Skip to content

Commit

Permalink
Lagre informasjon om hvem grunnlagspakke er opprettet av
Browse files Browse the repository at this point in the history
  • Loading branch information
ugur93 committed Dec 1, 2023
1 parent 471f583 commit e739a6f
Show file tree
Hide file tree
Showing 17 changed files with 99 additions and 25 deletions.
2 changes: 2 additions & 0 deletions .nais/feature.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@ azure:
aareg_scope: dev-fss.arbeidsforhold.aareg-services-nais
aareg_app: aareg-services-nais
aareg_cluster: dev-fss
bidrag_organisasjon_url: bidrag-organisasjon-feature.dev-fss-pub.nais.io
bidrag_organisasjon_scope: dev-fss.bidrag.bidrag-organisasjon-feature
unsecure:
ereg_url: ereg-services.dev-fss-pub.nais.io
dbname: bidrag-grunnlag-feature
Expand Down
2 changes: 2 additions & 0 deletions .nais/main.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@ azure:
aareg_scope: dev-fss.arbeidsforhold.aareg-services-nais
aareg_app: aareg-services
aareg_cluster: dev-fss
bidrag_organisasjon_url: bidrag-organisasjon.dev-fss-pub.nais.io
bidrag_organisasjon_scope: dev-fss.bidrag.bidrag-organisasjon
unsecure:
ereg_url: ereg-services.dev-fss-pub.nais.io
dbname: bidrag-grunnlag-main
Expand Down
3 changes: 3 additions & 0 deletions .nais/nais.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ spec:
- host: {{ azure.sigrun_base_url }}
- host: {{ azure.pensjon_url }}
- host: {{ azure.aareg_url }}
- host: {{ azure.bidrag_organisasjon_url }}
- host: {{ azure.unsecure.ereg_url }}
image: {{ image }}
liveness:
Expand Down Expand Up @@ -100,6 +101,8 @@ spec:
value: {{ azure.aareg_scope }}
- name: EREG_URL
value: https://{{ azure.unsecure.ereg_url }}
- name: BIDRAG_ORGANISASJON_URL
value: https://{{ azure.bidrag_organisasjon_url }}/bidrag-organisasjon
gcp:
sqlInstances:
- name: {{ dbname }}
Expand Down
2 changes: 2 additions & 0 deletions .nais/prod.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ azure:
aareg_scope: prod-fss.arbeidsforhold.aareg-services-nais
aareg_app: aareg-services
aareg_cluster: prod-fss
bidrag_organisasjon_url: bidrag-organisasjon.prod-fss-pub.nais.io
bidrag_organisasjon_scope: prod-fss.bidrag.bidrag-organisasjon
unsecure:
ereg_url: ereg-services.prod-fss-pub.nais.io
dbname: bidrag-grunnlag-prod
Expand Down
4 changes: 2 additions & 2 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,9 @@
<build-helper-maven.version>3.2.0</build-helper-maven.version>
<token-support.version>3.1.8</token-support.version>
<!-- dependencies -->
<bidrag-commons.version>20231002151454_eab4a7b</bidrag-commons.version>
<bidrag-commons.version>20231201131246_f719b2b</bidrag-commons.version>
<bidrag-commons-test.version>1.20230511093912_dc35d81</bidrag-commons-test.version>
<bidrag-transport.version>20231130133957_b66e902</bidrag-transport.version>
<bidrag-transport.version>20231201150118_8d33deb</bidrag-transport.version>
<bidrag-tilgangskontroll.version>1.10.4</bidrag-tilgangskontroll.version>
<mockito-kotlin.version>5.1.0</mockito-kotlin.version>
<springdoc-openapi-ui.version>2.2.0</springdoc-openapi-ui.version>
Expand Down
32 changes: 16 additions & 16 deletions src/main/kotlin/no/nav/bidrag/grunnlag/BidragGrunnlagConfig.kt
Original file line number Diff line number Diff line change
Expand Up @@ -70,103 +70,103 @@ class BidragGrunnlagConfig {
fun familieBaSakConsumer(
@Value("\${FAMILIEBASAK_URL}") url: String,
restTemplate: HttpHeaderRestTemplate,
securityTokenService: SecurityTokenService,
grunnlagSecurityTokenService: SecurityTokenService,
exceptionLogger: ExceptionLogger,
): FamilieBaSakConsumer {
LOGGER.info("Url satt i config: $url")
restTemplate.uriTemplateHandler = RootUriTemplateHandler(url)
restTemplate.interceptors.add(securityTokenService.generateBearerToken("familiebasak"))
restTemplate.interceptors.add(grunnlagSecurityTokenService.generateBearerToken("familiebasak"))
return FamilieBaSakConsumer(restTemplate)
}

