Refactor

Author: bjornhun

src/main/kotlin/no/nav/dekoratoren/api/config/bootstrap.kt

@@ -50,7 +50,7 @@ fun Application.mainModule() {
         route("/person/nav-dekoratoren-api") {
             healthApi(applicationContext.selfTests, applicationContext.appMicrometerRegistry)
             authApi(applicationContext.authTokenService)
-            varselApi(applicationContext.authTokenService, applicationContext.varselbjelleConsumer)
+            varselApi(applicationContext.oidcValidationService, applicationContext.varselbjelleConsumer)
         }
 
         // Nødvendig for å støtte gamle innloggingsstatus-ingresser

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/auth/AuthInfo.kt

@@ -1,38 +1,18 @@
 package no.nav.dekoratoren.api.innloggingsstatus.auth
 
-import com.fasterxml.jackson.annotation.JsonAutoDetect
-import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility.ANY
 import com.fasterxml.jackson.annotation.JsonInclude
 import java.time.LocalDateTime
+import no.nav.dekoratoren.api.innloggingsstatus.oidc.OidcTokenInfo
 
 @JsonInclude(JsonInclude.Include.NON_NULL)
-@JsonAutoDetect(fieldVisibility = ANY)
-class AuthSummary private constructor(authInfo: AuthInfo) {
-    private val authenticated: Boolean = authInfo.authenticated
-    private val authLevel: Int? = authInfo.authLevel
-    private val oidc: OidcSummary? =
-        OidcSummary.fromAuthInfo(authInfo)
-
+data class AuthSummary(val authenticated: Boolean, val authLevel: Int?, val oidc: OidcSummary?) {
     companion object {
-        fun fromAuthInfo(authInfo: AuthInfo): AuthSummary =
-            AuthSummary(authInfo)
+        fun fromOidcToken(oidcTokenInfo: OidcTokenInfo?): AuthSummary =
+            AuthSummary(
+                authenticated = oidcTokenInfo != null,
+                authLevel = oidcTokenInfo?.authLevel,
+                oidc = oidcTokenInfo?.let { OidcSummary(it.authLevel, it.issueTime, it.expiryTime) })
     }
-}
 
-private data class OidcSummary(
-    val authLevel: Int,
-    val issueTime: LocalDateTime,
-    val expiryTime: LocalDateTime
-) {
-    companion object {
-        fun fromAuthInfo(authInfo: AuthInfo): OidcSummary? {
-            return authInfo.oidcToken?.let { oidc ->
-                OidcSummary(
-                    oidc.authLevel,
-                    oidc.issueTime,
-                    oidc.expiryTime
-                )
-            }
-        }
-    }
+    data class OidcSummary(val authLevel: Int, val issueTime: LocalDateTime, val expiryTime: LocalDateTime)
 }

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/auth/AuthSummary.kt

@@ -1,48 +1,30 @@
 package no.nav.dekoratoren.api.innloggingsstatus.auth
 
 import io.ktor.server.application.ApplicationCall
+import no.nav.dekoratoren.api.innloggingsstatus.oidc.OidcTokenInfo
 import no.nav.dekoratoren.api.innloggingsstatus.oidc.OidcTokenService
 import no.nav.dekoratoren.api.innloggingsstatus.user.SubjectNameService
-import org.slf4j.Logger
-import org.slf4j.LoggerFactory
 
 class AuthTokenService(
     private val oidcTokenService: OidcTokenService,
     private val subjectNameService: SubjectNameService,
 ) {
-    private val log: Logger = LoggerFactory.getLogger(AuthTokenService::class.java)
-
     suspend fun getAuthenticatedUserInfo(call: ApplicationCall): UserInfo {
-        return try {
-            fetchAndParseAuthenticatedUserInfo(call)
-        } catch (e: Exception) {
-            log.warn("Feil ved henting av brukers innloggingsinfo", e)
-            UserInfo.unAuthenticated()
-        }
+        val oidcToken = oidcTokenService.getOidcToken(call)
+        return getUserInfo(oidcToken)
     }
 
     fun getAuthSummary(call: ApplicationCall): AuthSummary {
-        return fetchAndParseAuthInfo(call).let { authInfo ->
-            AuthSummary.fromAuthInfo(authInfo)
-        }
-    }
-
-    private suspend fun fetchAndParseAuthenticatedUserInfo(call: ApplicationCall): UserInfo {
-        val authInfo = fetchAndParseAuthInfo(call)
-        return getUserInfo(authInfo)
-    }
-
-    fun fetchAndParseAuthInfo(call: ApplicationCall): AuthInfo {
         val oidcToken = oidcTokenService.getOidcToken(call)
-        return AuthInfo(oidcToken)
+        return AuthSummary.fromOidcToken(oidcToken)
     }
 
