From 9eaf1c83d460aba1bb34f0724df4c519586fb9d3 Mon Sep 17 00:00:00 2001 From: John Martin Lindseth Date: Mon, 27 Nov 2023 16:24:29 +0100 Subject: [PATCH] Use new app istilgangskontroll MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ny app som erstatter syfo-tilgangskontroll, men med samme funksjonalitet. Tilgang-objektet er endret og har nå feltet "erGodkjent" i stedet for "harTilgang". --- README.md | 2 +- naiserator-dev.yaml | 6 +-- naiserator-prod.yaml | 6 +-- src/main/kotlin/no/nav/syfo/Bootstrap.kt | 2 +- src/main/kotlin/no/nav/syfo/Environment.kt | 4 +- ...lClient.kt => IstilgangskontrollClient.kt} | 40 +++++++++---------- .../kotlin/no/nav/syfo/clients/HttpClients.kt | 6 +-- .../nav/syfo/service/AuthorizationService.kt | 12 +++--- .../no/nav/syfo/api/AuthenticateTest.kt | 6 +-- .../no/nav/syfo/api/AvvisOppgaveRestTest.kt | 8 ++-- .../nav/syfo/api/HentPapirSykmeldingTest.kt | 10 ++--- .../syfo/api/SendOppgaveTilGosysRestTest.kt | 8 ++-- .../nav/syfo/api/SendPapirSykmeldingTest.kt | 10 ++--- ...est.kt => IstilgangskontrollClientTest.kt} | 38 +++++++++--------- 14 files changed, 78 insertions(+), 80 deletions(-) rename src/main/kotlin/no/nav/syfo/client/{SyfoTilgangsKontrollClient.kt => IstilgangskontrollClient.kt} (66%) rename src/test/kotlin/no/nav/syfo/client/{SyfoTilgangsKontrollClientTest.kt => IstilgangskontrollClientTest.kt} (77%) diff --git a/README.md b/README.md index cf7c1d43..e13f7f7e 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ This the high level flow for the application graph LR; smregistrering-backend --- smregistrering; - smregistrering-backend -- check caseworker access --- syfo-tilgangskontroll; + smregistrering-backend -- check caseworker access --- istilgangskontroll; smregistrering-backend -- create,get,complete oppgave --- oppgave; smregistrering-backend -- verify token --- azure-AD; smregistrering-backend --- id1[(Database)]; diff --git a/naiserator-dev.yaml b/naiserator-dev.yaml index 1554ec53..c1841561 100644 --- a/naiserator-dev.yaml +++ b/naiserator-dev.yaml @@ -72,7 +72,7 @@ spec: namespace: teamsykmelding cluster: dev-gcp - application: smtss - - application: syfo-tilgangskontroll + - application: istilgangskontroll namespace: teamsykefravr cluster: dev-gcp - application: syfohelsenettproxy @@ -112,8 +112,8 @@ spec: value: https://oppgave-q1.dev-fss-pub.nais.io/api/v1/oppgaver - name: OPPGAVE_SCOPE value: api://dev-fss.oppgavehandtering.oppgave-q1/.default - - name: SYFOTILGANGSKONTROLL_SCOPE - value: api://dev-gcp.teamsykefravr.syfo-tilgangskontroll/.default + - name: ISTILGANGSKONTROLL_SCOPE + value: api://dev-gcp.teamsykefravr.istilgangskontroll/.default - name: MS_GRAPH_API_URL value: https://graph.microsoft.com/v1.0 - name: MS_GRAPH_API_SCOPE diff --git a/naiserator-prod.yaml b/naiserator-prod.yaml index 61da2952..98cca7cf 100644 --- a/naiserator-prod.yaml +++ b/naiserator-prod.yaml @@ -71,7 +71,7 @@ spec: namespace: teamsykmelding cluster: prod-gcp - application: smtss - - application: syfo-tilgangskontroll + - application: istilgangskontroll namespace: teamsykefravr cluster: prod-gcp - application: syfohelsenettproxy @@ -111,8 +111,8 @@ spec: value: https://oppgave.prod-fss-pub.nais.io/api/v1/oppgaver - name: OPPGAVE_SCOPE value: api://prod-fss.oppgavehandtering.oppgave/.default - - name: SYFOTILGANGSKONTROLL_SCOPE - value: api://prod-gcp.teamsykefravr.syfo-tilgangskontroll/.default + - name: ISTILGANGSKONTROLL_SCOPE + value: api://prod-gcp.teamsykefravr.istilgangskontroll/.default - name: MS_GRAPH_API_URL value: https://graph.microsoft.com/v1.0 - name: MS_GRAPH_API_SCOPE diff --git a/src/main/kotlin/no/nav/syfo/Bootstrap.kt b/src/main/kotlin/no/nav/syfo/Bootstrap.kt index cc5f6cdb..e26a9a95 100644 --- a/src/main/kotlin/no/nav/syfo/Bootstrap.kt +++ b/src/main/kotlin/no/nav/syfo/Bootstrap.kt @@ -81,7 +81,7 @@ fun main() { val sendtSykmeldingService = SendtSykmeldingService(databaseInterface = database) val authorizationService = - AuthorizationService(httpClients.syfoTilgangsKontrollClient, httpClients.msGraphClient) + AuthorizationService(httpClients.istilgangskontrollClient, httpClients.msGraphClient) val pdlService = PdlPersonService(httpClients.pdlClient, httpClients.azureAdV2Client, env.pdlScope) val sykmelderService = SykmelderService(httpClients.norskHelsenettClient, pdlService) diff --git a/src/main/kotlin/no/nav/syfo/Environment.kt b/src/main/kotlin/no/nav/syfo/Environment.kt index b5295bcd..d03618b9 100644 --- a/src/main/kotlin/no/nav/syfo/Environment.kt +++ b/src/main/kotlin/no/nav/syfo/Environment.kt @@ -16,8 +16,8 @@ data class Environment( val pdlScope: String = getEnvVar("PDL_SCOPE"), val norskHelsenettEndpointURL: String = getEnvVar("HELSENETT_ENDPOINT_URL"), val helsenettproxyScope: String = getEnvVar("HELSENETT_SCOPE"), - val syfoTilgangsKontrollClientUrl: String = "http://syfo-tilgangskontroll.teamsykefravr", - val syfoTilgangsKontrollScope: String = getEnvVar("SYFOTILGANGSKONTROLL_SCOPE"), + val istilgangskontrollClientUrl: String = "http://istilgangskontroll.teamsykefravr", + val istilgangskontrollScope: String = getEnvVar("ISTILGANGSKONTROLL_SCOPE"), val msGraphApiScope: String = getEnvVar("MS_GRAPH_API_SCOPE"), val msGraphApiUrl: String = getEnvVar("MS_GRAPH_API_URL"), val azureTokenEndpoint: String = getEnvVar("AZURE_OPENID_CONFIG_TOKEN_ENDPOINT"), diff --git a/src/main/kotlin/no/nav/syfo/client/SyfoTilgangsKontrollClient.kt b/src/main/kotlin/no/nav/syfo/client/IstilgangskontrollClient.kt similarity index 66% rename from src/main/kotlin/no/nav/syfo/client/SyfoTilgangsKontrollClient.kt rename to src/main/kotlin/no/nav/syfo/client/IstilgangskontrollClient.kt index d3a638ac..87343f43 100644 --- a/src/main/kotlin/no/nav/syfo/client/SyfoTilgangsKontrollClient.kt +++ b/src/main/kotlin/no/nav/syfo/client/IstilgangskontrollClient.kt @@ -14,13 +14,13 @@ import no.nav.syfo.Environment import no.nav.syfo.azuread.v2.AzureAdV2Client import no.nav.syfo.log -class SyfoTilgangsKontrollClient( +class IstilgangskontrollClient( environment: Environment, private val azureAdV2Client: AzureAdV2Client, private val httpClient: HttpClient, - private val syfoTilgangsKontrollClientUrl: String = environment.syfoTilgangsKontrollClientUrl, - private val scope: String = environment.syfoTilgangsKontrollScope, - private val syfoTilgangskontrollCache: Cache, Tilgang> = + private val istilgangskontrollClientUrl: String = environment.istilgangskontrollClientUrl, + private val scope: String = environment.istilgangskontrollScope, + private val istilgangskontrollCache: Cache, Tilgang> = Caffeine.newBuilder().expireAfterWrite(1, TimeUnit.HOURS).maximumSize(100).build(), ) { companion object { @@ -28,8 +28,8 @@ class SyfoTilgangsKontrollClient( } suspend fun hasAccess(accessToken: String, personFnr: String): Tilgang { - syfoTilgangskontrollCache.getIfPresent(mapOf(Pair(accessToken, personFnr)))?.let { - log.debug("Traff cache for syfotilgangskontroll") + istilgangskontrollCache.getIfPresent(mapOf(Pair(accessToken, personFnr)))?.let { + log.debug("Traff cache for istilgangskontroll") return it } val oboToken = azureAdV2Client.getOnBehalfOfToken(token = accessToken, scope = scope) @@ -37,9 +37,7 @@ class SyfoTilgangsKontrollClient( try { log.info("Sjekker tilgang for veileder på person") val httpResponse = - httpClient.get( - "$syfoTilgangsKontrollClientUrl/syfo-tilgangskontroll/api/tilgang/navident/person" - ) { + httpClient.get("$istilgangskontrollClientUrl/api/tilgang/navident/person") { accept(ContentType.Application.Json) headers { append("Authorization", "Bearer $oboToken") @@ -49,20 +47,20 @@ class SyfoTilgangsKontrollClient( return when (httpResponse.status) { HttpStatusCode.OK -> { val tilgang = httpResponse.body() - syfoTilgangskontrollCache.put(mapOf(Pair(accessToken, personFnr)), tilgang) + istilgangskontrollCache.put(mapOf(Pair(accessToken, personFnr)), tilgang) tilgang } else -> { - log.warn("syfo-tilgangskontroll svarte med ${httpResponse.status}") + log.warn("istilgangskontroll svarte med ${httpResponse.status}") Tilgang( - harTilgang = false, + erGodkjent = false, ) } } } catch (e: Exception) { - log.warn("noe gikk galt ved oppslag mot syfo-tilgangskontroll") + log.warn("noe gikk galt ved oppslag mot istilgangskontroll") return Tilgang( - harTilgang = false, + erGodkjent = false, ) } } @@ -74,7 +72,7 @@ class SyfoTilgangsKontrollClient( log.info("Sjekker om veileder har utvidet tilgang til smreg") val httpResponse = httpClient.get( - "$syfoTilgangsKontrollClientUrl/syfo-tilgangskontroll/api/tilgang/navident/person/papirsykmelding" + "$istilgangskontrollClientUrl/api/tilgang/navident/person/papirsykmelding" ) { accept(ContentType.Application.Json) headers { @@ -85,29 +83,29 @@ class SyfoTilgangsKontrollClient( return when (httpResponse.status) { HttpStatusCode.OK -> { val tilgang = httpResponse.body() - syfoTilgangskontrollCache.put(mapOf(Pair(accessToken, personFnr)), tilgang) + istilgangskontrollCache.put(mapOf(Pair(accessToken, personFnr)), tilgang) tilgang } else -> { log.warn( - "syfo-tilgangskontroll svarte med ${httpResponse.status} på forespørsel om utvidet tilgang" + "istilgangskontroll svarte med ${httpResponse.status} på forespørsel om utvidet tilgang" ) Tilgang( - harTilgang = false, + erGodkjent = false, ) } } } catch (e: Exception) { log.warn( - "noe gikk galt ved oppslag mot syfo-tilgangskontroll på forespørsel om utvidet tilgang" + "noe gikk galt ved oppslag mot istilgangskontroll på forespørsel om utvidet tilgang" ) return Tilgang( - harTilgang = false, + erGodkjent = false, ) } } } data class Tilgang( - val harTilgang: Boolean, + val erGodkjent: Boolean, ) diff --git a/src/main/kotlin/no/nav/syfo/clients/HttpClients.kt b/src/main/kotlin/no/nav/syfo/clients/HttpClients.kt index 6b0755bb..971fea44 100644 --- a/src/main/kotlin/no/nav/syfo/clients/HttpClients.kt +++ b/src/main/kotlin/no/nav/syfo/clients/HttpClients.kt @@ -18,12 +18,12 @@ import io.ktor.serialization.jackson.jackson import no.nav.syfo.Environment import no.nav.syfo.azuread.v2.AzureAdV2Client import no.nav.syfo.client.DokArkivClient +import no.nav.syfo.client.IstilgangskontrollClient import no.nav.syfo.client.MSGraphClient import no.nav.syfo.client.NorskHelsenettClient