Add support for retrieving and using user information

#deploy-profil-api #deploy-profil-api-test

Replaced `GetAuthenticatedId` with `GetUserInfo` to extract user details and updated relevant methods to maintain compatibility. Adjusted dependency configurations and annotations, including the addition of `spring-boot-starter-web` for extended server capabilities. Corrected minor typo in log output for better clarity.

Author: krharum

apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/ProfilApiApplicationStarter.java

@@ -1,12 +1,11 @@
 package no.nav.registre.testnorge.profil;
 
+import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig;
+import no.nav.testnav.libs.servletsecurity.config.SecureOAuth2ServerToServerConfiguration;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.context.annotation.Import;
 
-import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig;
-import no.nav.testnav.libs.servletsecurity.config.SecureOAuth2ServerToServerConfiguration;
-
 @SpringBootApplication
 @Import({
         ApplicationCoreConfig.class,

apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/consumer/AzureAdProfileConsumer.java

@@ -7,7 +7,7 @@
 import no.nav.registre.testnorge.profil.service.AzureAdTokenService;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.client.reactive.ReactorClientHttpConnector;
-import org.springframework.stereotype.Component;
+import org.springframework.stereotype.Service;
 import org.springframework.web.reactive.function.client.ExchangeStrategies;
 import org.springframework.web.reactive.function.client.WebClient;
 import reactor.netty.http.client.HttpClient;
@@ -17,8 +17,9 @@
 import java.util.Optional;
 
 @Slf4j
-@Component
+@Service
 public class AzureAdProfileConsumer {
+
     private final WebClient webClient;
     private final AzureAdTokenService azureAdTokenService;
 
@@ -67,7 +68,7 @@ public Optional<byte[]> getProfilImage() {
                     .flatMap(accessToken -> new GetProfileImageCommand(webClient, accessToken.getTokenValue()).call())
                     .block());
         } catch (IllegalStateException e) {
-            log.warn("Finner ikke profil bilde", e);
+            log.warn("Finner ikke profilbilde", e);
             return Optional.empty();
         }
     }

apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/consumer/PersonOrganisasjonTilgangConsumer.java

@@ -5,7 +5,8 @@
 import no.nav.registre.testnorge.profil.consumer.command.GetPersonOrganisasjonTilgangCommand;
 import no.nav.testnav.libs.dto.altinn3.v1.OrganisasjonDTO;
 import no.nav.testnav.libs.securitycore.domain.ServerProperties;
-import no.nav.testnav.libs.servletsecurity.action.GetAuthenticatedId;
+import no.nav.testnav.libs.securitycore.domain.UserInfo;
+import no.nav.testnav.libs.servletsecurity.action.GetUserInfo;
 import no.nav.testnav.libs.servletsecurity.exchange.TokenExchange;
 import org.springframework.stereotype.Component;
 import org.springframework.web.reactive.function.client.WebClient;
@@ -18,27 +19,31 @@ public class PersonOrganisasjonTilgangConsumer {
     private final WebClient webClient;
     private final ServerProperties serverProperties;
     private final TokenExchange tokenExchange;
-    private final GetAuthenticatedId getAuthenticatedId;
+    private final GetUserInfo getUserInfo;
 
     public PersonOrganisasjonTilgangConsumer(
             Consumers consumers,
             TokenExchange tokenExchange,
             WebClient.Builder webClientBuilder,
-            GetAuthenticatedId getAuthenticatedId) {
+            GetUserInfo getUserInfo) {
 
         serverProperties = consumers.getTestnavAltinn3TilgangService();
         this.tokenExchange = tokenExchange;
         this.webClient = webClientBuilder
                 .baseUrl(serverProperties.getUrl())
                 .build();
-        this.getAuthenticatedId = getAuthenticatedId;
+        this.getUserInfo = getUserInfo;
     }
 
     public Mono<OrganisasjonDTO> getOrganisasjon(String organisasjonsnummer) {
 
+        var userId = getUserInfo.call()
+                .map(UserInfo::id)
+                .orElse(null);
+
         return Mono.from(tokenExchange.exchange(serverProperties)
                         .flatMapMany(accessToken ->
-                                new GetPersonOrganisasjonTilgangCommand(webClient, getAuthenticatedId.call(), accessToken.getTokenValue()).call()))
+                                new GetPersonOrganisasjonTilgangCommand(webClient, userId, accessToken.getTokenValue()).call()))
                 .doOnNext(organisasjon -> log.info("Mottatt organisasjon: {}", organisasjon))
                 .filter(organisasjon -> organisasjon.getOrganisasjonsnummer().equals(organisasjonsnummer));
     }

apps/profil-api/src/main/java/no/nav/registre/testnorge/profil/service/AzureAdTokenService.java

@@ -1,7 +1,10 @@
 package no.nav.registre.testnorge.profil.service;
 
 import lombok.extern.slf4j.Slf4j;
+import no.nav.testnav.libs.securitycore.command.azuread.OnBehalfOfExchangeCommand;
+import no.nav.testnav.libs.securitycore.domain.AccessToken;
 import no.nav.testnav.libs.securitycore.domain.azuread.AzureClientCredential;
+import no.nav.testnav.libs.servletsecurity.action.GetAuthenticatedToken;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
@@ -14,10 +17,6 @@
 
 import java.net.URI;
 
-import no.nav.testnav.libs.securitycore.command.azuread.OnBehalfOfExchangeCommand;
-import no.nav.testnav.libs.securitycore.domain.AccessToken;
-import no.nav.testnav.libs.servletsecurity.action.GetAuthenticatedToken;
-
 @Slf4j
 @Service
 public class AzureAdTokenService {

libs/reactive-security/build.gradle

@@ -49,6 +49,7 @@ dependencies {
 
     implementation 'org.springframework.boot:spring-boot-starter-oauth2-resource-server'
     implementation 'org.springframework.boot:spring-boot-starter-webflux'
+    implementation 'org.springframework.boot:spring-boot-starter-web'
     implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
     implementation 'org.springframework.boot:spring-boot-starter-security'
 

libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/config/SecureOAuth2ServerToServerConfiguration.java

@@ -3,6 +3,7 @@
 import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedResourceServerType;
 import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedToken;
 import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedUserId;
+import no.nav.testnav.libs.reactivesecurity.action.GetUserInfo;
 import no.nav.testnav.libs.reactivesecurity.exchange.TokenExchange;
 import no.nav.testnav.libs.reactivesecurity.exchange.tokenx.TokenXService;
 import no.nav.testnav.libs.reactivesecurity.manager.JwtReactiveAuthenticationManager;
@@ -16,6 +17,7 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
+import org.springframework.security.oauth2.jwt.JwtDecoder;
 
 import java.util.List;
 
@@ -29,7 +31,8 @@
         GetAuthenticatedUserId.class,
         GetAuthenticatedResourceServerType.class,
         GetAuthenticatedToken.class,
-        TokenXProperties.class
+        TokenXProperties.class,
+        GetUserInfo.class
 })
 public class SecureOAuth2ServerToServerConfiguration {