Fikset testen

navikt · Nov 19, 2024 · bd4b3e1 · bd4b3e1
1 parent dd0e895
commit bd4b3e1
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 85 deletions.
diff --git a/web/pom.xml b/web/pom.xml
@@ -286,13 +286,6 @@
             <artifactId>k9-felles-sikkerhet-testutilities</artifactId>
             <scope>test</scope>
         </dependency>
-        <!-- https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-api -->
-        <dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt-api</artifactId>
-            <version>0.12.6</version>
-            <scope>test</scope>
-        </dependency>
     </dependencies>
 
     <build>

diff --git a/web/src/main/java/no/nav/ung/sak/web/app/tjenester/saksbehandler/NavAnsattRestTjeneste.java b/web/src/main/java/no/nav/ung/sak/web/app/tjenester/saksbehandler/NavAnsattRestTjeneste.java
@@ -75,9 +75,10 @@ public InnloggetAnsattDto innloggetBruker() {
         String token = SubjectHandler.getSubjectHandler().getInternSsoToken();
         JwtUtil.CachedClaims claims = JwtUtil.CachedClaims.forToken(token);
 
-        if (ENV.isLocal()) {
-            return mockInnloggetBrukerDto(ident);
-        }
+        // trenger mock-brukeren ved testing lokalt inntil vtp utvides til å legge gruppene i tokene
+//        if (ENV.isLocal()) {
+//            return mockInnloggetBrukerDto(ident);
+//        }
         return getInnloggetBrukerDto(ident, claims.getName(), claims.getGroups());
     }
 

diff --git a/...c/test/java/no/nav/ung/sak/web/app/tjenester/saksbehandler/NavAnsattRestTjenesteTest.java b/...c/test/java/no/nav/ung/sak/web/app/tjenester/saksbehandler/NavAnsattRestTjenesteTest.java
@@ -1,35 +1,27 @@
 package no.nav.ung.sak.web.app.tjenester.saksbehandler;
 
-import io.jsonwebtoken.security.SignatureAlgorithm;
-import jakarta.xml.bind.DatatypeConverter;
-import no.nav.k9.sikkerhet.context.SubjectHandler;
-import no.nav.k9.sikkerhet.oidc.token.internal.JwtUtil;
+import no.nav.k9.felles.testutilities.sikkerhet.StaticSubjectHandler;
+import no.nav.k9.felles.testutilities.sikkerhet.SubjectHandlerUtils;
+import no.nav.k9.sikkerhet.context.domene.IdentType;
+import no.nav.k9.sikkerhet.context.domene.OidcCredential;
 import no.nav.ung.sak.kontrakt.abac.InnloggetAnsattDto;
-import org.jose4j.base64url.Base64;
+import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InjectMocks;
-import org.mockito.Mock;
 import org.mockito.junit.jupiter.MockitoExtension;
 
-import javax.crypto.spec.SecretKeySpec;
+import javax.security.auth.Subject;
 import java.util.Arrays;
-import java.util.Date;
 import java.util.List;
+import java.util.stream.Collectors;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.mockito.Mockito.*;
 
 @ExtendWith(MockitoExtension.class)
 public class NavAnsattRestTjenesteTest {
 
-    @Mock
-    private SubjectHandler subjectHandler;
-
-    @Mock
-    private JwtUtil jwtUtil;
-
     private static final String tokenHeader = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Inp4ZWcyV09OcFRrd041R21lWWN1VGR0QzZKMCJ9";
 
     @InjectMocks
@@ -49,81 +41,44 @@ public void setUp() {
         );
     }
 
+    @AfterEach
+    public void tearDown() {
+        SubjectHandlerUtils.reset();
+    }
+
     @Test
     public void testInnloggetBruker() {
         String ident = "testIdent";
+        String navnet = "saksbehandler 1";
+        List<String> groupIds = Arrays.asList("Saksbehandler", "Kode7");
+        String token = createJWT(ident, navnet, groupIds);
 
