Oppgraderer til token-support 4

pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>3.2.2</version>
+        <version>3.2.3</version>
         <relativePath/> <!-- lookup parent from repository -->
     </parent>
 
@@ -15,9 +15,9 @@
 
     <properties>
         <java.version>21</java.version>
-        <kotlin.version>1.9.22</kotlin.version>
+        <kotlin.version>1.9.23</kotlin.version>
         <springdoc.version>2.3.0</springdoc.version>
-        <felles.version>2.20240123084817_35f03aa</felles.version>
+        <felles.version>3.20240320161838_b9c4bdb</felles.version>
         <familie.kontrakter.version>3.0_20240215101759_cea211f</familie.kontrakter.version>
         <familie.eksterne-kontrakter.stonadsstatistikk-ef>2.0_20230926133506_4e05190</familie.eksterne-kontrakter.stonadsstatistikk-ef>
         <familie.eksterne-kontrakter.saksstatistikk-ef>2.0_20230214104704_706e9c0</familie.eksterne-kontrakter.saksstatistikk-ef>
@@ -27,14 +27,14 @@
         <brukernotifikasjon-schemas.version>2.6.0</brukernotifikasjon-schemas.version>
         <maven-surefire-plugin.version>3.2.5</maven-surefire-plugin.version>
         <confluent.version>7.6.0</confluent.version>
-        <mockk-jvm.version>1.13.9</mockk-jvm.version>
+        <mockk-jvm.version>1.13.10</mockk-jvm.version>
         <cucumber.version>7.15.0</cucumber.version>
         <revision>1.0</revision>
         <dotenv.version>6.4.1</dotenv.version>
         <changelist>-SNAPSHOT</changelist>
         <start-class>no.nav.familie.ef.iverksett.ApplicationKt</start-class>
-        <token-validation-spring.version>3.2.0</token-validation-spring.version>
-        <ibm-mq-client.version>9.3.4.1</ibm-mq-client.version>
+        <token-validation-spring.version>4.1.3</token-validation-spring.version>
+        <ibm-mq-client.version>9.3.5.0</ibm-mq-client.version>
         <unleash.version>8.3.1</unleash.version>
         <okhttp3.version>4.9.1</okhttp3.version> <!-- overskrever spring sin versjon, blir brukt av mock-oauth2-server -->
     </properties>
@@ -191,6 +191,16 @@
             <artifactId>arbeidsoppfolging</artifactId>
             <version>${familie.eksterne-kontrakter.arbeidsoppfolging}</version>
         </dependency>
+        <dependency>
+            <groupId>no.nav.security</groupId>
+            <artifactId>token-client-core</artifactId>
+            <version>${token-validation-spring.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>no.nav.security</groupId>
+            <artifactId>token-validation-core</artifactId>
+            <version>${token-validation-spring.version}</version>
+        </dependency>
         <dependency>
             <groupId>no.nav.security</groupId>
             <artifactId>token-client-spring</artifactId>
@@ -250,7 +260,7 @@
         <dependency>
             <groupId>org.testcontainers</groupId>
             <artifactId>postgresql</artifactId>
-            <version>1.19.5</version>
+            <version>1.19.7</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -262,7 +272,7 @@
         <dependency>
             <groupId>com.github.tomakehurst</groupId>
             <artifactId>wiremock-jre8-standalone</artifactId>
-            <version>2.35.1</version>
+            <version>2.35.2</version>
             <scope>test</scope>
         </dependency>
         <dependency>

src/main/kotlin/no/nav/familie/ef/iverksett/brev/frittstående/DistribuerFrittståendeBrevTask.kt

@@ -69,7 +69,7 @@ class DistribuerFrittståendeBrevTask(
         }.forEach { (personIdent, journalpostResultat) ->
             try {
                 val bestillingId = distribuerBrev(journalpostResultat)
-                frittståendeBrev = oppdaterOgLagreresultat(frittståendeBrev, journalpostResultat, bestillingId, frittståendeBrevId)
+                frittståendeBrev = oppdaterOgLagreResultat(frittståendeBrev, journalpostResultat, bestillingId, frittståendeBrevId)
             } catch (e: RessursException) {
                 val cause = e.cause
                 when (cause) {
@@ -80,7 +80,7 @@ class DistribuerFrittståendeBrevTask(
                         )
                         val response: DistribuerJournalpostResponseTo = objectMapper.readValue(e.ressurs.data.toString())
                         frittståendeBrev =
-                            oppdaterOgLagreresultat(
+                            oppdaterOgLagreResultat(
                                 frittståendeBrev,
                                 journalpostResultat,
                                 response.bestillingsId,
@@ -94,7 +94,7 @@ class DistribuerFrittståendeBrevTask(
         return resultat ?: OK
     }
 
