diff --git a/unleash/pom.xml b/unleash/pom.xml
index 8cbdcba0..c960bf0f 100644
--- a/unleash/pom.xml
+++ b/unleash/pom.xml
@@ -28,6 +28,11 @@
unleash-client-java
8.2.1
+
+ no.nav.security
+ token-validation-spring
+ ${nav.security.token.version}
+
diff --git a/unleash/src/main/kotlin/no/nav/familie/unleash/ByUserIdStrategy.kt b/unleash/src/main/kotlin/no/nav/familie/unleash/ByUserIdStrategy.kt
new file mode 100644
index 00000000..0a69682b
--- /dev/null
+++ b/unleash/src/main/kotlin/no/nav/familie/unleash/ByUserIdStrategy.kt
@@ -0,0 +1,36 @@
+package no.nav.familie.unleash
+
+import io.getunleash.strategy.Strategy
+import no.nav.security.token.support.spring.SpringTokenValidationContextHolder
+
+class ByUserIdStrategy : Strategy {
+ val SYSTEM_FORKORTELSE = "VL"
+ fun hentSaksbehandlerEllerSystembruker() =
+ Result.runCatching { SpringTokenValidationContextHolder().tokenValidationContext }
+ .fold(
+ onSuccess = {
+ it.getClaims("azuread")?.get("NAVident")?.toString() ?: SYSTEM_FORKORTELSE
+ },
+ onFailure = { SYSTEM_FORKORTELSE }
+ )
+
+ fun hentSaksbehandler(): String {
+ val result = hentSaksbehandlerEllerSystembruker()
+
+ if (result == SYSTEM_FORKORTELSE) {
+ error("Finner ikke NAVident i token")
+ }
+ return result
+ }
+
+ override fun getName(): String {
+ return "byUserId"
+ }
+
+ override fun isEnabled(map: MutableMap): Boolean {
+ return map["user"]
+ ?.split(',')
+ ?.any { hentSaksbehandler() == it }
+ ?: false
+ }
+}
diff --git a/unleash/src/main/kotlin/no/nav/familie/unleash/DefaultUnleashService.kt b/unleash/src/main/kotlin/no/nav/familie/unleash/DefaultUnleashService.kt
index 3903b584..6eb7baf4 100644
--- a/unleash/src/main/kotlin/no/nav/familie/unleash/DefaultUnleashService.kt
+++ b/unleash/src/main/kotlin/no/nav/familie/unleash/DefaultUnleashService.kt
@@ -20,7 +20,8 @@ class DefaultUnleashService(
.appName(appName)
.unleashAPI("$apiUrl/api")
.apiKey(apiToken)
- .unleashContextProvider(lagUnleashContextProvider()).build()
+ .unleashContextProvider(lagUnleashContextProvider()).build(),
+ ByUserIdStrategy()
)
}