Merge pull request #340 from navikt/azure-pdl

Adding azure ad OBO to pdl
navikt · Jul 2, 2021 · 9ea83ec · 9ea83ec
2 parents 9dc3bbe + 9089562
commit 9ea83ec
Show file tree

Hide file tree

Showing 14 changed files with 116 additions and 17 deletions.
diff --git a/deploy/dev.yaml b/deploy/dev.yaml
@@ -8,6 +8,7 @@ externalHosts:
   - host: klage-fss-proxy.dev-fss-pub.nais.io
   - host: kafka-schema-registry.nais-q.adeo.no
   - host: saf.dev-fss-pub.nais.io
+  - host: pdl-api.dev-fss-pub.nais.io
   - host: influx-klage-nav-dev.aivencloud.com
     ports:
       - name: https

diff --git a/src/main/kotlin/no/nav/klage/oppgave/api/mapper/KlagebehandlingListMapper.kt b/src/main/kotlin/no/nav/klage/oppgave/api/mapper/KlagebehandlingListMapper.kt
@@ -30,6 +30,7 @@ class KlagebehandlingListMapper {
             PersonSoekPersonView(
                 fnr = person.fnr,
                 navn = person.navn,
+                foedselsdato = person.foedselsdato,
                 klagebehandlinger = klagebehandlinger,
                 aapneKlagebehandlinger = klagebehandlinger.filter { it.avsluttetAvSaksbehandler == null },
                 avsluttedeKlagebehandlinger = klagebehandlinger.filter { it.avsluttetAvSaksbehandler != null }

diff --git a/src/main/kotlin/no/nav/klage/oppgave/api/view/KlagebehandlingListView.kt b/src/main/kotlin/no/nav/klage/oppgave/api/view/KlagebehandlingListView.kt
@@ -42,7 +42,8 @@ data class KlagebehandlingerPersonSoekListRespons(
 data class PersonSoekPersonView(
     val fnr: String,
     val navn: String?,
+    val foedselsdato: LocalDate?,
     val klagebehandlinger: List<KlagebehandlingListView>,
     val aapneKlagebehandlinger: List<KlagebehandlingListView>,
     val avsluttedeKlagebehandlinger: List<KlagebehandlingListView>
-)
+)
diff --git a/src/main/kotlin/no/nav/klage/oppgave/clients/pdl/graphql/PdlClient.kt b/src/main/kotlin/no/nav/klage/oppgave/clients/pdl/graphql/PdlClient.kt
@@ -13,6 +13,7 @@ import java.lang.System.currentTimeMillis
 @Component
 class PdlClient(
     private val pdlWebClient: WebClient,
+    private val pdlNoproxyWebClient: WebClient,
     private val tokenUtil: TokenUtil
 ) {
 
@@ -63,10 +64,9 @@ class PdlClient(
     @Retryable
     fun personsok(inputString: String): SoekPersonResponse {
         return runWithTiming {
-            val userToken = tokenUtil.getSaksbehandlerAccessTokenWithGraphScope()
-            pdlWebClient.post()
+            val userToken = tokenUtil.getSaksbehandlerAccessTokenWithPdlScope()
+            pdlNoproxyWebClient.post()
                 .header(HttpHeaders.AUTHORIZATION, "Bearer $userToken")
-                .header("Nav-Consumer-Token", "Bearer $userToken")
                 .bodyValue(soekPersonNavnContainsQuery(inputString))
                 .retrieve()
                 .bodyToMono<SoekPersonResponse>()

diff --git a/src/main/kotlin/no/nav/klage/oppgave/clients/pdl/graphql/SoekPersonRequest.kt b/src/main/kotlin/no/nav/klage/oppgave/clients/pdl/graphql/SoekPersonRequest.kt
@@ -27,7 +27,8 @@ class ContainsSearchRule(val contains: String) : SearchRule()
 class EqualsSearchRule(val equals: String, val caseSensitive: Boolean = false) : SearchRule()
 
 fun soekPersonNavnContainsQuery(searchString: String): SoekPersonGraphsqlQuery {
-    val query = SoekPersonGraphsqlQuery::class.java.getResource("/pdl/soekPerson.graphql").cleanForGraphql()
+    val query = SoekPersonGraphsqlQuery::class.java.getResource("/pdl/soekPerson.graphql")?.cleanForGraphql() ?:
+        throw RuntimeException("Query not found")
     return SoekPersonGraphsqlQuery(
         query = query,
         variables = SoekPersonVariables(