-        // language=JSON
-        String tokenBody = """
-            {
-              "aud": "a442457f-4e26-4ffa-93f1-9f9a1ef5866b",
-              "iss": "https://login.microsoftonline.com/966ac572-f5b7-4bbe-aa88-c76419c0f851/v2.0",
-              "iat": 1732022540,
-              "nbf": 1732022540,
-              "exp": 1732027627,
-              "groups": [
-                "dec3ee50-b683-4644-9507-520e8f054ac2"
-              ],
-              "name": "F_Z994376 E_Z994376",
-              "sub": "8sAezJYfUBSk6QTLIbdpEiIKu87LDxKmxABTLFMnslo",
-              "tid": "966ac572-f5b7-4bbe-aa88-c76419c0f851",
-              "ver": "2.0",
-              "NAVident": "Z994376",
-              "azp_name": "dev-gcp:k9saksbehandling:ung-sak"
-            }
-            """;
-
-
-        String token = tokenHeader + "." + Base64.encode(tokenBody.getBytes()).replace("=", "");
-
-        List<String> groupIds = Arrays.asList("Saksbehandler", "Veileder");
-
-        when(subjectHandler.getUid()).thenReturn(ident);
-        when(subjectHandler.getInternSsoToken()).thenReturn(token);
-        when(jwtUtil.getGroups(token)).thenReturn(groupIds);
-        when(jwtUtil.getName(token)).thenReturn("Test Navn");
+        Subject subject = new SubjectHandlerUtils.SubjectBuilder(ident, IdentType.InternBruker).getSubject();
+        subject.getPublicCredentials().add(new OidcCredential(token));
+        SubjectHandlerUtils.useSubjectHandler(StaticSubjectHandler.class);
+        SubjectHandlerUtils.setSubject(subject);
 
         InnloggetAnsattDto result = navAnsattRestTjeneste.innloggetBruker();
 
         assertEquals(ident, result.getBrukernavn());
-        assertEquals("Test Navn", result.getNavn());
+        assertEquals(navnet, result.getNavn());
         assertEquals(true, result.getKanSaksbehandle());
-        assertEquals(true, result.getKanVeilede());
+        assertEquals(false, result.getKanVeilede());
         assertEquals(false, result.getKanBeslutte());
         assertEquals(false, result.getKanOverstyre());
         assertEquals(false, result.getKanBehandleKodeEgenAnsatt());
         assertEquals(false, result.getKanBehandleKode6());
-        assertEquals(false, result.getKanBehandleKode7());
+        assertEquals(true, result.getKanBehandleKode7());
         assertEquals(true, result.getSkalViseDetaljerteFeilmeldinger());
     }
 
-    public static String createJWT(String id, String issuer, String subject, long ttlMillis) {
-
-        //The JWT signature algorithm we will be using to sign the token
-        SignatureAlgorithm signatureAlgorithm = SignatureAlgori;
-
-        long nowMillis = System.currentTimeMillis();
-        Date now = new Date(nowMillis);
-
-        //We will sign our JWT with our ApiKey secret
-        byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary("secret");
-        Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getId());
-
-        //Let's set the JWT Claims
-        JwtBuilder builder = Jwts.builder().setId(id)
-            .setIssuedAt(now)
-            .setSubject(subject)
-            .setIssuer(issuer)
-            .signWith(signatureAlgorithm, signingKey);
-
-        //if it has been specified, let's add the expiration
-        if (ttlMillis > 0) {
-            long expMillis = nowMillis + ttlMillis;
-            Date exp = new Date(expMillis);
-            builder.setExpiration(exp);
-        }
-
-        //Builds the JWT and serializes it to a compact, URL-safe string
-        return builder.compact();
+    public static String createJWT(String ident, String name, List<String> groupIds) {
+        String jwtBodyContent = """
+            {"name" : ":name", "groups": [:groups],"NAVident": ":ident"}
+            """
+            .replaceAll(":ident", ident)
+            .replaceAll(":name", name)
+            .replaceAll(":groups", groupIds.stream().map(it -> '"' + it + '"').collect(Collectors.joining(",")));
+        return tokenHeader + "." + java.util.Base64.getUrlEncoder().encodeToString(jwtBodyContent.getBytes()).replaceAll("=", "") + "." + "DUMMYSIGNATURE";
     }
 }