Merge branch 'master' into bugfix/adresser-tilfeldige-datoer

apps/adresse-service/src/main/java/no/nav/testnav/apps/adresseservice/config/ApplicationConfig.java

@@ -1,12 +1,10 @@
 package no.nav.testnav.apps.adresseservice.config;
 
 import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig;
-import no.nav.testnav.libs.servletsecurity.config.SecureOAuth2ServerToServerConfiguration;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 
 @Configuration
-@Import({ApplicationCoreConfig.class,
-        SecureOAuth2ServerToServerConfiguration.class})
+@Import({ApplicationCoreConfig.class})
 public class ApplicationConfig {
 }

apps/adresse-service/src/test/java/no/nav/testnav/apps/adresseservice/ApplicationContextTest.java

@@ -2,19 +2,17 @@
 
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.bean.override.mockito.MockitoBean;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.test.context.ActiveProfiles;
 
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
 @SpringBootTest
 @ActiveProfiles("test")
 class ApplicationContextTest {
 
-    @MockitoBean
-    public JwtDecoder jwtDecoder;
-
     @Test
-    @SuppressWarnings("java:S2699")
     void load_app_context() {
+        assertThat(true).isTrue();
     }
+
 }

apps/altinn3-tilgang-service/src/test/java/no/nav/testnav/altinn3tilgangservice/ApplicationContextTest.java

@@ -1,24 +1,18 @@
 package no.nav.testnav.altinn3tilgangservice;
 
-import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.bean.override.mockito.MockitoBean;
-import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder;
 import org.springframework.test.context.ActiveProfiles;
 
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
 @SpringBootTest
 @ActiveProfiles("test")
 class ApplicationContextTest {
 
-    @MockitoBean
-    public ReactiveJwtDecoder jwtDecoder;
-
-    @MockitoBean
-    public SecretManagerServiceClient secretManagerClient;
-
     @Test
-    @SuppressWarnings("java:S2699")
     void load_app_context() {
+        assertThat(true).isTrue();
     }
+
 }

apps/altinn3-tilgang-service/src/test/resources/application-test.yml

@@ -4,4 +4,10 @@ MASKINPORTEN_CLIENT_ID: dummy
 MASKINPORTEN_CLIENT_JWK: dummy
 MASKINPORTEN_SCOPES: dummy
 MASKINPORTEN_WELL_KNOWN_URL: http://localhost:8080
-TOKEN_X_ISSUER: dummy
+TOKEN_X_ISSUER: dummy
+
+spring:
+  cloud:
+    gcp:
+      secretmanager:
+        enabled: false

apps/amelding-service/src/test/java/no/nav/registre/testnav/ameldingservice/ApplicationContextTest.java

@@ -2,19 +2,17 @@
 
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.bean.override.mockito.MockitoBean;
-import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder;
 import org.springframework.test.context.ActiveProfiles;
 
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
 @SpringBootTest
 @ActiveProfiles("test")
 class ApplicationContextTest {
 
-    @MockitoBean
-    public ReactiveJwtDecoder reactiveJwtDecoder;
-
     @Test
-    @SuppressWarnings("java:S2699")
     void load_app_context() {
+        assertThat(true).isTrue();
     }
+
 }

apps/app-tilgang-analyse-service/src/test/java/no/nav/testnav/apps/apptilganganalyseservice/ApplicationContextTest.java

@@ -2,19 +2,16 @@
 
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.bean.override.mockito.MockitoBean;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.test.context.ActiveProfiles;
 
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
 @SpringBootTest
 @ActiveProfiles("test")
 class ApplicationContextTest {
 
-    @MockitoBean
-    public JwtDecoder jwtDecoder;
-
     @Test
-    @SuppressWarnings("java:S2699")
     void load_app_context() {
+        assertThat(true).isTrue();
     }
 }

apps/arbeidsforhold-service/src/main/java/no/nav/registre/testnorge/arbeidsforholdservice/config/ApplicationConfig.java

@@ -4,12 +4,8 @@
 import org.springframework.context.annotation.Import;
 
 import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig;
-import no.nav.testnav.libs.servletsecurity.config.SecureOAuth2ServerToServerConfiguration;
 
