Revert "fjern bruk av apigw til fordel for maskinporten og direkte kall"

navikt · Dec 2, 2024 · 528f66b · 528f66b
1 parent 270f7cc
commit 528f66b
Show file tree

Hide file tree

Showing 29 changed files with 301 additions and 292 deletions.
diff --git a/nais/dev-env.yaml b/nais/dev-env.yaml
@@ -17,8 +17,6 @@ spec:
       consumes:
         - name: "altinn:serviceowner/rolesandrights"
         - name: "altinn:serviceowner/organizations"
-        - name: "altinn:serviceowner/delegationrequests.read"
-        - name: "altinn:serviceowner/delegationrequests.write"
   kafka:
     pool: nav-dev
   gcp:

diff --git a/nais/prod-env.yaml b/nais/prod-env.yaml
@@ -24,8 +24,6 @@ spec:
       consumes:
         - name: "altinn:serviceowner/rolesandrights"
         - name: "altinn:serviceowner/organizations"
-        - name: "altinn:serviceowner/delegationrequests.read"
-        - name: "altinn:serviceowner/delegationrequests.write"
   kafka:
     pool: nav-prod
   gcp:

diff --git a/...giver/min_side/config/RetryInterceptor.kt → ...iver/min_side/clients/RetryInterceptor.kt b/...giver/min_side/config/RetryInterceptor.kt → ...iver/min_side/clients/RetryInterceptor.kt
@@ -1,4 +1,4 @@
-package no.nav.arbeidsgiver.min_side.config
+package no.nav.arbeidsgiver.min_side.clients
 
 import org.springframework.http.client.ClientHttpRequestInterceptor
 import org.springframework.retry.RetryCallback

diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/clients/altinn/AltinnTilgangssøknadClient.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/clients/altinn/AltinnTilgangssøknadClient.kt
@@ -0,0 +1,116 @@
+package no.nav.arbeidsgiver.min_side.clients.altinn
+
+import no.nav.arbeidsgiver.min_side.clients.altinn.dto.DelegationRequest
+import no.nav.arbeidsgiver.min_side.clients.altinn.dto.DelegationRequest.RequestResource
+import no.nav.arbeidsgiver.min_side.clients.altinn.dto.Søknadsstatus
+import no.nav.arbeidsgiver.min_side.clients.retryInterceptor
+import no.nav.arbeidsgiver.min_side.config.logger
+import no.nav.arbeidsgiver.min_side.models.AltinnTilgangssøknad
+import no.nav.arbeidsgiver.min_side.models.AltinnTilgangssøknadsskjema
+import no.nav.arbeidsgiver.min_side.services.altinn.AltinnConfig
+import org.springframework.boot.web.client.RestTemplateBuilder
+import org.springframework.core.ParameterizedTypeReference
+import org.springframework.http.HttpHeaders
+import org.springframework.http.RequestEntity
+import org.springframework.http.ResponseEntity
+import org.springframework.stereotype.Component
+import org.springframework.web.client.HttpServerErrorException.BadGateway
+import org.springframework.web.util.UriComponentsBuilder
+import java.util.function.Consumer
+
+@Component
+class AltinnTilgangssøknadClient(
+    restTemplateBuilder: RestTemplateBuilder,
+    altinnConfig: AltinnConfig
+) {
+    private val log = logger()
+
+    private val restTemplate = restTemplateBuilder
+        .additionalInterceptors(
+            retryInterceptor(
+                maxAttempts = 3,
+                backoffPeriod = 250L,
+                java.net.SocketException::class.java,
+                javax.net.ssl.SSLHandshakeException::class.java,
+                org.springframework.web.client.ResourceAccessException::class.java,
+            )
+        )
+        .build()
+
+    private val delegationRequestApiPath = UriComponentsBuilder
+        .fromUriString(altinnConfig.APIGwUrl)
+        .path("/ekstern/altinn/api/serviceowner/delegationRequests")
+        .build()
+        .toUriString()
+    private val altinnHeaders = Consumer { httpHeaders: HttpHeaders ->
+        httpHeaders.putAll(
+            mapOf(
+                "accept" to listOf("application/hal+json"),
+                "apikey" to listOf(altinnConfig.altinnHeader),
+                "x-nav-apikey" to listOf(altinnConfig.APIGwHeader)
+            )
+        )
+    }
+
+    fun hentSøknader(fødselsnummer: String): List<AltinnTilgangssøknad> {
+        val resultat = ArrayList<AltinnTilgangssøknad>()
+        val filter = String.format("CoveredBy eq '%s'", fødselsnummer)
+        var continuationtoken: String? = null
+        var shouldContinue = true
+        while (shouldContinue) {
+            val uri =
+                delegationRequestApiPath + "?ForceEIAuthentication&" + if (continuationtoken == null) "\$filter={filter}" else "\$filter={filter}&continuation={continuation}"
+            val request = RequestEntity.get(uri, filter, continuationtoken).headers(altinnHeaders).build()
+            val response: ResponseEntity<Søknadsstatus?> = try {
+                restTemplate.exchange(request, object : ParameterizedTypeReference<Søknadsstatus?>() {})
+            } catch (e: BadGateway) {
+                log.info("retry pga bad gateway mot altinn {}", e.message)
+                restTemplate.exchange(request, object : ParameterizedTypeReference<Søknadsstatus?>() {})
+            }
+            val body = response.body
+            if (body == null) {
+                log.warn("Altinn delegation requests: body missing")
+                break
+            }
+            if (body.embedded!!.delegationRequests!!.isEmpty()) {
+                shouldContinue = false
+            } else {
+                continuationtoken = body.continuationtoken
+            }
+            body.embedded!!.delegationRequests!!
+                .map { søknadDTO: DelegationRequest ->
+                    val søknad = AltinnTilgangssøknad()
+                    søknad.orgnr = søknadDTO.OfferedBy
+                    søknad.status = søknadDTO.RequestStatus
+                    søknad.createdDateTime = søknadDTO.Created
+                    søknad.lastChangedDateTime = søknadDTO.LastChanged
+                    søknad.serviceCode = søknadDTO.RequestResources!![0].ServiceCode
+                    søknad.serviceEdition = søknadDTO.RequestResources!![0].ServiceEditionCode
+                    søknad.submitUrl = søknadDTO.links!!.sendRequest!!.href
+                    søknad
+                }.toCollection(resultat)
+        }
+        return resultat
+    }
+
+    fun sendSøknad(fødselsnummer: String?, søknadsskjema: AltinnTilgangssøknadsskjema): AltinnTilgangssøknad {
+        val requestResource = RequestResource()
+        requestResource.ServiceCode = søknadsskjema.serviceCode
+        requestResource.ServiceEditionCode = søknadsskjema.serviceEdition
+        val delegationRequest = DelegationRequest()
+        delegationRequest.CoveredBy = fødselsnummer
+        delegationRequest.OfferedBy = søknadsskjema.orgnr
+        delegationRequest.RedirectUrl = søknadsskjema.redirectUrl
+        delegationRequest.RequestResources = listOf(requestResource)
+        val request = RequestEntity
+            .post("$delegationRequestApiPath?ForceEIAuthentication")
+            .headers(altinnHeaders)
+            .body(delegationRequest)
+        val response = restTemplate.exchange(request, object : ParameterizedTypeReference<DelegationRequest?>() {})
+        val body = response.body
+        val svar = AltinnTilgangssøknad()
+        svar.status = body!!.RequestStatus
+        svar.submitUrl = body.links!!.sendRequest!!.href
+        return svar
+    }
+}
diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/clients/altinn/dto/DelegationRequest.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/clients/altinn/dto/DelegationRequest.kt
@@ -0,0 +1,32 @@
+package no.nav.arbeidsgiver.min_side.clients.altinn.dto
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties
+import com.fasterxml.jackson.annotation.JsonInclude
+import com.fasterxml.jackson.annotation.JsonProperty
+
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonIgnoreProperties(ignoreUnknown = true)
+data class DelegationRequest(
+    var RequestStatus: String? = null,
+    var OfferedBy: String? = null,
+    var CoveredBy: String? = null,
+    var RedirectUrl: String? = null,
+    var Created: String? = null,
+    var LastChanged: String? = null,
+    val KeepSessionAlive: Boolean = true,
+    var RequestResources: List<RequestResource>? = null,
+    @field:JsonProperty("_links") var links: Links? = null
+) {
+
+    @JsonIgnoreProperties(ignoreUnknown = true)
+    data class RequestResource(
+        var ServiceCode: String? = null,
+        var ServiceEditionCode: Int? = null
+    )
+
+    @JsonIgnoreProperties(ignoreUnknown = true)
+    data class Links(var sendRequest: Link? = null)
+
+    @JsonIgnoreProperties(ignoreUnknown = true)
+    data class Link(var href: String? = null)
+}
diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/clients/altinn/dto/Søknadsstatus.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/clients/altinn/dto/Søknadsstatus.kt
@@ -0,0 +1,16 @@
+package no.nav.arbeidsgiver.min_side.clients.altinn.dto
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties
+import com.fasterxml.jackson.annotation.JsonProperty
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+data class Søknadsstatus(
+    @field:JsonProperty("_embedded")
+    var embedded: Embedded? = null,
+    var continuationtoken: String? = null,
+) {
+    @JsonIgnoreProperties(ignoreUnknown = true)
+    data class Embedded(
+        var delegationRequests: List<DelegationRequest>? = null
+    )
+}
diff --git a/...eidsgiver/min_side/azuread/AzureClient.kt → ...r/min_side/clients/azuread/AzureClient.kt b/...eidsgiver/min_side/azuread/AzureClient.kt → ...r/min_side/clients/azuread/AzureClient.kt
@@ -1,7 +1,7 @@
-package no.nav.arbeidsgiver.min_side.azuread
+package no.nav.arbeidsgiver.min_side.clients.azuread
 
