navikt · rfc3092 · Dec 12, 2024 · Dec 12, 2024 · Dec 13, 2024 · Dec 13, 2024
@@ -1,6 +1,7 @@
 package no.nav.registre.testnorge.profil.service;
 
 import lombok.extern.slf4j.Slf4j;
+import no.nav.testnav.libs.securitycore.domain.azuread.AzureNavClientCredential;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
@@ -15,15 +16,13 @@
 
 import no.nav.testnav.libs.securitycore.command.azuread.OnBehalfOfExchangeCommand;
 import no.nav.testnav.libs.securitycore.domain.AccessToken;
-import no.nav.testnav.libs.securitycore.domain.azuread.AzureNavClientCredential;
-import no.nav.testnav.libs.securitycore.domain.azuread.ClientCredential;
 import no.nav.testnav.libs.servletsecurity.action.GetAuthenticatedToken;
 
 @Slf4j
 @Service
 public class AzureAdTokenService {
     private final WebClient webClient;
-    private final ClientCredential clientCredential;
+    private final AzureNavClientCredential clientCredential;
     private final GetAuthenticatedToken getAuthenticatedToken;
 
     public AzureAdTokenService(

@@ -1,6 +1,5 @@
 package no.nav.testnav.libs.reactivesecurity.config;
 
-import no.nav.testnav.libs.reactivesecurity.domain.AzureNavProxyClientCredential;
 import no.nav.testnav.libs.reactivesecurity.exchange.azuread.NavAzureAdTokenService;
 import no.nav.testnav.libs.reactivesecurity.properties.TrygdeetatenAzureAdResourceServerProperties;
 import org.springframework.beans.factory.annotation.Value;
@@ -14,7 +13,6 @@
 import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedResourceServerType;
 import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedToken;
 import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedUserId;
-import no.nav.testnav.libs.reactivesecurity.domain.AzureTrygdeetatenClientCredential;
 import no.nav.testnav.libs.reactivesecurity.exchange.TokenExchange;
 import no.nav.testnav.libs.reactivesecurity.exchange.azuread.AzureAdTokenService;
 import no.nav.testnav.libs.reactivesecurity.exchange.azuread.TrygdeetatenAzureAdTokenService;
@@ -23,12 +21,10 @@
 import no.nav.testnav.libs.reactivesecurity.properties.AzureAdResourceServerProperties;
 import no.nav.testnav.libs.reactivesecurity.properties.ResourceServerProperties;
 import no.nav.testnav.libs.reactivesecurity.properties.TokenxResourceServerProperties;
-import no.nav.testnav.libs.securitycore.domain.azuread.AzureNavClientCredential;
 import no.nav.testnav.libs.securitycore.domain.tokenx.TokenXProperties;
 
 @Configuration
 @Import({
-        AzureNavClientCredential.class,
         TokenXService.class,
         TokenxResourceServerProperties.class,
         AzureAdResourceServerProperties.class,
@@ -39,9 +35,7 @@
         GetAuthenticatedResourceServerType.class,
         GetAuthenticatedToken.class,
         TokenXProperties.class,
-        AzureTrygdeetatenClientCredential.class,
         TrygdeetatenAzureAdTokenService.class,
-        AzureNavProxyClientCredential.class,
         NavAzureAdTokenService.class
 })
 public class SecureOAuth2ServerToServerConfiguration {

@@ -1,7 +1,7 @@
 package no.nav.testnav.libs.reactivesecurity.exchange.azuread;
 
 import lombok.extern.slf4j.Slf4j;
-import no.nav.testnav.libs.reactivesecurity.domain.AzureNavProxyClientCredential;
+import no.nav.testnav.libs.securitycore.domain.azuread.AzureNavProxyClientCredential;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;

