Refactor application configuration to support reactive web and update dependencies #deploy-test-dolly-search-service

Author: krharum

apps/dolly-search-service/build.gradle

@@ -13,8 +13,7 @@ dependencies {
     implementation "no.nav.testnav.libs:data-transfer-search-objects"
     implementation "no.nav.testnav.libs:reactive-core"
     implementation "no.nav.testnav.libs:security-core"
-    implementation "no.nav.testnav.libs:servlet-core"
-    implementation "no.nav.testnav.libs:servlet-security"
+    implementation "no.nav.testnav.libs:reactive-security"
     implementation "no.nav.testnav.libs:testing"
 
     implementation "org.opensearch.client:spring-data-opensearch:$versions.opensearch"
@@ -29,5 +28,6 @@ dependencies {
 
     implementation "ma.glasnost.orika:orika-core:$versions.orika"
 
-    implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:$versions.springdoc"
+    implementation "io.swagger.core.v3:swagger-annotations-jakarta:$versions.swagger"
+    implementation "org.springdoc:springdoc-openapi-starter-webflux-ui:$versions.springdoc"
 }

apps/dolly-search-service/settings.gradle

@@ -9,8 +9,7 @@ includeBuild "../../plugins/java"
 includeBuild '../../libs/data-transfer-search-objects'
 includeBuild '../../libs/reactive-core'
 includeBuild '../../libs/security-core'
-includeBuild '../../libs/servlet-core'
-includeBuild '../../libs/servlet-security'
+includeBuild '../../libs/reactive-security'
 includeBuild '../../libs/testing'
 
 develocity {

apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/DollySearchServiceApplicationStarter.java

@@ -3,10 +3,11 @@
 import no.nav.dolly.libs.nais.NaisEnvironmentApplicationContextInitializer;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.web.reactive.config.EnableWebFlux;
 
+@EnableWebFlux
 @SpringBootApplication
-public class
-DollySearchServiceApplicationStarter {
+public class DollySearchServiceApplicationStarter {
     public static void main(String[] args) {
 
         new SpringApplicationBuilder(DollySearchServiceApplicationStarter.class)

apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/ApplicationConfig.java

@@ -1,14 +1,14 @@
 package no.nav.testnav.dollysearchservice.config;
 
-import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig;
-import no.nav.testnav.libs.servletsecurity.jwt.SecureOAuth2ServerToServerAutoConfiguration;
+import no.nav.testnav.libs.reactivecore.config.CoreConfig;
+import no.nav.testnav.libs.reactivesecurity.config.SecureOAuth2ServerToServerConfiguration;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 
 @Configuration
 @Import({
-        ApplicationCoreConfig.class,
-        SecureOAuth2ServerToServerAutoConfiguration.class
+        CoreConfig.class,
+        SecureOAuth2ServerToServerConfiguration.class
 })
 public class ApplicationConfig {
 

apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/OpenApiConfig.java

@@ -7,43 +7,31 @@
 import io.swagger.v3.oas.models.info.License;
 import io.swagger.v3.oas.models.security.SecurityRequirement;
 import io.swagger.v3.oas.models.security.SecurityScheme;
+import no.nav.testnav.libs.reactivecore.config.ApplicationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
+import org.springframework.web.server.WebFilterChain;
+import reactor.core.publisher.Mono;
 
 import java.util.Arrays;
 
-import no.nav.testnav.libs.securitycore.config.UserConstant;
-import no.nav.testnav.libs.servletcore.config.ApplicationProperties;
-
 @Configuration
-public class OpenApiConfig implements WebMvcConfigurer {
+public class OpenApiConfig implements WebFilter {
 
     @Bean
     public OpenAPI openApi(ApplicationProperties applicationProperties) {
         return new OpenAPI()
-                .components(new Components()
-                        .addSecuritySchemes("bearer-jwt", new SecurityScheme()
-                                .type(SecurityScheme.Type.HTTP)
-                                .scheme("bearer")
-                                .bearerFormat("JWT")
-                                .in(SecurityScheme.In.HEADER)
-                                .name("Authorization")
-                                .description("Trenger ikke \"Bearer \" foran")
-                        )
-                        .addSecuritySchemes("user-jwt", new SecurityScheme()
-                                .type(SecurityScheme.Type.APIKEY)
-                                .scheme("bearer")
-                                .bearerFormat("JWT")
-                                .in(SecurityScheme.In.HEADER)
-                                .name(UserConstant.USER_HEADER_JWT)
-                        ))
+                .components(new Components().addSecuritySchemes("bearer-jwt", new SecurityScheme()
+                        .type(SecurityScheme.Type.HTTP)
+                        .scheme("bearer")
+                        .bearerFormat("JWT")
+                        .in(SecurityScheme.In.HEADER)
+                        .name("Authorization")
+                ))
                 .addSecurityItem(
-                        new SecurityRequirement()
-                                .addList("bearer-jwt", Arrays.asList("read", "write"))
-                                .addList("user-jwt", Arrays.asList("read", "write"))
-                )
+                        new SecurityRequirement().addList("bearer-jwt", Arrays.asList("read", "write")))
                 .info(new Info()
                         .title(applicationProperties.getName())
                         .version(applicationProperties.getVersion())
@@ -62,7 +50,15 @@ public OpenAPI openApi(ApplicationProperties applicationProperties) {
     }
 
     @Override
-    public void addViewControllers(ViewControllerRegistry registry) {
-        registry.addViewController("/swagger").setViewName("redirect:/swagger-ui.html");
+    public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
+        if (exchange.getRequest().getURI().getPath().equals("/swagger")) {
+            return chain
+                    .filter(exchange.mutate()
+                            .request(exchange.getRequest()
+                                    .mutate().path("/swagger-ui.html").build())
+                            .build());
+        }
+
+        return chain.filter(exchange);
     }
 }

apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/config/SecurityConfig.java

