navikt · antonfofanov · Oct 24, 2024 · Oct 24, 2024
@@ -4,7 +4,7 @@ description = "tjenestepensjon-simulering"
 plugins {
     kotlin("jvm") version "1.9.23"
     kotlin("plugin.spring") version "1.9.23"
-    id("org.springframework.boot") version "3.1.12"
+    id("org.springframework.boot") version "3.3.4"
     id("io.spring.dependency-management") version "1.1.6"
 }
 
@@ -21,28 +21,35 @@ dependencies {
     implementation("io.micrometer", "micrometer-registry-prometheus")
     implementation("jakarta.annotation", "jakarta.annotation-api", "2.1.1")
     implementation("javax.xml.soap", "javax.xml.soap-api", "1.4.0")
-    implementation("net.logstash.logback", "logstash-logback-encoder", "7.2")
-    implementation("ch.qos.logback", "logback-access", "1.4.14")
+    implementation("net.logstash.logback", "logstash-logback-encoder", "8.0")
+    implementation("ch.qos.logback.access:logback-access-common:2.0.4")
+    implementation("ch.qos.logback:logback-core:1.5.11")
+    implementation("ch.qos.logback.access:logback-access-tomcat:2.0.4"){
+        exclude("org.apache.tomcat","tomcat-catalina") //classes supplied by spring-boot (tomcat-embed-core) use a newer version (10.1.26 vs 10.0.27 supplied here)
+        exclude("org.apache.tomcat","tomcat-coyote") //classes supplied by spring-boot (tomcat-embed-core) use a newer version (10.1.26 vs 10.0.27 supplied here)
+    }
     implementation("org.yaml","snakeyaml","2.3")
     implementation("org.codehaus.janino:janino:3.1.12")
     implementation("org.codehaus.janino:commons-compiler:3.1.12")
     implementation ("io.github.oshai", "kotlin-logging-jvm", "5.1.0")
     implementation("org.slf4j","slf4j-api", "2.0.12" )
     implementation("org.glassfish.jaxb", "jaxb-runtime", "4.0.1")
     implementation("com.fasterxml.jackson.dataformat:jackson-dataformat-xml:2.15.2")
+    implementation("org.springframework.boot:spring-boot-starter-tomcat") // Spring Boot manages Tomcat
+
+    // Exclude older versions of Tomcat
+    implementation("org.apache.tomcat.embed:tomcat-embed-core:10.1.30")
     implementation("org.springframework.boot", "spring-boot-starter-actuator")
     implementation("org.springframework.boot", "spring-boot-starter-cache")
-    implementation("org.springframework.boot", "spring-boot-starter-web")
-    implementation("org.springframework.boot", "spring-boot-starter-webflux")
+    implementation("org.springframework.boot:spring-boot-starter-web")
+    implementation("org.springframework.boot:spring-boot-starter-webflux")
     implementation("org.springframework.boot", "spring-boot-starter-oauth2-resource-server")
-    implementation("org.springframework.ws", "spring-ws-core", "4.0.3")
+    implementation("org.springframework.ws", "spring-ws-core", "4.0.11")
     testImplementation(kotlin("test-junit5"))
-    testImplementation("com.github.tomakehurst:wiremock:3.0.1")
+    testImplementation("org.wiremock:wiremock-standalone:3.9.2")
     testImplementation("org.mockito.kotlin", "mockito-kotlin", "5.2.1")
     testImplementation("org.springframework.boot", "spring-boot-starter-test")
     testImplementation("org.springframework.security", "spring-security-test")
-    implementation("org.springframework.boot:spring-boot-properties-migrator:3.1.2")
-
 }
 
 tasks {

@@ -1,6 +1,6 @@
 package no.nav.tjenestepensjon.simulering.config
 
-import ch.qos.logback.access.spi.IAccessEvent
+import ch.qos.logback.access.common.spi.IAccessEvent
 import com.fasterxml.jackson.core.JsonGenerator
 import net.logstash.logback.composite.AbstractFieldJsonProvider
 import net.logstash.logback.composite.JsonWritingUtils

