Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

change/clientcredential_factory #3695

Merged
merged 32 commits into from
Dec 19, 2024
Merged

change/clientcredential_factory #3695

merged 32 commits into from
Dec 19, 2024

Conversation

rfc3092
Copy link
Contributor

@rfc3092 rfc3092 commented Dec 12, 2024
edited
Loading

Fullfører ny TODO i #3693.

Samler extends ClientCredential i security-core, og skriver om til factory ClientCredentialAutoConfiguration, med meta-dok. Ønsker å unngå @Import. Fail fast og defaults for test profile.

Har også gått gjennom extends TokenService (unntatt TokenXService) og laget factory TokenServiceAutoConfiguration for disse. Defaults for test profile, for å unngå boilerplate i test config.

Har testa pdl-proxy med opprettelse/import etter arbeidstid.

Fjerner samtidig et par ubrukte klasser i reactive-security.

Merk at det er noe off i hvordan AzureTokenService settes opp. Den bruker en property AAD_ISSUER_URI som vi setter opp, men burde refaktoreres til å bruke AZURE_OPENID_CONFIG_TOKEN_ENDPOINT (som AzureNavTokenService og AzureTrygdeetatenTokenService). Det tas evt. i annen PR.

@rfc3092
- Collecting all subclasses of ClientCredential in security-core.
c3e909e 
- Added factory for autoconfiguration of ClientCredential beans.
- Added default beans for "test" profile.
@rfc3092
Merge branch 'master' into change/clientcredential_factory
b234f68
@rfc3092 rfc3092 mentioned this pull request Dec 12, 2024
Merged
@rfc3092 rfc3092 marked this pull request as ready for review December 13, 2024 09:41
@rfc3092 rfc3092 requested a review from a team as a code owner December 13, 2024 09:41
stigus
stigus approved these changes Dec 13, 2024
View reviewed changes
Copy link
Contributor

@stigus stigus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ser flott ut 😎

rfc3092 added 22 commits December 13, 2024 12:20
@rfc3092
Merge branch 'master' into change/clientcredential_factory
799d3fb 
# Conflicts:
#	libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/domain/AzureNavProxyClientCredential.java
#	libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/domain/AzureTrygdeetatenClientCredential.java
#	libs/security-core/src/main/java/no/nav/testnav/libs/securitycore/domain/azuread/AzureNavClientCredential.java
#	libs/security-core/src/main/java/no/nav/testnav/libs/securitycore/domain/azuread/ClientCredential.java
#	libs/security-core/src/main/resources/META-INF/additional-spring-configuration-metadata.json
@rfc3092
Changed constructor visibilities to indicate intention to use factory.
4d7400b
@rfc3092
Elaborated on metadata, renamed vars for readability.
1ab9b0e
@rfc3092
Renames subclasses of ClientCredential for consistency in relation to…
6e21ad5 
… naming of configuration properties.
@rfc3092
Merge branch 'refs/heads/master' into change/clientcredential_factory
8f65142 
# Conflicts:
#	libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/domain/AzureNavProxyClientCredential.java
#	libs/reactive-security/src/main/java/no/nav/testnav/libs/reactivesecurity/domain/AzureTrygdeetatenClientCredential.java
#	libs/security-core/src/main/java/no/nav/testnav/libs/securitycore/domain/azuread/AzureNavClientCredential.java
#	libs/security-core/src/main/java/no/nav/testnav/libs/securitycore/domain/azuread/ClientCredential.java
#	libs/security-core/src/main/resources/META-INF/additional-spring-configuration-metadata.json
@rfc3092
- Changed Azure credentials check to have condition on AAD_ISSUER_URI…
c3cb8a4 
… (which is actually used), not AZURE_OPENID_CONFIG_TOKEN_ENDPOINT (which should be used).

- All subclasses of ClientCredential now takes tokenEndpoint. AzureClientCredential just doesn't use it (yet). Simpler code.
- Cleaned up for readability in ClientCredentialConfig.
@rfc3092
Conditional on properties defining token endpoints for TrygdeetatenAz…
0db7905 
…ureAdTokenService and NavAzureAdTokenService.
@rfc3092
NavAzureAdTokenService and TrygdeetatenAzureAdTokenService now impeme…
74c1398 
…nts TokenService, similar to AzureAdTokenService.
@rfc3092
Refactored for readability.
2f45dab
@rfc3092
Removed unused imports.
22b0d02
@rfc3092
Defines AZURE_TRYGDEETATEN_OPENID_CONFIG_TOKEN_ENDPOINT in order for …
c6602bc 
…TrygdeetatenAzureAdTokenService to be available as a bean (similar to AzureAdTokenService).
@rfc3092
Improved toString.
d39828d
@rfc3092
Improved conditionals.
550c386
@rfc3092
Added autoconfiguration for subclasses of TokenService.
2a1cf02
@rfc3092
Fixed visibility.
cb9ab8a
@rfc3092
Cleaned up test config (need to override defaults, as we don't have a…
b89dd02 
… separate prod config).
@rfc3092
Added meta to avoid warnings on TOKEN_X_ISSUER in config.
c099edf
@rfc3092
Added conditionals to beans in order to avoid autoconfiguration when …
ee8ca68 
…the necessary requirements are not set.
@rfc3092
Added conditionals to beans in order to avoid autoconfiguration when …
cb3200e 
…the necessary requirements are not set.
@rfc3092
Added a set of conditionals to avoid ClientCredentialAutoConfiguratio…
77d3251 
…n and TokenServiceAutoConfiguration having different conditionals.
@rfc3092
- Updated new conditionals to check all settings that are required fo…
0f72771 
…r related beans to actually work.

- Added test beans to TokenServiceAutoConfiguration to avoid placeholders in config.
@rfc3092
Renames TokenServices to match ClientCredentials (and property) namin…
d4ec146 
…g pattern.
@rfc3092 rfc3092 requested a review from stigus December 18, 2024 12:32
stigus
stigus approved these changes Dec 18, 2024
View reviewed changes
Copy link
Contributor

@stigus stigus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice 👍

@rfc3092 rfc3092 merged commit 879a1b8 into master Dec 19, 2024
21 checks passed
@rfc3092 rfc3092 deleted the change/clientcredential_factory branch December 19, 2024 10:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stigus stigus stigus approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rfc3092 @stigus