F!! Overrider autentisering dersom requestet matcher /api/migrering

Author: Jørgen Tu Sveli

src/main/java/no/nav/fo/veilarbregistrering/config/FilterConfig.kt

@@ -2,7 +2,6 @@ package no.nav.fo.veilarbregistrering.config
 
 import no.nav.common.auth.Constants
 import no.nav.common.auth.context.UserRole
-import no.nav.common.auth.oidc.filter.OidcAuthenticationFilter
 import no.nav.common.auth.oidc.filter.OidcAuthenticator
 import no.nav.common.auth.oidc.filter.OidcAuthenticatorConfig
 import no.nav.common.log.LogFilter
@@ -70,8 +69,8 @@ class FilterConfig {
 
     @Bean
     open fun authenticationFilterRegistrationBean(): FilterRegistrationBean<*> {
-        val registration = FilterRegistrationBean<OidcAuthenticationFilter>()
-        val authenticationFilter = OidcAuthenticationFilter(
+        val registration = FilterRegistrationBean<OidcAuthenticationFilterMigreringBypass>()
+        val authenticationFilter = OidcAuthenticationFilterMigreringBypass(
                 OidcAuthenticator.fromConfigs(
                         createOpenAmAuthenticatorConfig(),
                         createVeilarbloginAADConfig(),

src/main/java/no/nav/fo/veilarbregistrering/config/OidcAuthenticationFilterMigreringBypass.kt

@@ -0,0 +1,28 @@
+package no.nav.fo.veilarbregistrering.config
+
+import no.nav.common.auth.oidc.filter.OidcAuthenticationFilter
+import no.nav.common.auth.oidc.filter.OidcAuthenticator
+import no.nav.fo.veilarbregistrering.log.loggerFor
+import org.springframework.util.AntPathMatcher
+import javax.servlet.FilterChain
+import javax.servlet.ServletRequest
+import javax.servlet.ServletResponse
+import javax.servlet.http.HttpServletRequest
+
+class OidcAuthenticationFilterMigreringBypass(oidcAuthenticators: List<OidcAuthenticator>) : OidcAuthenticationFilter(oidcAuthenticators) {
+    override fun doFilter(servletRequest: ServletRequest, servletResponse: ServletResponse, chain: FilterChain) {
+        val servletPath = (servletRequest as HttpServletRequest).servletPath
+        if (!AntPathMatcher().match(MIGRERING_PATTERN, servletPath)) {
+            log.info("Gjør autentisering for request til [${servletPath}")
+            super.doFilter(servletRequest, servletResponse, chain)
+        } else {
+            log.info("OMGÅR autentisering for request til [${servletPath}")
+            chain.doFilter(servletRequest, servletResponse)
+        }
+    }
+
+    companion object {
+        const val MIGRERING_PATTERN = "/api/migrering"
+        private val log = loggerFor<OidcAuthenticationFilterMigreringBypass>()
+    }
+}

src/test/java/no/nav/fo/veilarbregistrering/config/AntPathMatherTest.kt

@@ -0,0 +1,22 @@
+package no.nav.fo.veilarbregistrering.config
+
+import no.nav.fo.veilarbregistrering.config.OidcAuthenticationFilterMigreringBypass.Companion.MIGRERING_PATTERN
+import org.junit.Test
+import org.springframework.util.AntPathMatcher
+import kotlin.test.assertTrue
+
+class AntPathMatherTest {
+
+    @Test
+    fun `AntPathMatcher matcher det vi forventer og ikke mer`() {
+        val ok = listOf("/api/migrering")
+        val ikkeOk = listOf("/api", "api", "/api/registrering", "/api/sistearbeidsforhold")
+
+        assertTrue {
+            ok.all { AntPathMatcher().match(MIGRERING_PATTERN, it) }
+        }
+        assertTrue {
+            ikkeOk.none { AntPathMatcher().match(MIGRERING_PATTERN, it) }
+        }
+    }
+}