 @Configuration
-@Import({
-        ApplicationCoreConfig.class,
-        SecureOAuth2ServerToServerConfiguration.class
-})
+@Import({ApplicationCoreConfig.class})
 public class ApplicationConfig {
 }

apps/arbeidsforhold-service/src/test/java/no/nav/registre/testnorge/arbeidsforholdservice/ApplicationContextTest.java

@@ -3,8 +3,6 @@
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.bean.override.mockito.MockitoBean;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.test.context.ActiveProfiles;
 
 import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
@@ -13,10 +11,6 @@
 @ActiveProfiles("test")
 class ApplicationContextTest {
 
-    @MockitoBean
-    @SuppressWarnings("unused")
-    private JwtDecoder jwtDecoder;
-
     @Test
     @DisplayName("Application context should load")
     void load_app_context() {

apps/batch-bestilling-service/src/main/java/no/nav/registre/testnorge/batchbestillingservice/config/ApplicationConfig.java

@@ -1,15 +1,11 @@
 package no.nav.registre.testnorge.batchbestillingservice.config;
 
 import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig;
-import no.nav.testnav.libs.standalone.servletsecurity.config.InsecureJwtServerToServerConfiguration;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
 
 @Configuration
-@Import({
-        ApplicationCoreConfig.class,
-        InsecureJwtServerToServerConfiguration.class
-})
+@Import({ApplicationCoreConfig.class})
 public class ApplicationConfig {
 
 }

apps/batch-bestilling-service/src/test/java/no/nav/registre/testnorge/batchbestillingservice/ApplicationContextTest.java

@@ -2,19 +2,17 @@
 
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.bean.override.mockito.MockitoBean;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.test.context.ActiveProfiles;
 
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
 @ActiveProfiles("test")
 @SpringBootTest
-public class ApplicationContextTest {
-
-    @MockitoBean
-    public JwtDecoder jwtDecoder;
+class ApplicationContextTest {
 
     @Test
-    @SuppressWarnings("java:S2699")
     void load_app_context() {
+        assertThat(true).isTrue();
     }
+
 }

apps/brreg-stub/src/main/java/no/nav/brregstub/config/AppConfig.java

@@ -12,7 +12,7 @@
 @Configuration
 @EnableJpaAuditing
 @EnableJpaRepositories(basePackages = "no.nav.brregstub.database.repository")
-@Import(value = {
+@Import({
         ApplicationCoreConfig.class,
         VaultHikariConfiguration.class,
         FlywayConfiguration.class,

apps/bruker-service/src/test/java/no/nav/testnav/apps/brukerservice/integrationtest/BrukerServiceIntegrationTest.java

@@ -14,10 +14,8 @@
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Tag;
 import org.junit.jupiter.api.Test;
-import org.springframework.test.context.bean.override.mockito.MockitoBean;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.web.reactive.function.BodyInserters;
 import org.springframework.web.reactive.function.client.WebClient;
 
@@ -29,8 +27,6 @@ class BrukerServiceIntegrationTest {
     private static final String PID = "01810048413";
     private static final String ORGNUMMER = "811306312";
     public static MockWebServer mockBackEnd;
-    @MockitoBean
-    JwtDecoder jwtDecoder;
 
     private ObjectMapper objectMapper;
     private WebClient webClient;

apps/budpro-service/src/main/java/no/nav/dolly/budpro/SecurityConfig.java

@@ -1,11 +1,8 @@
 package no.nav.dolly.budpro;
 
-import no.nav.testnav.libs.servletsecurity.config.SecureOAuth2ServerToServerConfiguration;
-import no.nav.testnav.libs.standalone.servletsecurity.config.InsecureJwtServerToServerConfiguration;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
 import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -16,10 +13,6 @@
 