import no.nav.syfo.client.OppgaveClient import no.nav.syfo.client.RegelClient import no.nav.syfo.client.SmtssClient -import no.nav.syfo.client.SyfoTilgangsKontrollClient import no.nav.syfo.clients.exception.ServiceUnavailableException import no.nav.syfo.log import no.nav.syfo.pdl.client.PdlClient @@ -96,8 +96,8 @@ class HttpClients(env: Environment) { internal val regelClient = RegelClient(env.regelEndpointURL, azureAdV2Client, env.syfosmpapirregelScope, httpClient) - internal val syfoTilgangsKontrollClient = - SyfoTilgangsKontrollClient( + internal val istilgangskontrollClient = + IstilgangskontrollClient( environment = env, azureAdV2Client = azureAdV2Client, httpClient = httpClient, diff --git a/src/main/kotlin/no/nav/syfo/service/AuthorizationService.kt b/src/main/kotlin/no/nav/syfo/service/AuthorizationService.kt index f5c81b9d..95a483ec 100644 --- a/src/main/kotlin/no/nav/syfo/service/AuthorizationService.kt +++ b/src/main/kotlin/no/nav/syfo/service/AuthorizationService.kt @@ -1,28 +1,28 @@ package no.nav.syfo.service +import no.nav.syfo.client.IstilgangskontrollClient import no.nav.syfo.client.MSGraphClient -import no.nav.syfo.client.SyfoTilgangsKontrollClient class AuthorizationService( - private val syfoTilgangsKontrollClient: SyfoTilgangsKontrollClient, + private val istilgangskontrollClient: IstilgangskontrollClient, private val msGraphClient: MSGraphClient, ) { suspend fun hasAccess(accessToken: String, pasientFnr: String): Boolean { - return syfoTilgangsKontrollClient + return istilgangskontrollClient .hasAccess( accessToken, pasientFnr, ) - .harTilgang + .erGodkjent } suspend fun hasSuperuserAccess(accessToken: String, pasientFnr: String): Boolean { - return syfoTilgangsKontrollClient + return istilgangskontrollClient .hasSuperuserAccess( accessToken, pasientFnr, ) - .harTilgang + .erGodkjent } suspend fun getVeileder(accessToken: String): Veileder { diff --git a/src/test/kotlin/no/nav/syfo/api/AuthenticateTest.kt b/src/test/kotlin/no/nav/syfo/api/AuthenticateTest.kt index 438dd706..68c3d030 100644 --- a/src/test/kotlin/no/nav/syfo/api/AuthenticateTest.kt +++ b/src/test/kotlin/no/nav/syfo/api/AuthenticateTest.kt @@ -25,8 +25,8 @@ import java.time.OffsetDateTime import no.nav.syfo.Environment import no.nav.syfo.aksessering.api.hentPapirSykmeldingManuellOppgave import no.nav.syfo.application.setupAuth +import no.nav.syfo.client.IstilgangskontrollClient import no.nav.syfo.client.OppgaveClient -import no.nav.syfo.client.SyfoTilgangsKontrollClient import no.nav.syfo.client.Tilgang import no.nav.syfo.controllers.SendTilGosysController import no.nav.syfo.log @@ -63,7 +63,7 @@ internal class AuthenticateTest { private val manuellOppgaveDAO = ManuellOppgaveDAO(database) private val safDokumentClient = mockk() - private val syfoTilgangsKontrollClient = mockk() + private val istilgangskontrollClient = mockk() private val authorizationService = mockk() private val oppgaveClient = mockk() private val oppgaveService = OppgaveService(oppgaveClient) @@ -85,7 +85,7 @@ internal class AuthenticateTest { coEvery { safDokumentClient.hentDokument(any(), any(), any(), any(), any()) } returns ByteArray(1) - coEvery { syfoTilgangsKontrollClient.hasAccess(any(), any()) } returns Tilgang(true) + coEvery { istilgangskontrollClient.hasAccess(any(), any()) } returns Tilgang(true) coEvery { authorizationService.hasAccess(any(), any()) } returns