@@ -1,38 +1,41 @@
 package no.nav.testnav.dollysearchservice.config;
 
+import lombok.RequiredArgsConstructor;
+import no.nav.testnav.libs.reactivesecurity.manager.JwtReactiveAuthenticationManager;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
-import org.springframework.security.config.Customizer;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
-import org.springframework.security.config.http.SessionCreationPolicy;
-import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.config.annotation.method.configuration.EnableReactiveMethodSecurity;
+import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
+import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.web.server.SecurityWebFilterChain;
 
-@EnableWebSecurity
+@EnableWebFluxSecurity
+@EnableReactiveMethodSecurity
 @Configuration
-@Profile({ "prod", "dev", "local" })
+@Profile({"prod", "dev", "local"})
+@RequiredArgsConstructor
 public class SecurityConfig {
 
-    @Bean
-    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
-
-        httpSecurity.sessionManagement(sessionConfig -> sessionConfig.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-                .csrf(AbstractHttpConfigurer::disable)
-                .authorizeHttpRequests(authorizeConfig -> authorizeConfig.requestMatchers(
-                        "/internal/**",
-                        "/webjars/**",
-                        "/swagger-resources/**",
-                        "/v3/api-docs/**",
-                        "/swagger-ui/**",
-                        "/swagger",
-                        "/error",
-                        "/swagger-ui.html"
-                ).permitAll().requestMatchers("/api/**").fullyAuthenticated())
-                .oauth2ResourceServer(oauth2RSConfig -> oauth2RSConfig.jwt(Customizer.withDefaults()));
+    private final JwtReactiveAuthenticationManager jwtReactiveAuthenticationManager;
 
-        return httpSecurity.build();
+    @Bean
+    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity httpSecurity) {
+        return httpSecurity
+                .csrf(ServerHttpSecurity.CsrfSpec::disable)
+                .authorizeExchange(authorizeConfig -> authorizeConfig.pathMatchers(
+                                "/internal/**",
+                                "/webjars/**",
+                                "/v3/api-docs/**",
+                                "/swagger-ui/**",
+                                "/swagger",
+                                "/error",
+                                "/swagger-ui.html"
+                        ).permitAll()
+                        .anyExchange()
+                        .authenticated())
+                .oauth2ResourceServer(oauth2RSConfig -> oauth2RSConfig.jwt(jwtSpec -> jwtSpec.authenticationManager(jwtReactiveAuthenticationManager)))
+                .build();
     }
 }
 

apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/consumer/PdlProxyConsumer.java

@@ -9,8 +9,8 @@
 import no.nav.testnav.dollysearchservice.dto.SearchRequest;
 import no.nav.testnav.dollysearchservice.dto.SearchResponse;
 import no.nav.testnav.dollysearchservice.dto.TagsOpprettingResponse;
+import no.nav.testnav.libs.reactivesecurity.exchange.TokenExchange;
 import no.nav.testnav.libs.securitycore.domain.ServerProperties;
-import no.nav.testnav.libs.servletsecurity.exchange.TokenExchange;
 import org.springframework.stereotype.Service;
 import org.springframework.web.reactive.function.client.WebClient;
 import reactor.core.publisher.Flux;

apps/dolly-search-service/src/main/java/no/nav/testnav/dollysearchservice/service/TagsService.java

@@ -18,7 +18,7 @@
 @RequiredArgsConstructor
 public class TagsService {
 
-    private static final int BOLK_SIZE = 100;
+    private static final int BOLK_SIZE = 10;
 
     private final BestillingQueryService bestillingQueryService;
     private final PdlProxyConsumer pdlProxyConsumer;
@@ -37,11 +37,11 @@ public Mono<String> setDollyTagAlleTestnorgeIdenter() {
                     l1.addAll(l2);
                     return l1;
                 })
-//                .doOnNext(tags -> log.info("Identer som mangler Dolly-tags: {}", String.join(", ", tags)))
-//                .filter(tags -> !tags.isEmpty())
-//                .flatMap(pdlProxyConsumer::setTags)
-//                .filter(response -> response.getStatus().is2xxSuccessful())
-//                .map(TagsOpprettingResponse::getIdenter)
+                .doOnNext(tags -> log.info("Identer som mangler Dolly-tags: {}", String.join(", ", tags)))
+                .filter(tags -> !tags.isEmpty())
+                .flatMap(pdlProxyConsumer::setTags)
+                .filter(response -> response.getStatus().is2xxSuccessful())
+                .map(TagsOpprettingResponse::getIdenter)
                 .map(resultat -> "Følgende identer mangler DOLLY-tag: %s".formatted(String.join(", ", resultat)))
                 .switchIfEmpty(Mono.just("Fant ingen personer som mangler Dolly-tag"));
     }

apps/dolly-search-service/src/main/resources/application.yml

@@ -10,11 +10,13 @@ spring:
         aad:
           issuer-uri: ${AAD_ISSUER_URI}/v2.0
           jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys
-          accepted-audience:  ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID}
+          accepted-audience: ${AZURE_APP_CLIENT_ID}, api:// ${AZURE_APP_CLIENT_ID}
         tokenx:
-          issuer-uri: ${TOKEN_X_ISSUER} 
+          issuer-uri: ${TOKEN_X_ISSUER}
           jwk-set-uri: ${TOKEN_X_JWKS_URI}
           accepted-audience: ${TOKEN_X_CLIENT_ID}
+  main:
+    web-application-type: reactive
 
 springdoc:
   swagger-ui: