From f00ed2c60a69af1c916de91ad6ad42b098e1d900 Mon Sep 17 00:00:00 2001 From: Stian Gustavsson Date: Tue, 15 Oct 2024 10:37:23 +0200 Subject: [PATCH] Bugfix/idporten cors (#3653) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Logger error bedre dersom noe går galt under innlogging for idporten * Bedre logging av feil generelt ved feil i frontend --------- Co-authored-by: Kristen Hærum --- .../dolly/web/DollyFrontendApplicationStarter.java | 2 +- .../dolly/web/config/IdportenSecurityConfig.java | 13 +++++++++++-- .../nav/dolly/web/provider/web/LogController.java | 9 ++++----- .../dolly/web/provider/web/SessionController.java | 2 ++ .../src/main/js/src/RootComponent.tsx | 12 ++++++------ .../main/js/src/components/ui/appError/AppError.tsx | 3 ++- .../js/src/components/utlogging/navigateToLogin.tsx | 2 +- apps/dolly-frontend/src/main/js/vite.config.js | 3 +++ 8 files changed, 30 insertions(+), 16 deletions(-) diff --git a/apps/dolly-frontend/src/main/java/no/nav/dolly/web/DollyFrontendApplicationStarter.java b/apps/dolly-frontend/src/main/java/no/nav/dolly/web/DollyFrontendApplicationStarter.java index af56b0e4c11..0a48ab5f5eb 100644 --- a/apps/dolly-frontend/src/main/java/no/nav/dolly/web/DollyFrontendApplicationStarter.java +++ b/apps/dolly-frontend/src/main/java/no/nav/dolly/web/DollyFrontendApplicationStarter.java @@ -133,4 +133,4 @@ private Function> createRoute(String segment, St .filters(filter, addUserJwtHeaderFilter()) ).uri(host); } -} \ No newline at end of file +} diff --git a/apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/IdportenSecurityConfig.java b/apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/IdportenSecurityConfig.java index 10910c26a2c..7a597553d66 100644 --- a/apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/IdportenSecurityConfig.java +++ b/apps/dolly-frontend/src/main/java/no/nav/dolly/web/config/IdportenSecurityConfig.java @@ -20,6 +20,7 @@ import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver; import org.springframework.security.web.server.SecurityWebFilterChain; import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers; +import reactor.core.publisher.Mono; @Slf4j @@ -59,7 +60,8 @@ public SecurityWebFilterChain configure(ServerHttpSecurity http, ServerOAuth2Aut var logoutSuccessHandler = new LogoutSuccessHandler(); logoutSuccessHandler.applyOn("idporten", new IdportenOcidLogoutUrlResolver(wellKnownUrl, postLogoutRedirectUri)); - return http.cors(ServerHttpSecurity.CorsSpec::disable) + return http + .cors(ServerHttpSecurity.CorsSpec::disable) .csrf(ServerHttpSecurity.CsrfSpec::disable) .authorizeExchange(authorizeExchangeSpec -> authorizeExchangeSpec.pathMatchers( "/internal/isReady", @@ -78,10 +80,17 @@ public SecurityWebFilterChain configure(ServerHttpSecurity http, ServerOAuth2Aut ).permitAll() .anyExchange().authenticated()) .oauth2Login(oAuth2LoginSpec -> oAuth2LoginSpec + .authenticationFailureHandler((webFilterExchange, exception) -> { + log.error("Failed to authenticate user", exception); + return Mono.error(exception); + }) .authenticationManager(authenticationManager) .authorizationRequestResolver(requestResolver) .authenticationSuccessHandler(authenticationSuccessHandler)) - .formLogin(formLoginSpec -> formLoginSpec.loginPage(LOGIN)) + .formLogin(formLoginSpec -> formLoginSpec.loginPage(LOGIN).authenticationFailureHandler((webFilterExchange, exception) -> { + log.error("Failed to authenticate user", exception); + return Mono.error(exception); + })) .logout(logoutSpec -> logoutSpec .logoutUrl(LOGOUT) .requiresLogout(ServerWebExchangeMatchers.pathMatchers(HttpMethod.GET, LOGOUT)) diff --git a/apps/dolly-frontend/src/main/java/no/nav/dolly/web/provider/web/LogController.java b/apps/dolly-frontend/src/main/java/no/nav/dolly/web/provider/web/LogController.java index 6dbeb75ee68..7022bc5e8f4 100644 --- a/apps/dolly-frontend/src/main/java/no/nav/dolly/web/provider/web/LogController.java +++ b/apps/dolly-frontend/src/main/java/no/nav/dolly/web/provider/web/LogController.java @@ -2,6 +2,9 @@ import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import no.nav.dolly.web.domain.LogEvent; +import no.nav.dolly.web.provider.web.dto.LogEventDTO; +import no.nav.dolly.web.service.LogService; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.PostMapping; @@ -12,10 +15,6 @@ import org.springframework.web.server.ServerWebExchange; import reactor.core.publisher.Mono; -import no.nav.dolly.web.domain.LogEvent; -import no.nav.dolly.web.provider.web.dto.LogEventDTO; -import no.nav.dolly.web.service.LogService; - @Slf4j @RestController @@ -34,6 +33,6 @@ public Mono> logg( ) { return logService .log(new LogEvent(dto, userAgent, host), exchange) - .map(response -> ResponseEntity.noContent().build()); + .then(Mono.fromCallable(() -> ResponseEntity.noContent().build())); } } diff --git a/apps/dolly-frontend/src/main/java/no/nav/dolly/web/provider/web/SessionController.java b/apps/dolly-frontend/src/main/java/no/nav/dolly/web/provider/web/SessionController.java index f847d96cb08..0652790796c 100644 --- a/apps/dolly-frontend/src/main/java/no/nav/dolly/web/provider/web/SessionController.java +++ b/apps/dolly-frontend/src/main/java/no/nav/dolly/web/provider/web/SessionController.java @@ -46,6 +46,7 @@ public Mono> delete(ServerWebExchange exchange) { public Mono> addUserToSession(@RequestParam String organisasjonsnummer, ServerWebExchange exchange) { return personOrganisasjonTilgangConsumer .hasAccess(organisasjonsnummer, exchange) + .doOnError(e -> log.error("Feil ved sjekk av tilgang til org {}", organisasjonsnummer, e)) .flatMap(hasAccess -> { if (Boolean.FALSE.equals(hasAccess)) { log.error("Bruker mangler tilgang til org {}", organisasjonsnummer); @@ -55,6 +56,7 @@ public Mono> addUserToSession(@RequestParam String organisasjo } return brukerService.getId(organisasjonsnummer, exchange).flatMap(id -> exchange .getSession() + .doOnError(e -> log.error("Feil ved lagring av bruker i session", e)) .doOnSuccess(session -> session.getAttributes().put(UserSessionConstant.SESSION_USER_ID_KEY, id)) .map(value -> ResponseEntity.ok().build()) ).switchIfEmpty(Mono.just(ResponseEntity.notFound().build())); diff --git a/apps/dolly-frontend/src/main/js/src/RootComponent.tsx b/apps/dolly-frontend/src/main/js/src/RootComponent.tsx index 5e0d28ca773..416536453e3 100644 --- a/apps/dolly-frontend/src/main/js/src/RootComponent.tsx +++ b/apps/dolly-frontend/src/main/js/src/RootComponent.tsx @@ -67,9 +67,9 @@ const ErrorView = () => { } export const RootComponent = () => ( - - - + + + ( } path="*" element={} /> - - - + + + ) diff --git a/apps/dolly-frontend/src/main/js/src/components/ui/appError/AppError.tsx b/apps/dolly-frontend/src/main/js/src/components/ui/appError/AppError.tsx index de98befe24f..27c599c42d4 100644 --- a/apps/dolly-frontend/src/main/js/src/components/ui/appError/AppError.tsx +++ b/apps/dolly-frontend/src/main/js/src/components/ui/appError/AppError.tsx @@ -19,10 +19,11 @@ export const AppError = ({ error, stackTrace, style }: Props) => { ] useEffect(() => { + console.error('Ukjent error i Dolly: ' + error) if (errorsRequiringReload.some((e) => error?.toString()?.includes(e))) { navigate(0) } - }, []) + }, [error]) return (
diff --git a/apps/dolly-frontend/src/main/js/src/components/utlogging/navigateToLogin.tsx b/apps/dolly-frontend/src/main/js/src/components/utlogging/navigateToLogin.tsx index e827e3777de..36cf89d8f22 100644 --- a/apps/dolly-frontend/src/main/js/src/components/utlogging/navigateToLogin.tsx +++ b/apps/dolly-frontend/src/main/js/src/components/utlogging/navigateToLogin.tsx @@ -1,4 +1,4 @@ export const navigateToLogin = (feilmelding?: string) => { - console.error(feilmelding) + console.error('Ukjent feil i Dolly, feilmelding: ' + feilmelding) window.location.href = '/login' } diff --git a/apps/dolly-frontend/src/main/js/vite.config.js b/apps/dolly-frontend/src/main/js/vite.config.js index 7eb7aaa3a09..8ac6bceb9be 100644 --- a/apps/dolly-frontend/src/main/js/vite.config.js +++ b/apps/dolly-frontend/src/main/js/vite.config.js @@ -47,6 +47,9 @@ export default defineConfig(({ mode }) => ({ outDir: 'build', sourcemap: true, cssCodeSplit: false, + rollupOptions: { + external: ['./nais.js'], + }, }, optimizeDeps: { exclude: ['node_modules/.cache'] }, resolve: {