true coEvery { pdlService.getPdlPerson(any(), any()) } returns PdlPerson( diff --git a/src/test/kotlin/no/nav/syfo/api/AvvisOppgaveRestTest.kt b/src/test/kotlin/no/nav/syfo/api/AvvisOppgaveRestTest.kt index 81e35057..78889b61 100644 --- a/src/test/kotlin/no/nav/syfo/api/AvvisOppgaveRestTest.kt +++ b/src/test/kotlin/no/nav/syfo/api/AvvisOppgaveRestTest.kt @@ -24,8 +24,8 @@ import java.time.OffsetDateTime import no.nav.syfo.Environment import no.nav.syfo.application.setupAuth import no.nav.syfo.client.DokArkivClient +import no.nav.syfo.client.IstilgangskontrollClient import no.nav.syfo.client.OppgaveClient -import no.nav.syfo.client.SyfoTilgangsKontrollClient import no.nav.syfo.client.Tilgang import no.nav.syfo.controllers.AvvisPapirsykmeldingController import no.nav.syfo.log @@ -67,7 +67,7 @@ class AvvisOppgaveRestTest { private val oppgaveClient = mockk() private val oppgaveService = OppgaveService(oppgaveClient) private val dokArkivClient = mockk() - private val syfoTilgangsKontrollClient = mockk() + private val istilgangskontrollClient = mockk() private val authorizationService = mockk() private val pdlPersonService = mockk() private val sykmelderService = mockk() @@ -116,7 +116,7 @@ class AvvisOppgaveRestTest { throw cause } } - coEvery { syfoTilgangsKontrollClient.hasAccess(any(), any()) } returns Tilgang(true) + coEvery { istilgangskontrollClient.hasAccess(any(), any()) } returns Tilgang(true) coEvery { authorizationService.hasAccess(any(), any()) } returns true coEvery { authorizationService.getVeileder(any()) } returns Veileder("U1337") @@ -334,7 +334,7 @@ class AvvisOppgaveRestTest { throw cause } } - coEvery { syfoTilgangsKontrollClient.hasAccess(any(), any()) } returns Tilgang(true) + coEvery { istilgangskontrollClient.hasAccess(any(), any()) } returns Tilgang(true) coEvery { authorizationService.hasAccess(any(), any()) } returns true coEvery { authorizationService.getVeileder(any()) } returns Veileder("U1337") diff --git a/src/test/kotlin/no/nav/syfo/api/HentPapirSykmeldingTest.kt b/src/test/kotlin/no/nav/syfo/api/HentPapirSykmeldingTest.kt index 888004b7..ec22075b 100644 --- a/src/test/kotlin/no/nav/syfo/api/HentPapirSykmeldingTest.kt +++ b/src/test/kotlin/no/nav/syfo/api/HentPapirSykmeldingTest.kt @@ -30,10 +30,10 @@ import no.nav.syfo.aksessering.api.hentPapirSykmeldingManuellOppgave import no.nav.syfo.aksessering.db.hentManuellOppgaver import no.nav.syfo.application.setupAuth import no.nav.syfo.client.DokArkivClient +import no.nav.syfo.client.IstilgangskontrollClient import no.nav.syfo.client.OppgaveClient import no.nav.syfo.client.RegelClient import no.nav.syfo.client.SmtssClient -import no.nav.syfo.client.SyfoTilgangsKontrollClient import no.nav.syfo.client.Tilgang import no.nav.syfo.clients.KafkaProducers import no.nav.syfo.controllers.SendTilGosysController @@ -78,7 +78,7 @@ internal class HentPapirSykmeldingTest { private val smTssClient = mockk() private val dokArkivClient = mockk() private val regelClient = mockk() - private val syfoTilgangsKontrollClient = mockk() + private val istilgangskontrollClient = mockk() private val authorizationService = mockk() private val sendTilGosysController = SendTilGosysController(authorizationService, manuellOppgaveDAO, oppgaveService) @@ -97,7 +97,7 @@ internal class HentPapirSykmeldingTest { coEvery { safDokumentClient.hentDokument(any(), any(), any(), any(), any()) } returns