Ping (#2)

* Lag pingendepunkt og app config

Author: MagnusTonnessen

src/main/kotlin/no/nav/ks/barnehagelister/Application.kt src/main/kotlin/no/nav/familie/ks/barnehagelister/Application.kt

@@ -1,4 +1,4 @@
-package no.nav.ks.barnehagelister
+package no.nav.familie.ks.barnehagelister
 
 import org.springframework.boot.autoconfigure.SpringBootApplication
 import org.springframework.boot.runApplication

src/main/kotlin/no/nav/familie/ks/barnehagelister/config/ApplicationConfig.kt

@@ -0,0 +1,41 @@
+package no.nav.familie.ks.barnehagelister.config
+
+import no.nav.familie.http.interceptor.ConsumerIdClientInterceptor
+import no.nav.familie.log.filter.LogFilter
+import org.slf4j.LoggerFactory
+import org.springframework.boot.SpringBootConfiguration
+import org.springframework.boot.context.properties.ConfigurationPropertiesScan
+import org.springframework.boot.web.embedded.jetty.JettyServletWebServerFactory
+import org.springframework.boot.web.servlet.FilterRegistrationBean
+import org.springframework.boot.web.servlet.server.ServletWebServerFactory
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.ComponentScan
+import org.springframework.context.annotation.Import
+import org.springframework.scheduling.annotation.EnableScheduling
+
+@SpringBootConfiguration
+@ConfigurationPropertiesScan("no.nav.familie")
+@ComponentScan("no.nav.familie.ks.barnehagelister")
+@Import(ConsumerIdClientInterceptor::class)
+@EnableScheduling
+class ApplicationConfig {
+    @Bean
+    fun servletWebServerFactory(): ServletWebServerFactory {
+        val serverFactory = JettyServletWebServerFactory()
+        serverFactory.port = 8096
+        return serverFactory
+    }
+
+    @Bean
+    fun logFilter(): FilterRegistrationBean<LogFilter> {
+        log.info("Registering LogFilter filter")
+        val filterRegistration: FilterRegistrationBean<LogFilter> = FilterRegistrationBean()
+        filterRegistration.filter = LogFilter()
+        filterRegistration.order = 1
+        return filterRegistration
+    }
+
+    companion object {
+        private val log = LoggerFactory.getLogger(ApplicationConfig::class.java)
+    }
+}

src/main/kotlin/no/nav/familie/ks/barnehagelister/rest/BarnehagelisterController.kt

@@ -0,0 +1,23 @@
+package no.nav.familie.ks.barnehagelister.rest
+
+import no.nav.security.token.support.core.api.ProtectedWithClaims
+import org.slf4j.LoggerFactory
+import org.springframework.http.ResponseEntity
+import org.springframework.validation.annotation.Validated
+import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RestController
+
+@ProtectedWithClaims(issuer = "maskinporten", claimMap = ["scope=nav:familie/v1/kontantstotte/barnehagelister"])
+@RestController
+@Validated
+@RequestMapping("/barnehagelister")
+class BarnehagelisterController {
+    private val logger = LoggerFactory.getLogger(BarnehagelisterController::class.java)
+
+    @GetMapping(path = ["/ping"])
+    fun ping(): ResponseEntity<String> {
+        logger.info("Mottok ping")
+        return ResponseEntity.ok("pong")
+    }
+}

src/test/kotlin/no/nav/familie/ks/barnehagelister/DevLauncher.kt

@@ -0,0 +1,15 @@
+package no.nav.familie.ks.barnehagelister
+
+import no.nav.familie.ks.barnehagelister.config.ApplicationConfig
+import org.springframework.boot.SpringApplication
+import org.springframework.context.annotation.Import
+
+@Import(ApplicationConfig::class)
+class DevLauncher
+
+fun main(args: Array<String>) {
+    System.setProperty("spring.profiles.active", "dev")
+    val springApp = SpringApplication(DevLauncher::class.java)
+    springApp.setAdditionalProfiles("dev")
+    springApp.run(*args)
+}

src/test/kotlin/no/nav/familie/ks/barnehagelister/maskinporten/MaskinportenClient.kt

