chore: accept list of issuers

src/main/kotlin/no/digdir/catalog_view_api/config/SecurityConfig.kt

@@ -5,10 +5,13 @@ import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.http.HttpMethod
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.config.annotation.web.invoke
 import org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator
+import org.springframework.security.oauth2.core.OAuth2TokenValidator
+import org.springframework.security.oauth2.core.OAuth2TokenValidatorResult
 import org.springframework.security.oauth2.jwt.*
 import org.springframework.security.web.SecurityFilterChain
-import org.springframework.security.config.annotation.web.invoke
+import java.util.function.Predicate
 
 @Configuration
 open class SecurityConfig {
@@ -32,10 +35,28 @@ open class SecurityConfig {
         jwtDecoder.setJwtValidator(
             DelegatingOAuth2TokenValidator(
                 JwtTimestampValidator(),
-                JwtIssuerValidator(properties.jwt.issuerUri)
+                CustomJwtIssuerValidator(properties.jwt.issuerUri)
             )
         )
         return jwtDecoder
     }
 
 }
+
+class CustomJwtIssuerValidator(issuer: String) : OAuth2TokenValidator<Jwt> {
+    private val validator: JwtClaimValidator<String>
+
+    /**
+     * Constructs a validator using the provided issuers
+     * @param issuer - A comma seperated list of accepted issuers.
+     */
+    init {
+        val testClaimValue =
+            Predicate { claimValue: String -> issuer.split(",").contains(claimValue) }
+        this.validator = JwtClaimValidator(JwtClaimNames.ISS, testClaimValue)
+    }
+
+    override fun validate(token: Jwt): OAuth2TokenValidatorResult {
+        return validator.validate(token)
+    }
+}