diff --git a/src/main/kotlin/no/nav/klage/oppgave/clients/pdl/graphql/SoekPersonResponse.kt b/src/main/kotlin/no/nav/klage/oppgave/clients/pdl/graphql/SoekPersonResponse.kt
@@ -6,7 +6,7 @@ data class SoekPersonResponse(
 )
 
 data class SoekPersonData(
-    val soekPerson: SoekPersonResult?
+    val sokPerson: SoekPersonResult?
 )
 
 data class SoekPersonResult(
@@ -21,10 +21,10 @@ data class SoekPersonHit(
 )
 
 data class PdlSoekPerson(
-    val folkeregisteridentifikator: Folkeregisteridentifikator,
-    val navn: Navn,
+    val folkeregisteridentifikator: List<Folkeregisteridentifikator>,
+    val navn: List<Navn>,
     val adressebeskyttelse: List<PdlPerson.Adressebeskyttelse>,
-    val foedsel: Foedsel
+    val foedsel: List<Foedsel>
 ) {
     data class Folkeregisteridentifikator(
         val identifikasjonsnummer: String

diff --git a/src/main/kotlin/no/nav/klage/oppgave/config/PdlClientConfiguration.kt b/src/main/kotlin/no/nav/klage/oppgave/config/PdlClientConfiguration.kt
@@ -15,6 +15,9 @@ class PdlClientConfiguration(private val webClientBuilder: WebClient.Builder) {
     @Value("\${PDL_BASE_URL}")
     private lateinit var pdlUrl: String
 
+    @Value("\${PDL_NOPROXY_BASE_URL}")
+    private lateinit var pdlNoproxyUrl: String
+
     @Value("\${SERVICE_USER_USERNAME}")
     private lateinit var username: String
 
@@ -33,4 +36,17 @@ class PdlClientConfiguration(private val webClientBuilder: WebClient.Builder) {
             .defaultHeader("x-nav-apiKey", apiKey)
             .build()
     }
+
+    @Bean
+    fun pdlNoproxyWebClient(): WebClient {
+        return webClientBuilder
+            .baseUrl(pdlNoproxyUrl)
+            .clientConnector(ReactorClientHttpConnector(HttpClient.newConnection()))
+            .defaultHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE)
+            .defaultHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE)
+            .defaultHeader("Nav-Consumer-Id", username)
+            .defaultHeader("TEMA", "KLA")
+            .defaultHeader("x-nav-apiKey", apiKey)
+            .build()
+    }
 }
diff --git a/src/main/kotlin/no/nav/klage/oppgave/domain/KlagebehandlingerSearchCriteria.kt b/src/main/kotlin/no/nav/klage/oppgave/domain/KlagebehandlingerSearchCriteria.kt
@@ -56,5 +56,5 @@ data class KlagebehandlingerSearchCriteria(
 
     fun isFnrSoek() = raw.isNumeric()
 
-    private fun String.isNumeric() = toIntOrNull() != null
+    private fun String.isNumeric() = toLongOrNull() != null
 }
diff --git a/src/main/kotlin/no/nav/klage/oppgave/service/PersonsoekService.kt b/src/main/kotlin/no/nav/klage/oppgave/service/PersonsoekService.kt
@@ -33,6 +33,7 @@ class PersonsoekService(
 
     private fun fnrSoek(input: KlagebehandlingerSearchCriteria): PersonSoekResponseList {
         val liste = esSoek(input)
+        logger.debug("Personsøk: Got ${liste.size} hits from ES")
         val mapped = liste.groupBy { it.sakenGjelderFnr }.map { (key, value) ->
             PersonSoekResponse(
                 fnr = key!!,
@@ -46,15 +47,16 @@ class PersonsoekService(
 