@@ -0,0 +1,94 @@
+package no.nav.familie.ba.skatteetaten.maskinporten
+
+import com.nimbusds.jose.JOSEException
+import com.nimbusds.jose.JOSEObjectType
+import com.nimbusds.jose.JWSAlgorithm
+import com.nimbusds.jose.JWSHeader
+import com.nimbusds.jose.JWSSigner
+import com.nimbusds.jose.crypto.RSASSASigner
+import com.nimbusds.jose.jwk.RSAKey
+import com.nimbusds.jwt.JWTClaimsSet
+import com.nimbusds.jwt.SignedJWT
+import org.springframework.http.HttpEntity
+import org.springframework.http.HttpHeaders
+import org.springframework.http.HttpMethod
+import org.springframework.http.MediaType
+import org.springframework.util.LinkedMultiValueMap
+import org.springframework.web.client.RestTemplate
+import java.time.Instant
+import java.util.Date
+
+fun main() {
+    val jwkPrivate: String = System.getenv("MASKINPORTEN_CLIENT_JWK")
+    assert(jwkPrivate.isNotBlank())
+    val clientId: String = System.getenv("MASKINPORTEN_CLIENT_ID")
+    assert(clientId.isNotBlank())
+
+    val token = MaskinportenClient().hentToken("nav:familie/v1/kontantstotte/barnehagelister", jwkPrivate, clientId)
+
+    println(token)
+}
+
+class MaskinportenClient {
+    private val restTemplate = RestTemplate()
+
+    private fun createSignedJWT(
+        rsaJwk: RSAKey,
+        claimsSet: JWTClaimsSet?,
+    ): SignedJWT =
+        try {
+            val header =
+                JWSHeader
+                    .Builder(JWSAlgorithm.RS256)
+                    .keyID(rsaJwk.keyID)
+                    .type(JOSEObjectType.JWT)
+            val signedJWT = SignedJWT(header.build(), claimsSet)
+            val signer: JWSSigner = RSASSASigner(rsaJwk.toPrivateKey())
+            signedJWT.sign(signer)
+            signedJWT
+        } catch (e: JOSEException) {
+            throw RuntimeException(e)
+        }
+
+    fun hentToken(
+        scope: String,
+        jwkPrivate: String,
+        clientId: String,
+    ): String {
+        val rsaKey = RSAKey.parse(jwkPrivate)
+        val time = Instant.now()
+        val jwtClaimsSet =
+            JWTClaimsSet
+                .Builder()
+                .audience(AUD)
+                .issuer(clientId)
+                .issueTime(Date.from(time))
+                .expirationTime(Date.from(time.plusSeconds(120)))
+                .claim(SCOPE, scope)
+                .build()
+        val signedJWT = createSignedJWT(rsaKey, jwtClaimsSet)
+        val headers = HttpHeaders()
+        headers.contentType = MediaType.APPLICATION_FORM_URLENCODED
+        val requestBody = LinkedMultiValueMap<Any, Any>()
+        requestBody.add("grant_type", GRANT_TYPE_VALUE)
+        requestBody.add("assertion", signedJWT.serialize())
+        val httpEntity = HttpEntity(requestBody, headers)
+        val json =
+            restTemplate
+                .exchange(
+                    TOKEN_ENDPOINT,
+                    HttpMethod.POST,
+                    httpEntity,
+                    String::class.java,
+                ).body!!
+
+        return json
+    }
+
+    companion object {
+        private const val SCOPE = "scope"
+        private const val GRANT_TYPE_VALUE = "urn:ietf:params:oauth:grant-type:jwt-bearer"
+        private const val AUD = "https://test.maskinporten.no/"
+        private const val TOKEN_ENDPOINT = "$AUD/token"
+    }
+}

src/test/resources/application-dev.yaml

@@ -0,0 +1 @@
+MASKINPORTEN_WELL_KNOWN_URL: https://login.microsoftonline.com/navq.onmicrosoft.com/v2.0/.well-known/openid-configuration