From 5ca8307223fbc08fecf047024ee81c12784c96a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Knut=20Arild=20Sl=C3=A5tsve?= <53740375+KnutArildSlaatsve@users.noreply.github.com> Date: Thu, 7 Dec 2023 06:59:23 +0100 Subject: [PATCH] Fjernet IDPorten level 4 acr claim (#412) --- .../no/nav/tag/innsynAareg/controller/AaregController.kt | 3 +-- .../no/nav/tag/innsynAareg/controller/AltinnController.kt | 3 +-- .../tag/innsynAareg/controller/EnhetsregisteretController.kt | 3 +-- .../no/nav/tag/innsynAareg/controller/InnloggingsController.kt | 3 +-- .../kotlin/no/nav/tag/innsynAareg/utils/AutentisertBruker.kt | 1 - 5 files changed, 4 insertions(+), 9 deletions(-) diff --git a/src/main/kotlin/no/nav/tag/innsynAareg/controller/AaregController.kt b/src/main/kotlin/no/nav/tag/innsynAareg/controller/AaregController.kt index ad4190f..3452037 100644 --- a/src/main/kotlin/no/nav/tag/innsynAareg/controller/AaregController.kt +++ b/src/main/kotlin/no/nav/tag/innsynAareg/controller/AaregController.kt @@ -8,7 +8,6 @@ import no.nav.tag.innsynAareg.service.InnsynService import no.nav.tag.innsynAareg.utils.ACR_CLAIM_NEW import no.nav.tag.innsynAareg.utils.AutentisertBruker import no.nav.tag.innsynAareg.utils.ISSUER -import no.nav.tag.innsynAareg.utils.ACR_CLAIM_OLD import org.springframework.http.HttpStatus import org.springframework.http.ResponseEntity import org.springframework.web.bind.annotation.GetMapping @@ -18,7 +17,7 @@ import org.springframework.web.bind.annotation.RestController @RestController @ProtectedWithClaims( issuer = ISSUER, - claimMap = [ACR_CLAIM_OLD, ACR_CLAIM_NEW], + claimMap = [ACR_CLAIM_NEW], combineWithOr = true, ) class AaregController( diff --git a/src/main/kotlin/no/nav/tag/innsynAareg/controller/AltinnController.kt b/src/main/kotlin/no/nav/tag/innsynAareg/controller/AltinnController.kt index b3793bd..666758e 100644 --- a/src/main/kotlin/no/nav/tag/innsynAareg/controller/AltinnController.kt +++ b/src/main/kotlin/no/nav/tag/innsynAareg/controller/AltinnController.kt @@ -8,7 +8,6 @@ import no.nav.tag.innsynAareg.models.AltinnOppslagVellykket import no.nav.tag.innsynAareg.utils.ACR_CLAIM_NEW import no.nav.tag.innsynAareg.utils.AutentisertBruker import no.nav.tag.innsynAareg.utils.ISSUER -import no.nav.tag.innsynAareg.utils.ACR_CLAIM_OLD import org.springframework.http.HttpStatus import org.springframework.http.ResponseEntity import org.springframework.web.bind.annotation.GetMapping @@ -17,7 +16,7 @@ import org.springframework.web.bind.annotation.RestController @ProtectedWithClaims( issuer = ISSUER, - claimMap = [ACR_CLAIM_OLD, ACR_CLAIM_NEW], + claimMap = [ACR_CLAIM_NEW], combineWithOr = true, ) @RestController diff --git a/src/main/kotlin/no/nav/tag/innsynAareg/controller/EnhetsregisteretController.kt b/src/main/kotlin/no/nav/tag/innsynAareg/controller/EnhetsregisteretController.kt index 506e149..c1bc966 100644 --- a/src/main/kotlin/no/nav/tag/innsynAareg/controller/EnhetsregisteretController.kt +++ b/src/main/kotlin/no/nav/tag/innsynAareg/controller/EnhetsregisteretController.kt @@ -4,7 +4,6 @@ import no.nav.tag.innsynAareg.client.altinn.dto.Organisasjon import no.nav.tag.innsynAareg.client.enhetsregisteret.EnhetsregisteretClient import no.nav.tag.innsynAareg.utils.ACR_CLAIM_NEW import no.nav.tag.innsynAareg.utils.ISSUER -import no.nav.tag.innsynAareg.utils.ACR_CLAIM_OLD import org.springframework.http.ResponseEntity import org.springframework.web.bind.annotation.GetMapping import org.springframework.web.bind.annotation.RequestHeader @@ -13,7 +12,7 @@ import org.springframework.web.bind.annotation.RestController @RestController @ProtectedWithClaims( issuer = ISSUER, - claimMap = [ACR_CLAIM_OLD, ACR_CLAIM_NEW], + claimMap = [ACR_CLAIM_NEW], combineWithOr = true, ) class EnhetsregisteretController( diff --git a/src/main/kotlin/no/nav/tag/innsynAareg/controller/InnloggingsController.kt b/src/main/kotlin/no/nav/tag/innsynAareg/controller/InnloggingsController.kt index 77044f9..5386189 100644 --- a/src/main/kotlin/no/nav/tag/innsynAareg/controller/InnloggingsController.kt +++ b/src/main/kotlin/no/nav/tag/innsynAareg/controller/InnloggingsController.kt @@ -2,7 +2,6 @@ package no.nav.tag.innsynAareg.controller import no.nav.security.token.support.core.api.ProtectedWithClaims import no.nav.tag.innsynAareg.utils.ACR_CLAIM_NEW import no.nav.tag.innsynAareg.utils.ISSUER -import no.nav.tag.innsynAareg.utils.ACR_CLAIM_OLD import org.springframework.http.CacheControl import org.springframework.http.ResponseEntity import org.springframework.web.bind.annotation.GetMapping @@ -12,7 +11,7 @@ import org.springframework.web.bind.annotation.RestController @RestController @ProtectedWithClaims( issuer = ISSUER, - claimMap = [ACR_CLAIM_OLD, ACR_CLAIM_NEW], + claimMap = [ACR_CLAIM_NEW], combineWithOr = true, ) class InnloggingsController { diff --git a/src/main/kotlin/no/nav/tag/innsynAareg/utils/AutentisertBruker.kt b/src/main/kotlin/no/nav/tag/innsynAareg/utils/AutentisertBruker.kt index 0edbc47..e694c8d 100644 --- a/src/main/kotlin/no/nav/tag/innsynAareg/utils/AutentisertBruker.kt +++ b/src/main/kotlin/no/nav/tag/innsynAareg/utils/AutentisertBruker.kt @@ -4,7 +4,6 @@ import no.nav.security.token.support.core.context.TokenValidationContextHolder import no.nav.security.token.support.core.jwt.JwtToken import org.springframework.stereotype.Component -const val ACR_CLAIM_OLD = "acr=Level4" const val ACR_CLAIM_NEW = "acr=idporten-loa-high" const val ISSUER = "tokenx"