diff --git a/felles/oidc/src/main/java/no/nav/vedtak/sikkerhet/oidc/token/impl/GeneriskTokenKlient.java b/felles/oidc/src/main/java/no/nav/vedtak/sikkerhet/oidc/token/impl/GeneriskTokenKlient.java index 3a1d0dd3c..3bde481b6 100644 --- a/felles/oidc/src/main/java/no/nav/vedtak/sikkerhet/oidc/token/impl/GeneriskTokenKlient.java +++ b/felles/oidc/src/main/java/no/nav/vedtak/sikkerhet/oidc/token/impl/GeneriskTokenKlient.java @@ -41,7 +41,7 @@ public static OidcTokenResponse hentTokenRetryable(HttpRequest request, URI prox public static OidcTokenResponse hentToken(HttpRequest request, URI proxy) { try (var client = hentEllerByggHttpClient(proxy)) { // På sikt vurder å bruke en generell klient eller å cache. De er blitt autocloseable var response = client.send(request, HttpResponse.BodyHandlers.ofString(UTF_8)); - if (response == null || response.body() == null) { + if (response == null || response.body() == null || !responskode2xx(response)) { throw new TekniskException("F-157385", "Kunne ikke hente token"); } return READER.readValue(response.body()); @@ -55,6 +55,11 @@ public static OidcTokenResponse hentToken(HttpRequest request, URI proxy) { } } + private static boolean responskode2xx(HttpResponse response) { + var status = response.statusCode(); + return status >= 200 && status < 300; + } + private static HttpClient hentEllerByggHttpClient(URI proxy) { return HttpClient.newBuilder() .followRedirects(HttpClient.Redirect.NEVER)