Skip to content

Commit

Permalink
K9 har fortsatt token i header fra frontend/tilbake
Browse files Browse the repository at this point in the history
  • Loading branch information
@jolarsen
jolarsen committed Aug 23, 2024
1 parent 7ab04f5 commit e64676e
Showing 1 changed file with 15 additions and 8 deletions.
23 changes: 15 additions & 8 deletions ...auth-filter/src/main/java/no/nav/vedtak/sikkerhet/jaxrs/AuthenticationFilterDelegate.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
import java.lang.reflect.Method;
import java.time.Instant;
import java.util.Optional;
import java.util.function.Function;
import java.util.function.Supplier;

import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.container.ContainerRequestContext;
Expand Down Expand Up @@ -46,6 +48,11 @@ private AuthenticationFilterDelegate() {
}

public static void validerSettKontekst(ResourceInfo resourceInfo, ContainerRequestContext ctx) {
validerSettKontekst(resourceInfo, ctx, () -> getTokenFromHeader(ctx));
}

public static void validerSettKontekst(ResourceInfo resourceInfo, ContainerRequestContext ctx,
Supplier<Optional<TokenString>> tokenfinder) {
try {
Method method = resourceInfo.getResourceMethod();
var utenAutentiseringRessurs = getAnnotation(resourceInfo, UtenAutentisering.class);
Expand All @@ -62,7 +69,8 @@ public static void validerSettKontekst(ResourceInfo resourceInfo, ContainerReque
KontekstHolder.setKontekst(BasisKontekst.ikkeAutentisertRequest(MDCOperations.getConsumerId()));
LOG.trace("{} er whitelisted", metodenavn);
} else {
validerTokenSetKontekst(resourceInfo, ctx);
var tokenString = tokenfinder.get().orElseThrow(() -> new ValideringsFeil("Mangler token"));
validerTokenSetKontekst(resourceInfo, tokenString);
setUserAndConsumerId(KontekstHolder.getKontekst().getUid());
}
} catch (TekniskException | TokenFeil e) {
Expand Down Expand Up @@ -103,16 +111,15 @@ private static <T extends Annotation> Optional<T> getAnnotation(ResourceInfo res
.or(() -> Optional.ofNullable(resourceInfo.getResourceClass().getAnnotation(tClass)));
}

private static Optional<TokenString> getTokenFromHeader(ContainerRequestContext request) {
String headerValue = request.getHeaderString(AUTHORIZATION_HEADER);
return headerValue != null && headerValue.startsWith(OpenIDToken.OIDC_DEFAULT_TOKEN_TYPE)
? Optional.of(new TokenString(headerValue.substring(OpenIDToken.OIDC_DEFAULT_TOKEN_TYPE.length())))
: Optional.empty();
public static Optional<TokenString> getTokenFromHeader(ContainerRequestContext request) {
return Optional.ofNullable(request.getHeaderString(AUTHORIZATION_HEADER))
.filter(headerValue -> headerValue.startsWith(OpenIDToken.OIDC_DEFAULT_TOKEN_TYPE))
.map(headerValue -> headerValue.substring(OpenIDToken.OIDC_DEFAULT_TOKEN_TYPE.length()))
.map(TokenString::new);
}

public static void validerTokenSetKontekst(ResourceInfo resourceInfo, ContainerRequestContext ctx) {
public static void validerTokenSetKontekst(ResourceInfo resourceInfo, TokenString tokenString) {
// Sett opp OpenIDToken
var tokenString = getTokenFromHeader(ctx).orElseThrow(() -> new ValideringsFeil("Mangler token"));
var claims = JwtUtil.getClaims(tokenString.token());
var configuration = ConfigProvider.getOpenIDConfiguration(JwtUtil.getIssuer(claims))
.orElseThrow(() -> new TokenFeil("Token mangler issuer claim"));
Expand Down

0 comments on commit e64676e

Please sign in to comment.