ByteArray(1) - coEvery { syfoTilgangsKontrollClient.hasAccess(any(), any()) } returns Tilgang(true) + coEvery { istilgangskontrollClient.hasAccess(any(), any()) } returns Tilgang(true) coEvery { authorizationService.hasAccess(any(), any()) } returns true coEvery { authorizationService.getVeileder(any()) } returns Veileder("U1337") @@ -383,7 +383,7 @@ internal class HentPapirSykmeldingTest { any(), ) } throws SafNotFoundException("Saf returnerte: httpstatus 200") - coEvery { syfoTilgangsKontrollClient.hasAccess(any(), any()) } returns Tilgang(true) + coEvery { istilgangskontrollClient.hasAccess(any(), any()) } returns Tilgang(true) coEvery { authorizationService.hasAccess(any(), any()) } returns true coEvery { authorizationService.getVeileder(any()) } returns Veileder("U1337") @@ -541,7 +541,7 @@ internal class HentPapirSykmeldingTest { ) } throws SafForbiddenException("Du har ikke tilgang") coEvery { - syfoTilgangsKontrollClient.hasAccess( + istilgangskontrollClient.hasAccess( any(), any(), ) diff --git a/src/test/kotlin/no/nav/syfo/api/SendOppgaveTilGosysRestTest.kt b/src/test/kotlin/no/nav/syfo/api/SendOppgaveTilGosysRestTest.kt index 3b3769d2..a1871df2 100644 --- a/src/test/kotlin/no/nav/syfo/api/SendOppgaveTilGosysRestTest.kt +++ b/src/test/kotlin/no/nav/syfo/api/SendOppgaveTilGosysRestTest.kt @@ -22,7 +22,7 @@ import java.time.LocalDate import java.time.OffsetDateTime import no.nav.syfo.Environment import no.nav.syfo.application.setupAuth -import no.nav.syfo.client.SyfoTilgangsKontrollClient +import no.nav.syfo.client.IstilgangskontrollClient import no.nav.syfo.client.Tilgang import no.nav.syfo.controllers.SendTilGosysController import no.nav.syfo.log @@ -52,7 +52,7 @@ class SendOppgaveTilGosysRestTest { private val jwkProvider = JwkProviderBuilder(uri).build() private val manuellOppgaveDAO = mockk() private val oppgaveService = mockk() - private val syfoTilgangsKontrollClient = mockk() + private val istilgangskontrollClient = mockk() private val authorizationService = mockk() private val sendTilGosysController = SendTilGosysController(authorizationService, manuellOppgaveDAO, oppgaveService) @@ -90,7 +90,7 @@ class SendOppgaveTilGosysRestTest { throw cause } } - coEvery { syfoTilgangsKontrollClient.hasAccess(any(), any()) } returns Tilgang(true) + coEvery { istilgangskontrollClient.hasAccess(any(), any()) } returns Tilgang(true) coEvery { authorizationService.hasAccess(any(), any()) } returns true coEvery { authorizationService.getVeileder(any()) } returns Veileder("U1337") @@ -246,7 +246,7 @@ class SendOppgaveTilGosysRestTest { throw cause } } - coEvery { syfoTilgangsKontrollClient.hasAccess(any(), any()) } returns Tilgang(true) + coEvery { istilgangskontrollClient.hasAccess(any(), any()) } returns Tilgang(true) coEvery { authorizationService.hasAccess(any(), any()) } returns true coEvery { authorizationService.getVeileder(any()) } returns Veileder("U1337") diff --git a/src/test/kotlin/no/nav/syfo/api/SendPapirSykmeldingTest.kt b/src/test/kotlin/no/nav/syfo/api/SendPapirSykmeldingTest.kt index 5c2e9b68..cdd9f383 100644 --- a/src/test/kotlin/no/nav/syfo/api/SendPapirSykmeldingTest.kt +++ b/src/test/kotlin/no/nav/syfo/api/SendPapirSykmeldingTest.kt @@ -33,11 +33,11 @@ import no.nav.syfo.Environment import no.nav.syfo.application.setupAuth import no.nav.syfo.client.DokArkivClient import no.nav.syfo.client.Godkjenning +import no.nav.syfo.client.IstilgangskontrollClient import no.nav.syfo.client.Kode import no.nav.syfo.client.OppgaveClient import no.nav.syfo.client.RegelClient import no.nav.syfo.client.SmtssClient -import no.nav.syfo.client.SyfoTilgangsKontrollClient import no.nav.syfo.client.Tilgang import no.nav.syfo.clients.KafkaProducers import no.nav.syfo.controllers.SendPapirsykmeldingController @@ -102,7 +102,7 @@ class SendPapirSykmeldingTest { private val dokArkivClient = mockk() private val safJournalpostService = mockk() private val regelClient = mockk() - private val syfoTilgangsKontrollClient = mockk() + private val istilgangskontrollClient = mockk() private val authorizationService = mockk() private val pdlPersonService = mockk() private val sykmelderService = mockk() @@ -161,7 +161,7 @@ class SendPapirSykmeldingTest { coEvery { safDokumentClient.hentDokument(any(), any(), any(), any(), any()) } returns ByteArray(1) - coEvery { syfoTilgangsKontrollClient.hasAccess(any(), any()) } returns Tilgang(true) + coEvery { istilgangskontrollClient.hasAccess(any(), any()) } returns Tilgang(true) coEvery { authorizationService.hasAccess(any(), any()) } returns true coEvery { authorizationService.getVeileder(any()) } returns Veileder("U1337") @@ -458,7 +458,7 @@ class SendPapirSykmeldingTest { coEvery { safDokumentClient.hentDokument(any(), any(), any(), any(), any()) } returns ByteArray(1) - coEvery { syfoTilgangsKontrollClient.hasAccess(any(), any()) } returns Tilgang(true) + coEvery { istilgangskontrollClient.hasAccess(any(), any()) } returns Tilgang(true) coEvery { authorizationService.hasAccess(any(), any()) } returns true coEvery { authorizationService.getVeileder(any()) } returns Veileder("U1337") @@ -697,7 +697,7 @@ class SendPapirSykmeldingTest { coEvery { safDokumentClient.hentDokument(any(), any(), any(), any(), any()) } returns ByteArray(1) - coEvery { syfoTilgangsKontrollClient.hasAccess(any(), any()) } returns Tilgang(true) + coEvery { istilgangskontrollClient.hasAccess(any(), any()) } returns Tilgang(true) coEvery { authorizationService.hasAccess(any(), any()) } returns true coEvery { authorizationService.getVeileder(any()) } returns Veileder("U1337") diff --git a/src/test/kotlin/no/nav/syfo/client/SyfoTilgangsKontrollClientTest.kt b/src/test/kotlin/no/nav/syfo/client/IstilgangskontrollClientTest.kt similarity index 77% rename from src/test/kotlin/no/nav/syfo/client/SyfoTilgangsKontrollClientTest.kt rename to src/test/kotlin/no/nav/syfo/client/IstilgangskontrollClientTest.kt index 08231d3c..446af75b 100644 --- a/src/test/kotlin/no/nav/syfo/client/SyfoTilgangsKontrollClientTest.kt +++ b/src/test/kotlin/no/nav/syfo/client/IstilgangskontrollClientTest.kt @@ -19,7 +19,7 @@ import org.junit.jupiter.api.Assertions.assertEquals import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Test -class SyfoTilgangsKontrollClientTest { +class IstilgangskontrollClientTest { private val pasientFnr = "123145" @@ -29,29 +29,29 @@ class SyfoTilgangsKontrollClientTest { coEvery { azureAppClientId } returns "clientId" coEvery { azureAppClientSecret } returns "secret" coEvery { azureTokenEndpoint } returns "http://obo" - coEvery { syfoTilgangsKontrollClientUrl } returns "http://syfotilgangskontroll" - coEvery { syfoTilgangsKontrollScope } returns "scope" + coEvery { istilgangskontrollClientUrl } returns "http://istilgangskontroll" + coEvery { istilgangskontrollScope } returns "scope" } private val azureAdV2Client = spyk(AzureAdV2Client(env, httpClient.httpClient)) - private val syfoTilgangskontrollCache = + private val istilgangskontrollCache = Caffeine.newBuilder() .expireAfterWrite(1, TimeUnit.HOURS) .maximumSize(100) .build, Tilgang>() - private val syfoTilgangsKontrollClient = - SyfoTilgangsKontrollClient( + private val istilgangskontrollClient = + IstilgangskontrollClient( environment = env, azureAdV2Client = azureAdV2Client, httpClient = httpClient.httpClient, - syfoTilgangskontrollCache = syfoTilgangskontrollCache, + istilgangskontrollCache = istilgangskontrollCache, ) @BeforeEach internal fun beforeEachTest() { clearAllMocks() - syfoTilgangskontrollCache.invalidateAll() + istilgangskontrollCache.invalidateAll() } @Test @@ -66,13 +66,13 @@ class SyfoTilgangsKontrollClientTest { httpClient.responseData = ResponseData(HttpStatusCode.OK, objectMapper.writeValueAsString(Tilgang(true))) runBlocking { - val tilgang = syfoTilgangsKontrollClient.hasAccess("sdfsdfsfs", pasientFnr) - assertEquals(true, tilgang.harTilgang) + val tilgang = istilgangskontrollClient.hasAccess("sdfsdfsfs", pasientFnr) + assertEquals(true, tilgang.erGodkjent) } } @Test - internal fun `Skal returnere harTilgang false hvis syfotilgangskontroll svarer med feilmelding`() { + internal fun `Skal returnere harTilgang false hvis istilgangskontroll svarer med feilmelding`() { httpClient.responseDataOboToken = ResponseData( HttpStatusCode.OK, @@ -86,8 +86,8 @@ class SyfoTilgangsKontrollClientTest { objectMapper.writeValueAsString(Tilgang(false)) ) runBlocking { - val tilgang = syfoTilgangsKontrollClient.hasAccess("sdfsdfsfs", pasientFnr) - assertEquals(false, tilgang.harTilgang) + val tilgang = istilgangskontrollClient.hasAccess("sdfsdfsfs", pasientFnr) + assertEquals(false, tilgang.erGodkjent) } } @@ -103,8 +103,8 @@ class SyfoTilgangsKontrollClientTest { httpClient.responseData = ResponseData(HttpStatusCode.OK, objectMapper.writeValueAsString(Tilgang(true))) runBlocking { - syfoTilgangsKontrollClient.hasAccess("sdfsdfsfs", pasientFnr) - syfoTilgangsKontrollClient.hasAccess("sdfsdfsfs", pasientFnr) + istilgangskontrollClient.hasAccess("sdfsdfsfs", pasientFnr) + istilgangskontrollClient.hasAccess("sdfsdfsfs", pasientFnr) } coVerify(exactly = 1) { azureAdV2Client.getOnBehalfOfToken("sdfsdfsfs", "scope") } @@ -122,8 +122,8 @@ class SyfoTilgangsKontrollClientTest { httpClient.responseData = ResponseData(HttpStatusCode.OK, objectMapper.writeValueAsString(Tilgang(true))) runBlocking { - syfoTilgangsKontrollClient.hasAccess("sdfsdfsfs", pasientFnr) - syfoTilgangsKontrollClient.hasAccess("sdfsdfsfs", "987654") + istilgangskontrollClient.hasAccess("sdfsdfsfs", pasientFnr) + istilgangskontrollClient.hasAccess("sdfsdfsfs", "987654") } coVerify(exactly = 2) { azureAdV2Client.getOnBehalfOfToken("sdfsdfsfs", "scope") } @@ -141,8 +141,8 @@ class SyfoTilgangsKontrollClientTest { httpClient.responseData = ResponseData(HttpStatusCode.OK, objectMapper.writeValueAsString(Tilgang(true))) runBlocking { - syfoTilgangsKontrollClient.hasAccess("sdfsdfsfs", pasientFnr) - syfoTilgangsKontrollClient.hasAccess("xxxxxxxxx", pasientFnr) + istilgangskontrollClient.hasAccess("sdfsdfsfs", pasientFnr) + istilgangskontrollClient.hasAccess("xxxxxxxxx", pasientFnr) } coVerify(exactly = 1) { azureAdV2Client.getOnBehalfOfToken("sdfsdfsfs", "scope") }