buffer-size: "8m" + nginx.ingress.kubernetes.io/client-body-buffer-size: "8m" +spec: + image: "{{image}}" + port: 8080 + openSearch: + instance: bestillinger + access: read + tokenx: + enabled: true + azure: + application: + allowAllUsers: true + enabled: true + tenant: nav.no + accessPolicy: + inbound: + rules: + - application: dolly-idporten + - application: dolly-frontend + - application: dolly-frontend-dev + - application: dolly-backend + - application: dolly-backend-dev + - application: team-dolly-lokal-app + - application: testnav-oversikt-frontend + outbound: + external: + - host: testnav-pdl-proxy.dev-fss-pub.nais.io + liveness: + path: /internal/isAlive + initialDelay: 4 + periodSeconds: 5 + failureThreshold: 500 + observability: + logging: + destinations: + - id: elastic + autoInstrumentation: + enabled: true + runtime: java + readiness: + path: /internal/isReady + initialDelay: 4 + periodSeconds: 5 + failureThreshold: 500 + prometheus: + enabled: true + path: /internal/metrics + replicas: + min: 1 + max: 1 + resources: + requests: + cpu: 200m + memory: 1024Mi + limits: + memory: 2048Mi + env: + - name: SPRING_PROFILES_ACTIVE + value: dev + ingresses: + - "https://testnav-dolly-search-service-dev.intern.dev.nav.no" + diff --git a/apps/dolly-search-service/config.yml b/apps/dolly-search-service/config.yml index 57e67706d11..6c3a882adff 100644 --- a/apps/dolly-search-service/config.yml +++ b/apps/dolly-search-service/config.yml @@ -12,7 +12,9 @@ metadata: spec: image: "{{image}}" port: 8080 - webproxy: true + openSearch: + instance: bestillinger + access: read tokenx: enabled: true azure: @@ -23,6 +25,9 @@ spec: accessPolicy: inbound: rules: + - application: dolly-idporten + - application: dolly-frontend + - application: dolly-frontend-dev - application: dolly-backend - application: dolly-backend-dev - application: team-dolly-lokal-app @@ -59,6 +64,9 @@ spec: memory: 1024Mi limits: memory: 2048Mi + env: + - name: SPRING_PROFILES_ACTIVE + value: prod ingresses: - "https://testnav-dolly-search-service.intern.dev.nav.no" diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/DollySearchServiceApplicationStarter.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/DollySearchServiceApplicationStarter.java index 1ed1004ae1f..4c3b9714fde 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/DollySearchServiceApplicationStarter.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/DollySearchServiceApplicationStarter.java @@ -13,4 +13,4 @@ public static void main(String[] args) { .initializers(new NaisEnvironmentApplicationContextInitializer()) .run(args); } -} \ No newline at end of file +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/CachingConfig.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/CachingConfig.java new file mode 100644 index 00000000000..55fa688af31 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/CachingConfig.java @@ -0,0 +1,41 @@ +package no.nav.testnav.dollysearchservice.config; + +import com.github.benmanes.caffeine.cache.Caffeine; +import org.springframework.cache.CacheManager; +import org.springframework.cache.annotation.EnableCaching; +import org.springframework.cache.caffeine.CaffeineCacheManager; +import org.springframework.cache.support.NoOpCacheManager; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; + +import java.util.concurrent.TimeUnit; + +@Configuration(enforceUniqueMethods = false) +@EnableCaching +@SuppressWarnings("java:S3740") +public class CachingConfig { + + public static final String CACHE_REGISTRE = "registre"; + + @Bean + @Profile({ "dev", "prod"}) + public CacheManager cacheManager(Caffeine caffeine) { + var caffeineCacheManager = new CaffeineCacheManager(CACHE_REGISTRE + ); + caffeineCacheManager.setCaffeine(caffeine); + caffeineCacheManager.setAsyncCacheMode(true); + return caffeineCacheManager; + } + + @Bean + @Profile("local") + public CacheManager cacheManagerLocal() { + return new NoOpCacheManager(); + } + + @Bean + public Caffeine caffeineConfig() { + return Caffeine.newBuilder().expireAfterWrite(12, TimeUnit.HOURS); + } +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/MapperFacadeConfig.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/MapperFacadeConfig.java new file mode 100644 index 00000000000..42795348467 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/MapperFacadeConfig.java @@ -0,0 +1,36 @@ +package no.nav.testnav.dollysearchservice.config; + +import ma.glasnost.orika.CustomConverter; +import ma.glasnost.orika.MapperFacade; +import ma.glasnost.orika.impl.DefaultMapperFactory; +import no.nav.testnav.dollysearchservice.mapper.MappingStrategy; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +import java.util.List; + +import static java.util.Objects.nonNull; + +@Configuration +@SuppressWarnings("java:S3740") +public class MapperFacadeConfig { + + @Bean + MapperFacade mapperFacade(List mappingStrategies, List customConverters) { + DefaultMapperFactory mapperFactory = new DefaultMapperFactory.Builder().build(); + + if (nonNull(mappingStrategies)) { + for (MappingStrategy mapper : mappingStrategies) { + mapper.register(mapperFactory); + } + } + + if (nonNull(customConverters)) { + for (CustomConverter converter : customConverters) { + mapperFactory.getConverterFactory().registerConverter(converter); + } + } + + return mapperFactory.getMapperFacade(); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenSearchConfig.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenSearchConfig.java new file mode 100644 index 00000000000..cc84cb148e6 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenSearchConfig.java @@ -0,0 +1,43 @@ +package no.nav.testnav.dollysearchservice.config; + +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.opensearch.client.RestHighLevelClient; +import org.opensearch.data.client.orhlc.AbstractOpenSearchConfiguration; +import org.opensearch.data.client.orhlc.ClientConfiguration; +import org.opensearch.data.client.orhlc.RestClients; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; + +import java.time.Duration; + +@Slf4j +@Configuration +@Profile({"prod","dev"}) +@RequiredArgsConstructor +public class OpenSearchConfig extends AbstractOpenSearchConfiguration { + + @Value("${open.search.username}") + private String username; + + @Value("${open.search.password}") + private String password; + + @Value("${open.search.uri}") + private String uri; + + @Override + @SuppressWarnings("java:S2095") + public RestHighLevelClient opensearchClient() { + + return RestClients.create(ClientConfiguration.builder() + .connectedTo(uri.replace("https://", "")) + .usingSsl() + .withBasicAuth(username, password) + .withConnectTimeout(Duration.ofSeconds(10)) + .withSocketTimeout(Duration.ofSeconds(5)) + .build()) + .rest(); + } +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenSearchLocalConfig.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenSearchLocalConfig.java new file mode 100644 index 00000000000..57308888d1e --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenSearchLocalConfig.java @@ -0,0 +1,35 @@ +package no.nav.testnav.dollysearchservice.config; + +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.opensearch.client.RestHighLevelClient; +import org.opensearch.data.client.orhlc.AbstractOpenSearchConfiguration; +import org.opensearch.data.client.orhlc.ClientConfiguration; +import org.opensearch.data.client.orhlc.RestClients; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; + +import java.time.Duration; + +@Slf4j +@Configuration +@Profile("local") +@RequiredArgsConstructor +public class OpenSearchLocalConfig extends AbstractOpenSearchConfiguration { + + @Value("${open.search.uri}") + private String uri; + + @Override + @SuppressWarnings("java:S2095") + public RestHighLevelClient opensearchClient() { + + return RestClients.create(ClientConfiguration.builder() + .connectedTo(uri.replace("http://", "")) + .withConnectTimeout(Duration.ofSeconds(10)) + .withSocketTimeout(Duration.ofSeconds(5)) + .build()) + .rest(); + } +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/SecurityConfig.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/SecurityConfig.java index 70c7746038a..512166a4c10 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/SecurityConfig.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/SecurityConfig.java @@ -12,7 +12,7 @@ @EnableWebSecurity @Configuration -@Profile({ "prod", "local" }) +@Profile({ "prod", "dev", "local" }) public class SecurityConfig { @Bean diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/OpenSearchConsumer.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/OpenSearchConsumer.java index 3c29c69e86a..8796a439c23 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/OpenSearchConsumer.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/OpenSearchConsumer.java @@ -1,7 +1,6 @@ package no.nav.testnav.dollysearchservice.consumer; import com.fasterxml.jackson.databind.ObjectMapper; -import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; import no.nav.testnav.dollysearchservice.config.Consumers; import no.nav.testnav.dollysearchservice.consumer.command.OpenSearchCommand; @@ -38,7 +37,6 @@ public OpenSearchConsumer( this.tokenExchange = tokenExchange; } - @SneakyThrows public Flux search(SearchRequest request) { return tokenExchange.exchange(serverProperties) .flatMapMany(token -> diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/BestillingIdenter.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/BestillingIdenter.java new file mode 100644 index 00000000000..7316e7e801c --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/BestillingIdenter.java @@ -0,0 +1,17 @@ +package no.nav.testnav.dollysearchservice.dto; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.List; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class BestillingIdenter { + + private List identer; +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchInternalResponse.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchInternalResponse.java new file mode 100644 index 00000000000..133a754613b --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchInternalResponse.java @@ -0,0 +1,24 @@ +package no.nav.testnav.dollysearchservice.dto; + +import com.fasterxml.jackson.databind.JsonNode; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.List; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class SearchInternalResponse { + + private Long totalHits; + private String took; + private Integer side; + private Integer antall; + private Integer seed; + private List personer; + private String error; +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java index a1c47ee3f83..a3ff873f234 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java @@ -4,6 +4,15 @@ import lombok.Builder; import lombok.Data; import lombok.NoArgsConstructor; +import no.nav.testnav.libs.data.dollysearchservice.v1.PersonRequest; +import no.nav.testnav.libs.data.dollysearchservice.v2.ElasticTyper; + +import java.util.ArrayList; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import static java.util.Objects.isNull; @Data @Builder @@ -11,6 +20,32 @@ @AllArgsConstructor public class SearchRequest { - private no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest request; + private Integer side; + private Integer antall; + private Integer seed; + + private PersonRequest personRequest; + private org.opensearch.action.search.SearchRequest query; + private SearchRequest request; + + private List registreRequest; + + private Set identer; + + public Set getIdenter() { + + if (isNull(identer)) { + identer = new HashSet<>(); + } + return identer; + } + + public List getRegistreRequest() { + + if (isNull(registreRequest)) { + registreRequest = new ArrayList<>(); + } + return registreRequest; + } } diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchResponse.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchResponse.java index 7800ad9bdc7..4fd3846bd1f 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchResponse.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchResponse.java @@ -4,7 +4,6 @@ import lombok.Builder; import lombok.Data; import lombok.NoArgsConstructor; -import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; import org.springframework.http.HttpStatus; import java.util.List; diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/MappingStrategy.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/MappingStrategy.java new file mode 100644 index 00000000000..e28705ec577 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/MappingStrategy.java @@ -0,0 +1,19 @@ +package no.nav.testnav.dollysearchservice.mapper; + +import ma.glasnost.orika.MapperFactory; + +@FunctionalInterface +public interface MappingStrategy { + + /** + * A callback for registering criteria on the provided {@link MapperFactory}. + *

+ * 

{@code
+     *
+     * @Override public void register(MapperFactory factory) {
+     * factory.registerMapper(arbeidsfordelingToRestArbeidsfordeling());
+     * }
+     * }
+ */ + void register(MapperFactory factory); +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchResponseMappingStrategy.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchResponseMappingStrategy.java new file mode 100644 index 00000000000..8bf1718b7a4 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchResponseMappingStrategy.java @@ -0,0 +1,31 @@ +package no.nav.testnav.dollysearchservice.mapper; + +import ma.glasnost.orika.CustomMapper; +import ma.glasnost.orika.MapperFactory; +import ma.glasnost.orika.MappingContext; +import no.nav.testnav.dollysearchservice.dto.SearchInternalResponse; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; +import org.springframework.stereotype.Component; + +@Component +public class OpenSearchResponseMappingStrategy implements MappingStrategy { + + @Override + public void register(MapperFactory factory) { + factory.classMap(SearchInternalResponse.class, SearchResponse.class) + .customize(new CustomMapper<>() { + @Override + public void mapAtoB(SearchInternalResponse searchInternalResponse, SearchResponse searchResponse, MappingContext context) { + + searchResponse.setTotalHits(searchInternalResponse.getTotalHits()); + searchResponse.setTook(searchInternalResponse.getTook()); + searchResponse.setSide(searchInternalResponse.getSide()); + searchResponse.setAntall(searchInternalResponse.getAntall()); + searchResponse.setSeed(searchInternalResponse.getSeed()); + searchResponse.setPersoner(searchInternalResponse.getPersoner()); + searchResponse.setError(searchInternalResponse.getError()); + } + }) + .register(); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchV2ResponseMappingStrategy.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchV2ResponseMappingStrategy.java new file mode 100644 index 00000000000..de48e157b27 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchV2ResponseMappingStrategy.java @@ -0,0 +1,31 @@ +package no.nav.testnav.dollysearchservice.mapper; + +import ma.glasnost.orika.CustomMapper; +import ma.glasnost.orika.MapperFactory; +import ma.glasnost.orika.MappingContext; +import no.nav.testnav.dollysearchservice.dto.SearchInternalResponse; +import no.nav.testnav.libs.data.dollysearchservice.v2.SearchResponse; +import org.springframework.stereotype.Component; + +@Component +public class OpenSearchV2ResponseMappingStrategy implements MappingStrategy { + + @Override + public void register(MapperFactory factory) { + factory.classMap(SearchInternalResponse.class, SearchResponse.class) + .customize(new CustomMapper<>() { + @Override + public void mapAtoB(SearchInternalResponse searchInternalResponse, SearchResponse searchResponse, MappingContext context) { + + searchResponse.setTotalHits(searchInternalResponse.getTotalHits()); + searchResponse.setTook(searchInternalResponse.getTook()); + searchResponse.setSide(searchInternalResponse.getSide()); + searchResponse.setAntall(searchInternalResponse.getAntall()); + searchResponse.setSeed(searchInternalResponse.getSeed()); + searchResponse.setPersoner(searchInternalResponse.getPersoner()); + searchResponse.setError(searchInternalResponse.getError()); + } + }) + .register(); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchEnhancedController.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchEnhancedController.java new file mode 100644 index 00000000000..cd0e40329a1 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchEnhancedController.java @@ -0,0 +1,34 @@ +package no.nav.testnav.dollysearchservice.provider; + +import io.swagger.v3.oas.annotations.Operation; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import no.nav.testnav.dollysearchservice.service.OpenSearchV2Service; +import no.nav.testnav.libs.data.dollysearchservice.v2.ElasticTyper; +import no.nav.testnav.libs.data.dollysearchservice.v2.SearchRequest; +import no.nav.testnav.libs.data.dollysearchservice.v2.SearchResponse; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; +import reactor.core.publisher.Mono; + +import java.util.List; + +@Slf4j +@RestController +@RequestMapping("/api/v2/opensearch") +@RequiredArgsConstructor +public class OpensearchEnhancedController { + + private final OpenSearchV2Service openSearchV2Service; + + @PostMapping + @Operation(description = "Henter personer som matcher søk av persondetaljer i request") + public Mono getPersoner(@RequestParam(required = false) List registreRequest, + @RequestBody SearchRequest request) { + + return openSearchV2Service.search(request, registreRequest); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/BestillingQueryService.