Skip to content

Commit

Permalink
Støtter tokenx i swagger i dev-gcp.
Browse files Browse the repository at this point in the history
  • Loading branch information
@ramrock93
ramrock93 committed Aug 6, 2024
1 parent 3943008 commit e71e44c
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 20 deletions.
7 changes: 7 additions & 0 deletions nais/dev-gcp.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,13 @@
"ingresses": [
"https://k9-brukerdialog-cache.intern.dev.nav.no"
],
"inboundRules": [
{
"app": "tokenx-token-generator",
"namespace": "aura",
"cluster": "dev-gcp"
}
],
"externalHosts": [
"login.microsoftonline.com"
],
Expand Down
5 changes: 5 additions & 0 deletions nais/naiserator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,11 @@ spec:
rules:
- application: k9-brukerdialog-api
- application: k9-brukerdialog-prosessering
{{#each inboundRules}}
- application: {{app}}
namespace: {{namespace}}
cluster: {{cluster}}
{{/each}}
outbound:
external:
{{#each externalHosts as |host|}}
Expand Down
1 change: 1 addition & 0 deletions nais/prod-gcp.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
"minReplicas": "2",
"maxReplicas": "2",
"ingresses": [],
"inboundRules": [],
"externalHosts": [
"login.microsoftonline.com"
],
Expand Down
40 changes: 20 additions & 20 deletions src/main/kotlin/no/nav/cache/config/SwaggerConfiguration.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,10 @@ import io.swagger.v3.oas.models.OpenAPI
import io.swagger.v3.oas.models.info.Info
import io.swagger.v3.oas.models.security.SecurityRequirement
import io.swagger.v3.oas.models.security.SecurityScheme
import io.swagger.v3.oas.models.servers.Server
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.context.annotation.Profile
import org.springframework.http.HttpHeaders

@Configuration
@Profile("local", "dev-gcp")
Expand All @@ -18,9 +18,6 @@ class SwaggerConfiguration {
@Bean
fun openAPI(): OpenAPI {
return OpenAPI()
.addServersItem(
Server().url("https://k9-brukerdialog-cache.dev.nav.no/").description("Swagger Server")
)
.info(
Info()
.title("K9 Brukerdialog Cache")
Expand All @@ -34,22 +31,25 @@ class SwaggerConfiguration {
)
.components(
Components()
.addSecuritySchemes(
"bearer-jwt", SecurityScheme()
.type(SecurityScheme.Type.HTTP)
.scheme("bearer")
.bearerFormat("JWT")
.`in`(SecurityScheme.In.HEADER)
.name("Authorization")
.description("""
Må være en gyldig tokenX token scopet for denne tjenesten.
For å teste apiet, kan du bruke debug-dings: `https://debug-dings.dev-gcp.nais.io`.
Velg innloggingsmetode, og deretter velg en testbruker som beskrevet her: `https://docs.digdir.no/docs/idporten/idporten/idporten_testbrukere`.
Etter innlogging scroller du ned til `audience` og legger inn `dev-gcp:dusseldorf:k9-brukerdialog-cache` og deretter `Get a token`.
Kopier `access_token` under `Token Response` og lim den inn her.
""".trimIndent())
)
.addSecuritySchemes("Authorization", tokenXApiToken())
)
.addSecurityItem(
SecurityRequirement()
.addList("Authorization")
)
}

private fun tokenXApiToken(): SecurityScheme {
return SecurityScheme()
.type(SecurityScheme.Type.HTTP)
.name(HttpHeaders.AUTHORIZATION)
.scheme("bearer")
.bearerFormat("JWT")
.`in`(SecurityScheme.In.HEADER)
.description(
"""Eksempel på verdi som skal inn i Value-feltet (Bearer trengs altså ikke å oppgis): 'eyAidH...'
For nytt token -> https://tokenx-token-generator.intern.dev.nav.no/api/obo?aud=dev-gcp:dusseldorf:k9-brukerdialog-prosessering
""".trimMargin()
)
.addSecurityItem(SecurityRequirement().addList("bearer-jwt", listOf("read", "write")))
}
}

0 comments on commit e71e44c

Please sign in to comment.