Updates SecurityConfig for certain apps to be able to run application…

… context tests with actual checks on /internal.

apps/arbeidsforhold-service/src/main/java/no/nav/registre/testnorge/arbeidsforholdservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -11,12 +10,10 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
-
 @Order(1)
 @EnableWebSecurity
 @Configuration
-@Profile({ "prod", "dev" })
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/batch-bestilling-service/src/main/java/no/nav/registre/testnorge/batchbestillingservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -12,8 +11,7 @@
 
 @EnableWebSecurity
 @Configuration
-@Profile({ "prod", "dev" })
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/SecurityConfig.java

@@ -1,9 +1,8 @@
 package no.nav.dolly.web.config;
 
 import lombok.RequiredArgsConstructor;
-import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Value;
+import no.nav.testnav.libs.reactivesecurity.properties.AzureAdResourceServerProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
@@ -12,32 +11,38 @@
 import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder;
 import org.springframework.security.oauth2.jwt.ReactiveJwtDecoders;
 import org.springframework.security.web.server.SecurityWebFilterChain;
-
+import reactor.core.publisher.Mono;
 
 @Slf4j
 @Configuration
-@Profile({ "prod", "dev" })
 @EnableWebFluxSecurity
 @RequiredArgsConstructor
-public class SecurityConfig {
-
+class SecurityConfig {
 
-    @Value("${spring.security.oauth2.resourceserver.aad.issuer-uri}")
-    private String aadIssuer;
+    private final AzureAdResourceServerProperties config;
 
-    @SneakyThrows
     @Bean
-    public SecurityWebFilterChain configure(ServerHttpSecurity http) {
-
-        http.cors(ServerHttpSecurity.CorsSpec::disable)
+    SecurityWebFilterChain configure(ServerHttpSecurity http) {
+        return http
+                .cors(ServerHttpSecurity.CorsSpec::disable)
                 .csrf(ServerHttpSecurity.CsrfSpec::disable)
-                .authorizeExchange(authorizeExchangeSpec -> authorizeExchangeSpec.anyExchange().permitAll())
-                .oauth2ResourceServer(oAuth2ResourceServerSpec -> oAuth2ResourceServerSpec.jwt(jwtSpec -> jwtDecoder()));
-        return http.build();
+                .authorizeExchange(spec -> spec
+                        .anyExchange()
+                        .permitAll())
+                .oauth2ResourceServer(spec -> spec.jwt(jwtSpec -> jwtDecoder()))
+                .build();
     }
 
-    @Bean
-    public ReactiveJwtDecoder jwtDecoder() {
-        return ReactiveJwtDecoders.fromOidcIssuerLocation(aadIssuer);
+    @Bean("jwtDecoder")
+    @Profile("!test")
+    ReactiveJwtDecoder jwtDecoder() {
+        return ReactiveJwtDecoders.fromOidcIssuerLocation(config.getIssuerUri());
     }
+
+    @Bean("jwtDecoder")
+    @Profile("test")
+    ReactiveJwtDecoder jwtDecoderForTest() {
+        return token -> Mono.empty();
+    }
+
 }

apps/generer-navn-service/src/main/java/no/nav/registre/testnorge/generernavnservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -12,8 +11,7 @@
 
 @EnableWebSecurity
 @Configuration
-@Profile({ "prod", "dev" })
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/generer-organisasjon-populasjon-service/src/main/java/no/nav/registre/testnav/genererorganisasjonpopulasjonservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -11,12 +10,10 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
-
 @Order(1)
 @EnableWebSecurity
 @Configuration
-@Profile({ "prod", "dev" })
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/jenkins-batch-status-service/src/main/java/no/nav/registre/testnorge/jenkinsbatchstatusservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -12,8 +11,7 @@
 
 @EnableWebSecurity
 @Configuration
-@Profile({ "prod", "dev" })
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/joark-dokument-service/src/main/java/no/nav/testnav/joarkdokumentservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -12,8 +11,7 @@
 