@@ -4,11 +4,11 @@
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import no.nav.testnav.libs.reactivesecurity.action.GetAuthenticatedUserId;
-import no.nav.testnav.libs.reactivesecurity.domain.AzureTrygdeetatenClientCredential;
 import no.nav.testnav.libs.reactivesecurity.exchange.ExchangeToken;
 import no.nav.testnav.libs.securitycore.command.azuread.ClientCredentialExchangeCommand;
 import no.nav.testnav.libs.securitycore.domain.AccessToken;
 import no.nav.testnav.libs.securitycore.domain.ServerProperties;
+import no.nav.testnav.libs.securitycore.domain.azuread.AzureTrygdeetatenClientCredential;
 import no.nav.testnav.libs.securitycore.domain.azuread.ClientCredential;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.HttpHeaders;

@@ -1,6 +1,5 @@
 package no.nav.testnav.libs.reactivesessionsecurity.exchange;
 
-import com.fasterxml.jackson.databind.ObjectMapper;
 import lombok.extern.slf4j.Slf4j;
 import no.nav.testnav.libs.reactivesessionsecurity.resolver.TokenResolver;
 import no.nav.testnav.libs.securitycore.command.azuread.OnBehalfOfExchangeCommand;
@@ -9,7 +8,6 @@
 import no.nav.testnav.libs.securitycore.domain.azuread.AzureNavClientCredential;
 import no.nav.testnav.libs.securitycore.domain.azuread.ClientCredential;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Import;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
 import org.springframework.stereotype.Service;
@@ -19,9 +17,6 @@
 
 @Slf4j
 @Service
-@Import({
-        AzureNavClientCredential.class
-})
 public class AzureAdTokenExchange implements ExchangeToken {
     private final WebClient webClient;
     private final TokenResolver tokenResolver;

@@ -1,16 +1,9 @@
 package no.nav.testnav.libs.securitycore.domain.azuread;
 
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Configuration;
-
-@Configuration
 public class AzureNavClientCredential extends ClientCredential {
 
-    public AzureNavClientCredential(
-            @Value("${AZURE_APP_CLIENT_ID:#{null}}") String clientId,
-            @Value("${AZURE_APP_CLIENT_SECRET:#{null}}") String clientSecret
-    ) {
+    public AzureNavClientCredential(String clientId, String clientSecret) {
         super(clientId, clientSecret);
     }
 
-}
+}
@@ -0,0 +1,17 @@
+package no.nav.testnav.libs.securitycore.domain.azuread;
+
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+
+@Getter
+@EqualsAndHashCode(callSuper = false)
+public class AzureNavProxyClientCredential extends ClientCredential {
+
+    private final String tokenEndpoint;
+
+    public AzureNavProxyClientCredential(String tokenEndpoint, String clientId, String clientSecret) {
+        super(clientId, clientSecret);
+        this.tokenEndpoint = tokenEndpoint;
+    }
+
+}
@@ -0,0 +1,36 @@
+package no.nav.testnav.libs.securitycore.domain.azuread;
+
+import lombok.Getter;
+
+import java.util.Objects;
+
+@Getter
+public class AzureTrygdeetatenClientCredential extends ClientCredential {
+
+    private final String tokenEndpoint;
+
+    public AzureTrygdeetatenClientCredential(String tokenEndpoint, String clientId, String clientSecret) {
+        super(clientId, clientSecret);
+        this.tokenEndpoint = tokenEndpoint;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+        if (!super.equals(o)) {
+            return false;
+        }
+        return Objects.equals(tokenEndpoint, ((AzureTrygdeetatenClientCredential) o).getTokenEndpoint());
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(super.hashCode(), tokenEndpoint);
+    }
+
+}
@@ -1,17 +1,20 @@
 package no.nav.testnav.libs.securitycore.domain.azuread;
 
-import lombok.Data;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
 
-@Data
+@RequiredArgsConstructor
+@Getter
+@EqualsAndHashCode
 public class ClientCredential {
+
     private final String clientId;
     private final String clientSecret;
 
     @Override
     public final String toString() {
-        return "ClientCredential{" +
-                "clientId=[HIDDEN]" +
-                ", clientSecret=[HIDDEN]" +
-                '}';
+        return "ClientCredential{clientId=[HIDDEN],clientSecret=[HIDDEN]}";
     }
+
 }