     private fun navnSoek(input: KlagebehandlingerSearchCriteria): PersonSoekResponseList {
         val pdlResponse = pdlClient.personsok(input.raw)
+        secureLogger.debug("Fetched data from PDL søk: ${pdlResponse}")
         verifyPdlResponse(pdlResponse)
         val fnrList = pdlResponse.collectFnr()
         val klagebehandlinger = esSoek(input.copy(foedselsnr = fnrList)).groupBy { it.klagerFnr }
-        val mapped = pdlResponse.data?.soekPerson?.hits?.map { personHit ->
-            val fnr = personHit.person.folkeregisteridentifikator.identifikasjonsnummer
+        val mapped = pdlResponse.data?.sokPerson?.hits?.map { personHit ->
+            val fnr = personHit.person.folkeregisteridentifikator.first().identifikasjonsnummer
             PersonSoekResponse(
                 fnr = fnr,
                 navn = personHit.person.navn.toString(),
-                foedselsdato = LocalDate.parse(personHit.person.foedsel.foedselsdato),
+                foedselsdato = LocalDate.parse(personHit.person.foedsel.first().foedselsdato),
                 klagebehandlinger = klagebehandlinger[fnr] ?: listOf()
             )
         }
@@ -75,5 +77,7 @@ class PersonsoekService(
     }
 
     private fun SoekPersonResponse.collectFnr(): List<String> =
-        this.data?.soekPerson?.hits?.map { it.person.folkeregisteridentifikator.identifikasjonsnummer } ?: listOf()
+        this.data?.sokPerson?.hits?.map {
+            it.person.folkeregisteridentifikator.first().identifikasjonsnummer
+        } ?: listOf()
 }
diff --git a/src/main/kotlin/no/nav/klage/oppgave/util/TokenUtil.kt b/src/main/kotlin/no/nav/klage/oppgave/util/TokenUtil.kt
@@ -33,6 +33,12 @@ class TokenUtil(
         return response.accessToken
     }
 
+    fun getSaksbehandlerAccessTokenWithPdlScope(): String {
+        val clientProperties = clientConfigurationProperties.registration["pdl-onbehalfof"]
+        val response = oAuth2AccessTokenService.getAccessToken(clientProperties)
+        return response.accessToken
+    }
+
     fun getSaksbehandlerAccessTokenWithAxsysScope(): String {
         val clientProperties = clientConfigurationProperties.registration["axsys-onbehalfof"]
         val response = oAuth2AccessTokenService.getAccessToken(clientProperties)

diff --git a/src/main/resources/application-dev-gcp.yml b/src/main/resources/application-dev-gcp.yml
@@ -1,6 +1,8 @@
 TENANT_ID: 966ac572-f5b7-4bbe-aa88-c76419c0f851
 SECURITY_TOKEN_SERVICE_REST_URL: https://api-gw-q1.oera.no/security-token-service
 PDL_BASE_URL: https://api-gw-q1.oera.no/pdl-api/graphql
+PDL_NOPROXY_BASE_URL: https://pdl-api.dev-fss-pub.nais.io/graphql
+PDL_SCOPE: dev-fss.pdl.pdl-api
 
 NORG2_API_V1_URL: https://api-gw-q1.oera.no/norg2/api/v1
 PROXY_APP_CLIENT_ID: c6050231-3b9f-4173-8d1e-39b7e6e3392e
@@ -48,4 +50,4 @@ DOKDIST_SERVICE_URL: https://api-gw-q1.oera.no/dokdistfordeling/rest/v1/distribu
 CLAM_AV_URL: http://clamav.clamav/scan
 
 INFLUX_HOST: influx-klage-nav-dev.aivencloud.com
-INFLUX_PORT: 26482
+INFLUX_PORT: 26482
diff --git a/src/main/resources/application-prod-gcp.yml b/src/main/resources/application-prod-gcp.yml
@@ -1,6 +1,8 @@
 TENANT_ID: 62366534-1ec3-4962-8869-9b5535279d0b
 SECURITY_TOKEN_SERVICE_REST_URL: https://api-gw.oera.no/security-token-service
 PDL_BASE_URL: https://api-gw.oera.no/pdl-api/graphql
+PDL_NOPROXY_BASE_URL: https://pdl-api.prod-fss-pub.nais.io/graphql
+PDL_SCOPE: prod-fss.pdl.pdl-api
 
 NORG2_API_V1_URL: https://api-gw.oera.no/norg2/api/v1
 PROXY_APP_CLIENT_ID: 981be1fb-1379-465f-bddc-7563197aed84
@@ -48,4 +50,4 @@ DOKDIST_SERVICE_URL: https://api-gw.oera.no/dokdistfordeling/rest/v1/distribuerj
 CLAM_AV_URL: http://clamav.clamav/scan
 
 INFLUX_HOST: influx-klage-nav-prod.aivencloud.com
-INFLUX_PORT: 26482
+INFLUX_PORT: 26482
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -113,6 +113,14 @@ no.nav.security.jwt:
           client-id: ${AZURE_APP_CLIENT_ID}
           client-jwk: ${AZURE_APP_JWK}
           client-auth-method: private_key_jwt
+      pdl-onbehalfof:
+        token-endpoint-url: https://login.microsoftonline.com/${TENANT_ID}/oauth2/v2.0/token
+        grant-type: urn:ietf:params:oauth:grant-type:jwt-bearer
+        scope: api://${PDL_SCOPE}/.default
+        authentication:
+          client-id: ${AZURE_APP_CLIENT_ID}
+          client-jwk: ${AZURE_APP_JWK}
+          client-auth-method: private_key_jwt
       oppgave-onbehalfof:
         token-endpoint-url: https://login.microsoftonline.com/${TENANT_ID}/oauth2/v2.0/token
         grant-type: urn:ietf:params:oauth:grant-type:jwt-bearer

diff --git a/src/test/kotlin/no/nav/klage/oppgave/clients/PdlClientTest.kt b/src/test/kotlin/no/nav/klage/oppgave/clients/PdlClientTest.kt
@@ -5,6 +5,7 @@ import io.mockk.impl.annotations.MockK
 import io.mockk.junit5.MockKExtension
 import no.nav.klage.oppgave.clients.pdl.graphql.HentPersonResponse
 import no.nav.klage.oppgave.clients.pdl.graphql.PdlClient
+import no.nav.klage.oppgave.clients.pdl.graphql.SoekPersonResponse
 import no.nav.klage.oppgave.util.TokenUtil
 import org.assertj.core.api.Assertions.assertThat
 import org.intellij.lang.annotations.Language
@@ -21,6 +22,7 @@ internal class PdlClientTest {
     @BeforeEach
     fun before() {
         every { tokenUtilMock.getStsSystembrukerToken() } returns "abc"
+        every { tokenUtilMock.getSaksbehandlerAccessTokenWithPdlScope() } returns "abc"
     }
 
     @Test
@@ -30,15 +32,32 @@ internal class PdlClientTest {
         assertThat(hentPersonResponse.data!!.hentPerson!!.navn.first().fornavn).isEqualTo("AREMARK")
     }
 
+    @Test
+    fun `personsøk ok`() {
+        val personsoekResponse = getSoekPersonResponse(pdlSoekResponse())
+        assertThat(personsoekResponse.data).isNotNull
+    }
+
     fun getHentPersonResponse(jsonResponse: String): HentPersonResponse {
         val pdlClient = PdlClient(
+            createShortCircuitWebClient(jsonResponse),
             createShortCircuitWebClient(jsonResponse),
             tokenUtilMock
         )
 
         return pdlClient.getPersonInfo("fnr")
     }
 
+    fun getSoekPersonResponse(jsonResponse: String): SoekPersonResponse {
+        val pdlClient = PdlClient(
+            createShortCircuitWebClient(jsonResponse),
+            createShortCircuitWebClient(jsonResponse),
+            tokenUtilMock
+        )
+
+        return pdlClient.personsok("fnr")
+    }
+
     @Language("json")
     fun pdlResponse() = """
         {
@@ -63,5 +82,43 @@ internal class PdlClientTest {
         }
     """
 
+    @Language("json")
+    fun pdlSoekResponse() = """
+        {
+          "data": {
+            "sokPerson": {
+              "pageNumber": 1,
+              "totalHits": 38,
+              "totalPages": 2,
+              "hits": [
+                {
+                  "score": 37.505756,
+                  "person": {
+                    "folkeregisteridentifikator": [
+                      {
+                        "identifikasjonsnummer": "23051668235"
+                      }
+                    ],
+                    "navn": [
+                      {
+                        "fornavn": "LITEN",
+                        "etternavn": "SAKS",
+                        "mellomnavn": null
+                      }
+                    ],
+                    "adressebeskyttelse": [],
+                    "foedsel": [
+                      {
+                        "foedselsdato": "2016-05-23"
+                      }
+                    ]
+                  }
+                }
+              ]
+            }
+          }
+        }
+    """
+
 
-}
+}