-    private fun oppdaterOgLagreresultat(
+    private fun oppdaterOgLagreResultat(
         frittståendeBrev: FrittståendeBrev,
         journalpostResultat: JournalpostResultat,
         bestillingId: String,

src/main/kotlin/no/nav/familie/ef/iverksett/infrastruktur/configuration/ApplicationConfig.kt

@@ -27,6 +27,7 @@ import org.springframework.context.annotation.Primary
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter
 import org.springframework.http.converter.xml.MappingJackson2XmlHttpMessageConverter
 import org.springframework.scheduling.annotation.EnableScheduling
+import org.springframework.web.client.RestClient
 import org.springframework.web.client.RestTemplate
 import java.time.Duration
 import java.time.temporal.ChronoUnit
@@ -95,13 +96,15 @@ class ApplicationConfig {
      * pga .setVisibility(PropertyAccessor.SETTER, JsonAutoDetect.Visibility.NONE)
      * og [OAuth2AccessTokenResponse] som burde settes med setters, då feltnavn heter noe annet enn feltet i json
      */
-    @Bean
     @Primary
+    @Bean
     fun oAuth2HttpClient(): OAuth2HttpClient {
         return RetryOAuth2HttpClient(
-            RestTemplateBuilder()
-                .setConnectTimeout(Duration.of(2, ChronoUnit.SECONDS))
-                .setReadTimeout(Duration.of(2, ChronoUnit.SECONDS)),
+            RestClient.create(
+                RestTemplateBuilder()
+                    .setConnectTimeout(Duration.of(2, ChronoUnit.SECONDS))
+                    .setReadTimeout(Duration.of(4, ChronoUnit.SECONDS)).build(),
+            ),
         )
     }
 
@@ -111,19 +114,19 @@ class ApplicationConfig {
     ) = object : ProsesseringInfoProvider {
         override fun hentBrukernavn(): String =
             try {
-                SpringTokenValidationContextHolder().tokenValidationContext.getClaims("azuread")
+                SpringTokenValidationContextHolder().getTokenValidationContext().getClaims("azuread")
                     .getStringClaim("preferred_username")
             } catch (e: Exception) {
                 throw e
             }
 
         override fun harTilgang(): Boolean {
             val grupper =
-                Result.runCatching { SpringTokenValidationContextHolder().tokenValidationContext }
+                Result.runCatching { SpringTokenValidationContextHolder().getTokenValidationContext() }
                     .fold(
                         onSuccess = {
                             @Suppress("UNCHECKED_CAST")
-                            val groups = it.getClaims("azuread")?.get("groups") as List<String>?
+                            val groups = it.getClaims("azuread").get("groups") as List<String>?
                             groups?.toSet() ?: emptySet()
                         },
                         onFailure = { emptySet() },

src/test/kotlin/no/nav/familie/ef/iverksett/ServerTest.kt

@@ -3,8 +3,8 @@ package no.nav.familie.ef.iverksett
 import com.github.tomakehurst.wiremock.WireMockServer
 import no.nav.familie.ef.iverksett.infrastruktur.configuration.ApplicationConfig
 import no.nav.familie.ef.iverksett.infrastruktur.database.DbContainerInitializer
-import no.nav.familie.ef.iverksett.util.TokenUtil
 import no.nav.security.mock.oauth2.MockOAuth2Server
+import no.nav.security.mock.oauth2.token.DefaultOAuth2TokenCallback
 import no.nav.security.token.support.spring.test.EnableMockOAuth2Server
 import org.junit.jupiter.api.AfterEach
 import org.junit.jupiter.api.extension.ExtendWith
@@ -19,6 +19,7 @@ import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate
 import org.springframework.test.context.ActiveProfiles
 import org.springframework.test.context.ContextConfiguration
 import org.springframework.test.context.junit.jupiter.SpringExtension
+import java.util.UUID
 
 @ExtendWith(SpringExtension::class)
 @ContextConfiguration(initializers = [DbContainerInitializer::class])
@@ -70,9 +71,20 @@ abstract class ServerTest {
         return "http://localhost:" + getPort() + uri
     }
 
-    protected val lokalTestToken: String
-        get() {
-            @Suppress("SpringJavaInjectionPointsAutowiringInspection")
-            return TokenUtil.onBehalfOfToken(mockOAuth2Server, saksbehandler = "julenissen")
-        }
+    protected fun søkerBearerToken(
+        personident: String = "12345678911",
+    ): String {
+        val clientId = "lokal:teamfamilie:familie-ef-iverksett"
+        return mockOAuth2Server.issueToken(
+            issuerId = "azuread",
+            clientId,
+            DefaultOAuth2TokenCallback(
+                issuerId = "azuread",
+                subject = personident,
+                audience = listOf("aud-localhost"),
+                claims = mapOf("oid" to UUID.randomUUID().toString(), "azp" to clientId, "name" to "saksbehandler", "NAVIdent" to "saksbehandler"),
+                expiry = 3600,
+            ),
+        ).serialize()
+    }
 }

src/test/kotlin/no/nav/familie/ef/iverksett/behandlingsstatistikk/BehandlingsstatistikkControllerTest.kt

@@ -22,7 +22,7 @@ class BehandlingsstatistikkControllerTest : ServerTest() {
 
     @BeforeEach
     fun setUp() {
-        headers.setBearerAuth(lokalTestToken)
+        headers.setBearerAuth(søkerBearerToken())
     }
 
     @Test

src/test/kotlin/no/nav/familie/ef/iverksett/brev/DistribuerVedtaksbrevTaskIntergrasjonsTest.kt → src/test/kotlin/no/nav/familie/ef/iverksett/brev/DistribuerVedtaksbrevTaskIntegrasjonTest.kt

@@ -18,7 +18,7 @@ import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate
 import java.util.Properties
 import java.util.UUID
 
-class DistribuerVedtaksbrevTaskIntergrasjonsTest : ServerTest() {
+class DistribuerVedtaksbrevTaskIntegrasjonTest : ServerTest() {
     @Autowired
     private lateinit var iverksettResultatService: IverksettResultatService
 

src/test/kotlin/no/nav/familie/ef/iverksett/brev/FrittståendeBrevControllerTest.kt

@@ -16,7 +16,7 @@ import org.springframework.http.ResponseEntity
 class FrittståendeBrevControllerTest : ServerTest() {
     @BeforeEach
     fun setUp() {
-        headers.setBearerAuth(lokalTestToken)
+        headers.setBearerAuth(søkerBearerToken())
         headers.set(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE)
     }
 

src/test/kotlin/no/nav/familie/ef/iverksett/config/OAuth2AccessTokenTestConfig.kt

@@ -17,7 +17,7 @@ class OAuth2AccessTokenTestConfig {
     fun oAuth2AccessTokenServiceMock(): OAuth2AccessTokenService {
         val tokenMockService = mockk<OAuth2AccessTokenService>()
         every { tokenMockService.getAccessToken(any()) }
-            .returns(OAuth2AccessTokenResponse("Mock-token-response", 60, 60, null))
+            .returns(OAuth2AccessTokenResponse("Mock-token-response", 60, 60, emptyMap()))
         return tokenMockService
     }
 }

src/test/kotlin/no/nav/familie/ef/iverksett/iverksetting/IverksettingControllerTest.kt

@@ -29,7 +29,7 @@ class IverksettingControllerTest : ServerTest() {
 
     @BeforeEach
     fun setUp() {
-        headers.setBearerAuth(lokalTestToken)
+        headers.setBearerAuth(søkerBearerToken())
         headers.set(HttpHeaders.CONTENT_TYPE, MediaType.MULTIPART_FORM_DATA_VALUE)
     }
 

src/test/kotlin/no/nav/familie/ef/iverksett/økonomi/simulering/SimuleringControllerTest.kt

@@ -36,7 +36,7 @@ class SimuleringControllerTest : ServerTest() {
 
     @BeforeEach
     fun setUp() {
-        headers.setBearerAuth(lokalTestToken)
+        headers.setBearerAuth(søkerBearerToken())
     }
 
     @AfterEach

src/test/resources/application-servertest.yml

@@ -3,11 +3,10 @@ server:
 logging:
   config: "classpath:logback-local.xml"
 no.nav.security.jwt:
-  issuer.azuread:
-    discoveryurl: http://localhost:${mock-oauth2-server.port}/azuread/.well-known/openid-configuration
-    accepted_audience: aud-localhost
-    cookie_name: localhost-idtoken
-    proxy_url: #Default satt, skal være null i integrasjonstest
+  issuer:
+    azuread:
+      discoveryurl: http://localhost:${mock-oauth2-server.port}/azuread/.well-known/openid-configuration
+      accepted_audience: aud-localhost
 spring:
   kafka:
     bootstrap-servers: http://localhost:9092