 import com.fasterxml.jackson.annotation.JsonProperty
-import no.nav.arbeidsgiver.min_side.config.retryInterceptor
+import no.nav.arbeidsgiver.min_side.clients.retryInterceptor
 import org.springframework.boot.web.client.RestTemplateBuilder
 import org.springframework.http.HttpEntity
 import org.springframework.http.HttpHeaders

diff --git a/...idsgiver/min_side/azuread/AzureService.kt → .../min_side/clients/azuread/AzureService.kt b/...idsgiver/min_side/azuread/AzureService.kt → .../min_side/clients/azuread/AzureService.kt
@@ -1,4 +1,4 @@
-package no.nav.arbeidsgiver.min_side.azuread
+package no.nav.arbeidsgiver.min_side.clients.azuread
 
 import com.github.benmanes.caffeine.cache.Cache
 import com.github.benmanes.caffeine.cache.Caffeine

diff --git a/...gssoknad/AltinnTilgangSoknadController.kt → ...ntroller/AltinnTilgangSoknadController.kt b/...gssoknad/AltinnTilgangSoknadController.kt → ...ntroller/AltinnTilgangSoknadController.kt
@@ -1,7 +1,9 @@
-package no.nav.arbeidsgiver.min_side.tilgangssoknad
+package no.nav.arbeidsgiver.min_side.controller
 
+import no.nav.arbeidsgiver.min_side.clients.altinn.AltinnTilgangssøknadClient
 import no.nav.arbeidsgiver.min_side.config.logger
-import no.nav.arbeidsgiver.min_side.controller.AuthenticatedUserHolder
+import no.nav.arbeidsgiver.min_side.models.AltinnTilgangssøknad
+import no.nav.arbeidsgiver.min_side.models.AltinnTilgangssøknadsskjema
 import no.nav.arbeidsgiver.min_side.services.altinn.AltinnService
 import org.springframework.http.HttpStatus
 import org.springframework.http.ResponseEntity

diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/kontaktinfo/KontaktinfoClient.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/kontaktinfo/KontaktinfoClient.kt
@@ -2,7 +2,7 @@ package no.nav.arbeidsgiver.min_side.kontaktinfo
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties
 import com.fasterxml.jackson.annotation.JsonProperty
-import no.nav.arbeidsgiver.min_side.config.retryInterceptor
+import no.nav.arbeidsgiver.min_side.clients.retryInterceptor
 import no.nav.arbeidsgiver.min_side.maskinporten.MaskinportenTokenService
 import org.springframework.beans.factory.annotation.Value
 import org.springframework.boot.web.client.RestTemplateBuilder

diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/kontostatus/KontoregisterClient.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/kontostatus/KontoregisterClient.kt
@@ -1,8 +1,8 @@
 package no.nav.arbeidsgiver.min_side.kontostatus
 
 import com.github.benmanes.caffeine.cache.Caffeine
-import no.nav.arbeidsgiver.min_side.azuread.AzureService
-import no.nav.arbeidsgiver.min_side.config.retryInterceptor
+import no.nav.arbeidsgiver.min_side.clients.azuread.AzureService
+import no.nav.arbeidsgiver.min_side.clients.retryInterceptor
 import no.nav.arbeidsgiver.min_side.config.GittMiljø
 import no.nav.arbeidsgiver.min_side.config.callIdIntercetor
 import org.springframework.beans.factory.annotation.Value
@@ -15,9 +15,7 @@ import org.springframework.http.HttpStatus
 import org.springframework.http.client.ClientHttpRequestInterceptor
 import org.springframework.stereotype.Component
 import org.springframework.web.client.RestClientResponseException
-import java.net.SocketException
 import java.util.concurrent.TimeUnit
-import javax.net.ssl.SSLHandshakeException
 
 @Component
 class KontoregisterClient(
@@ -43,8 +41,8 @@ class KontoregisterClient(
             retryInterceptor(
                 3,
                 250L,
-                SocketException::class.java,
-                SSLHandshakeException::class.java,
+                java.net.SocketException::class.java,
+                javax.net.ssl.SSLHandshakeException::class.java,
             )
         )
         .build()

diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/models/Altinn2Organisasjon.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/models/Altinn2Organisasjon.kt
@@ -0,0 +1,14 @@
+package no.nav.arbeidsgiver.min_side.models
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties
+import com.fasterxml.jackson.annotation.JsonProperty
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+data class Altinn2Organisasjon(
+    @field:JsonProperty("Name") var name: String? = null,
+    @field:JsonProperty("Type") var type: String? = null,
+    @field:JsonProperty("ParentOrganizationNumber") var parentOrganizationNumber: String? = null,
+    @field:JsonProperty("OrganizationNumber") var organizationNumber: String? = null,
+    @field:JsonProperty("OrganizationForm") var organizationForm: String? = null,
+    @field:JsonProperty("Status") var status: String? = null
+)
diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/models/AltinnTilgangssøknad.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/models/AltinnTilgangssøknad.kt
@@ -0,0 +1,16 @@
+package no.nav.arbeidsgiver.min_side.models
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties
+import com.fasterxml.jackson.annotation.JsonInclude
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonInclude(JsonInclude.Include.NON_NULL)
+data class AltinnTilgangssøknad(
+    var orgnr: String? = null,
+    var serviceCode: String? = null,
+    var serviceEdition: Int? = null,
+    var status: String? = null,
+    var createdDateTime: String? = null,
+    var lastChangedDateTime: String? = null,
+    var submitUrl: String? = null
+)
diff --git a/...angssoknad/AltinnTilgangssøknadsskjema.kt → ...ide/models/AltinnTilgangssøknadsskjema.kt b/...angssoknad/AltinnTilgangssøknadsskjema.kt → ...ide/models/AltinnTilgangssøknadsskjema.kt
@@ -1,4 +1,4 @@
-package no.nav.arbeidsgiver.min_side.tilgangssoknad
+package no.nav.arbeidsgiver.min_side.models
 
 data class AltinnTilgangssøknadsskjema(
     val orgnr: String,

diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/services/altinn/AltinnConfig.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/services/altinn/AltinnConfig.kt
@@ -0,0 +1,11 @@
+package no.nav.arbeidsgiver.min_side.services.altinn
+
+import org.springframework.boot.context.properties.ConfigurationProperties
+
+@ConfigurationProperties(prefix = "altinn")
+data class AltinnConfig(
+    var altinnHeader: String = "",
+    var altinnurl: String = "",
+    var APIGwHeader: String = "",
+    var APIGwUrl: String = "",
+)
diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/services/altinn/AltinnService.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/services/altinn/AltinnService.kt
@@ -4,8 +4,9 @@ import com.fasterxml.jackson.annotation.JsonIgnore
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties
 import com.github.benmanes.caffeine.cache.Cache
 import com.github.benmanes.caffeine.cache.Caffeine
-import no.nav.arbeidsgiver.min_side.config.retryInterceptor
+import no.nav.arbeidsgiver.min_side.clients.retryInterceptor
 import no.nav.arbeidsgiver.min_side.controller.AuthenticatedUserHolder
+import no.nav.arbeidsgiver.min_side.models.Organisasjon
 import no.nav.arbeidsgiver.min_side.services.altinn.AltinnTilganger.AltinnTilgang
 import no.nav.arbeidsgiver.min_side.services.tokenExchange.TokenExchangeClient
 import org.springframework.beans.factory.annotation.Value

diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/services/ereg/EregService.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/services/ereg/EregService.kt
@@ -2,7 +2,7 @@ package no.nav.arbeidsgiver.min_side.services.ereg
 
 import com.fasterxml.jackson.databind.JsonNode
 import com.github.benmanes.caffeine.cache.Caffeine
-import no.nav.arbeidsgiver.min_side.config.retryInterceptor
+import no.nav.arbeidsgiver.min_side.clients.retryInterceptor
 import no.nav.arbeidsgiver.min_side.config.callIdIntercetor
 import no.nav.arbeidsgiver.min_side.models.Organisasjon
 import org.springframework.beans.factory.annotation.Value
@@ -14,9 +14,7 @@ import org.springframework.context.annotation.Configuration
 import org.springframework.http.HttpStatus
 import org.springframework.stereotype.Component
 import org.springframework.web.client.RestClientResponseException
-import java.net.SocketException
 import java.util.*
-import javax.net.ssl.SSLHandshakeException
 
 @Component
 class EregService(
@@ -30,8 +28,8 @@ class EregService(
             retryInterceptor(
                 3,
                 250L,
-                SocketException::class.java,
-                SSLHandshakeException::class.java,
+                java.net.SocketException::class.java,
+                javax.net.ssl.SSLHandshakeException::class.java,
             )
         )
         .build()

diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/services/tokenExchange/TokenExchangeClient.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/services/tokenExchange/TokenExchangeClient.kt
@@ -1,6 +1,6 @@
 package no.nav.arbeidsgiver.min_side.services.tokenExchange
 
-import no.nav.arbeidsgiver.min_side.config.retryInterceptor
+import no.nav.arbeidsgiver.min_side.clients.retryInterceptor
 import org.springframework.boot.web.client.RestTemplateBuilder
 import org.springframework.context.annotation.Profile
 import org.springframework.http.HttpEntity
@@ -9,9 +9,6 @@ import org.springframework.http.MediaType
 import org.springframework.stereotype.Component
 import org.springframework.util.LinkedMultiValueMap
 import org.springframework.util.MultiValueMap
-import org.springframework.web.client.HttpServerErrorException
-import java.net.SocketException
-import javax.net.ssl.SSLHandshakeException
 
 interface TokenExchangeClient {
     fun exchange(subjectToken: String, audience: String): TokenXToken
@@ -29,10 +26,10 @@ class TokenExchangeClientImpl(
         retryInterceptor(
             3,
             250L,
-            SocketException::class.java,
-            SSLHandshakeException::class.java,
-            HttpServerErrorException.GatewayTimeout::class.java,
-            HttpServerErrorException.ServiceUnavailable::class.java,
+            java.net.SocketException::class.java,
+            javax.net.ssl.SSLHandshakeException::class.java,
+            org.springframework.web.client.HttpServerErrorException.GatewayTimeout::class.java,
+            org.springframework.web.client.HttpServerErrorException.ServiceUnavailable::class.java,
         )
     ).build()