 @Configuration
 @EnableWebSecurity
-@Import({
-        SecureOAuth2ServerToServerConfiguration.class,
-        InsecureJwtServerToServerConfiguration.class
-})
 @Profile("!test")
 public class SecurityConfig {
 

apps/dolly-backend/src/main/java/no/nav/dolly/config/ApplicationConfig.java

@@ -4,8 +4,6 @@
 import lombok.Getter;
 import no.nav.testnav.libs.reactivecore.config.CoreConfig;
 import no.nav.testnav.libs.servletcore.config.ApplicationCoreConfig;
-import no.nav.testnav.libs.servletsecurity.config.SecureOAuth2ServerToServerConfiguration;
-import no.nav.testnav.libs.standalone.servletsecurity.config.InsecureJwtServerToServerConfiguration;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
@@ -17,8 +15,6 @@
 @EnableRetry
 @Import({
         ApplicationCoreConfig.class,
-        SecureOAuth2ServerToServerConfiguration.class,
-        InsecureJwtServerToServerConfiguration.class,
         CoreConfig.class
 })
 public class ApplicationConfig {

apps/dolly-frontend/src/main/resources/application-local.yml

@@ -22,9 +22,7 @@ spring:
             client-secret: ${AZURE_APP_CLIENT_SECRET}
         provider:
           aad:
-            authorization-uri: ${AAD_ISSUER_URI}/oauth2/v2.0/authorize
-            token-uri: ${AAD_ISSUER_URI}/oauth2/v2.0/token
-            jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys
+            issuer-uri: ${sm\://azure-openid-config-issuer}
 
 consumers:
   testnav-altinn3-tilgang-service:

apps/endringsmelding-frontend/src/main/java/no/nav/testnav/apps/endringsmeldingfrontend/EndringsmeldingFrontendApplicationStarter.java

@@ -19,6 +19,7 @@
 import org.springframework.cloud.gateway.route.builder.RouteLocatorBuilder;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Import;
+import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
 
 import java.util.function.Function;
 
@@ -28,6 +29,7 @@
         FrontendConfig.class
 })
 @SpringBootApplication
+@EnableWebFluxSecurity
 @RequiredArgsConstructor
 public class EndringsmeldingFrontendApplicationStarter {
 

apps/endringsmelding-frontend/src/main/java/no/nav/testnav/apps/endringsmeldingfrontend/config/SecurityConfig.java

@@ -2,24 +2,29 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 
+import static org.springframework.security.config.Customizer.withDefaults;
 
 @Configuration
-@EnableWebFluxSecurity
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
-    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
-        return http.cors(ServerHttpSecurity.CorsSpec::disable)
+    SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
+        return http
+                .cors(ServerHttpSecurity.CorsSpec::disable)
                 .csrf(ServerHttpSecurity.CsrfSpec::disable)
-                .authorizeExchange(authorizeExchangeSpec -> authorizeExchangeSpec
-                        .pathMatchers("/internal/isReady", "/internal/isAlive", "/internal/metrics").permitAll()
-                        .anyExchange().authenticated())
-                .oauth2Login(oAuth2LoginSpec -> {
-                })
+                .authorizeExchange(spec -> spec
+                        .pathMatchers(
+                                "/internal/isReady",
+                                "/internal/isAlive",
+                                "/internal/metrics")
+                        .permitAll()
+                        .anyExchange()
+                        .authenticated())
+                .oauth2Login(withDefaults())
                 .build();
     }
+
 }

apps/endringsmelding-frontend/src/main/resources/application.yml

@@ -18,9 +18,7 @@ spring:
             scope: openid,  ${AZURE_APP_CLIENT_ID}/.default
         provider:
           aad:
-            authorization-uri: ${AAD_ISSUER_URI}/oauth2/v2.0/authorize
-            token-uri: ${AAD_ISSUER_URI}/oauth2/v2.0/token
-            jwk-set-uri: ${AAD_ISSUER_URI}/discovery/v2.0/keys
+            issuer-uri: ${AZURE_OPENID_CONFIG_ISSUER}
 
 consumers:
   endringsmelding-service:

apps/endringsmelding-frontend/src/test/java/no/nav/testnav/apps/endringsmeldingfrontend/ApplicationContextTest.java

@@ -2,19 +2,17 @@
 
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.bean.override.mockito.MockitoBean;
-import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.test.context.ActiveProfiles;
 
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
 @SpringBootTest
 @ActiveProfiles("test")
 class ApplicationContextTest {
 
-    @MockitoBean
-    public JwtDecoder jwtDecoder;
-
     @Test
-    @SuppressWarnings("java:S2699")
     void load_app_context() {
+        assertThat(true).isTrue();
     }
+
 }