-    private suspend fun getUserInfo(authInfo: AuthInfo): UserInfo {
-        return if (authInfo.subject != null) {
-            val subjectName = subjectNameService.getSubjectName(authInfo.subject!!)
-            UserInfo.Companion.authenticated(subjectName, authInfo.authLevel!!)
+    private suspend fun getUserInfo(oidcTokenInfo: OidcTokenInfo?): UserInfo {
+        return if (oidcTokenInfo != null) {
+            val subjectName = subjectNameService.getSubjectName(oidcTokenInfo.subject)
+            UserInfo.authenticated(subjectName, oidcTokenInfo.authLevel)
         } else {
-            UserInfo.unAuthenticated()
+            UserInfo.unauthenticated()
         }
     }
 }

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/auth/AuthTokenService.kt

@@ -3,13 +3,13 @@ package no.nav.dekoratoren.api.innloggingsstatus.auth
 import com.fasterxml.jackson.annotation.JsonInclude
 
 @JsonInclude(JsonInclude.Include.NON_NULL)
-data class UserInfo constructor(
+data class UserInfo(
     val authenticated: Boolean,
     val name: String?,
     val securityLevel: String?
 ) {
     companion object {
         fun authenticated(name: String, authLevel: Int): UserInfo = UserInfo(true, name, authLevel.toString())
-        fun unAuthenticated(): UserInfo = UserInfo(false, null, null)
+        fun unauthenticated(): UserInfo = UserInfo(false, null, null)
     }
 }

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/auth/TokenInfo.kt

@@ -1,11 +1,10 @@
 package no.nav.dekoratoren.api.innloggingsstatus.oidc
 
-import no.nav.dekoratoren.api.innloggingsstatus.auth.TokenInfo
 import java.time.LocalDateTime
 
 data class OidcTokenInfo(
-    override val subject: String,
-    override val authLevel: Int,
-    override val issueTime: LocalDateTime,
-    override val expiryTime: LocalDateTime
-): TokenInfo
+    val subject: String,
+    val authLevel: Int,
+    val issueTime: LocalDateTime,
+    val expiryTime: LocalDateTime
+)

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/auth/UserInfo.kt

@@ -6,19 +6,16 @@ import no.nav.dekoratoren.api.common.toUtcDateTime
 import no.nav.security.token.support.core.jwt.JwtToken
 
 object OidcTokenInfoFactory {
-
     fun mapOidcTokenInfo(token: JwtToken, identityClaim: String): OidcTokenInfo {
-
-        val ident = getIdent(token, identityClaim)
-        val authLevel = extractAuthLevel(token)
-        val issueTime = getTokenIssueLocalDateTime(token)
-        val expiryTime = getTokenExpiryLocalDateTime(token)
-
-        return OidcTokenInfo(ident, authLevel, issueTime, expiryTime)
+        return OidcTokenInfo(
+            subject = getIdent(token, identityClaim),
+            authLevel = extractAuthLevel(token),
+            issueTime = getTokenIssueLocalDateTime(token),
+            expiryTime = getTokenExpiryLocalDateTime(token),
+        )
     }
 
     private fun extractAuthLevel(token: JwtToken): Int {
-
         return when (token.jwtTokenClaims.getStringClaim("acr")) {
             "Level3", "idporten-loa-substantial" -> 3
             "Level4", "idporten-loa-high" -> 4
@@ -39,12 +36,6 @@ object OidcTokenInfoFactory {
     }
 
     private fun getIdent(token: JwtToken, identityClaim: String): String {
-        val claims = token.jwtTokenClaims
-
-        return when {
-            claims.allClaims.containsKey(identityClaim) -> claims.getStringClaim(identityClaim)
-            else -> throw RuntimeException("Fant ikke et token-claim med ident i $identityClaim")
-        }
+        return token.jwtTokenClaims.getStringClaim(identityClaim)
     }
-
 }

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/oidc/OidcTokenInfo.kt

@@ -3,12 +3,12 @@ package no.nav.dekoratoren.api.innloggingsstatus.oidc
 import io.ktor.server.application.ApplicationCall
 import no.nav.dekoratoren.api.config.Environment
 