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/BestillingQueryService.java new file mode 100644 index 00000000000..c375f1395c3 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/BestillingQueryService.java @@ -0,0 +1,108 @@ +package no.nav.testnav.dollysearchservice.service; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import no.nav.testnav.dollysearchservice.dto.BestillingIdenter; +import no.nav.testnav.dollysearchservice.dto.SearchRequest; +import no.nav.testnav.dollysearchservice.utils.FagsystemQuereyUtils; +import org.opensearch.action.search.SearchResponse; +import org.opensearch.client.RequestOptions; +import org.opensearch.client.RestHighLevelClient; +import org.opensearch.common.unit.TimeValue; +import org.opensearch.index.query.QueryBuilders; +import org.opensearch.search.SearchHit; +import org.opensearch.search.builder.SearchSourceBuilder; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.cache.annotation.Cacheable; +import org.springframework.stereotype.Service; + +import java.io.IOException; +import java.util.Arrays; +import java.util.Collection; +import java.util.HashSet; +import java.util.Objects; +import java.util.Set; +import java.util.concurrent.TimeUnit; +import java.util.stream.Collectors; + +import static no.nav.testnav.dollysearchservice.config.CachingConfig.CACHE_REGISTRE; + +@Slf4j +@Service +@RequiredArgsConstructor +public class BestillingQueryService { + + private static final int QUERY_SIZE = 10000; + + @Value("${open.search.index}") + private String dollyIndex; + + private final RestHighLevelClient restHighLevelClient; + private final ObjectMapper objectMapper; + + @Cacheable(cacheNames = CACHE_REGISTRE, key="#request.registreRequest") + public Set execRegisterQuery(SearchRequest request) { + + var now = System.currentTimeMillis(); + + Set identer; + SearchResponse searchResponse; + + var queryBuilder = QueryBuilders.boolQuery(); + request.getRegistreRequest().stream() + .map(FagsystemQuereyUtils::getFagsystemQuery) + .forEach(queryBuilder::must); + + try { + searchResponse = restHighLevelClient.search(new org.opensearch.action.search.SearchRequest(dollyIndex) + .source(new SearchSourceBuilder() + .query(queryBuilder) + .sort("id") + .size(QUERY_SIZE) + .timeout(new TimeValue(3, TimeUnit.SECONDS))), RequestOptions.DEFAULT); + + identer = new HashSet<>(getIdenter(searchResponse)); + + while (searchResponse.getHits().getHits().length > 0) { + + searchResponse = restHighLevelClient.search(new org.opensearch.action.search.SearchRequest(dollyIndex) + .source(new SearchSourceBuilder() + .query(queryBuilder) + .sort("id") + .searchAfter(new Object[]{searchResponse.getHits().getAt(searchResponse.getHits().getHits().length - 1).getId()}) + .size(QUERY_SIZE) + .timeout(new TimeValue(3, TimeUnit.SECONDS))), RequestOptions.DEFAULT); + + identer.addAll(getIdenter(searchResponse)); + } + + } catch (IOException e) { + log.error("Feil ved henting av identer", e); + identer = Set.of("99999999999"); + } + + log.info("Uthenting av {} identer tok {} ms", identer.size(), System.currentTimeMillis() - now); + + return identer; + } + + private Set getIdenter(SearchResponse response) { + + return Arrays.stream(response.getHits().getHits()) + .map(SearchHit::getSourceAsString) + .map(json -> { + try { + return objectMapper.readValue(json, BestillingIdenter.class); + } catch (JsonProcessingException e) { + log.error("Feil ved parsing av json", e); + return null; + } + }) + .filter(Objects::nonNull) + .map(BestillingIdenter::getIdenter) + .flatMap(Collection::stream) + .collect(Collectors.toSet()); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java index 13cc7855d75..01ddc62572e 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java @@ -1,81 +1,30 @@ package no.nav.testnav.dollysearchservice.service; -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import ma.glasnost.orika.MapperFacade; import no.nav.testnav.dollysearchservice.consumer.OpenSearchConsumer; import no.nav.testnav.dollysearchservice.utils.OpenSearchQueryBuilder; import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; -import org.opensearch.common.unit.TimeValue; -import org.opensearch.index.query.BoolQueryBuilder; -import org.opensearch.search.builder.SearchSourceBuilder; import org.springframework.stereotype.Service; import reactor.core.publisher.Mono; -import java.util.concurrent.TimeUnit; - -import static java.util.Objects.isNull; -import static org.apache.commons.lang3.StringUtils.isNotBlank; - @Slf4j @Service @RequiredArgsConstructor public class OpenSearchService { private final OpenSearchConsumer openSearchConsumer; - private final ObjectMapper objectMapper; + private final MapperFacade mapperFacade; + private final PersonQueryService personQueryService; - public Mono search(SearchRequest request) { + public Mono search(SearchRequest searchRequest) { + var request = mapperFacade.map(searchRequest, no.nav.testnav.dollysearchservice.dto.SearchRequest.class); var query = OpenSearchQueryBuilder.buildSearchQuery(request); - return execQuery(request, query); - } - - private Mono execQuery(SearchRequest request, BoolQueryBuilder query) { - - if (isNull(request.getSide())) { - request.setSide(1); - } - - if (isNull(request.getAntall())) { - request.setAntall(10); - } - - return Mono.from(openSearchConsumer.search( - no.nav.testnav.dollysearchservice.dto.SearchRequest.builder() - .query( - new org.opensearch.action.search.SearchRequest() - .indices("pdl-sok") - .source(new SearchSourceBuilder() - .query(query) - .from(request.getSide() * request.getAntall()) - .size(request.getAntall()) - .timeout(new TimeValue(3, TimeUnit.SECONDS)))) - .request(request) - .build())) - .map(this::formatResponse); - } - - private SearchResponse formatResponse(no.nav.testnav.dollysearchservice.dto.SearchResponse response) { - - if (isNotBlank(response.getError())) { - return SearchResponse.builder() - .error(response.getError()) - .build(); - } - return SearchResponse.builder() - .took(response.getTook().toString()) - .totalHits(response.getHits().getTotal().getValue()) - .antall(response.getHits().getHits().size()) - .side(response.getRequest().getSide()) - .seed(response.getRequest().getSeed()) - .personer(response.getHits().getHits().stream() - .map(no.nav.testnav.dollysearchservice.dto.SearchResponse.SearchHit::get_source) - .map(person -> objectMapper.convertValue(person, JsonNode.class)) - .toList()) - .build(); + return personQueryService.execQuery(request, query) + .map(response -> mapperFacade.map(response, SearchResponse.class)); } } diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchV2Service.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchV2Service.java new file mode 100644 index 00000000000..090c97f19c5 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchV2Service.java @@ -0,0 +1,41 @@ +package no.nav.testnav.dollysearchservice.service; + +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import ma.glasnost.orika.MapperFacade; +import no.nav.testnav.dollysearchservice.utils.OpenSearchQueryBuilder; +import no.nav.testnav.libs.data.dollysearchservice.v2.ElasticTyper; +import no.nav.testnav.libs.data.dollysearchservice.v2.SearchRequest; +import no.nav.testnav.libs.data.dollysearchservice.v2.SearchResponse; +import org.springframework.stereotype.Service; +import reactor.core.publisher.Mono; + +import java.util.List; +import java.util.Set; + +@Slf4j +@Service +@RequiredArgsConstructor +public class OpenSearchV2Service { + + private static final String NO_IDENT = "9999999999)"; + + private final BestillingQueryService bestillingQueryService; + private final MapperFacade mapperFacade; + private final PersonQueryService personQueryService; + + public Mono search(SearchRequest searchRequest, List registreRequest) { + + var request = mapperFacade.map(searchRequest, + no.nav.testnav.dollysearchservice.dto.SearchRequest.class); + request.setRegistreRequest(registreRequest); + + var identer = bestillingQueryService.execRegisterQuery(request); + request.setIdenter(identer.isEmpty() ? Set.of(NO_IDENT) : identer); + + var query = OpenSearchQueryBuilder.buildSearchQuery(request); + + return personQueryService.execQuery(request,query) + .map(response -> mapperFacade.map(response, SearchResponse.class)); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/PersonQueryService.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/PersonQueryService.java new file mode 100644 index 00000000000..a6b6012dedd --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/PersonQueryService.java @@ -0,0 +1,84 @@ +package no.nav.testnav.dollysearchservice.service; + +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import no.nav.testnav.dollysearchservice.consumer.OpenSearchConsumer; +import no.nav.testnav.dollysearchservice.dto.SearchInternalResponse; +import no.nav.testnav.dollysearchservice.dto.SearchRequest; +import org.opensearch.common.unit.TimeValue; +import org.opensearch.index.query.QueryBuilder; +import org.opensearch.search.builder.SearchSourceBuilder; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Service; +import reactor.core.publisher.Mono; + +import java.util.concurrent.TimeUnit; + +import static java.util.Objects.isNull; +import static org.apache.commons.lang3.StringUtils.isNotBlank; + +@Slf4j +@Service +@RequiredArgsConstructor +public class PersonQueryService { + + private final OpenSearchConsumer openSearchConsumer; + private final ObjectMapper objectMapper; + + @Value("${open.search.pdl-index}") + private String pdlIndex; + + public Mono execQuery(SearchRequest request, QueryBuilder query) { + + var now = System.currentTimeMillis(); + + if (isNull(request.getSide())) { + request.setSide(0); + } + + if (isNull(request.getAntall())) { + request.setAntall(10); + } + + var personSoekResponse = Mono.from(openSearchConsumer.search( + no.nav.testnav.dollysearchservice.dto.SearchRequest.builder() + .query( + new org.opensearch.action.search.SearchRequest() + .indices(pdlIndex) + .source(new SearchSourceBuilder() + .query(query) + .from(request.getSide() * request.getAntall()) + .size(request.getAntall()) + .timeout(new TimeValue(3, TimeUnit.SECONDS)))) + .request(request) + .build())) + .map(this::formatResponse); + + log.info("Personsøk tok: {} ms", System.currentTimeMillis() - now); + + return personSoekResponse; + } + + private SearchInternalResponse formatResponse(no.nav.testnav.dollysearchservice.dto.SearchResponse response) { + + if (isNotBlank(response.getError())) { + return SearchInternalResponse.builder() + .error(response.getError()) + .build(); + } + + return SearchInternalResponse.builder() + .took(response.getTook().toString()) + .totalHits(response.getHits().getTotal().getValue()) + .antall(response.getHits().getHits().size()) + .side(response.getRequest().getSide()) + .seed(response.getRequest().getSeed()) + .personer(response.getHits().getHits().stream() + .map(no.nav.testnav.dollysearchservice.dto.SearchResponse.SearchHit::get_source) + .map(person -> objectMapper.convertValue(person, JsonNode.class)) + .toList()) + .build(); + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/FagsystemQuereyUtils.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/FagsystemQuereyUtils.java new file mode 100644 index 00000000000..6546474f864 --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/FagsystemQuereyUtils.java @@ -0,0 +1,47 @@ +package no.nav.testnav.dollysearchservice.utils; + +import lombok.experimental.UtilityClass; +import no.nav.testnav.libs.data.dollysearchservice.v2.ElasticTyper; +import org.opensearch.index.query.QueryBuilder; +import org.opensearch.index.query.QueryBuilders; + +@UtilityClass +public class FagsystemQuereyUtils { + + public static QueryBuilder getFagsystemQuery(ElasticTyper type) { + + return switch (type) { + case AAREG -> QueryBuilders.existsQuery("aareg"); + case INST -> QueryBuilders.existsQuery("instdata"); + case KRRSTUB -> QueryBuilders.existsQuery("krrstub"); + case SIGRUN_LIGNET -> QueryBuilders.existsQuery("sigrunstub"); + case SIGRUN_PENSJONSGIVENDE -> QueryBuilders.existsQuery("sigrunstubPensjonsgivende"); + case ARENA_AAP -> QueryBuilders.existsQuery("arenaforvalter.aap"); + case ARENA_AAP115 -> QueryBuilders.existsQuery("arenaforvalter.aap115"); + case ARENA_DAGP -> QueryBuilders.existsQuery("arenaforvalter.dagpenger"); + case UDISTUB -> QueryBuilders.existsQuery("udistub"); + case INNTK -> QueryBuilders.existsQuery("inntektstub"); + case PEN_INNTEKT -> QueryBuilders.existsQuery("pensjonforvalter.inntekt"); + case PEN_TP -> QueryBuilders.existsQuery("pensjonforvalter.tp"); + case PEN_AP -> QueryBuilders.existsQuery("pensjonforvalter.alderspensjon"); + case PEN_UT -> QueryBuilders.existsQuery("pensjonforvalter.uforetrygd"); + case PEN_AFP_OFFENTLIG -> QueryBuilders.existsQuery("pensjonforvalter.afpOffentlig"); + case PEN_PENSJONSAVTALE -> QueryBuilders.existsQuery("pensjonforvalter.pensjonsavtale"); + case INNTKMELD -> QueryBuilders.existsQuery("inntektsmelding"); + case BRREGSTUB -> QueryBuilders.existsQuery("brregstub"); + case DOKARKIV -> QueryBuilders.existsQuery("dokarkiv"); + case FULLMAKT -> QueryBuilders.existsQuery("fullmakt"); + case MEDL -> QueryBuilders.existsQuery("medl"); + case HISTARK -> QueryBuilders.existsQuery("histark"); + case SYKEMELDING -> QueryBuilders.existsQuery("sykemelding"); + case SKJERMING -> QueryBuilders.existsQuery("skjerming"); + case BANKKONTO -> QueryBuilders.existsQuery("bankkonto"); + case BANKKONTO_NORGE -> QueryBuilders.existsQuery("bankkonto.norskBankkonto"); + case BANKKONTO_UTLAND -> QueryBuilders.existsQuery("bankkonto.utenlandskBankkonto"); + case ARBEIDSPLASSENCV -> QueryBuilders.existsQuery("arbeidsplassenCV"); + case SKATTEKORT -> QueryBuilders.existsQuery("skattekort"); + case YRKESSKADE -> QueryBuilders.existsQuery("yrkesskader"); + case ARBEIDSSOEKERREGISTERET -> QueryBuilders.existsQuery("arbeidssoekerregisteret"); + }; + } +} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchIdenterQueryUtils.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchIdenterQueryUtils.java index 3a1ad74ce2a..e7c7a726a94 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchIdenterQueryUtils.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchIdenterQueryUtils.java @@ -1,7 +1,8 @@ package no.nav.testnav.dollysearchservice.utils; import lombok.experimental.UtilityClass; -import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import lombok.extern.slf4j.Slf4j; +import no.nav.testnav.dollysearchservice.dto.SearchRequest; import org.opensearch.index.query.BoolQueryBuilder; import org.opensearch.index.query.QueryBuilders; @@ -14,7 +15,9 @@ import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.matchQuery; import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.nestedMatchQuery; import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.nestedRegexpQuery; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.nestedTermsQuery; +@Slf4j @UtilityClass public class OpenSearchIdenterQueryUtils { @@ -43,10 +46,13 @@ private static BoolQueryBuilder addDollyIdentifier() { private static BoolQueryBuilder addIdenterQuery(Set identer) { - var query = QueryBuilders.boolQuery(); - identer.forEach(ident -> query - .should(nestedMatchQuery(HENT_IDENTER, "ident", ident)) - ); + var now = System.currentTimeMillis(); + + var arr = new String[identer.size()]; + var query = QueryBuilders.boolQuery() + .should(nestedTermsQuery(HENT_IDENTER, "ident", identer.toArray(arr))); + + log.info("Konvertering av liste til array tok {} ms", System.currentTimeMillis() - now); return query; } } diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchPersonQueryUtils.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchPersonQueryUtils.java index 8036c6cbf60..3ce74429b87 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchPersonQueryUtils.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchPersonQueryUtils.java @@ -1,7 +1,7 @@ package no.nav.testnav.dollysearchservice.utils; import lombok.experimental.UtilityClass; -import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import no.nav.testnav.dollysearchservice.dto.SearchRequest; import no.nav.testnav.libs.data.pdlforvalter.v1.Identtype; import org.apache.lucene.search.join.ScoreMode; import org.opensearch.index.query.BoolQueryBuilder; @@ -11,6 +11,7 @@ import java.util.Optional; import static java.util.Objects.nonNull; +import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.CONCAT; import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.FOLKEREGISTERIDENTIFIKATOR; import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.HENT_IDENTER; import static no.nav.testnav.dollysearchservice.utils.OpenSearchQueryUtils.HISTORISK; @@ -35,7 +36,6 @@ public class OpenSearchPersonQueryUtils { private static final String KOMMUNENUMMER = "kommunenummer"; private static final String POSTNUMMER = "postnummer"; private static final String BYDELSNUMMER = "bydelsnummer"; - private static final String CONCAT = "%s.%s"; public static void addAlderQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { @@ -58,79 +58,77 @@ public static void addAlderQuery(BoolQueryBuilder queryBuilder, SearchRequest re public static void addHarBarnQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (isTrue(request.getPersonRequest().getHarBarn())) { - queryBuilder.must(QueryBuilders.boolQuery() + queryBuilder .must(nestedMatchQuery(FAMILIE_RELASJON_PATH, METADATA_HISTORISK, false)) - .must(nestedMatchQuery(FAMILIE_RELASJON_PATH, "relatertPersonsRolle", "BARN")) - ); + .must(nestedMatchQuery(FAMILIE_RELASJON_PATH, "relatertPersonsRolle", "BARN")); } } public static void addHarForeldreQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (isTrue(request.getPersonRequest().getHarForeldre())) { - queryBuilder.must(QueryBuilders.boolQuery() + queryBuilder .must(nestedMatchQuery(FAMILIE_RELASJON_PATH, METADATA_HISTORISK, false)) - .must(nestedMatchQuery(FAMILIE_RELASJON_PATH, "minRolleForPerson", "BARN")) - ); + .must(nestedMatchQuery(FAMILIE_RELASJON_PATH, "minRolleForPerson", "BARN")); } } public static void addSivilstandQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (nonNull(request.getPersonRequest().getSivilstand())) { - queryBuilder.must(QueryBuilders.boolQuery() + queryBuilder .must(nestedMatchQuery("hentPerson.sivilstand", METADATA_HISTORISK, false)) .must(nestedMatchQuery("hentPerson.sivilstand", "type", request.getPersonRequest().getSivilstand().name()) - )); + ); } } public static void addHarDoedfoedtbarnQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (isTrue(request.getPersonRequest().getHarDoedfoedtBarn())) { - queryBuilder.must(QueryBuilders.boolQuery() - .must(nestedMatchQuery("hentPerson.doedfoedtBarn", METADATA_HISTORISK, false))); + queryBuilder + .must(nestedMatchQuery("hentPerson.doedfoedtBarn", METADATA_HISTORISK, false)); } } public static void addHarForeldreansvarQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (isTrue(request.getPersonRequest().getHarForeldreAnsvar())) { - queryBuilder.must(QueryBuilders.boolQuery() - .must(nestedMatchQuery("hentPerson.foreldreansvar", METADATA_HISTORISK, false))); + queryBuilder + .must(nestedMatchQuery("hentPerson.foreldreansvar", METADATA_HISTORISK, false)); } } public static void addVergemaalQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (isTrue(request.getPersonRequest().getHarVerge())) { - queryBuilder.must(QueryBuilders.boolQuery() - .must(nestedMatchQuery("hentPerson.vergemaalEllerFremtidsfullmakt", METADATA_HISTORISK, false))); + queryBuilder + .must(nestedMatchQuery("hentPerson.vergemaalEllerFremtidsfullmakt", METADATA_HISTORISK, false)); } } public static void addDoedsfallQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (isTrue(request.getPersonRequest().getHarDoedsfall())) { - queryBuilder.must(QueryBuilders.boolQuery() - .must(nestedMatchQuery("hentPerson.doedsfall", METADATA_HISTORISK, false))); + queryBuilder + .must(nestedMatchQuery("hentPerson.doedsfall", METADATA_HISTORISK, false)); } } public static void addHarInnflyttingQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (isTrue(request.getPersonRequest().getHarInnflytting())) { - queryBuilder.must(QueryBuilders.boolQuery() - .must(nestedMatchQuery("hentPerson.innflyttingTilNorge", METADATA_HISTORISK, false))); + queryBuilder + .must(nestedMatchQuery("hentPerson.innflyttingTilNorge", METADATA_HISTORISK, false)); } } public static void addHarUtflyttingQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (isTrue(request.getPersonRequest().getHarUtflytting())) { - queryBuilder.must(QueryBuilders.boolQuery() - .must(nestedMatchQuery("hentPerson.utflyttingFraNorge", METADATA_HISTORISK, false))); + queryBuilder + .must(nestedMatchQuery("hentPerson.utflyttingFraNorge", METADATA_HISTORISK, false)); } } @@ -139,10 +137,10 @@ public static void addAdressebeskyttelseQuery(BoolQueryBuilder queryBuilder, Sea Optional.ofNullable(request.getPersonRequest().getAdresse()) .filter(adresse -> nonNull(adresse.getAddressebeskyttelse())) .ifPresent(adresse -> - queryBuilder.must(QueryBuilders.boolQuery() + queryBuilder .must(nestedMatchQuery("hentPerson.adressebeskyttelse", METADATA_HISTORISK, false)) .must(nestedMatchQuery("hentPerson.adressebeskyttelse", "gradering", - adresse.getAddressebeskyttelse().name())) + adresse.getAddressebeskyttelse().name()) )); } @@ -274,10 +272,10 @@ public static void addAdresseMatrikkelQuery(BoolQueryBuilder queryBuilder, Searc Optional.ofNullable(request.getPersonRequest().getAdresse()) .filter(boadresse -> isTrue(boadresse.getHarMatrikkeladresse())) .ifPresent(boadresse -> - queryBuilder.must(QueryBuilders.boolQuery() + queryBuilder .must(nestedMatchQuery(BOSTEDSADRESSE, METADATA_HISTORISK, false)) .must(nestedExistQuery(BOSTEDSADRESSE, MATRIKKELADRESSE)) - )); + ); } public static void addHarBostedUkjentQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { @@ -285,10 +283,10 @@ public static void addHarBostedUkjentQuery(BoolQueryBuilder queryBuilder, Search Optional.ofNullable(request.getPersonRequest().getAdresse()) .filter(boadresse -> isTrue(boadresse.getHarUkjentAdresse())) .ifPresent(boadresse -> - queryBuilder.must(QueryBuilders.boolQuery() + queryBuilder .must(nestedMatchQuery(BOSTEDSADRESSE, METADATA_HISTORISK, false)) .must(nestedExistQuery(BOSTEDSADRESSE, "ukjentBosted")) - )); + ); } public static void addHarDeltBostedQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { @@ -338,10 +336,10 @@ public static void addHarSikkerhetstiltakQuery(BoolQueryBuilder queryBuilder, Se public static void addStatsborgerskapQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (isNotBlank(request.getPersonRequest().getStatsborgerskap())) { - queryBuilder.must(QueryBuilders.boolQuery() + queryBuilder .must(nestedMatchQuery("hentPerson.statsborgerskap", METADATA_HISTORISK, false)) .must(nestedMatchQuery("hentPerson.statsborgerskap", "land", - request.getPersonRequest().getStatsborgerskap())) + request.getPersonRequest().getStatsborgerskap()) ); } } @@ -356,9 +354,9 @@ public static void addHarOppholdQuery(BoolQueryBuilder queryBuilder, SearchReque public static void addHarNyIdentitetQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (isTrue(request.getPersonRequest().getHarNyIdentitet())) { - queryBuilder.must(QueryBuilders.boolQuery() + queryBuilder .must(nestedMatchQuery(HENT_IDENTER, HISTORISK, false)) - .must(nestedMatchQuery(HENT_IDENTER, HISTORISK, true)) + .must(nestedMatchQuery(HENT_IDENTER, HISTORISK, true) ); } } @@ -366,10 +364,10 @@ public static void addHarNyIdentitetQuery(BoolQueryBuilder queryBuilder, SearchR public static void addKjoennQuery(BoolQueryBuilder queryBuilder, SearchRequest request) { if (nonNull(request.getPersonRequest().getKjoenn())) { - queryBuilder.must(QueryBuilders.boolQuery() + queryBuilder .must(nestedMatchQuery("hentPerson.kjoenn", METADATA_HISTORISK, false)) .must(nestedMatchQuery("hentPerson.kjoenn", "kjoenn", - request.getPersonRequest().getKjoenn().name())) + request.getPersonRequest().getKjoenn().name()) ); } } @@ -389,10 +387,10 @@ public static void addIdenttypeQuery(BoolQueryBuilder queryBuilder, SearchReques ) ); } else { - queryBuilder.must(QueryBuilders.boolQuery() + queryBuilder .must(nestedMatchQuery(FOLKEREGISTERIDENTIFIKATOR, METADATA_HISTORISK, false)) .must(nestedMatchQuery(FOLKEREGISTERIDENTIFIKATOR, "type", - request.getPersonRequest().getIdenttype().name()))); + request.getPersonRequest().getIdenttype().name())); } } } diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryBuilder.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryBuilder.java index 55aafac8e22..c981baac24a 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryBuilder.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryBuilder.java @@ -1,7 +1,7 @@ package no.nav.testnav.dollysearchservice.utils; import lombok.experimental.UtilityClass; -import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; +import no.nav.testnav.dollysearchservice.dto.SearchRequest; import org.opensearch.index.query.BoolQueryBuilder; import org.opensearch.index.query.QueryBuilders; import org.opensearch.index.query.functionscore.FunctionScoreQueryBuilder; diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryUtils.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryUtils.java index 7cf100b78da..2be8af5ff69 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryUtils.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/OpenSearchQueryUtils.java @@ -13,6 +13,7 @@ public class OpenSearchQueryUtils { public static final String METADATA_HISTORISK = "metadata.historisk"; public static final String FOLKEREGISTERIDENTIFIKATOR = "hentPerson.folkeregisteridentifikator"; public static final String NAVSPERSONIDENTIFIKATOR = "hentPerson.navspersonidentifikator"; + public static final String CONCAT = "%s.%s"; public static QueryBuilder rangeQuery(String field, Integer value1, Integer value2) { @@ -29,6 +30,11 @@ public static QueryBuilder existQuery(String field) { return QueryBuilders.existsQuery(field); } + public static QueryBuilder termsQuery(String field, Object[] values) { + + return QueryBuilders.termsQuery(field, values); + } + public static QueryBuilder regexpQuery(String field, String value) { return QueryBuilders.regexpQuery(field, value); @@ -36,16 +42,21 @@ public static QueryBuilder regexpQuery(String field, String value) { public static QueryBuilder nestedRegexpQuery(String path, String field, String value) { - return QueryBuilders.nestedQuery(path, regexpQuery("%s.%s".formatted(path, field), value), ScoreMode.Avg); + return QueryBuilders.nestedQuery(path, regexpQuery(CONCAT.formatted(path, field), value), ScoreMode.Avg); } public static QueryBuilder nestedMatchQuery(String path, String field, Object value) { - return QueryBuilders.nestedQuery(path, matchQuery("%s.%s".formatted(path, field), value), ScoreMode.Avg); + return QueryBuilders.nestedQuery(path, matchQuery(CONCAT.formatted(path, field), value), ScoreMode.Avg); + } + + public static QueryBuilder nestedTermsQuery(String path, String field, Object[] values) { + + return QueryBuilders.nestedQuery(path, termsQuery(CONCAT.formatted(path, field), values), ScoreMode.Avg); } public static QueryBuilder nestedExistQuery(String path, String field) { - return QueryBuilders.nestedQuery(path, existQuery(path + '.' + field), ScoreMode.Avg); + return QueryBuilders.nestedQuery(path, existQuery(CONCAT.formatted(path, field)), ScoreMode.Avg); } -} +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/resources/application-dev.yml b/apps/dolly-search-service/src/main/resources/application-dev.yml new file mode 100644 index 00000000000..4c8d239a548 --- /dev/null +++ b/apps/dolly-search-service/src/main/resources/application-dev.yml @@ -0,0 +1,7 @@ +testnorge: + analyse: + enabled: true + +open: + search: + index: bestilling-dev \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/resources/application-local.yml b/apps/dolly-search-service/src/main/resources/application-local.yml index f3ed84e8daf..2996bc8ca17 100644 --- a/apps/dolly-search-service/src/main/resources/application-local.yml +++ b/apps/dolly-search-service/src/main/resources/application-local.yml @@ -6,8 +6,9 @@ spring: config: import: "sm://" -consumers: - dolly-backend: - url: https://dolly-backend.intern.dev.nav.no - dolly-backend-dev: - url: https://dolly-backend-dev.intern.dev.nav.no \ No newline at end of file +open: + search: + uri: http://localhost:9200 + username: dummy + password: dummy + index: local \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/resources/application-prod.yml b/apps/dolly-search-service/src/main/resources/application-prod.yml index 37735b8c79c..69532901ec2 100644 --- a/apps/dolly-search-service/src/main/resources/application-prod.yml +++ b/apps/dolly-search-service/src/main/resources/application-prod.yml @@ -1,3 +1,7 @@ testnorge: analyse: enabled: true + +open: + search: + index: bestilling \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/resources/application.yml b/apps/dolly-search-service/src/main/resources/application.yml index a55c76a9699..23051be07ee 100644 --- a/apps/dolly-search-service/src/main/resources/application.yml +++ b/apps/dolly-search-service/src/main/resources/application.yml @@ -52,4 +52,9 @@ server: encoding: charset: UTF-8 error: - include-message: always \ No newline at end of file + include-message: always + +open: + search: + pdl-index: pdl-sok + max-terms-count: 200000 \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/resources/logback-spring.xml b/apps/dolly-search-service/src/main/resources/logback-spring.xml index 7f81f72aa83..7faec7d8fd8 100644 --- a/apps/dolly-search-service/src/main/resources/logback-spring.xml +++ b/apps/dolly-search-service/src/main/resources/logback-spring.xml @@ -1,6 +1,6 @@ - + diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticBestilling.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticBestilling.java new file mode 100644 index 00000000000..21e7f0c408c --- /dev/null +++ b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticBestilling.java @@ -0,0 +1,129 @@ +package no.nav.testnav.libs.data.dollysearchservice.v2; + +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; +import no.nav.testnav.libs.data.arbeidsplassencv.v1.ArbeidsplassenCVDTO; +import no.nav.testnav.libs.dto.inntektsmeldinggeneratorservice.v1.rs.RsInntektsmelding; +import no.nav.testnav.libs.dto.skattekortservice.v1.SkattekortRequestDTO; +import no.nav.testnav.libs.dto.yrkesskade.v1.YrkesskadeRequest; +import org.springframework.data.annotation.Id; +import org.springframework.data.annotation.Transient; +import org.springframework.data.domain.Persistable; +import org.springframework.data.elasticsearch.annotations.Document; +import org.springframework.data.elasticsearch.annotations.Field; + +import java.util.ArrayList; +import java.util.List; + +import static java.util.Objects.isNull; + +@Document(indexName = "#{@environment.getProperty('open.search.index')}") +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +@JsonInclude(JsonInclude.Include.NON_EMPTY) +public class ElasticBestilling implements Persistable { + + @Id + private Long id; + @Field + private Object krrstub; + @Field + private Object fullmakt; + @Field + private Object medl; + @Field + private Object instdata; + @Field + private Object aareg; + @Field + private Object sigrunstub; + @Field + private Object sigrunstubPensjonsgivende; + @Field + private Object inntektstub; + @Field + private Arenadata arenaforvalter; + @Field + private Object udistub; + @Field + private PensjonData pensjonforvalter; + @Field + private RsInntektsmelding inntektsmelding; + @Field + private Object brregstub; + @Field + private Object dokarkiv; + @Field + private Object histark; + @Field + private Object sykemelding; + @Field + private BankkontoData bankkonto; + @Field + private Object skjerming; + @Field + private ArbeidsplassenCVDTO arbeidsplassenCV; + @Field + private SkattekortRequestDTO skattekort; + @Field + private List yrkesskader; + @Field + private Object arbeidssoekerregisteret; + @Field + private List identer; + @Transient + @JsonIgnore + private boolean ignore; + + private static class BankkontoData { + @Field + private Object norskBankkonto; + @Field + private Object utenlandskBankkonto; + } + + private static class PensjonData { + @Field + private Object inntekt; + @Field + private Object tp; + @Field + private Object alderspensjon; + @Field + private Object uforetrygd; + @Field + private Object afpOffentlig; + @Field + private Object pensjonsavtale; + } + + private static class Arenadata { + @Field + private Object aap; + @Field + private Object aap115; + @Field + private Object dagpenger; + } + + @Override + @JsonIgnore + @Transient + public boolean isNew() { + + return false; + } + + public List getIdenter() { + if (isNull(identer)) { + identer = new ArrayList<>(); + } + return identer; + } +} diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticTyper.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticTyper.java new file mode 100644 index 00000000000..951d6947694 --- /dev/null +++ b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticTyper.java @@ -0,0 +1,45 @@ +package no.nav.testnav.libs.data.dollysearchservice.v2; + +import lombok.Getter; + +@Getter +public enum ElasticTyper { + + AAREG("Arbeidsgiver/arbeidstaker-register (AAREG)"), + ARBEIDSPLASSENCV("Arbeidsplassen CV"), + ARBEIDSSOEKERREGISTERET("Arbeidssøkerregisteret"), + ARENA_AAP("Arena AAP ytelse"), + ARENA_AAP115("Arena AAP115 rettighet"), + ARENA_DAGP("Arena dagpenger"), + BANKKONTO("Bankkontoregister"), + BANKKONTO_NORGE("Bankkonto i Norge"), + BANKKONTO_UTLAND("Bankkonto i utlandet"), + BRREGSTUB("Brønnøysundregistrene (BRREGSTUB)"), + DOKARKIV("Dokumentarkiv (JOARK)"), + FULLMAKT("Fullmakt (Representasjon)"), + HISTARK("Historisk arkiv (HISTARK)"), + INNTK("Inntektskomponenten/stub (INNTK)"), + INNTKMELD("Inntektsmelding (ALTINN/JOARK)"), + INST("Institusjonsopphold (INST2)"), + KRRSTUB("Kontakt- og reservasjonsregister-stub"), + MEDL("Medlemskap (MEDL)"), + PEN_AFP_OFFENTLIG("Pensjon - AFP offentlig"), + PEN_AP("Pensjon - Alderspensjon (AP)"), + PEN_INNTEKT("Pensjon - Pensjonsinntekt/opptjening"), + PEN_PENSJONSAVTALE("Pensjon - Pensjonsavtaler"), + PEN_TP("Pensjon - Tjenestepensjon (TP)"), + PEN_UT("Pensjon - Uføretrygd (UT)"), + SIGRUN_LIGNET("Sigrunstub - Lignet skatteinntekt"), + SIGRUN_PENSJONSGIVENDE("Sigrunstub - Pensjonsgivende inntekt"), + SKATTEKORT("Skattekort (SOKOS)"), + SKJERMING("Skjermingsregisteret"), + SYKEMELDING("Sykemelding"), + UDISTUB("Udistub - Utlendingsdirektoratet"), + YRKESSKADE("Yrkesskade"); + + private final String beskrivelse; + + ElasticTyper(String beskrivelse) { + this.beskrivelse = beskrivelse; + } +} diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchRequest.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchRequest.java new file mode 100644 index 00000000000..db5bb808f9d --- /dev/null +++ b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchRequest.java @@ -0,0 +1,25 @@ +package no.nav.testnav.libs.data.dollysearchservice.v2; + +import io.swagger.v3.oas.annotations.media.Schema; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; +import no.nav.testnav.libs.data.dollysearchservice.v1.PersonRequest; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class SearchRequest { + + @Schema(description = "Sidenummer") + private Integer side; + @Schema(description = "Antall resultater per side") + private Integer antall; + @Schema(description = "Seed for paginering") + private Integer seed; + + @Schema(description = "Persondetaljer") + private PersonRequest personRequest; +} diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchResponse.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchResponse.java new file mode 100644 index 00000000000..245fbb532e5 --- /dev/null +++ b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchResponse.java @@ -0,0 +1,24 @@ +package no.nav.testnav.libs.data.dollysearchservice.v2; + +import com.fasterxml.jackson.databind.JsonNode; +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.List; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class SearchResponse { + + private Long totalHits; + private String took; + private Integer side; + private Integer antall; + private Integer seed; + private List personer; + private String error; +} \ No newline at end of file diff --git a/proxies/pdl-proxy/config.yml b/proxies/pdl-proxy/config.yml index 31d0ff9ecd5..dfe7448bf2e 100644 --- a/proxies/pdl-proxy/config.yml +++ b/proxies/pdl-proxy/config.yml @@ -70,6 +70,8 @@ spec: cluster: dev-gcp - application: testnav-dolly-search-service cluster: dev-gcp + - application: testnav-dolly-search-service-dev + cluster: dev-gcp outbound: rules: - application: pdl-testdata From fd57e672f2a769cbb7d7416af3d2407b5016797b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristen=20H=C3=A6rum?= Date: Thu, 27 Feb 2025 08:37:25 +0100 Subject: [PATCH 11/13] Feature/dolly search service rydding og tilpasning (#3775) --- apps/dolly-backend/config.test.yml | 1 - apps/dolly-backend/config.yml | 1 - .../java/no/nav/dolly/config/Consumers.java | 1 - .../nav/dolly/elastic/dto/SearchRequest.java | 2 +- .../service/OpenSearchQueryBuilder.java | 2 +- .../elastic/service/OpenSearchService.java | 2 +- .../DollySearchServiceConsumer.java | 39 ----- .../DollySearchServicePostCommand.java | 40 ----- .../dolly/opensearch/dto/SearchRequest.java | 52 ------- .../dolly/opensearch/dto/SearchResponse.java | 39 ----- .../OpenSearchRequestMappingStrategy.java | 29 ---- .../service/DollySearchService.java | 138 ------------------ .../provider/api/DollySearchController.java | 30 ---- .../provider/api/OpensearchController.java | 2 +- .../src/main/resources/application-local.yml | 4 +- .../src/main/resources/application.yml | 5 - apps/dolly-search-service/config.test.yml | 2 - apps/dolly-search-service/config.yml | 2 - .../dollysearchservice/dto/Kategori.java | 16 ++ .../dollysearchservice/dto/SearchRequest.java | 2 +- .../OpenSearchResponseMappingStrategy.java | 31 ---- .../OpenSearchV2ResponseMappingStrategy.java | 2 +- .../provider/OpensearchController.java | 20 ++- .../OpensearchEnhancedController.java | 34 ----- .../service/OpenSearchService.java | 35 ++++- .../service/OpenSearchV2Service.java | 41 ------ .../utils/FagsystemQuereyUtils.java | 2 +- .../src/main/resources/application.yml | 3 +- .../{v2 => v1}/ElasticBestilling.java | 39 +---- .../dollysearchservice/v1}/ElasticTyper.java | 2 +- .../dollysearchservice/v1/SearchRequest.java | 16 -- .../dollysearchservice/v2/ElasticTyper.java | 45 ------ .../dollysearchservice/v2/SearchRequest.java | 25 ---- .../dollysearchservice/v2/SearchResponse.java | 24 --- 34 files changed, 77 insertions(+), 651 deletions(-) delete mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/DollySearchServiceConsumer.java delete mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/command/DollySearchServicePostCommand.java delete mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchRequest.java delete mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchResponse.java delete mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/mapper/OpenSearchRequestMappingStrategy.java delete mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/service/DollySearchService.java delete mode 100644 apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/DollySearchController.java create mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/Kategori.java delete mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchResponseMappingStrategy.java delete mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchEnhancedController.java delete mode 100644 apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchV2Service.java rename libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/{v2 => v1}/ElasticBestilling.java (73%) rename {apps/dolly-backend/src/main/java/no/nav/dolly/elastic => libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1}/ElasticTyper.java (96%) delete mode 100644 libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticTyper.java delete mode 100644 libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchRequest.java delete mode 100644 libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchResponse.java diff --git a/apps/dolly-backend/config.test.yml b/apps/dolly-backend/config.test.yml index ab6f3de696c..4b0375689e7 100644 --- a/apps/dolly-backend/config.test.yml +++ b/apps/dolly-backend/config.test.yml @@ -32,7 +32,6 @@ spec: - application: testnav-arbeidsforhold-service - application: testnav-arbeidsplassencv-proxy - application: testnav-arbeidssoekerregisteret-proxy - - application: testnav-dolly-search-service - application: testnav-inntektsmelding-service - application: testnav-kodeverk-service - application: testnav-miljoer-service diff --git a/apps/dolly-backend/config.yml b/apps/dolly-backend/config.yml index 30963ba28a8..07e563e11d1 100644 --- a/apps/dolly-backend/config.yml +++ b/apps/dolly-backend/config.yml @@ -34,7 +34,6 @@ spec: - application: testnav-arbeidsforhold-service - application: testnav-arbeidsplassencv-proxy - application: testnav-arbeidssoekerregisteret-proxy - - application: testnav-dolly-search-service - application: testnav-inntektsmelding-service - application: testnav-kodeverk-service - application: testnav-miljoer-service diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/config/Consumers.java b/apps/dolly-backend/src/main/java/no/nav/dolly/config/Consumers.java index aaf5f1c51a0..eef10a7ed84 100644 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/config/Consumers.java +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/config/Consumers.java @@ -47,5 +47,4 @@ public class Consumers { private ServerProperties testnavSkattekortService; private ServerProperties yrkesskadeProxy; private ServerProperties arbeidssoekerregisteretProxy; - private ServerProperties dollySearchService; } diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/dto/SearchRequest.java b/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/dto/SearchRequest.java index 8c1ec2d08fb..e6c71985870 100644 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/dto/SearchRequest.java +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/dto/SearchRequest.java @@ -4,7 +4,7 @@ import lombok.Data; import lombok.NoArgsConstructor; import lombok.experimental.SuperBuilder; -import no.nav.dolly.elastic.ElasticTyper; +import no.nav.testnav.libs.data.dollysearchservice.v1.ElasticTyper; import java.util.ArrayList; import java.util.List; diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchQueryBuilder.java b/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchQueryBuilder.java index 0789b535f9c..f43133330ea 100644 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchQueryBuilder.java +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchQueryBuilder.java @@ -1,8 +1,8 @@ package no.nav.dolly.elastic.service; import lombok.experimental.UtilityClass; -import no.nav.dolly.elastic.ElasticTyper; import no.nav.dolly.elastic.dto.SearchRequest; +import no.nav.testnav.libs.data.dollysearchservice.v1.ElasticTyper; import org.opensearch.index.query.BoolQueryBuilder; import org.opensearch.index.query.QueryBuilder; import org.opensearch.index.query.QueryBuilders; diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchService.java b/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchService.java index 1ee57bdc8e1..e51dbf2e6ea 100644 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchService.java +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/service/OpenSearchService.java @@ -5,11 +5,11 @@ import lombok.extern.slf4j.Slf4j; import no.nav.dolly.elastic.BestillingElasticRepository; import no.nav.dolly.elastic.ElasticBestilling; -import no.nav.dolly.elastic.ElasticTyper; import no.nav.dolly.elastic.consumer.ElasticParamsConsumer; import no.nav.dolly.elastic.dto.SearchRequest; import no.nav.dolly.elastic.dto.SearchResponse; import no.nav.dolly.elastic.dto.Kategori; +import no.nav.testnav.libs.data.dollysearchservice.v1.ElasticTyper; import org.opensearch.client.RequestOptions; import org.opensearch.client.RestHighLevelClient; import org.opensearch.index.query.BoolQueryBuilder; diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/DollySearchServiceConsumer.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/DollySearchServiceConsumer.java deleted file mode 100644 index 387caf04423..00000000000 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/DollySearchServiceConsumer.java +++ /dev/null @@ -1,39 +0,0 @@ -package no.nav.dolly.opensearch; - -import lombok.extern.slf4j.Slf4j; -import no.nav.dolly.config.Consumers; -import no.nav.dolly.opensearch.command.DollySearchServicePostCommand; -import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; -import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; -import no.nav.testnav.libs.securitycore.domain.ServerProperties; -import no.nav.testnav.libs.standalone.servletsecurity.exchange.TokenExchange; -import org.springframework.stereotype.Service; -import org.springframework.web.reactive.function.client.WebClient; -import reactor.core.publisher.Mono; - -@Service -@Slf4j -public class DollySearchServiceConsumer { - - private final TokenExchange tokenService; - private final WebClient webClient; - private final ServerProperties serverProperties; - - public DollySearchServiceConsumer( - TokenExchange tokenService, - Consumers consumers, - WebClient.Builder webClientBuilder) { - - this.tokenService = tokenService; - serverProperties = consumers.getDollySearchService(); - this.webClient = webClientBuilder - .baseUrl(serverProperties.getUrl()) - .build(); - } - - public Mono doPersonSearch(SearchRequest request) { - - return tokenService.exchange(serverProperties) - .flatMap(token -> new DollySearchServicePostCommand(webClient, request, token.getTokenValue()).call()); - } -} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/command/DollySearchServicePostCommand.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/command/DollySearchServicePostCommand.java deleted file mode 100644 index a3a789c1110..00000000000 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/command/DollySearchServicePostCommand.java +++ /dev/null @@ -1,40 +0,0 @@ -package no.nav.dolly.opensearch.command; - -import lombok.RequiredArgsConstructor; -import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; -import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; -import no.nav.testnav.libs.reactivecore.utils.WebClientFilter; -import org.springframework.http.HttpHeaders; -import org.springframework.web.reactive.function.client.WebClient; -import reactor.core.publisher.Mono; -import reactor.util.retry.Retry; - -import java.time.Duration; -import java.util.concurrent.Callable; - -@RequiredArgsConstructor -public class DollySearchServicePostCommand implements Callable> { - - private static final String SEARCH_URL = "/api/v1/opensearch"; - - private final WebClient webClient; - private final SearchRequest request; - private final String token; - - @Override - public Mono call() { - - return webClient.post() - .uri(uriBuilder -> uriBuilder.path(SEARCH_URL).build()) - .header(HttpHeaders.AUTHORIZATION, "Bearer " + token) - .bodyValue(request) - .retrieve() - .bodyToMono(SearchResponse.class) - .doOnError(WebClientFilter::logErrorMessage) - .retryWhen(Retry.backoff(3, Duration.ofSeconds(5)) - .filter(WebClientFilter::is5xxException)) - .onErrorResume(error -> Mono.just(SearchResponse.builder() - .error(WebClientFilter.getMessage(error)) - .build())); - } -} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchRequest.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchRequest.java deleted file mode 100644 index fb50e13c2d0..00000000000 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchRequest.java +++ /dev/null @@ -1,52 +0,0 @@ -package no.nav.dolly.opensearch.dto; - -import io.swagger.v3.oas.annotations.media.Schema; -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; -import no.nav.testnav.libs.data.dollysearchservice.v1.PersonRequest; - -@Data -@Builder -@NoArgsConstructor -@AllArgsConstructor -public class SearchRequest { - - @Schema(description = "Paginering for bestillinger") - private PagineringBestillingRequest pagineringBestillingRequest; - - @Schema(description = "Paginering for personersøk") - private PagineringPersonRequest pagineringPersonRequest; - - @Schema(description = "Persondetaljer") - private PersonRequest personRequest; - - @Data - @Builder - @NoArgsConstructor - @AllArgsConstructor - public static class PagineringBestillingRequest { - - @Schema(description = "Seed for paginering") - private Integer seed; - @Schema(description = "Sidenummer") - private Integer side; - @Schema(description = "Antall resultater per side") - private Integer antall; - } - - @Data - @Builder - @NoArgsConstructor - @AllArgsConstructor - public static class PagineringPersonRequest { - - @Schema(description = "Sidenummer") - private Integer side; - @Schema(description = "Antall resultater per side") - private Integer antall; - @Schema(description = "Seed for paginering") - private Integer seed; - } -} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchResponse.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchResponse.java deleted file mode 100644 index 6f0b7de9c98..00000000000 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/dto/SearchResponse.java +++ /dev/null @@ -1,39 +0,0 @@ -package no.nav.dolly.opensearch.dto; - -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; -import net.minidev.json.annotate.JsonIgnore; -import no.nav.dolly.elastic.ElasticTyper; - -import java.util.List; - -@Data -@Builder -@NoArgsConstructor -@AllArgsConstructor -public class SearchResponse { - - private RegistreResponseStatus registreSearchResponse; - private no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse dollySearchResponse; - - @Data - @Builder - @NoArgsConstructor - @AllArgsConstructor - public static class RegistreResponseStatus { - - private Long totalHitsBestillinger; - private Float score; - private String took; - private Integer antall; - private Integer side; - private Integer antallIdenter; - private Integer seed; - private List registre; - private String error; - @JsonIgnore - private List identer; - } -} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/mapper/OpenSearchRequestMappingStrategy.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/mapper/OpenSearchRequestMappingStrategy.java deleted file mode 100644 index de62113745e..00000000000 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/mapper/OpenSearchRequestMappingStrategy.java +++ /dev/null @@ -1,29 +0,0 @@ -package no.nav.dolly.opensearch.mapper; - -import ma.glasnost.orika.CustomMapper; -import ma.glasnost.orika.MapperFactory; -import ma.glasnost.orika.MappingContext; -import no.nav.dolly.mapper.MappingStrategy; -import no.nav.dolly.opensearch.dto.SearchRequest; -import org.springframework.stereotype.Component; - -@Component -public class OpenSearchRequestMappingStrategy implements MappingStrategy { - - @Override - public void register(MapperFactory factory) { - - factory.classMap(SearchRequest.class, no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest.class) - .customize(new CustomMapper<>() { - @Override - public void mapAtoB(SearchRequest kilde, no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest destinasjon, MappingContext context) { - - destinasjon.setAntall(kilde.getPagineringPersonRequest().getAntall()); - destinasjon.setSide(kilde.getPagineringPersonRequest().getSide()); - destinasjon.setSeed(kilde.getPagineringPersonRequest().getSeed()); - } - }) - .byDefault() - .register(); - } -} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/service/DollySearchService.java b/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/service/DollySearchService.java deleted file mode 100644 index 0533ac542e1..00000000000 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/opensearch/service/DollySearchService.java +++ /dev/null @@ -1,138 +0,0 @@ -package no.nav.dolly.opensearch.service; - -import lombok.RequiredArgsConstructor; -import lombok.extern.slf4j.Slf4j; -import ma.glasnost.orika.MapperFacade; -import no.nav.dolly.elastic.ElasticTyper; -import no.nav.dolly.elastic.service.OpenSearchQueryBuilder; -import no.nav.dolly.opensearch.DollySearchServiceConsumer; -import no.nav.dolly.opensearch.dto.SearchRequest; -import no.nav.dolly.opensearch.dto.SearchResponse; -import org.opensearch.client.RequestOptions; -import org.opensearch.client.RestHighLevelClient; -import org.opensearch.index.query.BoolQueryBuilder; -import org.opensearch.index.query.QueryBuilders; -import org.opensearch.index.query.functionscore.RandomScoreFunctionBuilder; -import org.opensearch.search.SearchHit; -import org.opensearch.search.SearchHits; -import org.opensearch.search.builder.SearchSourceBuilder; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.stereotype.Service; -import reactor.core.publisher.Mono; - -import java.io.IOException; -import java.security.SecureRandom; -import java.util.Arrays; -import java.util.Collection; -import java.util.HashSet; -import java.util.List; -import java.util.Random; - -import static java.util.Objects.isNull; -import static java.util.Objects.nonNull; - -@Slf4j -@Service -@RequiredArgsConstructor -public class DollySearchService { - - private static final Random SEED = new SecureRandom(); - - private final RestHighLevelClient restHighLevelClient; - private final DollySearchServiceConsumer dollySearchServiceConsumer; - private final MapperFacade mapperFacade; - - @Value("${open.search.index}") - private String index; - - public Mono search(List registre, SearchRequest request) { - - var personRequest = mapperFacade.map(request, no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest.class); - var response = new SearchResponse(); - - var registreResponse = execRegistreQuery(registre, request); - response.setRegistreSearchResponse(registreResponse); - personRequest.setIdenter(new HashSet<>(!registreResponse.getIdenter().isEmpty() ? - registreResponse.getIdenter() : List.of("99999999999"))); - - return dollySearchServiceConsumer.doPersonSearch(personRequest) - .map(personResultat -> { - response.setDollySearchResponse(personResultat); - response.getRegistreSearchResponse().setIdenter(null); - return response; - }); - } - - private SearchResponse.RegistreResponseStatus execRegistreQuery(List registre, SearchRequest request) { - - var side = isNull(request.getPagineringBestillingRequest().getSide()) ? - 1 : request.getPagineringBestillingRequest().getSide(); - var antall = isNull(request.getPagineringBestillingRequest().getAntall()) ? - 1000 : request.getPagineringBestillingRequest().getAntall(); - var seed = isNull(request.getPagineringBestillingRequest().getSeed()) ? - SEED.nextInt() : request.getPagineringBestillingRequest().getSeed(); - - var query = buildTyperQuery(registre, seed); - var searchRequest = new org.opensearch.action.search.SearchRequest(index); - searchRequest - .source(new SearchSourceBuilder().query(query) - .size(antall) - .from(side)); - - try { - var registerResultat = restHighLevelClient.search(searchRequest, RequestOptions.DEFAULT); - var registreResponse = getIdenter(registerResultat); - registreResponse.setRegistre(registre); - registreResponse.setSide(side); - registreResponse.setAntall(antall); - registreResponse.setSeed(seed); - - return registreResponse; - - } catch (IOException e) { - log.error("OpenSearch feil ved utføring av søk: {}", e.getMessage(), e); - return SearchResponse.RegistreResponseStatus.builder() - .error(e.getLocalizedMessage()) - .build(); - } - } - - private static SearchResponse.RegistreResponseStatus getIdenter(org.opensearch.action.search.SearchResponse response) { - - var identer = Arrays.stream(response.getHits().getHits()) - .map(SearchHit::getSourceAsMap) - .map(map -> (List) map.get("identer")) - .flatMap(Collection::stream) - .distinct() - .toList(); - return SearchResponse.RegistreResponseStatus.builder() - .identer(identer) - .totalHitsBestillinger(getTotalHits(response.getHits())) - .took(response.getTook().getStringRep()) - .antallIdenter(identer.size()) - .score(response.getHits().getMaxScore()) - .build(); - } - - @SuppressWarnings("java:S2259") - private static Long getTotalHits(SearchHits searchHits) { - - return nonNull(searchHits) && nonNull(searchHits.getTotalHits()) ? - searchHits.getTotalHits().value : null; - } - - private static BoolQueryBuilder buildTyperQuery(List typer, Integer seed) { - - var queryBuilder = QueryBuilders.boolQuery() - .must(QueryBuilders.functionScoreQuery( - new RandomScoreFunctionBuilder().seed(seed))); - - if (nonNull(typer)) { - typer.stream() - .map(OpenSearchQueryBuilder::getFagsystemQuery) - .forEach(queryBuilder::must); - } - - return queryBuilder; - } -} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/DollySearchController.java b/apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/DollySearchController.java deleted file mode 100644 index ab9642609f3..00000000000 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/DollySearchController.java +++ /dev/null @@ -1,30 +0,0 @@ -package no.nav.dolly.provider.api; - -import lombok.RequiredArgsConstructor; -import no.nav.dolly.opensearch.dto.SearchRequest; -import no.nav.dolly.opensearch.dto.SearchResponse; -import no.nav.dolly.elastic.ElasticTyper; -import no.nav.dolly.opensearch.service.DollySearchService; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; -import reactor.core.publisher.Mono; - -import java.util.List; - -@RestController -@RequestMapping("/api/v1/opensearch") -@RequiredArgsConstructor -public class DollySearchController { - - private final DollySearchService dollySearchService; - - @PostMapping - public Mono searchPersoner(@RequestParam(required = false) List registre, - @RequestBody SearchRequest request) { - - return dollySearchService.search(registre, request); - } -} diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/OpensearchController.java b/apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/OpensearchController.java index 3ff4f4e7a40..40a8b7446e9 100644 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/OpensearchController.java +++ b/apps/dolly-backend/src/main/java/no/nav/dolly/provider/api/OpensearchController.java @@ -5,12 +5,12 @@ import lombok.RequiredArgsConstructor; import no.nav.dolly.elastic.BestillingElasticRepository; import no.nav.dolly.elastic.ElasticBestilling; -import no.nav.dolly.elastic.ElasticTyper; import no.nav.dolly.elastic.dto.SearchRequest; import no.nav.dolly.elastic.dto.SearchResponse; import no.nav.dolly.elastic.dto.Kategori; import no.nav.dolly.elastic.service.OpenSearchService; import no.nav.dolly.exceptions.NotFoundException; +import no.nav.testnav.libs.data.dollysearchservice.v1.ElasticTyper; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; diff --git a/apps/dolly-backend/src/main/resources/application-local.yml b/apps/dolly-backend/src/main/resources/application-local.yml index 7403cba6d51..b1da061c9a8 100644 --- a/apps/dolly-backend/src/main/resources/application-local.yml +++ b/apps/dolly-backend/src/main/resources/application-local.yml @@ -63,6 +63,4 @@ consumers: yrkesskade-proxy: url: https://testnav-yrkesskade-proxy.intern.dev.nav.no arbeidssoekerregisteret-proxy: - url: https://testnav-arbeidssoekerregisteret-proxy.intern.dev.nav.no - dolly-search-service: - url: https://testnav-dolly-search-service.intern.dev.nav.no \ No newline at end of file + url: https://testnav-arbeidssoekerregisteret-proxy.intern.dev.nav.no \ No newline at end of file diff --git a/apps/dolly-backend/src/main/resources/application.yml b/apps/dolly-backend/src/main/resources/application.yml index 6e8bfedc134..c81b075d146 100644 --- a/apps/dolly-backend/src/main/resources/application.yml +++ b/apps/dolly-backend/src/main/resources/application.yml @@ -250,9 +250,4 @@ consumers: namespace: dolly url: http://testnav-arbeidssoekerregisteret-proxy.dolly.svc.cluster.local cluster: dev-gcp - dolly-search-service: - name: testnav-dolly-search-service - namespace: dolly - url: http://testnav-dolly-search-service.dolly.svc.cluster.local - cluster: dev-gcp \ No newline at end of file diff --git a/apps/dolly-search-service/config.test.yml b/apps/dolly-search-service/config.test.yml index cd363c5c723..fa4635ddee2 100644 --- a/apps/dolly-search-service/config.test.yml +++ b/apps/dolly-search-service/config.test.yml @@ -28,8 +28,6 @@ spec: - application: dolly-idporten - application: dolly-frontend - application: dolly-frontend-dev - - application: dolly-backend - - application: dolly-backend-dev - application: team-dolly-lokal-app - application: testnav-oversikt-frontend outbound: diff --git a/apps/dolly-search-service/config.yml b/apps/dolly-search-service/config.yml index 6c3a882adff..1ed14e9601f 100644 --- a/apps/dolly-search-service/config.yml +++ b/apps/dolly-search-service/config.yml @@ -28,8 +28,6 @@ spec: - application: dolly-idporten - application: dolly-frontend - application: dolly-frontend-dev - - application: dolly-backend - - application: dolly-backend-dev - application: team-dolly-lokal-app - application: testnav-oversikt-frontend outbound: diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/Kategori.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/Kategori.java new file mode 100644 index 00000000000..1ace61e45fa --- /dev/null +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/Kategori.java @@ -0,0 +1,16 @@ +package no.nav.testnav.dollysearchservice.dto; + +import lombok.AllArgsConstructor; +import lombok.Builder; +import lombok.Data; +import lombok.NoArgsConstructor; + +@Data +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class Kategori { + + private String type; + private String beskrivelse; +} \ No newline at end of file diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java index a3ff873f234..5e0916559cb 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/dto/SearchRequest.java @@ -5,7 +5,7 @@ import lombok.Data; import lombok.NoArgsConstructor; import no.nav.testnav.libs.data.dollysearchservice.v1.PersonRequest; -import no.nav.testnav.libs.data.dollysearchservice.v2.ElasticTyper; +import no.nav.testnav.libs.data.dollysearchservice.v1.ElasticTyper; import java.util.ArrayList; import java.util.HashSet; diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchResponseMappingStrategy.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchResponseMappingStrategy.java deleted file mode 100644 index 8bf1718b7a4..00000000000 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchResponseMappingStrategy.java +++ /dev/null @@ -1,31 +0,0 @@ -package no.nav.testnav.dollysearchservice.mapper; - -import ma.glasnost.orika.CustomMapper; -import ma.glasnost.orika.MapperFactory; -import ma.glasnost.orika.MappingContext; -import no.nav.testnav.dollysearchservice.dto.SearchInternalResponse; -import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; -import org.springframework.stereotype.Component; - -@Component -public class OpenSearchResponseMappingStrategy implements MappingStrategy { - - @Override - public void register(MapperFactory factory) { - factory.classMap(SearchInternalResponse.class, SearchResponse.class) - .customize(new CustomMapper<>() { - @Override - public void mapAtoB(SearchInternalResponse searchInternalResponse, SearchResponse searchResponse, MappingContext context) { - - searchResponse.setTotalHits(searchInternalResponse.getTotalHits()); - searchResponse.setTook(searchInternalResponse.getTook()); - searchResponse.setSide(searchInternalResponse.getSide()); - searchResponse.setAntall(searchInternalResponse.getAntall()); - searchResponse.setSeed(searchInternalResponse.getSeed()); - searchResponse.setPersoner(searchInternalResponse.getPersoner()); - searchResponse.setError(searchInternalResponse.getError()); - } - }) - .register(); - } -} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchV2ResponseMappingStrategy.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchV2ResponseMappingStrategy.java index de48e157b27..437c6abd7e8 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchV2ResponseMappingStrategy.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/mapper/OpenSearchV2ResponseMappingStrategy.java @@ -4,7 +4,7 @@ import ma.glasnost.orika.MapperFactory; import ma.glasnost.orika.MappingContext; import no.nav.testnav.dollysearchservice.dto.SearchInternalResponse; -import no.nav.testnav.libs.data.dollysearchservice.v2.SearchResponse; +import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; import org.springframework.stereotype.Component; @Component diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchController.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchController.java index f704bc86dbd..7548a167c3d 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchController.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchController.java @@ -3,15 +3,21 @@ import io.swagger.v3.oas.annotations.Operation; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import no.nav.testnav.dollysearchservice.dto.Kategori; import no.nav.testnav.dollysearchservice.service.OpenSearchService; +import no.nav.testnav.libs.data.dollysearchservice.v1.ElasticTyper; import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; +import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import reactor.core.publisher.Mono; +import java.util.List; + @Slf4j @RestController @RequestMapping("/api/v1/opensearch") @@ -21,9 +27,17 @@ public class OpensearchController { private final OpenSearchService openSearchService; @PostMapping - @Operation(description = "Henter personer som matcher søk av persondetaljer i request") - public Mono getPersoner(@RequestBody SearchRequest request) { + @Operation(description = "Henter Dolly-personer som matcher både søk i registre og søk av persondetaljer i PDL") + public Mono getPersoner(@RequestParam(required = false) List registreRequest, + @RequestBody SearchRequest request) { + + return openSearchService.search(request, registreRequest); + } + + @GetMapping("/typer") + @Operation(description = "Henter alle søketyper mot registre") + public List getKategorier() { - return openSearchService.search(request); + return openSearchService.getTyper(); } } diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchEnhancedController.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchEnhancedController.java deleted file mode 100644 index cd0e40329a1..00000000000 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/provider/OpensearchEnhancedController.java +++ /dev/null @@ -1,34 +0,0 @@ -package no.nav.testnav.dollysearchservice.provider; - -import io.swagger.v3.oas.annotations.Operation; -import lombok.RequiredArgsConstructor; -import lombok.extern.slf4j.Slf4j; -import no.nav.testnav.dollysearchservice.service.OpenSearchV2Service; -import no.nav.testnav.libs.data.dollysearchservice.v2.ElasticTyper; -import no.nav.testnav.libs.data.dollysearchservice.v2.SearchRequest; -import no.nav.testnav.libs.data.dollysearchservice.v2.SearchResponse; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; -import reactor.core.publisher.Mono; - -import java.util.List; - -@Slf4j -@RestController -@RequestMapping("/api/v2/opensearch") -@RequiredArgsConstructor -public class OpensearchEnhancedController { - - private final OpenSearchV2Service openSearchV2Service; - - @PostMapping - @Operation(description = "Henter personer som matcher søk av persondetaljer i request") - public Mono getPersoner(@RequestParam(required = false) List registreRequest, - @RequestBody SearchRequest request) { - - return openSearchV2Service.search(request, registreRequest); - } -} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java index 01ddc62572e..4850ad1d1bd 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchService.java @@ -3,28 +3,53 @@ import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import ma.glasnost.orika.MapperFacade; -import no.nav.testnav.dollysearchservice.consumer.OpenSearchConsumer; +import no.nav.testnav.dollysearchservice.dto.Kategori; import no.nav.testnav.dollysearchservice.utils.OpenSearchQueryBuilder; +import no.nav.testnav.libs.data.dollysearchservice.v1.ElasticTyper; import no.nav.testnav.libs.data.dollysearchservice.v1.SearchRequest; import no.nav.testnav.libs.data.dollysearchservice.v1.SearchResponse; import org.springframework.stereotype.Service; import reactor.core.publisher.Mono; +import java.util.Comparator; +import java.util.List; +import java.util.Set; +import java.util.stream.Stream; + @Slf4j @Service @RequiredArgsConstructor public class OpenSearchService { - private final OpenSearchConsumer openSearchConsumer; + private static final String NO_IDENT = "9999999999)"; + + private final BestillingQueryService bestillingQueryService; private final MapperFacade mapperFacade; private final PersonQueryService personQueryService; - public Mono search(SearchRequest searchRequest) { + public Mono search(SearchRequest searchRequest, List registreRequest) { + + var request = mapperFacade.map(searchRequest, + no.nav.testnav.dollysearchservice.dto.SearchRequest.class); + request.setRegistreRequest(registreRequest); + + var identer = bestillingQueryService.execRegisterQuery(request); + request.setIdenter(identer.isEmpty() ? Set.of(NO_IDENT) : identer); - var request = mapperFacade.map(searchRequest, no.nav.testnav.dollysearchservice.dto.SearchRequest.class); var query = OpenSearchQueryBuilder.buildSearchQuery(request); - return personQueryService.execQuery(request, query) + return personQueryService.execQuery(request,query) .map(response -> mapperFacade.map(response, SearchResponse.class)); } + + public List getTyper() { + + return Stream.of(ElasticTyper.values()) + .map(entry -> Kategori.builder() + .type(entry.name()) + .beskrivelse(entry.getBeskrivelse()) + .build()) + .sorted(Comparator.comparing(Kategori::getBeskrivelse)) + .toList(); + } } diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchV2Service.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchV2Service.java deleted file mode 100644 index 090c97f19c5..00000000000 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/OpenSearchV2Service.java +++ /dev/null @@ -1,41 +0,0 @@ -package no.nav.testnav.dollysearchservice.service; - -import lombok.RequiredArgsConstructor; -import lombok.extern.slf4j.Slf4j; -import ma.glasnost.orika.MapperFacade; -import no.nav.testnav.dollysearchservice.utils.OpenSearchQueryBuilder; -import no.nav.testnav.libs.data.dollysearchservice.v2.ElasticTyper; -import no.nav.testnav.libs.data.dollysearchservice.v2.SearchRequest; -import no.nav.testnav.libs.data.dollysearchservice.v2.SearchResponse; -import org.springframework.stereotype.Service; -import reactor.core.publisher.Mono; - -import java.util.List; -import java.util.Set; - -@Slf4j -@Service -@RequiredArgsConstructor -public class OpenSearchV2Service { - - private static final String NO_IDENT = "9999999999)"; - - private final BestillingQueryService bestillingQueryService; - private final MapperFacade mapperFacade; - private final PersonQueryService personQueryService; - - public Mono search(SearchRequest searchRequest, List registreRequest) { - - var request = mapperFacade.map(searchRequest, - no.nav.testnav.dollysearchservice.dto.SearchRequest.class); - request.setRegistreRequest(registreRequest); - - var identer = bestillingQueryService.execRegisterQuery(request); - request.setIdenter(identer.isEmpty() ? Set.of(NO_IDENT) : identer); - - var query = OpenSearchQueryBuilder.buildSearchQuery(request); - - return personQueryService.execQuery(request,query) - .map(response -> mapperFacade.map(response, SearchResponse.class)); - } -} diff --git a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/FagsystemQuereyUtils.java b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/FagsystemQuereyUtils.java index 6546474f864..b86836a6ad2 100644 --- a/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/FagsystemQuereyUtils.java +++ b/apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/utils/FagsystemQuereyUtils.java @@ -1,7 +1,7 @@ package no.nav.testnav.dollysearchservice.utils; import lombok.experimental.UtilityClass; -import no.nav.testnav.libs.data.dollysearchservice.v2.ElasticTyper; +import no.nav.testnav.libs.data.dollysearchservice.v1.ElasticTyper; import org.opensearch.index.query.QueryBuilder; import org.opensearch.index.query.QueryBuilders; diff --git a/apps/dolly-search-service/src/main/resources/application.yml b/apps/dolly-search-service/src/main/resources/application.yml index 23051be07ee..35ef65bfced 100644 --- a/apps/dolly-search-service/src/main/resources/application.yml +++ b/apps/dolly-search-service/src/main/resources/application.yml @@ -56,5 +56,4 @@ server: open: search: - pdl-index: pdl-sok - max-terms-count: 200000 \ No newline at end of file + pdl-index: pdl-sok \ No newline at end of file diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticBestilling.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/ElasticBestilling.java similarity index 73% rename from libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticBestilling.java rename to libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/ElasticBestilling.java index 21e7f0c408c..3f711af2c7f 100644 --- a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticBestilling.java +++ b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/ElasticBestilling.java @@ -1,4 +1,4 @@ -package no.nav.testnav.libs.data.dollysearchservice.v2; +package no.nav.testnav.libs.data.dollysearchservice.v1; import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonInclude; @@ -48,11 +48,11 @@ public class ElasticBestilling implements Persistable { @Field private Object inntektstub; @Field - private Arenadata arenaforvalter; + private Object arenaforvalter; @Field private Object udistub; @Field - private PensjonData pensjonforvalter; + private Object pensjonforvalter; @Field private RsInntektsmelding inntektsmelding; @Field @@ -64,7 +64,7 @@ public class ElasticBestilling implements Persistable { @Field private Object sykemelding; @Field - private BankkontoData bankkonto; + private Object bankkonto; @Field private Object skjerming; @Field @@ -81,37 +81,6 @@ public class ElasticBestilling implements Persistable { @JsonIgnore private boolean ignore; - private static class BankkontoData { - @Field - private Object norskBankkonto; - @Field - private Object utenlandskBankkonto; - } - - private static class PensjonData { - @Field - private Object inntekt; - @Field - private Object tp; - @Field - private Object alderspensjon; - @Field - private Object uforetrygd; - @Field - private Object afpOffentlig; - @Field - private Object pensjonsavtale; - } - - private static class Arenadata { - @Field - private Object aap; - @Field - private Object aap115; - @Field - private Object dagpenger; - } - @Override @JsonIgnore @Transient diff --git a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/ElasticTyper.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/ElasticTyper.java similarity index 96% rename from apps/dolly-backend/src/main/java/no/nav/dolly/elastic/ElasticTyper.java rename to libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/ElasticTyper.java index 0c03eb378bc..4d3ede5c08a 100644 --- a/apps/dolly-backend/src/main/java/no/nav/dolly/elastic/ElasticTyper.java +++ b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/ElasticTyper.java @@ -1,4 +1,4 @@ -package no.nav.dolly.elastic; +package no.nav.testnav.libs.data.dollysearchservice.v1; import lombok.Getter; diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchRequest.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchRequest.java index 53a13db963c..73e4aa469ee 100644 --- a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchRequest.java +++ b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v1/SearchRequest.java @@ -6,11 +6,6 @@ import lombok.Data; import lombok.NoArgsConstructor; -import java.util.HashSet; -import java.util.Set; - -import static java.util.Objects.isNull; - @Data @Builder @NoArgsConstructor @@ -26,15 +21,4 @@ public class SearchRequest { @Schema(description = "Persondetaljer") private PersonRequest personRequest; - - @Schema(description = "Identer fra registre") - private Set identer; - - public Set getIdenter() { - - if (isNull(identer)) { - identer = new HashSet<>(); - } - return identer; - } } diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticTyper.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticTyper.java deleted file mode 100644 index 951d6947694..00000000000 --- a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/ElasticTyper.java +++ /dev/null @@ -1,45 +0,0 @@ -package no.nav.testnav.libs.data.dollysearchservice.v2; - -import lombok.Getter; - -@Getter -public enum ElasticTyper { - - AAREG("Arbeidsgiver/arbeidstaker-register (AAREG)"), - ARBEIDSPLASSENCV("Arbeidsplassen CV"), - ARBEIDSSOEKERREGISTERET("Arbeidssøkerregisteret"), - ARENA_AAP("Arena AAP ytelse"), - ARENA_AAP115("Arena AAP115 rettighet"), - ARENA_DAGP("Arena dagpenger"), - BANKKONTO("Bankkontoregister"), - BANKKONTO_NORGE("Bankkonto i Norge"), - BANKKONTO_UTLAND("Bankkonto i utlandet"), - BRREGSTUB("Brønnøysundregistrene (BRREGSTUB)"), - DOKARKIV("Dokumentarkiv (JOARK)"), - FULLMAKT("Fullmakt (Representasjon)"), - HISTARK("Historisk arkiv (HISTARK)"), - INNTK("Inntektskomponenten/stub (INNTK)"), - INNTKMELD("Inntektsmelding (ALTINN/JOARK)"), - INST("Institusjonsopphold (INST2)"), - KRRSTUB("Kontakt- og reservasjonsregister-stub"), - MEDL("Medlemskap (MEDL)"), - PEN_AFP_OFFENTLIG("Pensjon - AFP offentlig"), - PEN_AP("Pensjon - Alderspensjon (AP)"), - PEN_INNTEKT("Pensjon - Pensjonsinntekt/opptjening"), - PEN_PENSJONSAVTALE("Pensjon - Pensjonsavtaler"), - PEN_TP("Pensjon - Tjenestepensjon (TP)"), - PEN_UT("Pensjon - Uføretrygd (UT)"), - SIGRUN_LIGNET("Sigrunstub - Lignet skatteinntekt"), - SIGRUN_PENSJONSGIVENDE("Sigrunstub - Pensjonsgivende inntekt"), - SKATTEKORT("Skattekort (SOKOS)"), - SKJERMING("Skjermingsregisteret"), - SYKEMELDING("Sykemelding"), - UDISTUB("Udistub - Utlendingsdirektoratet"), - YRKESSKADE("Yrkesskade"); - - private final String beskrivelse; - - ElasticTyper(String beskrivelse) { - this.beskrivelse = beskrivelse; - } -} diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchRequest.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchRequest.java deleted file mode 100644 index db5bb808f9d..00000000000 --- a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchRequest.java +++ /dev/null @@ -1,25 +0,0 @@ -package no.nav.testnav.libs.data.dollysearchservice.v2; - -import io.swagger.v3.oas.annotations.media.Schema; -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; -import no.nav.testnav.libs.data.dollysearchservice.v1.PersonRequest; - -@Data -@Builder -@NoArgsConstructor -@AllArgsConstructor -public class SearchRequest { - - @Schema(description = "Sidenummer") - private Integer side; - @Schema(description = "Antall resultater per side") - private Integer antall; - @Schema(description = "Seed for paginering") - private Integer seed; - - @Schema(description = "Persondetaljer") - private PersonRequest personRequest; -} diff --git a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchResponse.java b/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchResponse.java deleted file mode 100644 index 245fbb532e5..00000000000 --- a/libs/data-transfer-search-objects/src/main/java/no/nav/testnav/libs/data/dollysearchservice/v2/SearchResponse.java +++ /dev/null @@ -1,24 +0,0 @@ -package no.nav.testnav.libs.data.dollysearchservice.v2; - -import com.fasterxml.jackson.databind.JsonNode; -import lombok.AllArgsConstructor; -import lombok.Builder; -import lombok.Data; -import lombok.NoArgsConstructor; - -import java.util.List; - -@Data -@Builder -@NoArgsConstructor -@AllArgsConstructor -public class SearchResponse { - - private Long totalHits; - private String took; - private Integer side; - private Integer antall; - private Integer seed; - private List personer; - private String error; -} \ No newline at end of file From fb02f22c5c6b73e1c349a7e62ad1f9f0629ac669 Mon Sep 17 00:00:00 2001 From: Betsy Carina Traran Date: Thu, 27 Feb 2025 09:09:33 +0100 Subject: [PATCH 12/13] Fix validering av tilleggsinformasjon inntektstub --- .../src/components/inntektStub/validerInntekt/Inntekt.tsx | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/dolly-frontend/src/main/js/src/components/inntektStub/validerInntekt/Inntekt.tsx b/apps/dolly-frontend/src/main/js/src/components/inntektStub/validerInntekt/Inntekt.tsx index 6305ef97800..77a7209876f 100644 --- a/apps/dolly-frontend/src/main/js/src/components/inntektStub/validerInntekt/Inntekt.tsx +++ b/apps/dolly-frontend/src/main/js/src/components/inntektStub/validerInntekt/Inntekt.tsx @@ -8,9 +8,9 @@ import tilleggsinformasjonPaths from '@/components/inntektStub/paths' const sjekkFelt = (formMethods, field, options, values, path) => { const { watch, getFieldState, setError } = formMethods - const fieldValue = watch(path) - const existingError = getFieldState(`${path}.${field}`)?.error const fieldPath = tilleggsinformasjonPaths(field) + const fieldValue = watch(path) + const existingError = getFieldState(`${path}.${fieldPath}`)?.error const val = _.get(fieldValue, fieldPath) if ( @@ -18,7 +18,7 @@ const sjekkFelt = (formMethods, field, options, values, path) => { !existingError && ((fieldValue && !val && val !== false) || (!optionsUtfylt(options) && !options.includes(val))) ) { - setError(`${path}.${field}`, { message: 'Feltet er påkrevd' }) + setError(`${path}.${fieldPath}`, { message: 'Feltet er påkrevd' }) } return null } @@ -80,6 +80,7 @@ const fieldResolver = (field, handleChange, formMethods, path, index, options = /> ) } else if (optionsUtfylt(options)) { + sjekkFelt(formMethods, field, options, values, path) return ( ) From 645025d25d4d67e5bf31ec98093b5d747107655f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristen=20H=C3=A6rum?