@@ -1,6 +1,6 @@
 package no.nav.tjenestepensjon.simulering.config
 
-import ch.qos.logback.access.spi.IAccessEvent
+import ch.qos.logback.access.common.spi.IAccessEvent
 import com.fasterxml.jackson.core.JsonGenerator
 import net.logstash.logback.composite.AbstractFieldJsonProvider
 import net.logstash.logback.composite.JsonWritingUtils

@@ -5,7 +5,7 @@ import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
-import org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver
+import org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver.fromTrustedIssuers
 import org.springframework.security.web.DefaultSecurityFilterChain
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher.antMatcher
 
@@ -15,7 +15,7 @@ class SecurityConfig(
     @Value("\${simulering.security.issuers}")
     issuers: String
 ) {
-    private val issuerResolver = JwtIssuerAuthenticationManagerResolver(issuers.split(','))
+    private val issuerResolver = fromTrustedIssuers(issuers.split(','))
 
     @Bean
     fun configure(http: HttpSecurity): DefaultSecurityFilterChain = http.run {

@@ -11,6 +11,6 @@ class TomcatAccessLogCustomizer : WebServerFactoryCustomizer<TomcatServletWebSer
         val logbackValve = LogbackValve()
         logbackValve.name = "Logback Access"
         logbackValve.filename = "logback-access.xml"
-        factory.addEngineValves(logbackValve)
+        factory.addContextValves(logbackValve)
     }
 }
@@ -2,7 +2,7 @@
 <configuration>
     <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
         <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
-            <evaluator class="ch.qos.logback.access.boolex.JaninoEventEvaluator">
+            <evaluator class="ch.qos.logback.access.common.boolex.JaninoEventEvaluator">
                 <expression>return (event.getRequestURI().contains("/actuator/"));</expression>
             </evaluator>
             <onMatch>DENY</onMatch>

@@ -14,6 +14,7 @@ import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.boot.test.context.SpringBootTest
 import kotlin.test.AfterTest
 
+
 @SpringBootTest
 internal class WebClientConfigTest {
 
@@ -33,6 +34,7 @@ internal class WebClientConfigTest {
 
     @Test
     fun `Should throw exception if read timeout exceeded`() {
+
         assertThrows<RuntimeException> {
             val findTpLeverandorName = tpClient.findTpLeverandorName(TPOrdningIdDto(defaultTssid, defaultTpid))
             print(findTpLeverandorName)

@@ -55,41 +55,49 @@ class TpClientTest {
     @Test
     fun `findForhold med ett forhold`() {
 
-        wireMockServer.stubFor(
+        val stub = wireMockServer.stubFor(
             defaultTjenestepensjonRequest.willReturn(okJson(defaultForhold))
         )
 
         val response = tpClient.findForhold(defaultFNR)
 
         assertEquals(defaultTpid, response.first().ordning)
+
+        wireMockServer.removeStub(stub.uuid)
     }
 
     @Test
     fun `findForhold uten forhold`() {
-        wireMockServer.stubFor(
+        val stub = wireMockServer.stubFor(
             defaultTjenestepensjonRequest.willReturn(okJson("""{"_embedded":{"forholdModelList":[]}}"""))
         )
 
         assertThrows<NoTpOrdningerFoundException> { tpClient.findForhold(defaultFNR) }
+
+        wireMockServer.removeStub(stub.uuid)
     }
 
     @Test
     fun `findForhold person ikke funnet`() {
-        wireMockServer.stubFor(
+        val stub = wireMockServer.stubFor(
             defaultTjenestepensjonRequest.willReturn(notFound())
         )
 
         assertThrows<NoTpOrdningerFoundException> { tpClient.findForhold(defaultFNR) }
+
+        wireMockServer.removeStub(stub.uuid)
     }
 
     @Test
     fun `findForhold unauthorized`() {
-        wireMockServer.stubFor(
+        val stub = wireMockServer.stubFor(
             defaultTjenestepensjonRequest.willReturn(unauthorized())
         )
 
         assertThrows<ResponseStatusException> { tpClient.findForhold(defaultFNR) }
 
+        wireMockServer.removeStub(stub.uuid)
+
     }
 
 }