@Bean
fun familieEfSakConsumer(
@Value("\${FAMILIEEFSAK_URL}") url: String,
restTemplate: HttpHeaderRestTemplate,
securityTokenService: SecurityTokenService,
grunnlagSecurityTokenService: SecurityTokenService,
exceptionLogger: ExceptionLogger,
): FamilieEfSakConsumer {
LOGGER.info("Url satt i config: $url")
restTemplate.uriTemplateHandler = RootUriTemplateHandler(url)
restTemplate.interceptors.add(securityTokenService.generateBearerToken("familieefsak"))
restTemplate.interceptors.add(grunnlagSecurityTokenService.generateBearerToken("familieefsak"))
return FamilieEfSakConsumer(restTemplate)
}

@Bean
fun inntektskomponentenConsumer(
@Value("\${INNTEKTSKOMPONENTEN_URL}") url: String,
restTemplate: HttpHeaderRestTemplate,
securityTokenService: SecurityTokenService,
grunnlagSecurityTokenService: SecurityTokenService,
exceptionLogger: ExceptionLogger,
): InntektskomponentenConsumer {
LOGGER.info("Url satt i config: $url")
restTemplate.uriTemplateHandler = RootUriTemplateHandler(url)
restTemplate.interceptors.add(securityTokenService.generateBearerToken("inntektskomponenten"))
restTemplate.interceptors.add(grunnlagSecurityTokenService.generateBearerToken("inntektskomponenten"))
return InntektskomponentenConsumer(restTemplate)
}

@Bean
fun sigrunConsumer(
@Value("\${SIGRUN_URL}") url: String,
restTemplate: HttpHeaderRestTemplate,
securityTokenService: SecurityTokenService,
grunnlagSecurityTokenService: SecurityTokenService,
exceptionLogger: ExceptionLogger,
): SigrunConsumer {
LOGGER.info("Url satt i config: $url")
restTemplate.uriTemplateHandler = RootUriTemplateHandler(url)
restTemplate.interceptors.add(securityTokenService.generateBearerToken("sigrun"))
restTemplate.interceptors.add(grunnlagSecurityTokenService.generateBearerToken("sigrun"))
return SigrunConsumer(restTemplate)
}

@Bean
fun pensjonConsumer(
@Value("\${PENSJON_URL}") url: String,
restTemplate: HttpHeaderRestTemplate,
securityTokenService: SecurityTokenService,
grunnlagSecurityTokenService: SecurityTokenService,
exceptionLogger: ExceptionLogger,
): PensjonConsumer {
LOGGER.info("Url satt i config: $url")
restTemplate.uriTemplateHandler = RootUriTemplateHandler(url)
restTemplate.interceptors.add(securityTokenService.generateBearerToken("pensjon"))
restTemplate.interceptors.add(grunnlagSecurityTokenService.generateBearerToken("pensjon"))
return PensjonConsumer(restTemplate)
}

