kall altinn-tilganger med fallback til proxy ved feil

navikt · Oct 2, 2024 · 7d8df16 · 7d8df16
1 parent 0a5332c
commit 7d8df16
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 20 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,3 +1,5 @@
 FROM gcr.io/distroless/java21-debian12
 COPY /target/*.jar app.jar
+
+ENV JDK_JAVA_OPTIONS="-XX:MaxRAMPercentage=75"
 CMD ["app.jar"]
diff --git a/nais/dev-env.yaml b/nais/dev-env.yaml
@@ -31,8 +31,6 @@ spec:
   env:
     - name: SPRING_PROFILES_ACTIVE
       value: dev-gcp
-    - name: JAVA_OPTS
-      value: "-XX:+UseParallelGC -XX:MaxRAMPercentage=75.0 -XX:ActiveProcessorCount=2"
   prometheus:
     enabled: true
     path: /ditt-nav-arbeidsgiver-api/internal/actuator/prometheus
@@ -50,7 +48,6 @@ spec:
         - application: altinn-rettigheter-proxy
           namespace: arbeidsgiver
         - application: arbeidsgiver-altinn-tilganger
-          namespace: fager
       external:
         - host: tt02.altinn.no
         - host: api-gw-q1.oera.no

diff --git a/nais/prod-env.yaml b/nais/prod-env.yaml
@@ -38,8 +38,6 @@ spec:
   env:
     - name: SPRING_PROFILES_ACTIVE
       value: prod-gcp
-    - name: JAVA_OPTS
-      value: "-XX:+UseParallelGC -XX:MaxRAMPercentage=75.0 -XX:ActiveProcessorCount=2"
   prometheus:
     enabled: true
     path: /ditt-nav-arbeidsgiver-api/internal/actuator/prometheus
@@ -56,6 +54,7 @@ spec:
       rules:
         - application: altinn-rettigheter-proxy
           namespace: arbeidsgiver
+        - application: arbeidsgiver-altinn-tilganger
       external:
         - host: www.altinn.no
         - host: api-gw.oera.no

diff --git a/src/main/kotlin/no/nav/arbeidsgiver/min_side/services/altinn/AltinnService.kt b/src/main/kotlin/no/nav/arbeidsgiver/min_side/services/altinn/AltinnService.kt
@@ -19,6 +19,7 @@ import org.springframework.http.MediaType
 import org.springframework.http.RequestEntity
 import org.springframework.stereotype.Component
 import org.springframework.web.client.ResourceAccessException
+import java.lang.RuntimeException
 import java.net.SocketException
 import javax.net.ssl.SSLHandshakeException
 
@@ -72,7 +73,7 @@ class AltinnTilgangerService(
                 .method(HttpMethod.POST, "http://arbeidsgiver-altinn-tilganger/altinn-tilganger")
                 .contentType(MediaType.APPLICATION_JSON)
                 .accept(MediaType.APPLICATION_JSON)
-                .header("Authorization", "Bearer ${token}")
+                .header("Authorization", "Bearer $token")
                 .build(),
             AltinnTilgangerResponse::class.java
         )
@@ -112,10 +113,20 @@ class AltinnTilgangerService(
 @Component
 @Profile("prod-gcp")
 class AltinnServiceImpl(
+    restTemplateBuilder: RestTemplateBuilder,
     private val tokenExchangeClient: TokenExchangeClient,
     private val altinnConfig: AltinnConfig,
     private val authenticatedUserHolder: AuthenticatedUserHolder,
+    @Value("\${nais.cluster.name}") private val naisCluster: String,
 ) : AltinnService {
+
+    private val altinnTilgangerService = AltinnTilgangerService(
+        restTemplateBuilder,
+        tokenExchangeClient,
+        authenticatedUserHolder,
+        naisCluster
+    )
+
     private val klient: AltinnrettigheterProxyKlient = AltinnrettigheterProxyKlient(
         AltinnrettigheterProxyKlientConfig(
             ProxyConfig("min-side-arbeidsgiver-api", altinnConfig.proxyUrl),
@@ -128,7 +139,9 @@ class AltinnServiceImpl(
     )
 
     @Cacheable(AltinnCacheConfig.ALTINN_CACHE)
-    override fun hentOrganisasjoner(fnr: String) =
+    override fun hentOrganisasjoner(fnr: String) = try {
+        altinnTilgangerService.hentOrganisasjoner(fnr)
+    } catch (e: RuntimeException) {
         klient.hentOrganisasjoner(
             token,
             Subject(fnr),
@@ -137,26 +150,29 @@ class AltinnServiceImpl(
             it.organizationForm == "BEDR"
                     || it.organizationForm == "AAFY"
                     || it.type == "Enterprise"
-        }
-            .toOrganisasjoner()
+        }.toOrganisasjoner()
+    }
 
     @Cacheable(AltinnCacheConfig.ALTINN_TJENESTE_CACHE)
     override fun hentOrganisasjonerBasertPaRettigheter(
         fnr: String,
         serviceKode: String,
         serviceEdition: String
-    ) = klient.hentOrganisasjoner(
-        token,
-        Subject(fnr),
-        ServiceCode(serviceKode),
-        ServiceEdition(serviceEdition),
-        true
-    ).filter {
-        it.organizationForm == "BEDR"
-                || it.organizationForm == "AAFY"
-                || it.type == "Enterprise"
+    ) = try {
+        altinnTilgangerService.hentOrganisasjonerBasertPaRettigheter(fnr, serviceKode, serviceEdition)
+    } catch (e: RuntimeException) {
+        klient.hentOrganisasjoner(
+            token,
+            Subject(fnr),
+            ServiceCode(serviceKode),
+            ServiceEdition(serviceEdition),
+            true
+        ).filter {
+            it.organizationForm == "BEDR"
+                    || it.organizationForm == "AAFY"
+                    || it.type == "Enterprise"
+        }.toOrganisasjoner()
     }
-        .toOrganisasjoner()
 
     private val token: Token
         get() = TokenXToken(