= Date: Thu, 27 Feb 2025 11:10:53 +0100 Subject: [PATCH 13/13] Feature/brregstub reverse proxy (#3770) --- .../proxy.brregstub-reverse-proxy.yml | 22 ++ ...ironmentApplicationContextInitializer.java | 3 + proxies/brregstub-reverse-proxy/Dockerfile | 8 + proxies/brregstub-reverse-proxy/README.md | 3 + proxies/brregstub-reverse-proxy/build.gradle | 16 ++ proxies/brregstub-reverse-proxy/config.yml | 71 ++++++ .../gradle/wrapper/gradle-wrapper.jar | Bin 0 -> 59536 bytes .../gradle/wrapper/gradle-wrapper.properties | 5 + proxies/brregstub-reverse-proxy/gradlew | 234 ++++++++++++++++++ proxies/brregstub-reverse-proxy/gradlew.bat | 89 +++++++ .../brregstub-reverse-proxy/gradlewUpdate.sh | 3 + .../brregstub-reverse-proxy/settings.gradle | 20 ++ ...regstubReverseProxyApplicationStarter.java | 53 ++++ .../config/Consumers.java | 20 ++ .../src/main/resources/application-local.yml | 3 + .../src/main/resources/application.yml | 31 +++ .../src/main/resources/logback-spring.xml | 40 +++ .../ApplicationContextTest.java | 16 ++ 18 files changed, 637 insertions(+) create mode 100644 .github/workflows/proxy.brregstub-reverse-proxy.yml create mode 100644 proxies/brregstub-reverse-proxy/Dockerfile create mode 100644 proxies/brregstub-reverse-proxy/README.md create mode 100644 proxies/brregstub-reverse-proxy/build.gradle create mode 100644 proxies/brregstub-reverse-proxy/config.yml create mode 100644 proxies/brregstub-reverse-proxy/gradle/wrapper/gradle-wrapper.jar create mode 100644 proxies/brregstub-reverse-proxy/gradle/wrapper/gradle-wrapper.properties create mode 100755 proxies/brregstub-reverse-proxy/gradlew create mode 100644 proxies/brregstub-reverse-proxy/gradlew.bat create mode 100755 proxies/brregstub-reverse-proxy/gradlewUpdate.sh create mode 100644 proxies/brregstub-reverse-proxy/settings.gradle create mode 100644 proxies/brregstub-reverse-proxy/src/main/java/no/nav/testnav/proxies/brregstubreverseproxy/BrregstubReverseProxyApplicationStarter.java create mode 100644 proxies/brregstub-reverse-proxy/src/main/java/no/nav/testnav/proxies/brregstubreverseproxy/config/Consumers.java create mode 100644 proxies/brregstub-reverse-proxy/src/main/resources/application-local.yml create mode 100644 proxies/brregstub-reverse-proxy/src/main/resources/application.yml create mode 100644 proxies/brregstub-reverse-proxy/src/main/resources/logback-spring.xml create mode 100644 proxies/brregstub-reverse-proxy/src/test/java/no/nav/testnav/proxies/brregstubreverseproxy/ApplicationContextTest.java diff --git a/.github/workflows/proxy.brregstub-reverse-proxy.yml b/.github/workflows/proxy.brregstub-reverse-proxy.yml new file mode 100644 index 00000000000..a2f65e39402 --- /dev/null +++ b/.github/workflows/proxy.brregstub-reverse-proxy.yml @@ -0,0 +1,22 @@ +name: brregstub-reverse--proxy + +on: + push: + paths: + - "plugins/**" + - "libs/reactive-core/**" + - "libs/reactive-proxy/**" + - "proxies/brregstub-reverse-proxy/**" + - ".github/workflows/proxy.brregstub-reverse-proxy.yml" + +jobs: + workflow: + uses: ./.github/workflows/common.workflow.backend.yml + with: + cluster: "dev-fss" + working-directory: "proxies/brregstub-reverse-proxy" + deploy-tag: "#deploy-proxy-brregstub-reverse" + permissions: + contents: read + id-token: write + secrets: inherit diff --git a/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java b/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java index c87a598db65..d5564d768ce 100644 --- a/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java +++ b/libs/testing/src/main/java/no/nav/dolly/libs/nais/NaisEnvironmentApplicationContextInitializer.java @@ -37,6 +37,9 @@ private static void configureForLocalProfile(Map properties) { properties.putIfAbsent("ALTINN_URL", "${sm\\://altinn-url}"); // Used by altinn3-tilgang-service only. properties.putIfAbsent("AZURE_APP_CLIENT_ID", "${sm\\://azure-app-client-id}"); properties.putIfAbsent("AZURE_APP_CLIENT_SECRET", "${sm\\://azure-app-client-secret}"); + properties.putIfAbsent("AZURE_NAV_APP_CLIENT_ID", DUMMY); // Value found in pod, if needed. + properties.putIfAbsent("AZURE_NAV_APP_CLIENT_SECRET", DUMMY); // Value found in pod, if needed. + properties.putIfAbsent("AZURE_NAV_OPENID_CONFIG_TOKEN_ENDPOINT", "${sm\\://azure-nav-openid-config-token-endpoint}"); properties.putIfAbsent("AZURE_OPENID_CONFIG_ISSUER", "${sm\\://azure-openid-config-issuer}"); properties.putIfAbsent("AZURE_OPENID_CONFIG_TOKEN_ENDPOINT", "${sm\\://azure-openid-config-token-endpoint}"); properties.putIfAbsent("CRYPTOGRAPHY_SECRET", DUMMY); // Used by bruker-service only. diff --git a/proxies/brregstub-reverse-proxy/Dockerfile b/proxies/brregstub-reverse-proxy/Dockerfile new file mode 100644 index 00000000000..3ac8856fdc1 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/Dockerfile @@ -0,0 +1,8 @@ +FROM ghcr.io/navikt/baseimages/temurin:21 +LABEL maintainer="Team Dolly" + +ENV JAVA_OPTS="-Dspring.profiles.active=prod" + +COPY /build/libs/app.jar /app/app.jar + +EXPOSE 8080 diff --git a/proxies/brregstub-reverse-proxy/README.md b/proxies/brregstub-reverse-proxy/README.md new file mode 100644 index 00000000000..674eee89b18 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/README.md @@ -0,0 +1,3 @@ +## Lokal kjøring +* [Generelt.](../../docs/local_general.md) +* [Secret Manager.](../../docs/local_secretmanager.md) \ No newline at end of file diff --git a/proxies/brregstub-reverse-proxy/build.gradle b/proxies/brregstub-reverse-proxy/build.gradle new file mode 100644 index 00000000000..a41a41a2635 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/build.gradle @@ -0,0 +1,16 @@ +plugins { + id "dolly-proxies" +} + +sonarqube { + properties { + property "sonar.projectKey", "testnav-brregstub-reverse-proxy" + property "sonar.projectName", "testnav-brregstub-reverse-proxy" + } +} + +dependencies { + implementation "no.nav.testnav.libs:reactive-security" + implementation "no.nav.testnav.libs:security-core" + implementation "no.nav.testnav.libs:reactive-core" +} diff --git a/proxies/brregstub-reverse-proxy/config.yml b/proxies/brregstub-reverse-proxy/config.yml new file mode 100644 index 00000000000..1c52ad9e666 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/config.yml @@ -0,0 +1,71 @@ +--- +apiVersion: nais.io/v1 +kind: AzureAdApplication +metadata: + name: testnav-brregstub-reverse-proxy-nav + namespace: dolly + labels: + team: dolly +spec: + secretName: azure-testnav-brregstub-reverse-proxy-nav + secretKeyPrefix: "AZURE_NAV" + tenant: nav.no +--- +apiVersion: "nais.io/v1alpha1" +kind: "Application" +metadata: + name: testnav-brregstub-reverse-proxy + namespace: dolly + labels: + team: dolly +spec: + image: "{{image}}" + port: 8080 + webproxy: true + tokenx: + enabled: true + azure: + application: + allowAllUsers: true + enabled: true + tenant: trygdeetaten.no + accessPolicy: + inbound: + rules: + - application: team-dolly-lokal-app + cluster: dev-gcp + - application: testnav-oversikt-frontend + cluster: dev-gcp + - application: flex-brreg-proxy + cluster: dev-gcp + namespace: flex + liveness: + path: /internal/isAlive + initialDelay: 4 + periodSeconds: 5 + failureThreshold: 500 + observability: + logging: + destinations: + - id: elastic + autoInstrumentation: + enabled: true + runtime: java + readiness: + path: /internal/isReady + initialDelay: 4 + periodSeconds: 5 + failureThreshold: 500 + replicas: + min: 1 + max: 1 + resources: + requests: + cpu: 100m + memory: 1024Mi + limits: + memory: 2048Mi + envFrom: + - secret: azure-testnav-brregstub-reverse-proxy-nav + ingresses: + - "https://testnav-brregstub-reverse-proxy.dev-fss-pub.nais.io" \ No newline at end of file diff --git a/proxies/brregstub-reverse-proxy/gradle/wrapper/gradle-wrapper.jar b/proxies/brregstub-reverse-proxy/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000000000000000000000000000000000000..7454180f2ae8848c63b8b4dea2cb829da983f2fa GIT binary patch literal 59536 zcma&NbC71ylI~qywr$(CZQJHswz}-9F59+k+g;UV+cs{`J?GrGXYR~=-ydruB3JCa zB64N^cILAcWk5iofq)<(fq;O7{th4@;QxID0)qN`mJ?GIqLY#rX8-|G{5M0pdVW5^ zzXk$-2kQTAC?_N@B`&6-N-rmVFE=$QD?>*=4<|!MJu@}isLc4AW#{m2if&A5T5g&~ ziuMQeS*U5sL6J698wOd)K@oK@1{peP5&Esut<#VH^u)gp`9H4)`uE!2$>RTctN+^u z=ASkePDZA-X8)rp%D;p*~P?*a_=*Kwc<^>QSH|^<0>o37lt^+Mj1;4YvJ(JR-Y+?%Nu}JAYj5 z_Qc5%Ao#F?q32i?ZaN2OSNhWL;2oDEw_({7ZbgUjna!Fqn3NzLM@-EWFPZVmc>(fZ z0&bF-Ch#p9C{YJT9Rcr3+Y_uR^At1^BxZ#eo>$PLJF3=;t_$2|t+_6gg5(j{TmjYU zK12c&lE?Eh+2u2&6Gf*IdKS&6?rYbSEKBN!rv{YCm|Rt=UlPcW9j`0o6{66#y5t9C zruFA2iKd=H%jHf%ypOkxLnO8#H}#Zt{8p!oi6)7#NqoF({t6|J^?1e*oxqng9Q2Cc zg%5Vu!em)}Yuj?kaP!D?b?(C*w!1;>R=j90+RTkyEXz+9CufZ$C^umX^+4|JYaO<5 zmIM3#dv`DGM;@F6;(t!WngZSYzHx?9&$xEF70D1BvfVj<%+b#)vz)2iLCrTeYzUcL z(OBnNoG6Le%M+@2oo)&jdOg=iCszzv59e zDRCeaX8l1hC=8LbBt|k5?CXgep=3r9BXx1uR8!p%Z|0+4Xro=xi0G!e{c4U~1j6!) zH6adq0}#l{%*1U(Cb%4AJ}VLWKBPi0MoKFaQH6x?^hQ!6em@993xdtS%_dmevzeNl z(o?YlOI=jl(`L9^ z0O+H9k$_@`6L13eTT8ci-V0ljDMD|0ifUw|Q-Hep$xYj0hTO@0%IS^TD4b4n6EKDG z??uM;MEx`s98KYN(K0>c!C3HZdZ{+_53DO%9k5W%pr6yJusQAv_;IA}925Y%;+!tY z%2k!YQmLLOr{rF~!s<3-WEUs)`ix_mSU|cNRBIWxOox_Yb7Z=~Q45ZNe*u|m^|)d* zog=i>`=bTe!|;8F+#H>EjIMcgWcG2ORD`w0WD;YZAy5#s{65~qfI6o$+Ty&-hyMyJ z3Ra~t>R!p=5ZpxA;QkDAoPi4sYOP6>LT+}{xp}tk+<0k^CKCFdNYG(Es>p0gqD)jP zWOeX5G;9(m@?GOG7g;e74i_|SmE?`B2i;sLYwRWKLy0RLW!Hx`=!LH3&k=FuCsM=9M4|GqzA)anEHfxkB z?2iK-u(DC_T1};KaUT@3nP~LEcENT^UgPvp!QC@Dw&PVAhaEYrPey{nkcn(ro|r7XUz z%#(=$7D8uP_uU-oPHhd>>^adbCSQetgSG`e$U|7mr!`|bU0aHl_cmL)na-5x1#OsVE#m*+k84Y^+UMeSAa zbrVZHU=mFwXEaGHtXQq`2ZtjfS!B2H{5A<3(nb-6ARVV8kEmOkx6D2x7~-6hl;*-*}2Xz;J#a8Wn;_B5=m zl3dY;%krf?i-Ok^Pal-}4F`{F@TYPTwTEhxpZK5WCpfD^UmM_iYPe}wpE!Djai6_{ z*pGO=WB47#Xjb7!n2Ma)s^yeR*1rTxp`Mt4sfA+`HwZf%!7ZqGosPkw69`Ix5Ku6G z@Pa;pjzV&dn{M=QDx89t?p?d9gna*}jBly*#1!6}5K<*xDPJ{wv4& zM$17DFd~L*Te3A%yD;Dp9UGWTjRxAvMu!j^Tbc}2v~q^59d4bz zvu#!IJCy(BcWTc`;v$9tH;J%oiSJ_i7s;2`JXZF+qd4C)vY!hyCtl)sJIC{ebI*0> z@x>;EzyBv>AI-~{D6l6{ST=em*U( z(r$nuXY-#CCi^8Z2#v#UXOt`dbYN1z5jzNF2 z411?w)whZrfA20;nl&C1Gi+gk<`JSm+{|*2o<< zqM#@z_D`Cn|0H^9$|Tah)0M_X4c37|KQ*PmoT@%xHc3L1ZY6(p(sNXHa&49Frzto& zR`c~ClHpE~4Z=uKa5S(-?M8EJ$zt0&fJk~p$M#fGN1-y$7!37hld`Uw>Urri(DxLa;=#rK0g4J)pXMC zxzraOVw1+kNWpi#P=6(qxf`zSdUC?D$i`8ZI@F>k6k zz21?d+dw7b&i*>Kv5L(LH-?J%@WnqT7j#qZ9B>|Zl+=> z^U-pV@1y_ptHo4hl^cPRWewbLQ#g6XYQ@EkiP z;(=SU!yhjHp%1&MsU`FV1Z_#K1&(|5n(7IHbx&gG28HNT)*~-BQi372@|->2Aw5It z0CBpUcMA*QvsPy)#lr!lIdCi@1k4V2m!NH)%Px(vu-r(Q)HYc!p zJ^$|)j^E#q#QOgcb^pd74^JUi7fUmMiNP_o*lvx*q%_odv49Dsv$NV;6J z9GOXKomA{2Pb{w}&+yHtH?IkJJu~}Z?{Uk++2mB8zyvh*xhHKE``99>y#TdD z&(MH^^JHf;g(Tbb^&8P*;_i*2&fS$7${3WJtV7K&&(MBV2~)2KB3%cWg#1!VE~k#C z!;A;?p$s{ihyojEZz+$I1)L}&G~ml=udD9qh>Tu(ylv)?YcJT3ihapi!zgPtWb*CP zlLLJSRCj-^w?@;RU9aL2zDZY1`I3d<&OMuW=c3$o0#STpv_p3b9Wtbql>w^bBi~u4 z3D8KyF?YE?=HcKk!xcp@Cigvzy=lnFgc^9c%(^F22BWYNAYRSho@~*~S)4%AhEttv zvq>7X!!EWKG?mOd9&n>vvH1p4VzE?HCuxT-u+F&mnsfDI^}*-d00-KAauEaXqg3k@ zy#)MGX!X;&3&0s}F3q40ZmVM$(H3CLfpdL?hB6nVqMxX)q=1b}o_PG%r~hZ4gUfSp zOH4qlEOW4OMUc)_m)fMR_rl^pCfXc{$fQbI*E&mV77}kRF z&{<06AJyJ!e863o-V>FA1a9Eemx6>^F$~9ppt()ZbPGfg_NdRXBWoZnDy2;#ODgf! zgl?iOcF7Meo|{AF>KDwTgYrJLb$L2%%BEtO>T$C?|9bAB&}s;gI?lY#^tttY&hfr# zKhC+&b-rpg_?~uVK%S@mQleU#_xCsvIPK*<`E0fHE1&!J7!xD#IB|SSPW6-PyuqGn3^M^Rz%WT{e?OI^svARX&SAdU77V(C~ zM$H{Kg59op{<|8ry9ecfP%=kFm(-!W&?U0@<%z*+!*<e0XesMxRFu9QnGqun6R_%T+B%&9Dtk?*d$Q zb~>84jEAPi@&F@3wAa^Lzc(AJz5gsfZ7J53;@D<;Klpl?sK&u@gie`~vTsbOE~Cd4 z%kr56mI|#b(Jk&;p6plVwmNB0H@0SmgdmjIn5Ne@)}7Vty(yb2t3ev@22AE^s!KaN zyQ>j+F3w=wnx7w@FVCRe+`vUH)3gW%_72fxzqX!S&!dchdkRiHbXW1FMrIIBwjsai8`CB2r4mAbwp%rrO>3B$Zw;9=%fXI9B{d(UzVap7u z6piC-FQ)>}VOEuPpuqznpY`hN4dGa_1Xz9rVg(;H$5Te^F0dDv*gz9JS<|>>U0J^# z6)(4ICh+N_Q`Ft0hF|3fSHs*?a=XC;e`sJaU9&d>X4l?1W=|fr!5ShD|nv$GK;j46@BV6+{oRbWfqOBRb!ir88XD*SbC(LF}I1h#6@dvK%Toe%@ zhDyG$93H8Eu&gCYddP58iF3oQH*zLbNI;rN@E{T9%A8!=v#JLxKyUe}e}BJpB{~uN zqgxRgo0*-@-iaHPV8bTOH(rS(huwK1Xg0u+e!`(Irzu@Bld&s5&bWgVc@m7;JgELd zimVs`>vQ}B_1(2#rv#N9O`fJpVfPc7V2nv34PC);Dzbb;p!6pqHzvy?2pD&1NE)?A zt(t-ucqy@wn9`^MN5apa7K|L=9>ISC>xoc#>{@e}m#YAAa1*8-RUMKwbm|;5p>T`Z zNf*ph@tnF{gmDa3uwwN(g=`Rh)4!&)^oOy@VJaK4lMT&5#YbXkl`q?<*XtsqD z9PRK6bqb)fJw0g-^a@nu`^?71k|m3RPRjt;pIkCo1{*pdqbVs-Yl>4E>3fZx3Sv44grW=*qdSoiZ9?X0wWyO4`yDHh2E!9I!ZFi zVL8|VtW38}BOJHW(Ax#KL_KQzarbuE{(%TA)AY)@tY4%A%P%SqIU~8~-Lp3qY;U-} z`h_Gel7;K1h}7$_5ZZT0&%$Lxxr-<89V&&TCsu}LL#!xpQ1O31jaa{U34~^le*Y%L za?7$>Jk^k^pS^_M&cDs}NgXlR>16AHkSK-4TRaJSh#h&p!-!vQY%f+bmn6x`4fwTp z$727L^y`~!exvmE^W&#@uY!NxJi`g!i#(++!)?iJ(1)2Wk;RN zFK&O4eTkP$Xn~4bB|q8y(btx$R#D`O@epi4ofcETrx!IM(kWNEe42Qh(8*KqfP(c0 zouBl6>Fc_zM+V;F3znbo{x#%!?mH3`_ANJ?y7ppxS@glg#S9^MXu|FM&ynpz3o&Qh z2ujAHLF3($pH}0jXQsa#?t--TnF1P73b?4`KeJ9^qK-USHE)4!IYgMn-7z|=ALF5SNGkrtPG@Y~niUQV2?g$vzJN3nZ{7;HZHzWAeQ;5P|@Tl3YHpyznGG4-f4=XflwSJY+58-+wf?~Fg@1p1wkzuu-RF3j2JX37SQUc? zQ4v%`V8z9ZVZVqS8h|@@RpD?n0W<=hk=3Cf8R?d^9YK&e9ZybFY%jdnA)PeHvtBe- zhMLD+SSteHBq*q)d6x{)s1UrsO!byyLS$58WK;sqip$Mk{l)Y(_6hEIBsIjCr5t>( z7CdKUrJTrW%qZ#1z^n*Lb8#VdfzPw~OIL76aC+Rhr<~;4Tl!sw?Rj6hXj4XWa#6Tp z@)kJ~qOV)^Rh*-?aG>ic2*NlC2M7&LUzc9RT6WM%Cpe78`iAowe!>(T0jo&ivn8-7 zs{Qa@cGy$rE-3AY0V(l8wjI^uB8Lchj@?L}fYal^>T9z;8juH@?rG&g-t+R2dVDBe zq!K%{e-rT5jX19`(bP23LUN4+_zh2KD~EAYzhpEO3MUG8@}uBHH@4J zd`>_(K4q&>*k82(dDuC)X6JuPrBBubOg7qZ{?x!r@{%0);*`h*^F|%o?&1wX?Wr4b z1~&cy#PUuES{C#xJ84!z<1tp9sfrR(i%Tu^jnXy;4`Xk;AQCdFC@?V%|; zySdC7qS|uQRcH}EFZH%mMB~7gi}a0utE}ZE_}8PQH8f;H%PN41Cb9R%w5Oi5el^fd z$n{3SqLCnrF##x?4sa^r!O$7NX!}&}V;0ZGQ&K&i%6$3C_dR%I7%gdQ;KT6YZiQrW zk%q<74oVBV>@}CvJ4Wj!d^?#Zwq(b$E1ze4$99DuNg?6t9H}k_|D7KWD7i0-g*EO7 z;5{hSIYE4DMOK3H%|f5Edx+S0VI0Yw!tsaRS2&Il2)ea^8R5TG72BrJue|f_{2UHa z@w;^c|K3da#$TB0P3;MPlF7RuQeXT$ zS<<|C0OF(k)>fr&wOB=gP8!Qm>F41u;3esv7_0l%QHt(~+n; zf!G6%hp;Gfa9L9=AceiZs~tK+Tf*Wof=4!u{nIO90jH@iS0l+#%8=~%ASzFv7zqSB^?!@N7)kp0t&tCGLmzXSRMRyxCmCYUD2!B`? zhs$4%KO~m=VFk3Buv9osha{v+mAEq=ik3RdK@;WWTV_g&-$U4IM{1IhGX{pAu%Z&H zFfwCpUsX%RKg);B@7OUzZ{Hn{q6Vv!3#8fAg!P$IEx<0vAx;GU%}0{VIsmFBPq_mb zpe^BChDK>sc-WLKl<6 zwbW|e&d&dv9Wu0goueyu>(JyPx1mz0v4E?cJjFuKF71Q1)AL8jHO$!fYT3(;U3Re* zPPOe%*O+@JYt1bW`!W_1!mN&=w3G9ru1XsmwfS~BJ))PhD(+_J_^N6j)sx5VwbWK| zwRyC?W<`pOCY)b#AS?rluxuuGf-AJ=D!M36l{ua?@SJ5>e!IBr3CXIxWw5xUZ@Xrw z_R@%?{>d%Ld4p}nEsiA@v*nc6Ah!MUs?GA7e5Q5lPpp0@`%5xY$C;{%rz24$;vR#* zBP=a{)K#CwIY%p} zXVdxTQ^HS@O&~eIftU+Qt^~(DGxrdi3k}DdT^I7Iy5SMOp$QuD8s;+93YQ!OY{eB24%xY7ml@|M7I(Nb@K_-?F;2?et|CKkuZK_>+>Lvg!>JE~wN`BI|_h6$qi!P)+K-1Hh(1;a`os z55)4Q{oJiA(lQM#;w#Ta%T0jDNXIPM_bgESMCDEg6rM33anEr}=|Fn6)|jBP6Y}u{ zv9@%7*#RI9;fv;Yii5CI+KrRdr0DKh=L>)eO4q$1zmcSmglsV`*N(x=&Wx`*v!!hn6X-l0 zP_m;X??O(skcj+oS$cIdKhfT%ABAzz3w^la-Ucw?yBPEC+=Pe_vU8nd-HV5YX6X8r zZih&j^eLU=%*;VzhUyoLF;#8QsEfmByk+Y~caBqSvQaaWf2a{JKB9B>V&r?l^rXaC z8)6AdR@Qy_BxQrE2Fk?ewD!SwLuMj@&d_n5RZFf7=>O>hzVE*seW3U?_p|R^CfoY`?|#x9)-*yjv#lo&zP=uI`M?J zbzC<^3x7GfXA4{FZ72{PE*-mNHyy59Q;kYG@BB~NhTd6pm2Oj=_ zizmD?MKVRkT^KmXuhsk?eRQllPo2Ubk=uCKiZ&u3Xjj~<(!M94c)Tez@9M1Gfs5JV z->@II)CDJOXTtPrQudNjE}Eltbjq>6KiwAwqvAKd^|g!exgLG3;wP+#mZYr`cy3#39e653d=jrR-ulW|h#ddHu(m9mFoW~2yE zz5?dB%6vF}+`-&-W8vy^OCxm3_{02royjvmwjlp+eQDzFVEUiyO#gLv%QdDSI#3W* z?3!lL8clTaNo-DVJw@ynq?q!%6hTQi35&^>P85G$TqNt78%9_sSJt2RThO|JzM$iL zg|wjxdMC2|Icc5rX*qPL(coL!u>-xxz-rFiC!6hD1IR%|HSRsV3>Kq~&vJ=s3M5y8SG%YBQ|{^l#LGlg!D?E>2yR*eV%9m$_J6VGQ~AIh&P$_aFbh zULr0Z$QE!QpkP=aAeR4ny<#3Fwyw@rZf4?Ewq`;mCVv}xaz+3ni+}a=k~P+yaWt^L z@w67!DqVf7D%7XtXX5xBW;Co|HvQ8WR1k?r2cZD%U;2$bsM%u8{JUJ5Z0k= zZJARv^vFkmWx15CB=rb=D4${+#DVqy5$C%bf`!T0+epLJLnh1jwCdb*zuCL}eEFvE z{rO1%gxg>1!W(I!owu*mJZ0@6FM(?C+d*CeceZRW_4id*D9p5nzMY&{mWqrJomjIZ z97ZNnZ3_%Hx8dn;H>p8m7F#^2;T%yZ3H;a&N7tm=Lvs&lgJLW{V1@h&6Vy~!+Ffbb zv(n3+v)_D$}dqd!2>Y2B)#<+o}LH#%ogGi2-?xRIH)1!SD)u-L65B&bsJTC=LiaF+YOCif2dUX6uAA|#+vNR z>U+KQekVGon)Yi<93(d!(yw1h3&X0N(PxN2{%vn}cnV?rYw z$N^}_o!XUB!mckL`yO1rnUaI4wrOeQ(+&k?2mi47hzxSD`N#-byqd1IhEoh!PGq>t z_MRy{5B0eKY>;Ao3z$RUU7U+i?iX^&r739F)itdrTpAi-NN0=?^m%?{A9Ly2pVv>Lqs6moTP?T2-AHqFD-o_ znVr|7OAS#AEH}h8SRPQ@NGG47dO}l=t07__+iK8nHw^(AHx&Wb<%jPc$$jl6_p(b$ z)!pi(0fQodCHfM)KMEMUR&UID>}m^(!{C^U7sBDOA)$VThRCI0_+2=( zV8mMq0R(#z;C|7$m>$>`tX+T|xGt(+Y48@ZYu#z;0pCgYgmMVbFb!$?%yhZqP_nhn zy4<#3P1oQ#2b51NU1mGnHP$cf0j-YOgAA}A$QoL6JVLcmExs(kU{4z;PBHJD%_=0F z>+sQV`mzijSIT7xn%PiDKHOujX;n|M&qr1T@rOxTdxtZ!&u&3HHFLYD5$RLQ=heur zb>+AFokUVQeJy-#LP*^)spt{mb@Mqe=A~-4p0b+Bt|pZ+@CY+%x}9f}izU5;4&QFE zO1bhg&A4uC1)Zb67kuowWY4xbo&J=%yoXlFB)&$d*-}kjBu|w!^zbD1YPc0-#XTJr z)pm2RDy%J3jlqSMq|o%xGS$bPwn4AqitC6&e?pqWcjWPt{3I{>CBy;hg0Umh#c;hU3RhCUX=8aR>rmd` z7Orw(5tcM{|-^J?ZAA9KP|)X6n9$-kvr#j5YDecTM6n z&07(nD^qb8hpF0B^z^pQ*%5ePYkv&FabrlI61ntiVp!!C8y^}|<2xgAd#FY=8b*y( zuQOuvy2`Ii^`VBNJB&R!0{hABYX55ooCAJSSevl4RPqEGb)iy_0H}v@vFwFzD%>#I>)3PsouQ+_Kkbqy*kKdHdfkN7NBcq%V{x^fSxgXpg7$bF& zj!6AQbDY(1u#1_A#1UO9AxiZaCVN2F0wGXdY*g@x$ByvUA?ePdide0dmr#}udE%K| z3*k}Vv2Ew2u1FXBaVA6aerI36R&rzEZeDDCl5!t0J=ug6kuNZzH>3i_VN`%BsaVB3 zQYw|Xub_SGf{)F{$ZX5`Jc!X!;eybjP+o$I{Z^Hsj@D=E{MnnL+TbC@HEU2DjG{3-LDGIbq()U87x4eS;JXnSh;lRlJ z>EL3D>wHt-+wTjQF$fGyDO$>d+(fq@bPpLBS~xA~R=3JPbS{tzN(u~m#Po!?H;IYv zE;?8%^vle|%#oux(Lj!YzBKv+Fd}*Ur-dCBoX*t{KeNM*n~ZPYJ4NNKkI^MFbz9!v z4(Bvm*Kc!-$%VFEewYJKz-CQN{`2}KX4*CeJEs+Q(!kI%hN1!1P6iOq?ovz}X0IOi z)YfWpwW@pK08^69#wSyCZkX9?uZD?C^@rw^Y?gLS_xmFKkooyx$*^5#cPqntNTtSG zlP>XLMj2!VF^0k#ole7`-c~*~+_T5ls?x4)ah(j8vo_ zwb%S8qoaZqY0-$ZI+ViIA_1~~rAH7K_+yFS{0rT@eQtTAdz#8E5VpwnW!zJ_^{Utv zlW5Iar3V5t&H4D6A=>?mq;G92;1cg9a2sf;gY9pJDVKn$DYdQlvfXq}zz8#LyPGq@ z+`YUMD;^-6w&r-82JL7mA8&M~Pj@aK!m{0+^v<|t%APYf7`}jGEhdYLqsHW-Le9TL z_hZZ1gbrz7$f9^fAzVIP30^KIz!!#+DRLL+qMszvI_BpOSmjtl$hh;&UeM{ER@INV zcI}VbiVTPoN|iSna@=7XkP&-4#06C};8ajbxJ4Gcq8(vWv4*&X8bM^T$mBk75Q92j z1v&%a;OSKc8EIrodmIiw$lOES2hzGDcjjB`kEDfJe{r}yE6`eZL zEB`9u>Cl0IsQ+t}`-cx}{6jqcANucqIB>Qmga_&<+80E2Q|VHHQ$YlAt{6`Qu`HA3 z03s0-sSlwbvgi&_R8s={6<~M^pGvBNjKOa>tWenzS8s zR>L7R5aZ=mSU{f?ib4Grx$AeFvtO5N|D>9#)ChH#Fny2maHWHOf2G=#<9Myot#+4u zWVa6d^Vseq_0=#AYS(-m$Lp;*8nC_6jXIjEM`omUmtH@QDs3|G)i4j*#_?#UYVZvJ z?YjT-?!4Q{BNun;dKBWLEw2C-VeAz`%?A>p;)PL}TAZn5j~HK>v1W&anteARlE+~+ zj>c(F;?qO3pXBb|#OZdQnm<4xWmn~;DR5SDMxt0UK_F^&eD|KZ=O;tO3vy4@4h^;2 zUL~-z`-P1aOe?|ZC1BgVsL)2^J-&vIFI%q@40w0{jjEfeVl)i9(~bt2z#2Vm)p`V_ z1;6$Ae7=YXk#=Qkd24Y23t&GvRxaOoad~NbJ+6pxqzJ>FY#Td7@`N5xp!n(c!=RE& z&<<@^a$_Ys8jqz4|5Nk#FY$~|FPC0`*a5HH!|Gssa9=~66&xG9)|=pOOJ2KE5|YrR zw!w6K2aC=J$t?L-;}5hn6mHd%hC;p8P|Dgh6D>hGnXPgi;6r+eA=?f72y9(Cf_ho{ zH6#)uD&R=73^$$NE;5piWX2bzR67fQ)`b=85o0eOLGI4c-Tb@-KNi2pz=Ke@SDcPn za$AxXib84`!Sf;Z3B@TSo`Dz7GM5Kf(@PR>Ghzi=BBxK8wRp>YQoXm+iL>H*Jo9M3 z6w&E?BC8AFTFT&Tv8zf+m9<&S&%dIaZ)Aoqkak_$r-2{$d~0g2oLETx9Y`eOAf14QXEQw3tJne;fdzl@wV#TFXSLXM2428F-Q}t+n2g%vPRMUzYPvzQ9f# zu(liiJem9P*?0%V@RwA7F53r~|I!Ty)<*AsMX3J{_4&}{6pT%Tpw>)^|DJ)>gpS~1rNEh z0$D?uO8mG?H;2BwM5a*26^7YO$XjUm40XmBsb63MoR;bJh63J;OngS5sSI+o2HA;W zdZV#8pDpC9Oez&L8loZO)MClRz!_!WD&QRtQxnazhT%Vj6Wl4G11nUk8*vSeVab@N#oJ}`KyJv+8Mo@T1-pqZ1t|?cnaVOd;1(h9 z!$DrN=jcGsVYE-0-n?oCJ^4x)F}E;UaD-LZUIzcD?W^ficqJWM%QLy6QikrM1aKZC zi{?;oKwq^Vsr|&`i{jIphA8S6G4)$KGvpULjH%9u(Dq247;R#l&I0{IhcC|oBF*Al zvLo7Xte=C{aIt*otJD}BUq)|_pdR>{zBMT< z(^1RpZv*l*m*OV^8>9&asGBo8h*_4q*)-eCv*|Pq=XNGrZE)^(SF7^{QE_~4VDB(o zVcPA_!G+2CAtLbl+`=Q~9iW`4ZRLku!uB?;tWqVjB0lEOf}2RD7dJ=BExy=<9wkb- z9&7{XFA%n#JsHYN8t5d~=T~5DcW4$B%3M+nNvC2`0!#@sckqlzo5;hhGi(D9=*A4` z5ynobawSPRtWn&CDLEs3Xf`(8^zDP=NdF~F^s&={l7(aw&EG}KWpMjtmz7j_VLO;@ zM2NVLDxZ@GIv7*gzl1 zjq78tv*8#WSY`}Su0&C;2F$Ze(q>F(@Wm^Gw!)(j;dk9Ad{STaxn)IV9FZhm*n+U} zi;4y*3v%A`_c7a__DJ8D1b@dl0Std3F||4Wtvi)fCcBRh!X9$1x!_VzUh>*S5s!oq z;qd{J_r79EL2wIeiGAqFstWtkfIJpjVh%zFo*=55B9Zq~y0=^iqHWfQl@O!Ak;(o*m!pZqe9 z%U2oDOhR)BvW8&F70L;2TpkzIutIvNQaTjjs5V#8mV4!NQ}zN=i`i@WI1z0eN-iCS z;vL-Wxc^Vc_qK<5RPh(}*8dLT{~GzE{w2o$2kMFaEl&q zP{V=>&3kW7tWaK-Exy{~`v4J0U#OZBk{a9{&)&QG18L@6=bsZ1zC_d{{pKZ-Ey>I> z;8H0t4bwyQqgu4hmO`3|4K{R*5>qnQ&gOfdy?z`XD%e5+pTDzUt3`k^u~SaL&XMe= z9*h#kT(*Q9jO#w2Hd|Mr-%DV8i_1{J1MU~XJ3!WUplhXDYBpJH><0OU`**nIvPIof z|N8@I=wA)sf45SAvx||f?Z5uB$kz1qL3Ky_{%RPdP5iN-D2!p5scq}buuC00C@jom zhfGKm3|f?Z0iQ|K$Z~!`8{nmAS1r+fp6r#YDOS8V*;K&Gs7Lc&f^$RC66O|)28oh`NHy&vq zJh+hAw8+ybTB0@VhWN^0iiTnLsCWbS_y`^gs!LX!Lw{yE``!UVzrV24tP8o;I6-65 z1MUiHw^{bB15tmrVT*7-#sj6cs~z`wk52YQJ*TG{SE;KTm#Hf#a~|<(|ImHH17nNM z`Ub{+J3dMD!)mzC8b(2tZtokKW5pAwHa?NFiso~# z1*iaNh4lQ4TS)|@G)H4dZV@l*Vd;Rw;-;odDhW2&lJ%m@jz+Panv7LQm~2Js6rOW3 z0_&2cW^b^MYW3)@o;neZ<{B4c#m48dAl$GCc=$>ErDe|?y@z`$uq3xd(%aAsX)D%l z>y*SQ%My`yDP*zof|3@_w#cjaW_YW4BdA;#Glg1RQcJGY*CJ9`H{@|D+*e~*457kd z73p<%fB^PV!Ybw@)Dr%(ZJbX}xmCStCYv#K3O32ej{$9IzM^I{6FJ8!(=azt7RWf4 z7ib0UOPqN40X!wOnFOoddd8`!_IN~9O)#HRTyjfc#&MCZ zZAMzOVB=;qwt8gV?{Y2?b=iSZG~RF~uyx18K)IDFLl})G1v@$(s{O4@RJ%OTJyF+Cpcx4jmy|F3euCnMK!P2WTDu5j z{{gD$=M*pH!GGzL%P)V2*ROm>!$Y=z|D`!_yY6e7SU$~a5q8?hZGgaYqaiLnkK%?0 zs#oI%;zOxF@g*@(V4p!$7dS1rOr6GVs6uYCTt2h)eB4?(&w8{#o)s#%gN@BBosRUe z)@P@8_Zm89pr~)b>e{tbPC~&_MR--iB{=)y;INU5#)@Gix-YpgP<-c2Ms{9zuCX|3 z!p(?VaXww&(w&uBHzoT%!A2=3HAP>SDxcljrego7rY|%hxy3XlODWffO_%g|l+7Y_ zqV(xbu)s4lV=l7M;f>vJl{`6qBm>#ZeMA}kXb97Z)?R97EkoI?x6Lp0yu1Z>PS?2{ z0QQ(8D)|lc9CO3B~e(pQM&5(1y&y=e>C^X$`)_&XuaI!IgDTVqt31wX#n+@!a_A0ZQkA zCJ2@M_4Gb5MfCrm5UPggeyh)8 zO9?`B0J#rkoCx(R0I!ko_2?iO@|oRf1;3r+i)w-2&j?=;NVIdPFsB)`|IC0zk6r9c zRrkfxWsiJ(#8QndNJj@{@WP2Ackr|r1VxV{7S&rSU(^)-M8gV>@UzOLXu9K<{6e{T zXJ6b92r$!|lwjhmgqkdswY&}c)KW4A)-ac%sU;2^fvq7gfUW4Bw$b!i@duy1CAxSn z(pyh$^Z=&O-q<{bZUP+$U}=*#M9uVc>CQVgDs4swy5&8RAHZ~$)hrTF4W zPsSa~qYv_0mJnF89RnnJTH`3}w4?~epFl=D(35$ zWa07ON$`OMBOHgCmfO(9RFc<)?$x)N}Jd2A(<*Ll7+4jrRt9w zwGxExUXd9VB#I|DwfxvJ;HZ8Q{37^wDhaZ%O!oO(HpcqfLH%#a#!~;Jl7F5>EX_=8 z{()l2NqPz>La3qJR;_v+wlK>GsHl;uRA8%j`A|yH@k5r%55S9{*Cp%uw6t`qc1!*T za2OeqtQj7sAp#Q~=5Fs&aCR9v>5V+s&RdNvo&H~6FJOjvaj--2sYYBvMq;55%z8^o z|BJDA4vzfow#DO#ZQHh;Oq_{r+qP{R9ox2TOgwQiv7Ow!zjN+A@BN;0tA2lUb#+zO z(^b89eV)D7UVE+h{mcNc6&GtpOqDn_?VAQ)Vob$hlFwW%xh>D#wml{t&Ofmm_d_+; zKDxzdr}`n2Rw`DtyIjrG)eD0vut$}dJAZ0AohZ+ZQdWXn_Z@dI_y=7t3q8x#pDI-K z2VVc&EGq445Rq-j0=U=Zx`oBaBjsefY;%)Co>J3v4l8V(T8H?49_@;K6q#r~Wwppc z4XW0(4k}cP=5ex>-Xt3oATZ~bBWKv)aw|I|Lx=9C1s~&b77idz({&q3T(Y(KbWO?+ zmcZ6?WeUsGk6>km*~234YC+2e6Zxdl~<_g2J|IE`GH%n<%PRv-50; zH{tnVts*S5*_RxFT9eM0z-pksIb^drUq4>QSww=u;UFCv2AhOuXE*V4z?MM`|ABOC4P;OfhS(M{1|c%QZ=!%rQTDFx`+}?Kdx$&FU?Y<$x;j7z=(;Lyz+?EE>ov!8vvMtSzG!nMie zsBa9t8as#2nH}n8xzN%W%U$#MHNXmDUVr@GX{?(=yI=4vks|V)!-W5jHsU|h_&+kY zS_8^kd3jlYqOoiI`ZqBVY!(UfnAGny!FowZWY_@YR0z!nG7m{{)4OS$q&YDyw6vC$ zm4!$h>*|!2LbMbxS+VM6&DIrL*X4DeMO!@#EzMVfr)e4Tagn~AQHIU8?e61TuhcKD zr!F4(kEebk(Wdk-?4oXM(rJwanS>Jc%<>R(siF+>+5*CqJLecP_we33iTFTXr6W^G z7M?LPC-qFHK;E!fxCP)`8rkxZyFk{EV;G-|kwf4b$c1k0atD?85+|4V%YATWMG|?K zLyLrws36p%Qz6{}>7b>)$pe>mR+=IWuGrX{3ZPZXF3plvuv5Huax86}KX*lbPVr}L z{C#lDjdDeHr~?l|)Vp_}T|%$qF&q#U;ClHEPVuS+Jg~NjC1RP=17=aQKGOcJ6B3mp z8?4*-fAD~}sX*=E6!}^u8)+m2j<&FSW%pYr_d|p_{28DZ#Cz0@NF=gC-o$MY?8Ca8 zr5Y8DSR^*urS~rhpX^05r30Ik#2>*dIOGxRm0#0YX@YQ%Mg5b6dXlS!4{7O_kdaW8PFSdj1=ryI-=5$fiieGK{LZ+SX(1b=MNL!q#lN zv98?fqqTUH8r8C7v(cx#BQ5P9W>- zmW93;eH6T`vuJ~rqtIBg%A6>q>gnWb3X!r0wh_q;211+Om&?nvYzL1hhtjB zK_7G3!n7PL>d!kj){HQE zE8(%J%dWLh1_k%gVXTZt zEdT09XSKAx27Ncaq|(vzL3gm83q>6CAw<$fTnMU05*xAe&rDfCiu`u^1)CD<>sx0i z*hr^N_TeN89G(nunZoLBf^81#pmM}>JgD@Nn1l*lN#a=B=9pN%tmvYFjFIoKe_(GF z-26x{(KXdfsQL7Uv6UtDuYwV`;8V3w>oT_I<`Ccz3QqK9tYT5ZQzbop{=I=!pMOCb zCU68`n?^DT%^&m>A%+-~#lvF!7`L7a{z<3JqIlk1$<||_J}vW1U9Y&eX<}l8##6i( zZcTT@2`9(Mecptm@{3A_Y(X`w9K0EwtPq~O!16bq{7c0f7#(3wn-^)h zxV&M~iiF!{-6A@>o;$RzQ5A50kxXYj!tcgme=Qjrbje~;5X2xryU;vH|6bE(8z^<7 zQ>BG7_c*JG8~K7Oe68i#0~C$v?-t@~@r3t2inUnLT(c=URpA9kA8uq9PKU(Ps(LVH zqgcqW>Gm?6oV#AldDPKVRcEyQIdTT`Qa1j~vS{<;SwyTdr&3*t?J)y=M7q*CzucZ&B0M=joT zBbj@*SY;o2^_h*>R0e({!QHF0=)0hOj^B^d*m>SnRrwq>MolNSgl^~r8GR#mDWGYEIJA8B<|{{j?-7p zVnV$zancW3&JVDtVpIlI|5djKq0(w$KxEFzEiiL=h5Jw~4Le23@s(mYyXWL9SX6Ot zmb)sZaly_P%BeX_9 zw&{yBef8tFm+%=--m*J|o~+Xg3N+$IH)t)=fqD+|fEk4AAZ&!wcN5=mi~Vvo^i`}> z#_3ahR}Ju)(Px7kev#JGcSwPXJ2id9%Qd2A#Uc@t8~egZ8;iC{e! z%=CGJOD1}j!HW_sgbi_8suYnn4#Ou}%9u)dXd3huFIb!ytlX>Denx@pCS-Nj$`VO&j@(z!kKSP0hE4;YIP#w9ta=3DO$7f*x zc9M4&NK%IrVmZAe=r@skWD`AEWH=g+r|*13Ss$+{c_R!b?