@Bean
fun bidragPersonConsumer(
@Value("\${BIDRAGPERSON_URL}") url: String,
restTemplate: HttpHeaderRestTemplate,
securityTokenService: SecurityTokenService,
grunnlagSecurityTokenService: SecurityTokenService,
exceptionLogger: ExceptionLogger,
): BidragPersonConsumer {
LOGGER.info("Url satt i config: $url")
restTemplate.uriTemplateHandler = RootUriTemplateHandler(url)
restTemplate.interceptors.add(securityTokenService.generateBearerToken("bidragperson"))
restTemplate.interceptors.add(grunnlagSecurityTokenService.generateBearerToken("bidragperson"))
return BidragPersonConsumer(restTemplate)
}

@Bean
fun familieKsSakConsumer(
@Value("\${FAMILIEKSSAK_URL}") url: String,
restTemplate: HttpHeaderRestTemplate,
securityTokenService: SecurityTokenService,
grunnlagSecurityTokenService: SecurityTokenService,
exceptionLogger: ExceptionLogger,
): FamilieKsSakConsumer {
LOGGER.info("Url satt i config: $url")
restTemplate.uriTemplateHandler = RootUriTemplateHandler(url)
restTemplate.interceptors.add(securityTokenService.generateBearerToken("familiekssak"))
restTemplate.interceptors.add(grunnlagSecurityTokenService.generateBearerToken("familiekssak"))
return FamilieKsSakConsumer(restTemplate)
}

@Bean
fun arbeidsforholdConsumer(
@Value("\${AAREG_URL}") url: String,
restTemplate: HttpHeaderRestTemplate,
securityTokenService: SecurityTokenService,
grunnlagSecurityTokenService: SecurityTokenService,
exceptionLogger: ExceptionLogger,
): ArbeidsforholdConsumer {
LOGGER.info("Url satt i config: $url")
restTemplate.uriTemplateHandler = RootUriTemplateHandler(url)
restTemplate.interceptors.add(securityTokenService.generateBearerToken("aareg"))
restTemplate.interceptors.add(grunnlagSecurityTokenService.generateBearerToken("aareg"))
return ArbeidsforholdConsumer(restTemplate)
}

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
package no.nav.bidrag.grunnlag.exception.custom

import org.springframework.http.HttpStatus
import org.springframework.web.client.HttpClientErrorException

fun manglerOpprettetAv(): Nothing =
throw HttpClientErrorException(HttpStatus.BAD_REQUEST, "Forespørsel mangler informasjon om hvem som forsøker å opprette grunnlagspakken")
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,11 @@ import jakarta.persistence.Entity
import jakarta.persistence.GeneratedValue
import jakarta.persistence.GenerationType
import jakarta.persistence.Id
import no.nav.bidrag.commons.security.utils.TokenUtils
import no.nav.bidrag.commons.service.organisasjon.SaksbehandlernavnProvider
import no.nav.bidrag.domene.util.trimToNull
import no.nav.bidrag.grunnlag.bo.GrunnlagspakkeBo
import no.nav.bidrag.grunnlag.exception.custom.manglerOpprettetAv
import no.nav.bidrag.transport.behandling.grunnlag.request.OpprettGrunnlagspakkeRequestDto
import java.time.LocalDate
import java.time.LocalDateTime
Expand All @@ -18,8 +22,9 @@ data class Grunnlagspakke(
@Column(name = "grunnlagspakke_id")
val grunnlagspakkeId: Int = 0,

@Column(nullable = false, name = "opprettet_av")
val opprettetAv: String = "",
val opprettetAv: String,
val opprettetAvNavn: String? = null,
val kildeapplikasjon: String,

@Column(nullable = false, name = "opprettet_timestamp")
val opprettetTimestamp: LocalDateTime = LocalDateTime.now(),
Expand Down Expand Up @@ -47,9 +52,13 @@ fun Grunnlagspakke.toGrunnlagspakkeBo() = with(::GrunnlagspakkeBo) {

fun OpprettGrunnlagspakkeRequestDto.toGrunnlagspakkeEntity() = with(::Grunnlagspakke) {
val propertiesByName = OpprettGrunnlagspakkeRequestDto::class.memberProperties.associateBy { it.name }
val opprettetAvIdent = opprettetAv.trimToNull() ?: TokenUtils.hentSaksbehandlerIdent() ?: manglerOpprettetAv()
callBy(
parameters.associateWith { parameter ->
when (parameter.name) {
Grunnlagspakke::opprettetAv.name -> opprettetAvIdent
Grunnlagspakke::opprettetAvNavn.name -> SaksbehandlernavnProvider.hentSaksbehandlernavn(opprettetAvIdent)
Grunnlagspakke::kildeapplikasjon.name -> TokenUtils.hentApplikasjonsnavn() ?: "UKJENT"
Grunnlagspakke::grunnlagspakkeId.name -> 0
Grunnlagspakke::opprettetTimestamp.name -> LocalDateTime.now()
Grunnlagspakke::formaal.name -> formaal.toString()
Expand Down
Original file line number Diff line number Diff line change
@@ -1,11 +1,18 @@
package no.nav.bidrag.grunnlag.security

import no.nav.bidrag.commons.security.api.EnableSecurityConfiguration
import no.nav.bidrag.commons.service.organisasjon.EnableSaksbehandlernavnProvider
import no.nav.bidrag.commons.web.config.RestOperationsAzure
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.context.annotation.Import
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.web.SecurityFilterChain

@Configuration
@EnableSaksbehandlernavnProvider
@EnableSecurityConfiguration
@Import(RestOperationsAzure::class)
class SecurityConfiguration {

@Bean
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import org.springframework.security.oauth2.client.OAuth2AuthorizeRequest
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager
import org.springframework.stereotype.Service

@Service
@Service("grunnlagSecurityTokenService")
class SecurityTokenService(val authorizedClientManager: OAuth2AuthorizedClientManager) {

private val anonymousAuthentication: Authentication = AnonymousAuthenticationToken(
Expand Down
3 changes: 2 additions & 1 deletion src/main/kotlin/no/nav/bidrag/grunnlag/util/JsonUtil.kt
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
package no.nav.bidrag.grunnlag.util

import com.fasterxml.jackson.databind.ObjectMapper
import no.nav.bidrag.domene.util.trimToNull

fun <T> toJsonString(entity: T): String {
return ObjectMapper().findAndRegisterModules().writeValueAsString(entity)
}
}
13 changes: 11 additions & 2 deletions src/main/resources/application.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,6 @@ management:
# Live token-support properties.
#
####################################################################

spring:
config.activate.on-profile: live,lokal-nais
security:
Expand Down Expand Up @@ -90,9 +89,19 @@ spring:
aad:
token-uri: ${AZURE_OPENID_CONFIG_TOKEN_ENDPOINT}
jwk-set-uri: ${AZURE_OPENID_CONFIG_JWKS_URI}

# OIDC
no.nav.security.jwt:
client:
registration:
bidrag-organisasjon:
resource-url: ${BIDRAG_ORGANISASJON_URL}
token-endpoint-url: https://login.microsoftonline.com/${AZURE_APP_TENANT_ID}/oauth2/v2.0/token
grant-type: urn:ietf:params:oauth:grant-type:jwt-bearer
scope: api://${BIDRAG_ORGANISASJON_SCOPE}/.default
authentication:
client-id: ${AZURE_APP_CLIENT_ID}
client-secret: ${AZURE_APP_CLIENT_SECRET}
client-auth-method: client_secret_post
issuer:
aad:
discoveryurl: ${AZURE_APP_WELL_KNOWN_URL}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
alter table grunnlagspakke add column if not exists kildeapplikasjon text not null default '';
alter table grunnlagspakke add column if not exists opprettet_av_navn text;
2 changes: 2 additions & 0 deletions src/test/kotlin/no/nav/bidrag/grunnlag/TestUtil.kt
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,8 @@ class TestUtil {
endretTimestamp = LocalDateTime.now(),
gyldigTil = null,
formaal = Formål.BIDRAG.toString(),
opprettetAvNavn = "",
kildeapplikasjon = "bisys"
)

fun byggAinntektBo() = AinntektBo(
Expand Down
14 changes: 14 additions & 0 deletions src/test/resources/application-local.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ BIDRAGPERSON_URL: http://localhost:${wiremock.server.https-port}/bidragperson
FAMILIEKSSAK_URL: http://localhost:${wiremock.server.https-port}/familiekssak
AAREG_URL: http://localhost:${wiremock.server.https-port}/aareg
EREG_URL: http://localhost:${wiremock.server.https-port}/ereg
BIDRAG_ORGANISASJON_URL: http://localhost:${wiremock.server.https-port}/organisasjon
NAIS_APP_NAME: bidrag-grunnlag
spring:
config.activate.on-profile: local
flyway.enabled: false
Expand Down Expand Up @@ -69,7 +71,19 @@ spring:
aad:
token-uri: http://localhost:${mock-oauth2-server.port}/azure/token
jwk-set-uri: http://localhost:${mock-oauth2-server.port}/azure/jwks

no.nav.security.jwt:
client:
registration:
bidrag-organisasjon:
resource-url: ${BIDRAG_ORGANISASJON_URL}
token-endpoint-url: http://localhost:${mock-oauth2-server.port}/azure/token
grant-type: urn:ietf:params:oauth:grant-type:jwt-bearer
scope: api://org/.default
authentication:
client-id: someid
client-secret: secret
client-auth-method: client_secret_post
issuer:
aad:
discovery_url: http://localhost:${mock-oauth2-server.port}/aad/.well-known/openid-configuration
Expand Down
3 changes: 2 additions & 1 deletion src/test/resources/application-lokal-nais.yaml
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
server.port: 8086
NAIS_APP_NAME: bidrag-grunnlag-local
spring:
flyway:
enabled: true
locations: classpath:/db/migration
datasource:
url: jdbc:postgresql://localhost:${DB_PORT:5455}/${DB_DATABASE:bidrag-grunnlag}?user=${DB_USERNAME:cloudsqliamuser}&password=${DB_PASSWORD:admin}
url: jdbc:postgresql://localhost:${DB_PORT:5454}/${DB_DATABASE:bidrag-grunnlag}?user=${DB_USERNAME:cloudsqliamuser}&password=${DB_PASSWORD:admin}
type: com.zaxxer.hikari.HikariDataSource
kafka:
bootstrap-servers: ${KAFKA_BROKERS}
Expand Down
13 changes: 13 additions & 0 deletions src/test/resources/application-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ KONTANTSTOTTE_URL: http://localhost:${wiremock.server.port}/kontantstotte
FAMILIEKSSAK_URL: http://localhost:${wiremock.server.port}/familiekssak
AAREG_URL: http://localhost:${wiremock.server.https-port}/aareg
EREG_URL: http://localhost:${wiremock.server.https-port}/ereg
BIDRAG_ORGANISASJON_URL: http://localhost:${wiremock.server.https-port}/organisasjon
NAIS_APP_NAME: bidrag-grunnlag
spring:
config.activate.on-profile: test, local
flyway.enabled: false
Expand Down Expand Up @@ -59,6 +61,17 @@ spring:
scope: api://aareg/.default

no.nav.security.jwt:
client:
registration:
bidrag-organisasjon:
resource-url: ${BIDRAG_ORGANISASJON_URL}
token-endpoint-url: http://localhost:${mock-oauth2-server.port}/azure/token
grant-type: urn:ietf:params:oauth:grant-type:jwt-bearer
scope: api://org/.default
authentication:
client-id: someid
client-secret: secret
client-auth-method: client_secret_post
issuer:
aad:
discovery_url: http://localhost:${mock-oauth2-server.port}/aad/.well-known/openid-configuration
Expand Down

0 comments on commit e739a6f

Please sign in to comment.