-class OidcTokenService(private val oidcTokenValidator: OidcTokenValidator,
-                       private val environment: Environment) {
-
+class OidcTokenService(
+    private val oidcTokenValidator: OidcTokenValidator,
+    private val environment: Environment
+) {
     fun getOidcToken(call: ApplicationCall): OidcTokenInfo? {
-        return oidcTokenValidator.getValidToken(call, environment.oidcIssuer)?.let { jwtToken ->
-            OidcTokenInfoFactory.mapOidcTokenInfo(jwtToken, environment.identityClaim)
-        }
+        return oidcTokenValidator.getValidToken(call, environment.oidcIssuer)
+            ?.let { OidcTokenInfoFactory.mapOidcTokenInfo(it, environment.identityClaim) }
     }
 }

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/oidc/OidcTokenInfoFactory.kt

@@ -9,19 +9,14 @@ import no.nav.security.token.support.core.jwt.JwtToken
 import no.nav.security.token.support.core.validation.JwtTokenValidationHandler
 import no.nav.security.token.support.v2.asIssuerProps
 
-class OidcTokenValidator constructor(applicationConfig: ApplicationConfig) {
-
+class OidcTokenValidator(applicationConfig: ApplicationConfig) {
     private val resourceRetriever: ProxyAwareResourceRetriever = ProxyAwareResourceRetriever()
-
     private val jwtTokenValidationHandler: JwtTokenValidationHandler
-
     private val multiIssuerConfiguration: MultiIssuerConfiguration
 
     init {
         val issuerPropertiesMap: Map<String, IssuerProperties> = applicationConfig.asIssuerProps()
-
         multiIssuerConfiguration = MultiIssuerConfiguration(issuerPropertiesMap, resourceRetriever)
-
         jwtTokenValidationHandler = JwtTokenValidationHandler(multiIssuerConfiguration)
     }
 

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/oidc/OidcTokenService.kt

@@ -11,7 +11,6 @@ class PdlService(
     private val azureService: AzureService,
     private val environment: Environment
 ) {
-
     private val log: Logger = LoggerFactory.getLogger(PdlService::class.java)
 
     suspend fun getSubjectName(ident: String): PdlNavn? {

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/oidc/OidcTokenValidator.kt

@@ -1,6 +1,6 @@
 package no.nav.dekoratoren.api.innloggingsstatus.pdl.query
 
-data class PdlPersonInfo (val navn: List<PdlNavn>)
+data class PdlPersonInfo(val navn: List<PdlNavn>)
 
 data class PdlNavn(
     val fornavn: String?,

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/pdl/PdlService.kt

@@ -1,5 +1,5 @@
 package no.nav.dekoratoren.api.innloggingsstatus.pdl.query
 
-data class QueryVariables (
-        val ident: String
+data class QueryVariables(
+    val ident: String
 )

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/pdl/query/PdlPersonInfo.kt

@@ -6,21 +6,32 @@ import io.ktor.server.response.respond
 import io.ktor.server.routing.Route
 import io.ktor.server.routing.get
 import no.nav.dekoratoren.api.innloggingsstatus.auth.AuthTokenService
+import no.nav.dekoratoren.api.innloggingsstatus.auth.UserInfo
+import org.slf4j.LoggerFactory
+
+private val logger = LoggerFactory.getLogger("innloggingsstatusRoute")
 
 fun Route.authApi(authService: AuthTokenService) {
 
     get("/auth") {
-        authService.getAuthenticatedUserInfo(call).let { userInfo ->
-            call.respond(HttpStatusCode.OK, userInfo)
+        try {
+            authService.getAuthenticatedUserInfo(call).let { userInfo ->
+                call.respond(HttpStatusCode.OK, userInfo)
+            }
+        } catch (e: Exception) {
+            logger.warn("Feil ved henting av brukers innloggingsinfo", e)
+            UserInfo.unauthenticated()
         }
+
     }
 
     get("/summary") {
         try {
             authService.getAuthSummary(call).let { authInfo ->
                 call.respond(HttpStatusCode.OK, authInfo)
             }
-        } catch (exception: Exception) {
+        } catch (e: Exception) {
+            logger.warn("Feil ved henting av summary", e)
             call.respond(HttpStatusCode.InternalServerError)
         }
     }

src/main/kotlin/no/nav/dekoratoren/api/innloggingsstatus/pdl/query/QueryVariables.kt

@@ -18,8 +18,8 @@ class SubjectNameService(private val pdlService: PdlService, private val cache:
 
     private suspend fun fetchNameFromPdlAndConcatenate(subject: String): String? {
         return pdlService.getSubjectName(subject)
-            ?.let { pdlNavn -> listOf(pdlNavn.fornavn, pdlNavn.mellomnavn, pdlNavn.etternavn) }
-            ?.filter { navn -> !navn.isNullOrBlank() }
+            ?.let { listOf(it.fornavn, it.mellomnavn, it.etternavn) }
+            ?.filter { !it.isNullOrBlank() }
             ?.joinToString(" ")
     }