>?UaGXlw*8qDmY#xlR= z<0XFbs2t?8i^G~m?b|!Hal^ZjRjt<@a? z%({Gn14b4-a|#uY^=@iiKH+k?~~wTj5K1A&hU z2^9-HTC)7zpoWK|$JXaBL6C z#qSNYtY>65T@Zs&-0cHeu|RX(Pxz6vTITdzJdYippF zC-EB+n4}#lM7`2Ry~SO>FxhKboIAF#Z{1wqxaCb{#yEFhLuX;Rx(Lz%T`Xo1+a2M}7D+@wol2)OJs$TwtRNJ={( zD@#zTUEE}#Fz#&(EoD|SV#bayvr&E0vzmb%H?o~46|FAcx?r4$N z&67W3mdip-T1RIxwSm_&(%U|+WvtGBj*}t69XVd&ebn>KOuL(7Y8cV?THd-(+9>G7*Nt%T zcH;`p={`SOjaf7hNd(=37Lz3-51;58JffzIPgGs_7xIOsB5p2t&@v1mKS$2D$*GQ6 zM(IR*j4{nri7NMK9xlDy-hJW6sW|ZiDRaFiayj%;(%51DN!ZCCCXz+0Vm#};70nOx zJ#yA0P3p^1DED;jGdPbQWo0WATN=&2(QybbVdhd=Vq*liDk`c7iZ?*AKEYC#SY&2g z&Q(Ci)MJ{mEat$ZdSwTjf6h~roanYh2?9j$CF@4hjj_f35kTKuGHvIs9}Re@iKMxS-OI*`0S z6s)fOtz}O$T?PLFVSeOjSO26$@u`e<>k(OSP!&YstH3ANh>)mzmKGNOwOawq-MPXe zy4xbeUAl6tamnx))-`Gi2uV5>9n(73yS)Ukma4*7fI8PaEwa)dWHs6QA6>$}7?(L8 ztN8M}?{Tf!Zu22J5?2@95&rQ|F7=FK-hihT-vDp!5JCcWrVogEnp;CHenAZ)+E+K5 z$Cffk5sNwD_?4+ymgcHR(5xgt20Z8M`2*;MzOM#>yhk{r3x=EyM226wb&!+j`W<%* zSc&|`8!>dn9D@!pYow~(DsY_naSx7(Z4i>cu#hA5=;IuI88}7f%)bRkuY2B;+9Uep zpXcvFWkJ!mQai63BgNXG26$5kyhZ2&*3Q_tk)Ii4M>@p~_~q_cE!|^A;_MHB;7s#9 zKzMzK{lIxotjc};k67^Xsl-gS!^*m*m6kn|sbdun`O?dUkJ{0cmI0-_2y=lTAfn*Y zKg*A-2sJq)CCJgY0LF-VQvl&6HIXZyxo2#!O&6fOhbHXC?%1cMc6y^*dOS{f$=137Ds1m01qs`>iUQ49JijsaQ( zksqV9@&?il$|4Ua%4!O15>Zy&%gBY&wgqB>XA3!EldQ%1CRSM(pp#k~-pkcCg4LAT zXE=puHbgsw)!xtc@P4r~Z}nTF=D2~j(6D%gTBw$(`Fc=OOQ0kiW$_RDd=hcO0t97h zb86S5r=>(@VGy1&#S$Kg_H@7G^;8Ue)X5Y+IWUi`o;mpvoV)`fcVk4FpcT|;EG!;? zHG^zrVVZOm>1KFaHlaogcWj(v!S)O(Aa|Vo?S|P z5|6b{qkH(USa*Z7-y_Uvty_Z1|B{rTS^qmEMLEYUSk03_Fg&!O3BMo{b^*`3SHvl0 zhnLTe^_vVIdcSHe)SQE}r~2dq)VZJ!aSKR?RS<(9lzkYo&dQ?mubnWmgMM37Nudwo z3Vz@R{=m2gENUE3V4NbIzAA$H1z0pagz94-PTJyX{b$yndsdKptmlKQKaaHj@3=ED zc7L?p@%ui|RegVYutK$64q4pe9+5sv34QUpo)u{1ci?)_7gXQd{PL>b0l(LI#rJmN zGuO+%GO`xneFOOr4EU(Wg}_%bhzUf;d@TU+V*2#}!2OLwg~%D;1FAu=Un>OgjPb3S z7l(riiCwgghC=Lm5hWGf5NdGp#01xQ59`HJcLXbUR3&n%P(+W2q$h2Qd z*6+-QXJ*&Kvk9ht0f0*rO_|FMBALen{j7T1l%=Q>gf#kma zQlg#I9+HB+z*5BMxdesMND`_W;q5|FaEURFk|~&{@qY32N$G$2B=&Po{=!)x5b!#n zxLzblkq{yj05#O7(GRuT39(06FJlalyv<#K4m}+vs>9@q-&31@1(QBv82{}Zkns~K ze{eHC_RDX0#^A*JQTwF`a=IkE6Ze@j#-8Q`tTT?k9`^ZhA~3eCZJ-Jr{~7Cx;H4A3 zcZ+Zj{mzFZbVvQ6U~n>$U2ZotGsERZ@}VKrgGh0xM;Jzt29%TX6_&CWzg+YYMozrM z`nutuS)_0dCM8UVaKRj804J4i%z2BA_8A4OJRQ$N(P9Mfn-gF;4#q788C@9XR0O3< zsoS4wIoyt046d+LnSCJOy@B@Uz*#GGd#+Ln1ek5Dv>(ZtD@tgZlPnZZJGBLr^JK+!$$?A_fA3LOrkoDRH&l7 zcMcD$Hsjko3`-{bn)jPL6E9Ds{WskMrivsUu5apD z?grQO@W7i5+%X&E&p|RBaEZ(sGLR@~(y^BI@lDMot^Ll?!`90KT!JXUhYS`ZgX3jnu@Ja^seA*M5R@f`=`ynQV4rc$uT1mvE?@tz)TN<=&H1%Z?5yjxcpO+6y_R z6EPuPKM5uxKpmZfT(WKjRRNHs@ib)F5WAP7QCADvmCSD#hPz$V10wiD&{NXyEwx5S z6NE`3z!IS^$s7m}PCwQutVQ#~w+V z=+~->DI*bR2j0^@dMr9`p>q^Ny~NrAVxrJtX2DUveic5vM%#N*XO|?YAWwNI$Q)_) zvE|L(L1jP@F%gOGtnlXtIv2&1i8q<)Xfz8O3G^Ea~e*HJsQgBxWL(yuLY+jqUK zRE~`-zklrGog(X}$9@ZVUw!8*=l`6mzYLtsg`AvBYz(cxmAhr^j0~(rzXdiOEeu_p zE$sf2(w(BPAvO5DlaN&uQ$4@p-b?fRs}d7&2UQ4Fh?1Hzu*YVjcndqJLw0#q@fR4u zJCJ}>_7-|QbvOfylj+e^_L`5Ep9gqd>XI3-O?Wp z-gt*P29f$Tx(mtS`0d05nHH=gm~Po_^OxxUwV294BDKT>PHVlC5bndncxGR!n(OOm znsNt@Q&N{TLrmsoKFw0&_M9$&+C24`sIXGWgQaz=kY;S{?w`z^Q0JXXBKFLj0w0U6P*+jPKyZHX9F#b0D1$&(- zrm8PJd?+SrVf^JlfTM^qGDK&-p2Kdfg?f>^%>1n8bu&byH(huaocL>l@f%c*QkX2i znl}VZ4R1en4S&Bcqw?$=Zi7ohqB$Jw9x`aM#>pHc0x z0$!q7iFu zZ`tryM70qBI6JWWTF9EjgG@>6SRzsd}3h+4D8d~@CR07P$LJ}MFsYi-*O%XVvD@yT|rJ+Mk zDllJ7$n0V&A!0flbOf)HE6P_afPWZmbhpliqJuw=-h+r;WGk|ntkWN(8tKlYpq5Ow z(@%s>IN8nHRaYb*^d;M(D$zGCv5C|uqmsDjwy4g=Lz>*OhO3z=)VD}C<65;`89Ye} zSCxrv#ILzIpEx1KdLPlM&%Cctf@FqTKvNPXC&`*H9=l=D3r!GLM?UV zOxa(8ZsB`&+76S-_xuj?G#wXBfDY@Z_tMpXJS7^mp z@YX&u0jYw2A+Z+bD#6sgVK5ZgdPSJV3>{K^4~%HV?rn~4D)*2H!67Y>0aOmzup`{D zzDp3c9yEbGCY$U<8biJ_gB*`jluz1ShUd!QUIQJ$*1;MXCMApJ^m*Fiv88RZ zFopLViw}{$Tyhh_{MLGIE2~sZ)t0VvoW%=8qKZ>h=adTe3QM$&$PO2lfqH@brt!9j ziePM8$!CgE9iz6B<6_wyTQj?qYa;eC^{x_0wuwV~W+^fZmFco-o%wsKSnjXFEx02V zF5C2t)T6Gw$Kf^_c;Ei3G~uC8SM-xyycmXyC2hAVi-IfXqhu$$-C=*|X?R0~hu z8`J6TdgflslhrmDZq1f?GXF7*ALeMmOEpRDg(s*H`4>_NAr`2uqF;k;JQ+8>A|_6ZNsNLECC%NNEb1Y1dP zbIEmNpK)#XagtL4R6BC{C5T(+=yA-(Z|Ap}U-AfZM#gwVpus3(gPn}Q$CExObJ5AC z)ff9Yk?wZ}dZ-^)?cbb9Fw#EjqQ8jxF4G3=L?Ra zg_)0QDMV1y^A^>HRI$x?Op@t;oj&H@1xt4SZ9(kifQ zb59B*`M99Td7@aZ3UWvj1rD0sE)d=BsBuW*KwkCds7ay(7*01_+L}b~7)VHI>F_!{ zyxg-&nCO?v#KOUec0{OOKy+sjWA;8rTE|Lv6I9H?CI?H(mUm8VXGwU$49LGpz&{nQp2}dinE1@lZ1iox6{ghN&v^GZv9J${7WaXj)<0S4g_uiJ&JCZ zr8-hsu`U%N;+9N^@&Q0^kVPB3)wY(rr}p7{p0qFHb3NUUHJb672+wRZs`gd1UjKPX z4o6zljKKA+Kkj?H>Ew63o%QjyBk&1!P22;MkD>sM0=z_s-G{mTixJCT9@_|*(p^bz zJ8?ZZ&;pzV+7#6Mn`_U-)k8Pjg?a;|Oe^us^PoPY$Va~yi8|?+&=y$f+lABT<*pZr zP}D{~Pq1Qyni+@|aP;ixO~mbEW9#c0OU#YbDZIaw=_&$K%Ep2f%hO^&P67hApZe`x zv8b`Mz@?M_7-)b!lkQKk)JXXUuT|B8kJlvqRmRpxtQDgvrHMXC1B$M@Y%Me!BSx3P z#2Eawl$HleZhhTS6Txm>lN_+I`>eV$&v9fOg)%zVn3O5mI*lAl>QcHuW6!Kixmq`X zBCZ*Ck6OYtDiK!N47>jxI&O2a9x7M|i^IagRr-fmrmikEQGgw%J7bO|)*$2FW95O4 zeBs>KR)izRG1gRVL;F*sr8A}aRHO0gc$$j&ds8CIO1=Gwq1%_~E)CWNn9pCtBE}+`Jelk4{>S)M)`Ll=!~gnn1yq^EX(+y*ik@3Ou0qU`IgYi3*doM+5&dU!cho$pZ zn%lhKeZkS72P?Cf68<#kll_6OAO26bIbueZx**j6o;I0cS^XiL`y+>{cD}gd%lux} z)3N>MaE24WBZ}s0ApfdM;5J_Ny}rfUyxfkC``Awo2#sgLnGPewK};dORuT?@I6(5~ z?kE)Qh$L&fwJXzK){iYx!l5$Tt|^D~MkGZPA}(o6f7w~O2G6Vvzdo*a;iXzk$B66$ zwF#;wM7A+(;uFG4+UAY(2`*3XXx|V$K8AYu#ECJYSl@S=uZW$ksfC$~qrrbQj4??z-)uz0QL}>k^?fPnJTPw% zGz)~?B4}u0CzOf@l^um}HZzbaIwPmb<)< zi_3@E9lc)Qe2_`*Z^HH;1CXOceL=CHpHS{HySy3T%<^NrWQ}G0i4e1xm_K3(+~oi$ zoHl9wzb?Z4j#90DtURtjtgvi7uw8DzHYmtPb;?%8vb9n@bszT=1qr)V_>R%s!92_` zfnHQPANx z<#hIjIMm#*(v*!OXtF+w8kLu`o?VZ5k7{`vw{Yc^qYclpUGIM_PBN1+c{#Vxv&E*@ zxg=W2W~JuV{IuRYw3>LSI1)a!thID@R=bU+cU@DbR^_SXY`MC7HOsCN z!dO4OKV7(E_Z8T#8MA1H`99?Z!r0)qKW_#|29X3#Jb+5+>qUidbeP1NJ@)(qi2S-X zao|f0_tl(O+$R|Qwd$H{_ig|~I1fbp_$NkI!0E;Y z6JrnU{1Ra6^on{9gUUB0mwzP3S%B#h0fjo>JvV~#+X0P~JV=IG=yHG$O+p5O3NUgG zEQ}z6BTp^Fie)Sg<){Z&I8NwPR(=mO4joTLHkJ>|Tnk23E(Bo`FSbPc05lF2-+)X? z6vV3*m~IBHTy*^E!<0nA(tCOJW2G4DsH7)BxLV8kICn5lu6@U*R`w)o9;Ro$i8=Q^V%uH8n3q=+Yf;SFRZu z!+F&PKcH#8cG?aSK_Tl@K9P#8o+jry@gdexz&d(Q=47<7nw@e@FFfIRNL9^)1i@;A z28+$Z#rjv-wj#heI|<&J_DiJ*s}xd-f!{J8jfqOHE`TiHHZVIA8CjkNQ_u;Ery^^t zl1I75&u^`1_q)crO+JT4rx|z2ToSC>)Or@-D zy3S>jW*sNIZR-EBsfyaJ+Jq4BQE4?SePtD2+jY8*%FsSLZ9MY>+wk?}}}AFAw)vr{ml)8LUG-y9>^t!{~|sgpxYc0Gnkg`&~R z-pilJZjr@y5$>B=VMdZ73svct%##v%wdX~9fz6i3Q-zOKJ9wso+h?VME7}SjL=!NUG{J?M&i!>ma`eoEa@IX`5G>B1(7;%}M*%-# zfhJ(W{y;>MRz!Ic8=S}VaBKqh;~7KdnGEHxcL$kA-6E~=!hrN*zw9N+_=odt<$_H_8dbo;0=42wcAETPCVGUr~v(`Uai zb{=D!Qc!dOEU6v)2eHSZq%5iqK?B(JlCq%T6av$Cb4Rko6onlG&?CqaX7Y_C_cOC3 zYZ;_oI(}=>_07}Oep&Ws7x7-R)cc8zfe!SYxJYP``pi$FDS)4Fvw5HH=FiU6xfVqIM!hJ;Rx8c0cB7~aPtNH(Nmm5Vh{ibAoU#J6 zImRCr?(iyu_4W_6AWo3*vxTPUw@vPwy@E0`(>1Qi=%>5eSIrp^`` zK*Y?fK_6F1W>-7UsB)RPC4>>Ps9)f+^MqM}8AUm@tZ->j%&h1M8s*s!LX5&WxQcAh z8mciQej@RPm?660%>{_D+7er>%zX_{s|$Z+;G7_sfNfBgY(zLB4Ey}J9F>zX#K0f6 z?dVNIeEh?EIShmP6>M+d|0wMM85Sa4diw1hrg|ITJ}JDg@o8y>(rF9mXk5M z2@D|NA)-7>wD&wF;S_$KS=eE84`BGw3g0?6wGxu8ys4rwI?9U=*^VF22t3%mbGeOh z`!O-OpF7#Vceu~F`${bW0nYVU9ecmk31V{tF%iv&5hWofC>I~cqAt@u6|R+|HLMMX zVxuSlMFOK_EQ86#E8&KwxIr8S9tj_goWtLv4f@!&h8;Ov41{J~496vp9vX=(LK#j! zAwi*21RAV-LD>9Cw3bV_9X(X3)Kr0-UaB*7Y>t82EQ%!)(&(XuAYtTsYy-dz+w=$ir)VJpe!_$ z6SGpX^i(af3{o=VlFPC);|J8#(=_8#vdxDe|Cok+ANhYwbE*FO`Su2m1~w+&9<_9~ z-|tTU_ACGN`~CNW5WYYBn^B#SwZ(t4%3aPp z;o)|L6Rk569KGxFLUPx@!6OOa+5OjQLK5w&nAmwxkC5rZ|m&HT8G%GVZxB_@ME z>>{rnXUqyiJrT(8GMj_ap#yN_!9-lO5e8mR3cJiK3NE{_UM&=*vIU`YkiL$1%kf+1 z4=jk@7EEj`u(jy$HnzE33ZVW_J4bj}K;vT?T91YlO(|Y0FU4r+VdbmQ97%(J5 zkK*Bed8+C}FcZ@HIgdCMioV%A<*4pw_n}l*{Cr4}a(lq|injK#O?$tyvyE`S%(1`H z_wwRvk#13ElkZvij2MFGOj`fhy?nC^8`Zyo%yVcUAfEr8x&J#A{|moUBAV_^f$hpaUuyQeY3da^ zS9iRgf87YBwfe}>BO+T&Fl%rfpZh#+AM?Dq-k$Bq`vG6G_b4z%Kbd&v>qFjow*mBl z-OylnqOpLg}or7_VNwRg2za3VBK6FUfFX{|TD z`Wt0Vm2H$vdlRWYQJqDmM?JUbVqL*ZQY|5&sY*?!&%P8qhA~5+Af<{MaGo(dl&C5t zE%t!J0 zh6jqANt4ABdPxSTrVV}fLsRQal*)l&_*rFq(Ez}ClEH6LHv{J#v?+H-BZ2)Wy{K@9 z+ovXHq~DiDvm>O~r$LJo!cOuwL+Oa--6;UFE2q@g3N8Qkw5E>ytz^(&($!O47+i~$ zKM+tkAd-RbmP{s_rh+ugTD;lriL~`Xwkad#;_aM?nQ7L_muEFI}U_4$phjvYgleK~`Fo`;GiC07&Hq1F<%p;9Q;tv5b?*QnR%8DYJH3P>Svmv47Y>*LPZJy8_{9H`g6kQpyZU{oJ`m%&p~D=K#KpfoJ@ zn-3cqmHsdtN!f?~w+(t+I`*7GQA#EQC^lUA9(i6=i1PqSAc|ha91I%X&nXzjYaM{8$s&wEx@aVkQ6M{E2 zfzId#&r(XwUNtPcq4Ngze^+XaJA1EK-%&C9j>^9(secqe{}z>hR5CFNveMsVA)m#S zk)_%SidkY-XmMWlVnQ(mNJ>)ooszQ#vaK;!rPmGKXV7am^_F!Lz>;~{VrIO$;!#30XRhE1QqO_~#+Ux;B_D{Nk=grn z8Y0oR^4RqtcYM)7a%@B(XdbZCOqnX#fD{BQTeLvRHd(irHKq=4*jq34`6@VAQR8WG z^%)@5CXnD_T#f%@-l${>y$tfb>2LPmc{~5A82|16mH)R?&r#KKLs7xpN-D`=&Cm^R zvMA6#Ahr<3X>Q7|-qfTY)}32HkAz$_mibYV!I)u>bmjK`qwBe(>za^0Kt*HnFbSdO z1>+ryKCNxmm^)*$XfiDOF2|{-v3KKB?&!(S_Y=Ht@|ir^hLd978xuI&N{k>?(*f8H z=ClxVJK_%_z1TH0eUwm2J+2To7FK4o+n_na)&#VLn1m;!+CX+~WC+qg1?PA~KdOlC zW)C@pw75_xoe=w7i|r9KGIvQ$+3K?L{7TGHwrQM{dCp=Z*D}3kX7E-@sZnup!BImw z*T#a=+WcTwL78exTgBn|iNE3#EsOorO z*kt)gDzHiPt07fmisA2LWN?AymkdqTgr?=loT7z@d`wnlr6oN}@o|&JX!yPzC*Y8d zu6kWlTzE1)ckyBn+0Y^HMN+GA$wUO_LN6W>mxCo!0?oiQvT`z$jbSEu&{UHRU0E8# z%B^wOc@S!yhMT49Y)ww(Xta^8pmPCe@eI5C*ed96)AX9<>))nKx0(sci8gwob_1}4 z0DIL&vsJ1_s%<@y%U*-eX z5rN&(zef-5G~?@r79oZGW1d!WaTqQn0F6RIOa9tJ=0(kdd{d1{<*tHT#cCvl*i>YY zH+L7jq8xZNcTUBqj(S)ztTU!TM!RQ}In*n&Gn<>(60G7}4%WQL!o>hbJqNDSGwl#H z`4k+twp0cj%PsS+NKaxslAEu9!#U3xT1|_KB6`h=PI0SW`P9GTa7caD1}vKEglV8# zjKZR`pluCW19c2fM&ZG)c3T3Um;ir3y(tSCJ7Agl6|b524dy5El{^EQBG?E61H0XY z`bqg!;zhGhyMFl&(o=JWEJ8n~z)xI}A@C0d2hQGvw7nGv)?POU@(kS1m=%`|+^ika zXl8zjS?xqW$WlO?Ewa;vF~XbybHBor$f<%I&*t$F5fynwZlTGj|IjZtVfGa7l&tK} zW>I<69w(cZLu)QIVG|M2xzW@S+70NinQzk&Y0+3WT*cC)rx~04O-^<{JohU_&HL5XdUKW!uFy|i$FB|EMu0eUyW;gsf`XfIc!Z0V zeK&*hPL}f_cX=@iv>K%S5kL;cl_$v?n(Q9f_cChk8Lq$glT|=e+T*8O4H2n<=NGmn z+2*h+v;kBvF>}&0RDS>)B{1!_*XuE8A$Y=G8w^qGMtfudDBsD5>T5SB;Qo}fSkkiV ze^K^M(UthkwrD!&*tTsu>Dacdj_q`~V%r_twr$(Ct&_dKeeXE?fA&4&yASJWJ*}~- zel=@W)tusynfC_YqH4ll>4Eg`Xjs5F7Tj>tTLz<0N3)X<1px_d2yUY>X~y>>93*$) z5PuNMQLf9Bu?AAGO~a_|J2akO1M*@VYN^VxvP0F$2>;Zb9;d5Yfd8P%oFCCoZE$ z4#N$^J8rxYjUE_6{T%Y>MmWfHgScpuGv59#4u6fpTF%~KB^Ae`t1TD_^Ud#DhL+Dm zbY^VAM#MrAmFj{3-BpVSWph2b_Y6gCnCAombVa|1S@DU)2r9W<> zT5L8BB^er3zxKt1v(y&OYk!^aoQisqU zH(g@_o)D~BufUXcPt!Ydom)e|aW{XiMnes2z&rE?og>7|G+tp7&^;q?Qz5S5^yd$i z8lWr4g5nctBHtigX%0%XzIAB8U|T6&JsC4&^hZBw^*aIcuNO47de?|pGXJ4t}BB`L^d8tD`H`i zqrP8?#J@8T#;{^B!KO6J=@OWKhAerih(phML`(Rg7N1XWf1TN>=Z3Do{l_!d~DND&)O)D>ta20}@Lt77qSnVsA7>)uZAaT9bsB>u&aUQl+7GiY2|dAEg@%Al3i316y;&IhQL^8fw_nwS>f60M_-m+!5)S_6EPM7Y)(Nq^8gL7(3 zOiot`6Wy6%vw~a_H?1hLVzIT^i1;HedHgW9-P#)}Y6vF%C=P70X0Tk^z9Te@kPILI z_(gk!k+0%CG)%!WnBjjw*kAKs_lf#=5HXC00s-}oM-Q1aXYLj)(1d!_a7 z*Gg4Fe6F$*ujVjI|79Z5+Pr`us%zW@ln++2l+0hsngv<{mJ%?OfSo_3HJXOCys{Ug z00*YR-(fv<=&%Q!j%b-_ppA$JsTm^_L4x`$k{VpfLI(FMCap%LFAyq;#ns5bR7V+x zO!o;c5y~DyBPqdVQX)8G^G&jWkBy2|oWTw>)?5u}SAsI$RjT#)lTV&Rf8;>u*qXnb z8F%Xb=7#$m)83z%`E;49)t3fHInhtc#kx4wSLLms!*~Z$V?bTyUGiS&m>1P(952(H zuHdv=;o*{;5#X-uAyon`hP}d#U{uDlV?W?_5UjJvf%11hKwe&(&9_~{W)*y1nR5f_ z!N(R74nNK`y8>B!0Bt_Vr!;nc3W>~RiKtGSBkNlsR#-t^&;$W#)f9tTlZz>n*+Fjz z3zXZ;jf(sTM(oDzJt4FJS*8c&;PLTW(IQDFs_5QPy+7yhi1syPCarvqrHFcf&yTy)^O<1EBx;Ir`5W{TIM>{8w&PB>ro4;YD<5LF^TjTb0!zAP|QijA+1Vg>{Afv^% zmrkc4o6rvBI;Q8rj4*=AZacy*n8B{&G3VJc)so4$XUoie0)vr;qzPZVbb<#Fc=j+8CGBWe$n|3K& z_@%?{l|TzKSlUEO{U{{%Fz_pVDxs7i9H#bnbCw7@4DR=}r_qV!Zo~CvD4ZI*+j3kO zW6_=|S`)(*gM0Z;;}nj`73OigF4p6_NPZQ-Od~e$c_);;4-7sR>+2u$6m$Gf%T{aq zle>e3(*Rt(TPD}03n5)!Ca8Pu!V}m6v0o1;5<1h$*|7z|^(3$Y&;KHKTT}hV056wuF0Xo@mK-52~r=6^SI1NC%c~CC?n>yX6wPTgiWYVz!Sx^atLby9YNn1Rk{g?|pJaxD4|9cUf|V1_I*w zzxK)hRh9%zOl=*$?XUjly5z8?jPMy%vEN)f%T*|WO|bp5NWv@B(K3D6LMl!-6dQg0 zXNE&O>Oyf%K@`ngCvbGPR>HRg5!1IV$_}m@3dWB7x3t&KFyOJn9pxRXCAzFr&%37wXG;z^xaO$ekR=LJG ztIHpY8F5xBP{mtQidqNRoz= z@){+N3(VO5bD+VrmS^YjG@+JO{EOIW)9=F4v_$Ed8rZtHvjpiEp{r^c4F6Ic#ChlC zJX^DtSK+v(YdCW)^EFcs=XP7S>Y!4=xgmv>{S$~@h=xW-G4FF9?I@zYN$e5oF9g$# zb!eVU#J+NjLyX;yb)%SY)xJdvGhsnE*JEkuOVo^k5PyS=o#vq!KD46UTW_%R=Y&0G zFj6bV{`Y6)YoKgqnir2&+sl+i6foAn-**Zd1{_;Zb7Ki=u394C5J{l^H@XN`_6XTKY%X1AgQM6KycJ+= zYO=&t#5oSKB^pYhNdzPgH~aEGW2=ec1O#s-KG z71}LOg@4UEFtp3GY1PBemXpNs6UK-ax*)#$J^pC_me;Z$Je(OqLoh|ZrW*mAMBFn< zHttjwC&fkVfMnQeen8`Rvy^$pNRFVaiEN4Pih*Y3@jo!T0nsClN)pdrr9AYLcZxZ| zJ5Wlj+4q~($hbtuY zVQ7hl>4-+@6g1i`1a)rvtp-;b0>^`Dloy(#{z~ytgv=j4q^Kl}wD>K_Y!l~ zp(_&7sh`vfO(1*MO!B%<6E_bx1)&s+Ae`O)a|X=J9y~XDa@UB`m)`tSG4AUhoM=5& znWoHlA-(z@3n0=l{E)R-p8sB9XkV zZ#D8wietfHL?J5X0%&fGg@MH~(rNS2`GHS4xTo7L$>TPme+Is~!|79=^}QbPF>m%J zFMkGzSndiPO|E~hrhCeo@&Ea{M(ieIgRWMf)E}qeTxT8Q#g-!Lu*x$v8W^M^>?-g= zwMJ$dThI|~M06rG$Sv@C@tWR>_YgaG&!BAbkGggVQa#KdtDB)lMLNVLN|51C@F^y8 zCRvMB^{GO@j=cHfmy}_pCGbP%xb{pNN>? z?7tBz$1^zVaP|uaatYaIN+#xEN4jBzwZ|YI_)p(4CUAz1ZEbDk>J~Y|63SZaak~#0 zoYKruYsWHoOlC1(MhTnsdUOwQfz5p6-D0}4;DO$B;7#M{3lSE^jnTT;ns`>!G%i*F?@pR1JO{QTuD0U+~SlZxcc8~>IB{)@8p`P&+nDxNj`*gh|u?yrv$phpQcW)Us)bi`kT%qLj(fi{dWRZ%Es2!=3mI~UxiW0$-v3vUl?#g{p6eF zMEUAqo5-L0Ar(s{VlR9g=j7+lt!gP!UN2ICMokAZ5(Agd>})#gkA2w|5+<%-CuEP# zqgcM}u@3(QIC^Gx<2dbLj?cFSws_f3e%f4jeR?4M^M3cx1f+Qr6ydQ>n)kz1s##2w zk}UyQc+Z5G-d-1}{WzjkLXgS-2P7auWSJ%pSnD|Uivj5u!xk0 z_^-N9r9o;(rFDt~q1PvE#iJZ_f>J3gcP$)SOqhE~pD2|$=GvpL^d!r z6u=sp-CrMoF7;)}Zd7XO4XihC4ji?>V&(t^?@3Q&t9Mx=qex6C9d%{FE6dvU6%d94 zIE;hJ1J)cCqjv?F``7I*6bc#X)JW2b4f$L^>j{*$R`%5VHFi*+Q$2;nyieduE}qdS{L8y8F08yLs?w}{>8>$3236T-VMh@B zq-nujsb_1aUv_7g#)*rf9h%sFj*^mIcImRV*k~Vmw;%;YH(&ylYpy!&UjUVqqtfG` zox3esju?`unJJA_zKXRJP)rA3nXc$m^{S&-p|v|-0x9LHJm;XIww7C#R$?00l&Yyj z=e}gKUOpsImwW?N)+E(awoF@HyP^EhL+GlNB#k?R<2>95hz!h9sF@U20DHSB3~WMa zk90+858r@-+vWwkawJ)8ougd(i#1m3GLN{iSTylYz$brAsP%=&m$mQQrH$g%3-^VR zE%B`Vi&m8f3T~&myTEK28BDWCVzfWir1I?03;pX))|kY5ClO^+bae z*7E?g=3g7EiisYOrE+lA)2?Ln6q2*HLNpZEWMB|O-JI_oaHZB%CvYB(%=tU= zE*OY%QY58fW#RG5=gm0NR#iMB=EuNF@)%oZJ}nmm=tsJ?eGjia{e{yuU0l3{d^D@)kVDt=1PE)&tf_hHC%0MB znL|CRCPC}SeuVTdf>-QV70`0(EHizc21s^sU>y%hW0t!0&y<7}Wi-wGy>m%(-jsDj zP?mF|>p_K>liZ6ZP(w5(|9Ga%>tLgb$|doDDfkdW>Z z`)>V2XC?NJT26mL^@ zf+IKr27TfM!UbZ@?zRddC7#6ss1sw%CXJ4FWC+t3lHZupzM77m^=9 z&(a?-LxIq}*nvv)y?27lZ{j zifdl9hyJudyP2LpU$-kXctshbJDKS{WfulP5Dk~xU4Le4c#h^(YjJit4#R8_khheS z|8(>2ibaHES4+J|DBM7I#QF5u-*EdN{n=Kt@4Zt?@Tv{JZA{`4 zU#kYOv{#A&gGPwT+$Ud}AXlK3K7hYzo$(fBSFjrP{QQ zeaKg--L&jh$9N}`pu{Bs>?eDFPaWY4|9|foN%}i;3%;@4{dc+iw>m}{3rELqH21G! z`8@;w-zsJ1H(N3%|1B@#ioLOjib)j`EiJqPQVSbPSPVHCj6t5J&(NcWzBrzCiDt{4 zdlPAUKldz%6x5II1H_+jv)(xVL+a;P+-1hv_pM>gMRr%04@k;DTokASSKKhU1Qms| zrWh3a!b(J3n0>-tipg{a?UaKsP7?+|@A+1WPDiQIW1Sf@qDU~M_P65_s}7(gjTn0X zucyEm)o;f8UyshMy&>^SC3I|C6jR*R_GFwGranWZe*I>K+0k}pBuET&M~ z;Odo*ZcT?ZpduHyrf8E%IBFtv;JQ!N_m>!sV6ly$_1D{(&nO~w)G~Y`7sD3#hQk%^ zp}ucDF_$!6DAz*PM8yE(&~;%|=+h(Rn-=1Wykas_-@d&z#=S}rDf`4w(rVlcF&lF! z=1)M3YVz7orwk^BXhslJ8jR);sh^knJW(Qmm(QdSgIAIdlN4Te5KJisifjr?eB{FjAX1a0AB>d?qY4Wx>BZ8&}5K0fA+d{l8 z?^s&l8#j7pR&ijD?0b%;lL9l$P_mi2^*_OL+b}4kuLR$GAf85sOo02?Y#90}CCDiS zZ%rbCw>=H~CBO=C_JVV=xgDe%b4FaEFtuS7Q1##y686r%F6I)s-~2(}PWK|Z8M+Gu zl$y~5@#0Ka%$M<&Cv%L`a8X^@tY&T7<0|(6dNT=EsRe0%kp1Qyq!^43VAKYnr*A5~ zsI%lK1ewqO;0TpLrT9v}!@vJK{QoVa_+N4FYT#h?Y8rS1S&-G+m$FNMP?(8N`MZP zels(*?kK{{^g9DOzkuZXJ2;SrOQsp9T$hwRB1(phw1c7`!Q!by?Q#YsSM#I12RhU{$Q+{xj83axHcftEc$mNJ8_T7A-BQc*k(sZ+~NsO~xAA zxnbb%dam_fZlHvW7fKXrB~F&jS<4FD2FqY?VG?ix*r~MDXCE^WQ|W|WM;gsIA4lQP zJ2hAK@CF*3*VqPr2eeg6GzWFlICi8S>nO>5HvWzyZTE)hlkdC_>pBej*>o0EOHR|) z$?};&I4+_?wvL*g#PJ9)!bc#9BJu1(*RdNEn>#Oxta(VWeM40ola<0aOe2kSS~{^P zDJBd}0L-P#O-CzX*%+$#v;(x%<*SPgAje=F{Zh-@ucd2DA(yC|N_|ocs*|-!H%wEw z@Q!>siv2W;C^^j^59OAX03&}&D*W4EjCvfi(ygcL#~t8XGa#|NPO+*M@Y-)ctFA@I z-p7npT1#5zOLo>7q?aZpCZ=iecn3QYklP;gF0bq@>oyBq94f6C=;Csw3PkZ|5q=(c zfs`aw?II0e(h=|7o&T+hq&m$; zBrE09Twxd9BJ2P+QPN}*OdZ-JZV7%av@OM7v!!NL8R;%WFq*?{9T3{ct@2EKgc8h) zMxoM$SaF#p<`65BwIDfmXG6+OiK0e)`I=!A3E`+K@61f}0e z!2a*FOaDrOe>U`q%K!QN`&=&0C~)CaL3R4VY(NDt{Xz(Xpqru5=r#uQN1L$Je1*dkdqQ*=lofQaN%lO!<5z9ZlHgxt|`THd>2 zsWfU$9=p;yLyJyM^t zS2w9w?Bpto`@H^xJpZDKR1@~^30Il6oFGfk5%g6w*C+VM)+%R@gfIwNprOV5{F^M2 zO?n3DEzpT+EoSV-%OdvZvNF+pDd-ZVZ&d8 zKeIyrrfPN=EcFRCPEDCVflX#3-)Ik_HCkL(ejmY8vzcf-MTA{oHk!R2*36`O68$7J zf}zJC+bbQk--9Xm!u#lgLvx8TXx2J258E5^*IZ(FXMpq$2LUUvhWQPs((z1+2{Op% z?J}9k5^N=z;7ja~zi8a_-exIqWUBJwohe#4QJ`|FF*$C{lM18z^#hX6!5B8KAkLUX ziP=oti-gpV(BsLD{0(3*dw}4JxK23Y7M{BeFPucw!sHpY&l%Ws4pSm`+~V7;bZ%Dx zeI)MK=4vC&5#;2MT7fS?^ch9?2;%<8Jlu-IB&N~gg8t;6S-#C@!NU{`p7M8@2iGc& zg|JPg%@gCoCQ&s6JvDU&`X2S<57f(k8nJ1wvBu{8r?;q3_kpZZ${?|( z+^)UvR33sjSd)aT!UPkA;ylO6{aE3MQa{g%Mcf$1KONcjO@&g5zPHWtzM1rYC{_K> zgQNcs<{&X{OA=cEWw5JGqpr0O>x*Tfak2PE9?FuWtz^DDNI}rwAaT0(bdo-<+SJ6A z&}S%boGMWIS0L}=S>|-#kRX;e^sUsotry(MjE|3_9duvfc|nwF#NHuM-w7ZU!5ei8 z6Mkf>2)WunY2eU@C-Uj-A zG(z0Tz2YoBk>zCz_9-)4a>T46$(~kF+Y{#sA9MWH%5z#zNoz)sdXq7ZR_+`RZ%0(q zC7&GyS_|BGHNFl8Xa%@>iWh%Gr?=J5<(!OEjauj5jyrA-QXBjn0OAhJJ9+v=!LK`` z@g(`^*84Q4jcDL`OA&ZV60djgwG`|bcD*i50O}Q{9_noRg|~?dj%VtKOnyRs$Uzqg z191aWoR^rDX#@iSq0n z?9Sg$WSRPqSeI<}&n1T3!6%Wj@5iw5`*`Btni~G=&;J+4`7g#OQTa>u`{4ZZ(c@s$ zK0y;ySOGD-UTjREKbru{QaS>HjN<2)R%Nn-TZiQ(Twe4p@-saNa3~p{?^V9Nixz@a zykPv~<@lu6-Ng9i$Lrk(xi2Tri3q=RW`BJYOPC;S0Yly%77c727Yj-d1vF!Fuk{Xh z)lMbA69y7*5ufET>P*gXQrxsW+ zz)*MbHZv*eJPEXYE<6g6_M7N%#%mR{#awV3i^PafNv(zyI)&bH?F}2s8_rR(6%!V4SOWlup`TKAb@ee>!9JKPM=&8g#BeYRH9FpFybxBXQI2|g}FGJfJ+ zY-*2hB?o{TVL;Wt_ek;AP5PBqfDR4@Z->_182W z{P@Mc27j6jE*9xG{R$>6_;i=y{qf(c`5w9fa*`rEzX6t!KJ(p1H|>J1pC-2zqWENF zmm=Z5B4u{cY2XYl(PfrInB*~WGWik3@1oRhiMOS|D;acnf-Bs(QCm#wR;@Vf!hOPJ zgjhDCfDj$HcyVLJ=AaTbQ{@vIv14LWWF$=i-BDoC11}V;2V8A`S>_x)vIq44-VB-v z*w-d}$G+Ql?En8j!~ZkCpQ$|cA0|+rrY>tiCeWxkRGPoarxlGU2?7%k#F693RHT24 z-?JsiXlT2PTqZqNb&sSc>$d;O4V@|b6VKSWQb~bUaWn1Cf0+K%`Q&Wc<>mQ>*iEGB zbZ;aYOotBZ{vH3y<0A*L0QVM|#rf*LIsGx(O*-7)r@yyBIzJnBFSKBUSl1e|8lxU* zzFL+YDVVkIuzFWeJ8AbgN&w(4-7zbiaMn{5!JQXu)SELk*CNL+Fro|2v|YO)1l15t zs(0^&EB6DPMyaqvY>=KL>)tEpsn;N5Q#yJj<9}ImL((SqErWN3Q=;tBO~ExTCs9hB z2E$7eN#5wX4<3m^5pdjm#5o>s#eS_Q^P)tm$@SawTqF*1dj_i#)3};JslbLKHXl_N z)Fxzf>FN)EK&Rz&*|6&%Hs-^f{V|+_vL1S;-1K-l$5xiC@}%uDuwHYhmsV?YcOUlk zOYkG5v2+`+UWqpn0aaaqrD3lYdh0*!L`3FAsNKu=Q!vJu?Yc8n|CoYyDo_`r0mPoo z8>XCo$W4>l(==h?2~PoRR*kEe)&IH{1sM41mO#-36`02m#nTX{r*r`Q5rZ2-sE|nA zhnn5T#s#v`52T5|?GNS`%HgS2;R(*|^egNPDzzH_z^W)-Q98~$#YAe)cEZ%vge965AS_am#DK#pjPRr-!^za8>`kksCAUj(Xr*1NW5~e zpypt_eJpD&4_bl_y?G%>^L}=>xAaV>KR6;^aBytqpiHe%!j;&MzI_>Sx7O%F%D*8s zSN}cS^<{iiK)=Ji`FpO#^zY!_|D)qeRNAtgmH)m;qC|mq^j(|hL`7uBz+ULUj37gj zksdbnU+LSVo35riSX_4z{UX=%n&}7s0{WuZYoSfwAP`8aKN9P@%e=~1`~1ASL-z%# zw>DO&ixr}c9%4InGc*_y42bdEk)ZdG7-mTu0bD@_vGAr*NcFoMW;@r?@LUhRI zCUJgHb`O?M3!w)|CPu~ej%fddw20lod?Ufp8Dmt0PbnA0J%KE^2~AIcnKP()025V> zG>noSM3$5Btmc$GZoyP^v1@Poz0FD(6YSTH@aD0}BXva?LphAiSz9f&Y(aDAzBnUh z?d2m``~{z;{}kZJ>a^wYI?ry(V9hIoh;|EFc0*-#*`$T0DRQ1;WsqInG;YPS+I4{g zJGpKk%%Sdc5xBa$Q^_I~(F97eqDO7AN3EN0u)PNBAb+n+ zWBTxQx^;O9o0`=g+Zrt_{lP!sgWZHW?8bLYS$;1a@&7w9rD9|Ge;Gb?sEjFoF9-6v z#!2)t{DMHZ2@0W*fCx;62d#;jouz`R5Y(t{BT=$N4yr^^o$ON8d{PQ=!O zX17^CrdM~7D-;ZrC!||<+FEOxI_WI3CA<35va%4v>gc zEX-@h8esj=a4szW7x{0g$hwoWRQG$yK{@3mqd-jYiVofJE!Wok1* znV7Gm&Ssq#hFuvj1sRyHg(6PFA5U*Q8Rx>-blOs=lb`qa{zFy&n4xY;sd$fE+<3EI z##W$P9M{B3c3Si9gw^jlPU-JqD~Cye;wr=XkV7BSv#6}DrsXWFJ3eUNrc%7{=^sP> zrp)BWKA9<}^R9g!0q7yWlh;gr_TEOD|#BmGq<@IV;ueg+D2}cjpp+dPf&Q(36sFU&K8}hA85U61faW&{ zlB`9HUl-WWCG|<1XANN3JVAkRYvr5U4q6;!G*MTdSUt*Mi=z_y3B1A9j-@aK{lNvx zK%p23>M&=KTCgR!Ee8c?DAO2_R?B zkaqr6^BSP!8dHXxj%N1l+V$_%vzHjqvu7p@%Nl6;>y*S}M!B=pz=aqUV#`;h%M0rU zHfcog>kv3UZAEB*g7Er@t6CF8kHDmKTjO@rejA^ULqn!`LwrEwOVmHx^;g|5PHm#B zZ+jjWgjJ!043F+&#_;D*mz%Q60=L9Ove|$gU&~As5^uz@2-BfQ!bW)Khn}G+Wyjw- z19qI#oB(RSNydn0t~;tAmK!P-d{b-@@E5|cdgOS#!>%#Rj6ynkMvaW@37E>@hJP^8 z2zk8VXx|>#R^JCcWdBCy{0nPmYFOxN55#^-rlqobe0#L6)bi?E?SPymF*a5oDDeSd zO0gx?#KMoOd&G(2O@*W)HgX6y_aa6iMCl^~`{@UR`nMQE`>n_{_aY5nA}vqU8mt8H z`oa=g0SyiLd~BxAj2~l$zRSDHxvDs;I4>+M$W`HbJ|g&P+$!U7-PHX4RAcR0szJ*( ze-417=bO2q{492SWrqDK+L3#ChUHtz*@MP)e^%@>_&#Yk^1|tv@j4%3T)diEX zATx4K*hcO`sY$jk#jN5WD<=C3nvuVsRh||qDHnc~;Kf59zr0;c7VkVSUPD%NnnJC_ zl3F^#f_rDu8l}l8qcAz0FFa)EAt32IUy_JLIhU_J^l~FRH&6-ivSpG2PRqzDdMWft>Zc(c)#tb%wgmWN%>IOPm zZi-noqS!^Ftb81pRcQi`X#UhWK70hy4tGW1mz|+vI8c*h@ zfFGJtW3r>qV>1Z0r|L>7I3un^gcep$AAWfZHRvB|E*kktY$qQP_$YG60C@X~tTQjB3%@`uz!qxtxF+LE!+=nrS^07hn` zEgAp!h|r03h7B!$#OZW#ACD+M;-5J!W+{h|6I;5cNnE(Y863%1(oH}_FTW})8zYb$7czP zg~Szk1+_NTm6SJ0MS_|oSz%e(S~P-&SFp;!k?uFayytV$8HPwuyELSXOs^27XvK-D zOx-Dl!P|28DK6iX>p#Yb%3`A&CG0X2S43FjN%IB}q(!hC$fG}yl1y9W&W&I@KTg6@ zK^kpH8=yFuP+vI^+59|3%Zqnb5lTDAykf z9S#X`3N(X^SpdMyWQGOQRjhiwlj!0W-yD<3aEj^&X%=?`6lCy~?`&WSWt z?U~EKFcCG_RJ(Qp7j=$I%H8t)Z@6VjA#>1f@EYiS8MRHZphp zMA_5`znM=pzUpBPO)pXGYpQ6gkine{6u_o!P@Q+NKJ}k!_X7u|qfpAyIJb$_#3@wJ z<1SE2Edkfk9C!0t%}8Yio09^F`YGzpaJHGk*-ffsn85@)%4@`;Fv^8q(-Wk7r=Q8p zT&hD`5(f?M{gfzGbbwh8(}G#|#fDuk7v1W)5H9wkorE0ZZjL0Q1=NRGY>zwgfm81DdoaVwNH;or{{eSyybt)m<=zXoA^RALYG-2t zouH|L*BLvmm9cdMmn+KGopyR@4*=&0&4g|FLoreZOhRmh=)R0bg~ zT2(8V_q7~42-zvb)+y959OAv!V$u(O3)%Es0M@CRFmG{5sovIq4%8Ahjk#*5w{+)+ zMWQoJI_r$HxL5km1#6(e@{lK3Udc~n0@g`g$s?VrnQJ$!oPnb?IHh-1qA`Rz$)Ai< z6w$-MJW-gKNvOhL+XMbE7&mFt`x1KY>k4(!KbbpZ`>`K@1J<(#vVbjx@Z@(6Q}MF# zMnbr-f55(cTa^q4+#)=s+ThMaV~E`B8V=|W_fZWDwiso8tNMTNse)RNBGi=gVwgg% zbOg8>mbRN%7^Um-7oj4=6`$|(K7!+t^90a{$18Z>}<#!bm%ZEFQ{X(yBZMc>lCz0f1I2w9Sq zuGh<9<=AO&g6BZte6hn>Qmvv;Rt)*cJfTr2=~EnGD8P$v3R|&1RCl&7)b+`=QGapi zPbLg_pxm`+HZurtFZ;wZ=`Vk*do~$wB zxoW&=j0OTbQ=Q%S8XJ%~qoa3Ea|au5o}_(P;=!y-AjFrERh%8la!z6Fn@lR?^E~H12D?8#ht=1F;7@o4$Q8GDj;sSC%Jfn01xgL&%F2 zwG1|5ikb^qHv&9hT8w83+yv&BQXOQyMVJSBL(Ky~p)gU3#%|blG?IR9rP^zUbs7rOA0X52Ao=GRt@C&zlyjNLv-} z9?*x{y(`509qhCV*B47f2hLrGl^<@SuRGR!KwHei?!CM10Tq*YDIoBNyRuO*>3FU? zHjipIE#B~y3FSfOsMfj~F9PNr*H?0oHyYB^G(YyNh{SxcE(Y-`x5jFMKb~HO*m+R% zrq|ic4fzJ#USpTm;X7K+E%xsT_3VHKe?*uc4-FsILUH;kL>_okY(w`VU*8+l>o>Jm ziU#?2^`>arnsl#)*R&nf_%>A+qwl%o{l(u)M?DK1^mf260_oteV3#E_>6Y4!_hhVD zM8AI6MM2V*^_M^sQ0dmHu11fy^kOqXqzpr?K$`}BKWG`=Es(9&S@K@)ZjA{lj3ea7_MBP zk(|hBFRjHVMN!sNUkrB;(cTP)T97M$0Dtc&UXSec<+q?y>5=)}S~{Z@ua;1xt@=T5 zI7{`Z=z_X*no8s>mY;>BvEXK%b`a6(DTS6t&b!vf_z#HM{Uoy_5fiB(zpkF{})ruka$iX*~pq1ZxD?q68dIo zIZSVls9kFGsTwvr4{T_LidcWtt$u{kJlW7moRaH6+A5hW&;;2O#$oKyEN8kx`LmG)Wfq4ykh+q{I3|RfVpkR&QH_x;t41Uw z`P+tft^E2B$domKT@|nNW`EHwyj>&}K;eDpe z1bNOh=fvIfk`&B61+S8ND<(KC%>y&?>opCnY*r5M+!UrWKxv0_QvTlJc>X#AaI^xo zaRXL}t5Ej_Z$y*|w*$6D+A?Lw-CO-$itm^{2Ct82-<0IW)0KMNvJHgBrdsIR0v~=H z?n6^}l{D``Me90`^o|q!olsF?UX3YSq^6Vu>Ijm>>PaZI8G@<^NGw{Cx&%|PwYrfw zR!gX_%AR=L3BFsf8LxI|K^J}deh0ZdV?$3r--FEX`#INxsOG6_=!v)DI>0q|BxT)z z-G6kzA01M?rba+G_mwNMQD1mbVbNTWmBi*{s_v_Ft9m2Avg!^78(QFu&n6mbRJ2bA zv!b;%yo{g*9l2)>tsZJOOp}U~8VUH`}$ z8p_}t*XIOehezolNa-a2x0BS})Y9}&*TPgua{Ewn-=wVrmJUeU39EKx+%w%=ixQWK zDLpwaNJs65#6o7Ln7~~X+p_o2BR1g~VCfxLzxA{HlWAI6^H;`juI=&r1jQrUv_q0Z z1Ja-tjdktrrP>GOC*#p?*xfQU5MqjMsBe!9lh(u8)w$e@Z|>aUHI5o;MGw*|Myiz3 z-f0;pHg~Q#%*Kx8MxH%AluVXjG2C$)WL-K63@Q`#y9_k_+}eR(x4~dp7oV-ek0H>I zgy8p#i4GN{>#v=pFYUQT(g&b$OeTy-X_#FDgNF8XyfGY6R!>inYn8IR2RDa&O!(6< znXs{W!bkP|s_YI*Yx%4stI`=ZO45IK6rBs`g7sP40ic}GZ58s?Mc$&i`kq_tfci>N zIHrC0H+Qpam1bNa=(`SRKjixBTtm&e`j9porEci!zdlg1RI0Jw#b(_Tb@RQK1Zxr_ z%7SUeH6=TrXt3J@js`4iDD0=IoHhK~I7^W8^Rcp~Yaf>2wVe|Hh1bUpX9ATD#moByY57-f2Ef1TP^lBi&p5_s7WGG9|0T}dlfxOx zXvScJO1Cnq`c`~{Dp;{;l<-KkCDE+pmexJkd}zCgE{eF=)K``-qC~IT6GcRog_)!X z?fK^F8UDz$(zFUrwuR$qro5>qqn>+Z%<5>;_*3pZ8QM|yv9CAtrAx;($>4l^_$_-L z*&?(77!-=zvnCVW&kUcZMb6;2!83si518Y%R*A3JZ8Is|kUCMu`!vxDgaWjs7^0j( ziTaS4HhQ)ldR=r)_7vYFUr%THE}cPF{0H45FJ5MQW^+W>P+eEX2kLp3zzFe*-pFVA zdDZRybv?H|>`9f$AKVjFWJ=wegO7hOOIYCtd?Vj{EYLT*^gl35|HQ`R=ti+ADm{jyQE7K@kdjuqJhWVSks>b^ zxha88-h3s;%3_5b1TqFCPTxVjvuB5U>v=HyZ$?JSk+&I%)M7KE*wOg<)1-Iy)8-K! z^XpIt|0ibmk9RtMmlUd7#Ap3Q!q9N4atQy)TmrhrFhfx1DAN`^vq@Q_SRl|V z#lU<~n67$mT)NvHh`%als+G-)x1`Y%4Bp*6Un5Ri9h=_Db zA-AdP!f>f0m@~>7X#uBM?diI@)Egjuz@jXKvm zJo+==juc9_<;CqeRaU9_Mz@;3e=E4=6TK+c`|uu#pIqhSyNm`G(X)&)B`8q0RBv#> z`gGlw(Q=1Xmf55VHj%C#^1lpc>LY8kfA@|rlC1EA<1#`iuyNO z(=;irt{_&K=i4)^x%;U(Xv<)+o=dczC5H3W~+e|f~{*ucxj@{Yi-cw^MqYr3fN zF5D+~!wd$#al?UfMnz(@K#wn`_5na@rRr8XqN@&M&FGEC@`+OEv}sI1hw>Up0qAWf zL#e4~&oM;TVfjRE+10B_gFlLEP9?Q-dARr3xi6nQqnw>k-S;~b z;!0s2VS4}W8b&pGuK=7im+t(`nz@FnT#VD|!)eQNp-W6)@>aA+j~K*H{$G`y2|QHY z|Hmy+CR@#jWY4~)lr1qBJB_RfHJFfP<}pK5(#ZZGSqcpyS&}01LnTWk5fzmXMGHkJ zTP6L^B+uj;lmB_W<~4=${+v0>z31M!-_O@o-O9GyW)j_mjx}!0@br_LE-7SIuPP84 z;5=O(U*g_um0tyG|61N@d9lEuOeiRd+#NY^{nd5;-CVlw&Ap7J?qwM^?E29wvS}2d zbzar4Fz&RSR(-|s!Z6+za&Z zY#D<5q_JUktIzvL0)yq_kLWG6DO{ri=?c!y!f(Dk%G{8)k`Gym%j#!OgXVDD3;$&v@qy#ISJfp=Vm>pls@9-mapVQChAHHd-x+OGx)(*Yr zC1qDUTZ6mM(b_hi!TuFF2k#8uI2;kD70AQ&di$L*4P*Y-@p`jdm%_c3f)XhYD^6M8&#Y$ZpzQMcR|6nsH>b=*R_Von!$BTRj7yGCXokoAQ z&ANvx0-Epw`QIEPgI(^cS2f(Y85yV@ygI{ewyv5Frng)e}KCZF7JbR(&W618_dcEh(#+^zZFY;o<815<5sOHQdeax9_!PyM&;{P zkBa5xymca0#)c#tke@3KNEM8a_mT&1gm;p&&JlMGH(cL(b)BckgMQ^9&vRwj!~3@l zY?L5}=Jzr080OGKb|y`ee(+`flQg|!lo6>=H)X4`$Gz~hLmu2a%kYW_Uu8x09Pa0J zKZ`E$BKJ=2GPj_3l*TEcZ*uYRr<*J^#5pILTT;k_cgto1ZL-%slyc16J~OH-(RgDA z%;EjEnoUkZ&acS{Q8`{i6T5^nywgqQI5bDIymoa7CSZG|WWVk>GM9)zy*bNih|QIm z%0+(Nnc*a_xo;$=!HQYaapLms>J1ToyjtFByY`C2H1wT#178#4+|{H0BBqtCdd$L% z_3Hc60j@{t9~MjM@LBalR&6@>B;9?r<7J~F+WXyYu*y3?px*=8MAK@EA+jRX8{CG?GI-< z54?Dc9CAh>QTAvyOEm0^+x;r2BWX|{3$Y7)L5l*qVE*y0`7J>l2wCmW zL1?|a`pJ-l{fb_N;R(Z9UMiSj6pQjOvQ^%DvhIJF!+Th7jO2~1f1N+(-TyCFYQZYw z4)>7caf^Ki_KJ^Zx2JUb z&$3zJy!*+rCV4%jqwyuNY3j1ZEiltS0xTzd+=itTb;IPYpaf?8Y+RSdVdpacB(bVQ zC(JupLfFp8y43%PMj2}T|VS@%LVp>hv4Y!RPMF?pp8U_$xCJ)S zQx!69>bphNTIb9yn*_yfj{N%bY)t{L1cs8<8|!f$;UQ*}IN=2<6lA;x^(`8t?;+ST zh)z4qeYYgZkIy{$4x28O-pugO&gauRh3;lti9)9Pvw+^)0!h~%m&8Q!AKX%urEMnl z?yEz?g#ODn$UM`+Q#$Q!6|zsq_`dLO5YK-6bJM6ya>}H+vnW^h?o$z;V&wvuM$dR& zeEq;uUUh$XR`TWeC$$c&Jjau2it3#%J-y}Qm>nW*s?En?R&6w@sDXMEr#8~$=b(gk zwDC3)NtAP;M2BW_lL^5ShpK$D%@|BnD{=!Tq)o(5@z3i7Z){} zGr}Exom_qDO{kAVkZ*MbLNHE666Kina#D{&>Jy%~w7yX$oj;cYCd^p9zy z8*+wgSEcj$4{WxKmCF(5o7U4jqwEvO&dm1H#7z}%VXAbW&W24v-tS6N3}qrm1OnE)fUkoE8yMMn9S$?IswS88tQWm4#Oid#ckgr6 zRtHm!mfNl-`d>O*1~d7%;~n+{Rph6BBy^95zqI{K((E!iFQ+h*C3EsbxNo_aRm5gj zKYug($r*Q#W9`p%Bf{bi6;IY0v`pB^^qu)gbg9QHQ7 zWBj(a1YSu)~2RK8Pi#C>{DMlrqFb9e_RehEHyI{n?e3vL_}L>kYJC z_ly$$)zFi*SFyNrnOt(B*7E$??s67EO%DgoZL2XNk8iVx~X_)o++4oaK1M|ou73vA0K^503j@uuVmLcHH4ya-kOIDfM%5%(E z+Xpt~#7y2!KB&)PoyCA+$~DXqxPxxALy!g-O?<9+9KTk4Pgq4AIdUkl`1<1#j^cJg zgU3`0hkHj_jxV>`Y~%LAZl^3o0}`Sm@iw7kwff{M%VwtN)|~!p{AsfA6vB5UolF~d zHWS%*uBDt<9y!9v2Xe|au&1j&iR1HXCdyCjxSgG*L{wmTD4(NQ=mFjpa~xooc6kju z`~+d{j7$h-;HAB04H!Zscu^hZffL#9!p$)9>sRI|Yovm)g@F>ZnosF2EgkU3ln0bR zTA}|+E(tt)!SG)-bEJi_0m{l+(cAz^pi}`9=~n?y&;2eG;d9{M6nj>BHGn(KA2n|O zt}$=FPq!j`p&kQ8>cirSzkU0c08%8{^Qyqi-w2LoO8)^E7;;I1;HQ6B$u0nNaX2CY zSmfi)F`m94zL8>#zu;8|{aBui@RzRKBlP1&mfFxEC@%cjl?NBs`cr^nm){>;$g?rhKr$AO&6qV_Wbn^}5tfFBry^e1`%du2~o zs$~dN;S_#%iwwA_QvmMjh%Qo?0?rR~6liyN5Xmej8(*V9ym*T`xAhHih-v$7U}8=dfXi2i*aAB!xM(Xekg*ix@r|ymDw*{*s0?dlVys2e)z62u1 z+k3esbJE=-P5S$&KdFp+2H7_2e=}OKDrf( z9-207?6$@f4m4B+9E*e((Y89!q?zH|mz_vM>kp*HGXldO0Hg#!EtFhRuOm$u8e~a9 z5(roy7m$Kh+zjW6@zw{&20u?1f2uP&boD}$#Zy)4o&T;vyBoqFiF2t;*g=|1=)PxB z8eM3Mp=l_obbc?I^xyLz?4Y1YDWPa+nm;O<$Cn;@ane616`J9OO2r=rZr{I_Kizyc zP#^^WCdIEp*()rRT+*YZK>V@^Zs=ht32x>Kwe zab)@ZEffz;VM4{XA6e421^h~`ji5r%)B{wZu#hD}f3$y@L0JV9f3g{-RK!A?vBUA}${YF(vO4)@`6f1 z-A|}e#LN{)(eXloDnX4Vs7eH|<@{r#LodP@Nz--$Dg_Par%DCpu2>2jUnqy~|J?eZ zBG4FVsz_A+ibdwv>mLp>P!(t}E>$JGaK$R~;fb{O3($y1ssQQo|5M;^JqC?7qe|hg zu0ZOqeFcp?qVn&Qu7FQJ4hcFi&|nR!*j)MF#b}QO^lN%5)4p*D^H+B){n8%VPUzi! zDihoGcP71a6!ab`l^hK&*dYrVYzJ0)#}xVrp!e;lI!+x+bfCN0KXwUAPU9@#l7@0& QuEJmfE|#`Dqx|px0L@K;Y5)KL literal 0 HcmV?d00001 diff --git a/proxies/brregstub-reverse-proxy/gradle/wrapper/gradle-wrapper.properties b/proxies/brregstub-reverse-proxy/gradle/wrapper/gradle-wrapper.properties new file mode 100644 index 00000000000..48c0a02ca41 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/gradle/wrapper/gradle-wrapper.properties @@ -0,0 +1,5 @@ +distributionBase=GRADLE_USER_HOME +distributionPath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-8.7-bin.zip +zipStoreBase=GRADLE_USER_HOME +zipStorePath=wrapper/dists diff --git a/proxies/brregstub-reverse-proxy/gradlew b/proxies/brregstub-reverse-proxy/gradlew new file mode 100755 index 00000000000..3da45c161b0 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/gradlew @@ -0,0 +1,234 @@ +#!/bin/sh + +# +# Copyright ? 2015-2021 the original authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +############################################################################## +# +# Gradle start up script for POSIX generated by Gradle. +# +# Important for running: +# +# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is +# noncompliant, but you have some other compliant shell such as ksh or +# bash, then to run this script, type that shell name before the whole +# command line, like: +# +# ksh Gradle +# +# Busybox and similar reduced shells will NOT work, because this script +# requires all of these POSIX shell features: +# * functions; +# * expansions ?$var?, ?${var}?, ?${var:-default}?, ?${var+SET}?, +# ?${var#prefix}?, ?${var%suffix}?, and ?$( cmd )?; +# * compound commands having a testable exit status, especially ?case?; +# * various built-in commands including ?command?, ?set?, and ?ulimit?. +# +# Important for patching: +# +# (2) This script targets any POSIX shell, so it avoids extensions provided +# by Bash, Ksh, etc; in particular arrays are avoided. +# +# The "traditional" practice of packing multiple parameters into a +# space-separated string is a well documented source of bugs and security +# problems, so this is (mostly) avoided, by progressively accumulating +# options in "$@", and eventually passing that to Java. +# +# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS, +# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly; +# see the in-line comments for details. +# +# There are tweaks for specific operating systems such as AIX, CygWin, +# Darwin, MinGW, and NonStop. +# +# (3) This script is generated from the Groovy template +# https://github.com/gradle/gradle/blob/master/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt +# within the Gradle project. +# +# You can find Gradle at https://github.com/gradle/gradle/. +# +############################################################################## + +# Attempt to set APP_HOME + +# Resolve links: $0 may be a link +app_path=$0 + +# Need this for daisy-chained symlinks. +while + APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path + [ -h "$app_path" ] +do + ls=$( ls -ld "$app_path" ) + link=${ls#*' -> '} + case $link in #( + /*) app_path=$link ;; #( + *) app_path=$APP_HOME$link ;; + esac +done + +APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit + +APP_NAME="Gradle" +APP_BASE_NAME=${0##*/} + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD=maximum + +warn () { + echo "$*" +} >&2 + +die () { + echo + echo "$*" + echo + exit 1 +} >&2 + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "$( uname )" in #( + CYGWIN* ) cygwin=true ;; #( + Darwin* ) darwin=true ;; #( + MSYS* | MINGW* ) msys=true ;; #( + NONSTOP* ) nonstop=true ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD=$JAVA_HOME/jre/sh/java + else + JAVACMD=$JAVA_HOME/bin/java + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD=java + which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." +fi + +# Increase the maximum file descriptors if we can. +if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then + case $MAX_FD in #( + max*) + MAX_FD=$( ulimit -H -n ) || + warn "Could not query maximum file descriptor limit" + esac + case $MAX_FD in #( + '' | soft) :;; #( + *) + ulimit -n "$MAX_FD" || + warn "Could not set maximum file descriptor limit to $MAX_FD" + esac +fi + +# Collect all arguments for the java command, stacking in reverse order: +# * args from the command line +# * the main class name +# * -classpath +# * -D...appname settings +# * --module-path (only if needed) +# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables. + +# For Cygwin or MSYS, switch paths to Windows format before running java +if "$cygwin" || "$msys" ; then + APP_HOME=$( cygpath --path --mixed "$APP_HOME" ) + CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" ) + + JAVACMD=$( cygpath --unix "$JAVACMD" ) + + # Now convert the arguments - kludge to limit ourselves to /bin/sh + for arg do + if + case $arg in #( + -*) false ;; # don't mess with options #( + /?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath + [ -e "$t" ] ;; #( + *) false ;; + esac + then + arg=$( cygpath --path --ignore --mixed "$arg" ) + fi + # Roll the args list around exactly as many times as the number of + # args, so each arg winds up back in the position where it started, but + # possibly modified. + # + # NB: a `for` loop captures its iteration list before it begins, so + # changing the positional parameters here affects neither the number of + # iterations, nor the values presented in `arg`. + shift # remove old arg + set -- "$@" "$arg" # push replacement arg + done +fi + +# Collect all arguments for the java command; +# * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of +# shell script including quotes and variable substitutions, so put them in +# double quotes to make sure that they get re-expanded; and +# * put everything else in single quotes, so that it's not re-expanded. + +set -- \ + "-Dorg.gradle.appname=$APP_BASE_NAME" \ + -classpath "$CLASSPATH" \ + org.gradle.wrapper.GradleWrapperMain \ + "$@" + +# Use "xargs" to parse quoted args. +# +# With -n1 it outputs one arg per line, with the quotes and backslashes removed. +# +# In Bash we could simply go: +# +# readarray ARGS < <( xargs -n1 <<<"$var" ) && +# set -- "${ARGS[@]}" "$@" +# +# but POSIX shell has neither arrays nor command substitution, so instead we +# post-process each arg (as a line of input to sed) to backslash-escape any +# character that might be a shell metacharacter, then use eval to reverse +# that process (while maintaining the separation between arguments), and wrap +# the whole thing up as a single "set" statement. +# +# This will of course break if any of these variables contains a newline or +# an unmatched quote. +# + +eval "set -- $( + printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" | + xargs -n1 | + sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' | + tr '\n' ' ' + )" '"$@"' + +exec "$JAVACMD" "$@" diff --git a/proxies/brregstub-reverse-proxy/gradlew.bat b/proxies/brregstub-reverse-proxy/gradlew.bat new file mode 100644 index 00000000000..107acd32c4e --- /dev/null +++ b/proxies/brregstub-reverse-proxy/gradlew.bat @@ -0,0 +1,89 @@ +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem https://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem + +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Resolve any "." and ".." in APP_HOME to make it shorter. +for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto execute + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto execute + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/proxies/brregstub-reverse-proxy/gradlewUpdate.sh b/proxies/brregstub-reverse-proxy/gradlewUpdate.sh new file mode 100755 index 00000000000..e5ee6361152 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/gradlewUpdate.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +gradle wrapper \ No newline at end of file diff --git a/proxies/brregstub-reverse-proxy/settings.gradle b/proxies/brregstub-reverse-proxy/settings.gradle new file mode 100644 index 00000000000..1a1c3fa02f3 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/settings.gradle @@ -0,0 +1,20 @@ +plugins { + id "com.gradle.develocity" version "3.19" +} + +rootProject.name = "brregstub-reverse-proxy" + +includeBuild "../../plugins/java" + +includeBuild "../../libs/reactive-security" +includeBuild "../../libs/security-core" +includeBuild "../../libs/reactive-core" +includeBuild "../../libs/reactive-proxy" +includeBuild "../../libs/testing" + +develocity { + buildScan { + termsOfUseUrl = "https://gradle.com/terms-of-service" + termsOfUseAgree = "yes" + } +} diff --git a/proxies/brregstub-reverse-proxy/src/main/java/no/nav/testnav/proxies/brregstubreverseproxy/BrregstubReverseProxyApplicationStarter.java b/proxies/brregstub-reverse-proxy/src/main/java/no/nav/testnav/proxies/brregstubreverseproxy/BrregstubReverseProxyApplicationStarter.java new file mode 100644 index 00000000000..de2fec4e551 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/src/main/java/no/nav/testnav/proxies/brregstubreverseproxy/BrregstubReverseProxyApplicationStarter.java @@ -0,0 +1,53 @@ +package no.nav.testnav.proxies.brregstubreverseproxy; + +import no.nav.dolly.libs.nais.NaisEnvironmentApplicationContextInitializer; +import no.nav.testnav.libs.reactivecore.config.CoreConfig; +import no.nav.testnav.libs.reactiveproxy.config.SecurityConfig; +import no.nav.testnav.libs.reactiveproxy.filter.AddAuthenticationRequestGatewayFilterFactory; +import no.nav.testnav.libs.reactivesecurity.config.SecureOAuth2ServerToServerConfiguration; +import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureNavTokenService; +import no.nav.testnav.libs.securitycore.domain.AccessToken; +import no.nav.testnav.proxies.brregstubreverseproxy.config.Consumers; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.builder.SpringApplicationBuilder; +import org.springframework.cloud.gateway.route.RouteLocator; +import org.springframework.cloud.gateway.route.builder.RouteLocatorBuilder; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Import; + +@Import({ + CoreConfig.class, + SecurityConfig.class, + SecureOAuth2ServerToServerConfiguration.class +}) +@SpringBootApplication +public class BrregstubReverseProxyApplicationStarter { + + public static void main(String[] args) { + new SpringApplicationBuilder(BrregstubReverseProxyApplicationStarter.class) + .initializers(new NaisEnvironmentApplicationContextInitializer()) + .run(args); + } + + @Bean + public RouteLocator customRouteLocator(RouteLocatorBuilder builder, + AzureNavTokenService tokenService, + Consumers consumers) { + + var addAuthenticationHeaderFilter = AddAuthenticationRequestGatewayFilterFactory + .bearerAuthenticationHeaderFilter( + () -> tokenService + .exchange(consumers.getBrregstub()) + .map(AccessToken::getTokenValue)); + + return builder.routes() + .route(spec -> spec + .path("/**") + .and() + .not(not -> not.path("/internal/**")) + .filters(filter -> filter.filter(addAuthenticationHeaderFilter)) + .uri(consumers.getBrregstub().getUrl()) + ) + .build(); + } +} \ No newline at end of file diff --git a/proxies/brregstub-reverse-proxy/src/main/java/no/nav/testnav/proxies/brregstubreverseproxy/config/Consumers.java b/proxies/brregstub-reverse-proxy/src/main/java/no/nav/testnav/proxies/brregstubreverseproxy/config/Consumers.java new file mode 100644 index 00000000000..ffeffd9f330 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/src/main/java/no/nav/testnav/proxies/brregstubreverseproxy/config/Consumers.java @@ -0,0 +1,20 @@ +package no.nav.testnav.proxies.brregstubreverseproxy.config; + +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; +import no.nav.testnav.libs.securitycore.domain.ServerProperties; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +import static lombok.AccessLevel.PACKAGE; + +@Configuration +@ConfigurationProperties(prefix = "consumers") +@NoArgsConstructor(access = PACKAGE) +@Getter +@Setter(PACKAGE) +public class Consumers { + + private ServerProperties brregstub; +} diff --git a/proxies/brregstub-reverse-proxy/src/main/resources/application-local.yml b/proxies/brregstub-reverse-proxy/src/main/resources/application-local.yml new file mode 100644 index 00000000000..cfb3ace7ac1 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/src/main/resources/application-local.yml @@ -0,0 +1,3 @@ +spring: + config: + import: "sm://" \ No newline at end of file diff --git a/proxies/brregstub-reverse-proxy/src/main/resources/application.yml b/proxies/brregstub-reverse-proxy/src/main/resources/application.yml new file mode 100644 index 00000000000..e18a469a1c4 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/src/main/resources/application.yml @@ -0,0 +1,31 @@ +spring: + application: + name: testnav-brregstub-reverse-proxy + description: Proxy for brregstub som legger på sikkerhet. + security: + oauth2: + resourceserver: + aad: + issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER} + accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID} + tokenx: + issuer-uri: ${TOKEN_X_ISSUER} + accepted-audience: ${TOKEN_X_CLIENT_ID} + cloud: + gateway: + httpclient: + response-timeout: 30s + +server: + servlet: + encoding: + charset: UTF-8 + error: + include-message: always + +consumers: + brregstub: + name: brreg-stub + namespace: dolly + url: http://brreg-stub.dolly.svc.nais.local + cluster: dev-fss \ No newline at end of file diff --git a/proxies/brregstub-reverse-proxy/src/main/resources/logback-spring.xml b/proxies/brregstub-reverse-proxy/src/main/resources/logback-spring.xml new file mode 100644 index 00000000000..ae836bf1b11 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/src/main/resources/logback-spring.xml @@ -0,0 +1,40 @@ + + + + + + + true + + 10280 + 20 + ^sun\.reflect\..*\.invoke + ^net\.sf\.cglib\.proxy\.MethodProxy\.invoke + java\.util\.concurrent\..* + org\.apache\.catalina\..* + org\.apache\.coyote\..* + org\.apache\.tomcat\..* + + + + + + + + + + + + + %d{HH:mm:ss.SSS} | %5p | %logger{25} | %m%n + + utf8 + + + + + + + + + \ No newline at end of file diff --git a/proxies/brregstub-reverse-proxy/src/test/java/no/nav/testnav/proxies/brregstubreverseproxy/ApplicationContextTest.java b/proxies/brregstub-reverse-proxy/src/test/java/no/nav/testnav/proxies/brregstubreverseproxy/ApplicationContextTest.java new file mode 100644 index 00000000000..9ef4249e352 --- /dev/null +++ b/proxies/brregstub-reverse-proxy/src/test/java/no/nav/testnav/proxies/brregstubreverseproxy/ApplicationContextTest.java @@ -0,0 +1,16 @@ +package no.nav.testnav.proxies.brregstubreverseproxy; + +import no.nav.dolly.libs.nais.DollySpringBootTest; +import org.junit.jupiter.api.Test; + +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; + +@DollySpringBootTest +class ApplicationContextTest { + + @Test + void load_app_context() { + assertThat(true).isTrue(); + } + +}