 @EnableWebSecurity
 @Configuration
-@Profile({ "prod", "dev" })
-public class SecurityConfig {
+class SecurityConfig {
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
 

apps/kodeverk-service/src/main/java/no/nav/testnav/kodeverkservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -12,8 +11,7 @@
 
 @EnableWebSecurity
 @Configuration
-@Profile({"prod", "local"})
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/miljoer-service/src/main/java/no/nav/registre/testnorge/miljoerservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -12,8 +11,7 @@
 
 @EnableWebSecurity
 @Configuration
-@Profile({"prod", "dev"})
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/organisasjon-bestilling-service/src/main/java/no/nav/testnav/apps/organisasjonbestillingservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -12,12 +11,10 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
-
 @Order(1)
 @EnableWebSecurity
 @Configuration
-@Profile({"prod", "dev"})
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/organisasjon-faste-data-service/src/main/java/no/nav/registre/testnorge/organisasjonfastedataservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -15,8 +14,7 @@
 @Order(1)
 @EnableWebSecurity
 @Configuration
-@Profile({ "prod", "dev" })
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/organisasjon-forvalter/src/main/java/no/nav/organisasjonforvalter/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -12,12 +11,10 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
 
-
 @Order(1)
 @EnableWebSecurity
 @Configuration
-@Profile({"prod", "local"})
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/organisasjon-mottak-service/src/main/java/no/nav/registre/testnorge/organisasjonmottak/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -12,8 +11,7 @@
 
 @EnableWebSecurity
 @Configuration
-@Profile({ "prod", "dev" })
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/orgnummer-service/src/main/java/no/nav/registre/orgnrservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -12,8 +11,7 @@
 
 @EnableWebSecurity
 @Configuration
-@Profile({ "dev", "prod" })
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {

apps/oversikt-frontend/src/main/java/no/nav/testnav/apps/oversiktfrontend/config/SecurityConfig.java

@@ -1,7 +1,8 @@
 package no.nav.testnav.apps.oversiktfrontend.config;
 
+import lombok.RequiredArgsConstructor;
 import lombok.SneakyThrows;
-import org.springframework.beans.factory.annotation.Value;
+import no.nav.testnav.libs.reactivesecurity.properties.AzureAdResourceServerProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.Customizer;
@@ -13,24 +14,27 @@
 
 @Configuration
 @EnableWebFluxSecurity
-public class SecurityConfig {
+@RequiredArgsConstructor
+class SecurityConfig {
 
-    @Value("${spring.security.oauth2.resourceserver.aad.issuer-uri}")
-    private String issuer;
+    private final AzureAdResourceServerProperties config;
 
     @SneakyThrows
     @Bean
-    public SecurityWebFilterChain configure(ServerHttpSecurity http) {
-
-        http.cors(Customizer.withDefaults())
+    SecurityWebFilterChain configure(ServerHttpSecurity http) {
+        return http
+                .cors(Customizer.withDefaults())
                 .csrf(ServerHttpSecurity.CsrfSpec::disable)
-                .authorizeExchange(authorizeExchangeSpec -> authorizeExchangeSpec.anyExchange().permitAll())
-                .oauth2ResourceServer(oAuth2ResourceServerSpec -> oAuth2ResourceServerSpec.jwt(jwtSpec -> jwtDecoder()));
-        return http.build();
+                .authorizeExchange(spec -> spec
+                        .anyExchange()
+                        .permitAll())
+                .oauth2ResourceServer(spec -> spec.jwt(jwtSpec -> jwtDecoder()))
+                .build();
     }
 
     @Bean
-    public ReactiveJwtDecoder jwtDecoder() {
-        return ReactiveJwtDecoders.fromOidcIssuerLocation(issuer);
+    ReactiveJwtDecoder jwtDecoder() {
+        return ReactiveJwtDecoders.fromOidcIssuerLocation(config.getIssuerUri());
     }
+
 }

apps/person-search-service/src/main/java/no/nav/registre/testnorge/personsearchservice/config/SecurityConfig.java

@@ -2,7 +2,6 @@
 
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -12,8 +11,7 @@
 
 @EnableWebSecurity
 @Configuration
-@Profile({ "prod", "local" })
-public class SecurityConfig {
+class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {