IS-1689: Use istilgangskontroll

.nais/naiserator-dev.yaml

@@ -42,8 +42,6 @@ spec:
     inbound:
       rules:
         - application: syfomodiaperson
-          namespace: teamsykefravr
-          cluster: dev-gcp
         - application: soknad-api
           namespace: aap
           cluster: dev-gcp
@@ -59,7 +57,7 @@ spec:
         - host: "syfopartnerinfo.dev-fss-pub.nais.io"
       rules:
         - application: fastlegerest
-        - application: syfo-tilgangskontroll
+        - application: istilgangskontroll
   azure:
     application:
       allowAllUsers: true
@@ -115,7 +113,7 @@ spec:
       value: "dev-fss.teamsykefravr.syfopartnerinfo"
     - name: SYFOPARTNERINFO_URL
       value: "https://syfopartnerinfo.dev-fss-pub.nais.io"
-    - name: SYFOTILGANGSKONTROLL_CLIENT_ID
-      value: "dev-gcp.teamsykefravr.syfo-tilgangskontroll"
-    - name: SYFOTILGANGSKONTROLL_URL
-      value: "http://syfo-tilgangskontroll"
+    - name: ISTILGANGSKONTROLL_CLIENT_ID
+      value: "dev-gcp.teamsykefravr.istilgangskontroll"
+    - name: ISTILGANGSKONTROLL_URL
+      value: "http://istilgangskontroll"

.nais/naiserator-prod.yaml

@@ -42,8 +42,6 @@ spec:
     inbound:
       rules:
         - application: syfomodiaperson
-          namespace: teamsykefravr
-          cluster: prod-gcp
         - application: soknad-api
           namespace: aap
           cluster: prod-gcp
@@ -59,7 +57,7 @@ spec:
         - host: "syfopartnerinfo.prod-fss-pub.nais.io"
       rules:
         - application: fastlegerest
-        - application: syfo-tilgangskontroll
+        - application: istilgangskontroll
   azure:
     application:
       allowAllUsers: true
@@ -116,7 +114,7 @@ spec:
       value: "prod-fss.teamsykefravr.syfopartnerinfo"
     - name: SYFOPARTNERINFO_URL
       value: "https://syfopartnerinfo.prod-fss-pub.nais.io"
-    - name: SYFOTILGANGSKONTROLL_CLIENT_ID
-      value: "prod-gcp.teamsykefravr.syfo-tilgangskontroll"
-    - name: SYFOTILGANGSKONTROLL_URL
-      value: "http://syfo-tilgangskontroll"
+    - name: ISTILGANGSKONTROLL_CLIENT_ID
+      value: "prod-gcp.teamsykefravr.istilgangskontroll"
+    - name: ISTILGANGSKONTROLL_URL
+      value: "http://istilgangskontroll"

src/main/kotlin/no/nav/syfo/App.kt

@@ -69,8 +69,8 @@ fun main() {
     )
     val veilederTilgangskontrollClient = VeilederTilgangskontrollClient(
         azureAdClient = azureAdClient,
-        syfotilgangskontrollClientId = environment.syfotilgangskontrollClientId,
-        tilgangskontrollBaseUrl = environment.syfotilgangskontrollUrl,
+        istilgangskontrollClientId = environment.istilgangskontrollClientId,
+        tilgangskontrollBaseUrl = environment.istilgangskontrollUrl,
     )
     val dialogmeldingStatusProducer = DialogmeldingStatusProducer(
         kafkaProducer = KafkaProducer(

src/main/kotlin/no/nav/syfo/application/ApplicationEnvironment.kt

@@ -58,8 +58,8 @@ data class Environment(
     val pdlUrl: String = getEnvVar("PDL_URL"),
     val syfoPartnerinfoClientId: String = getEnvVar("SYFOPARTNERINFO_CLIENT_ID"),
     val syfoPartnerinfoUrl: String = getEnvVar("SYFOPARTNERINFO_URL"),
-    val syfotilgangskontrollClientId: String = getEnvVar("SYFOTILGANGSKONTROLL_CLIENT_ID"),
-    val syfotilgangskontrollUrl: String = getEnvVar("SYFOTILGANGSKONTROLL_URL"),
+    val istilgangskontrollClientId: String = getEnvVar("ISTILGANGSKONTROLL_CLIENT_ID"),
+    val istilgangskontrollUrl: String = getEnvVar("ISTILGANGSKONTROLL_URL"),
 ) {
     fun jdbcUrl(): String {
         return "jdbc:postgresql://$isdialogmeldingDbHost:$isdialogmeldingDbPort/$isdialogmeldingDbName"

src/main/kotlin/no/nav/syfo/client/veiledertilgang/Tilgang.kt

@@ -1,5 +1,5 @@
 package no.nav.syfo.client.veiledertilgang
 
 data class Tilgang(
-    val harTilgang: Boolean,
+    val erGodkjent: Boolean,
 )

src/main/kotlin/no/nav/syfo/client/veiledertilgang/TilgangskontrollClientMetric.kt

@@ -10,11 +10,11 @@ const val CALL_TILGANGSKONTROLL_PERSON_FAIL = "${CALL_TILGANGSKONTROLL_PERSON_BA
 const val CALL_TILGANGSKONTROLL_PERSON_FORBIDDEN = "${CALL_TILGANGSKONTROLL_PERSON_BASE}_forbidden_count"
 
 val COUNT_CALL_TILGANGSKONTROLL_PERSON_SUCCESS: Counter = Counter.builder(CALL_TILGANGSKONTROLL_PERSON_SUCCESS)
-    .description("Counts the number of successful calls to syfo-tilgangskontroll - person")
+    .description("Counts the number of successful calls to istilgangskontroll - person")
     .register(METRICS_REGISTRY)
 val COUNT_CALL_TILGANGSKONTROLL_PERSON_FAIL: Counter = Counter.builder(CALL_TILGANGSKONTROLL_PERSON_FAIL)
-    .description("Counts the number of failed calls to syfo-tilgangskontroll - person")
+    .description("Counts the number of failed calls to istilgangskontroll - person")
     .register(METRICS_REGISTRY)
 val COUNT_CALL_TILGANGSKONTROLL_PERSON_FORBIDDEN: Counter = Counter.builder(CALL_TILGANGSKONTROLL_PERSON_FORBIDDEN)
-    .description("Counts the number of forbidden calls to syfo-tilgangskontroll - person")
+    .description("Counts the number of forbidden calls to istilgangskontroll - person")
     .register(METRICS_REGISTRY)

src/main/kotlin/no/nav/syfo/client/veiledertilgang/VeilederTilgangskontrollClient.kt

@@ -18,7 +18,7 @@ import org.slf4j.LoggerFactory
 
 class VeilederTilgangskontrollClient(
     private val azureAdClient: AzureAdClient,
-    private val syfotilgangskontrollClientId: String,
+    private val istilgangskontrollClientId: String,
     tilgangskontrollBaseUrl: String,
     private val httpClient: HttpClient = httpClientDefault(),
 ) {
@@ -30,7 +30,7 @@ class VeilederTilgangskontrollClient(
         token: String,
     ): Boolean {
         val onBehalfOfToken = azureAdClient.getOnBehalfOfToken(
-            scopeClientId = syfotilgangskontrollClientId,
+            scopeClientId = istilgangskontrollClientId,
             token = token,
         )?.accessToken ?: throw RuntimeException("Failed to request access to Person: Failed to get OBO token")
 
@@ -42,7 +42,7 @@ class VeilederTilgangskontrollClient(
                 accept(ContentType.Application.Json)
             }
             COUNT_CALL_TILGANGSKONTROLL_PERSON_SUCCESS.increment()
-            response.body<Tilgang>().harTilgang
+            response.body<Tilgang>().erGodkjent
         } catch (e: ClientRequestException) {
             if (e.response.status == HttpStatusCode.Forbidden) {
                 COUNT_CALL_TILGANGSKONTROLL_PERSON_FORBIDDEN.increment()
@@ -61,7 +61,7 @@ class VeilederTilgangskontrollClient(
         callId: String,
     ) {
         log.error(
-            "Error while requesting access to person from syfo-tilgangskontroll with {}, {}",
+            "Error while requesting access to person from istilgangskontroll with {}, {}",
             StructuredArguments.keyValue("statusCode", response.status.value.toString()),
             callIdArgument(callId)
         )
@@ -71,6 +71,6 @@ class VeilederTilgangskontrollClient(
     companion object {
         private val log = LoggerFactory.getLogger(VeilederTilgangskontrollClient::class.java)
 
-        const val TILGANGSKONTROLL_PERSON_PATH = "/syfo-tilgangskontroll/api/tilgang/navident/person"
+        const val TILGANGSKONTROLL_PERSON_PATH = "/api/tilgang/navident/person"
     }
 }

src/test/kotlin/no/nav/syfo/testhelper/TestApiModule.kt

@@ -22,8 +22,8 @@ fun Application.testApiModule(
     )
     val veilederTilgangskontrollClient = VeilederTilgangskontrollClient(
         azureAdClient = azureAdClient,
-        syfotilgangskontrollClientId = externalMockEnvironment.environment.syfotilgangskontrollClientId,
-        tilgangskontrollBaseUrl = externalMockEnvironment.environment.syfotilgangskontrollUrl,
+        istilgangskontrollClientId = externalMockEnvironment.environment.istilgangskontrollClientId,
+        tilgangskontrollBaseUrl = externalMockEnvironment.environment.istilgangskontrollUrl,
         httpClient = mockHttpClient,
     )
     this.apiModule(

src/test/kotlin/no/nav/syfo/testhelper/TestEnvironment.kt

@@ -50,8 +50,8 @@ fun testEnvironment() = Environment(
     pdlUrl = "pdlUrl",
     syfoPartnerinfoClientId = "syfopartnerinfo-client-id",
     syfoPartnerinfoUrl = "syfoPartnerinfoUrl",
-    syfotilgangskontrollClientId = "syfo-tilgangskontroll-client-id",
-    syfotilgangskontrollUrl = "syfoTilgangskontrollUrl",
+    istilgangskontrollClientId = "istilgangskontroll-client-id",
+    istilgangskontrollUrl = "isTilgangskontrollUrl",
 )
 
 const val testAapSoknadApiClientId = "soknad-api-client-id"

src/test/kotlin/no/nav/syfo/testhelper/mocks/MockHttpClient.kt

@@ -12,7 +12,7 @@ fun mockHttpClient(environment: Environment) = HttpClient(MockEngine) {
             val requestUrl = request.url.encodedPath
             when {
                 requestUrl == "/${environment.azureOpenidConfigTokenEndpoint}" -> azureAdMockResponse()
-                requestUrl.startsWith("/${environment.syfotilgangskontrollUrl}") -> syfoTilgangskontrollResponse(
+                requestUrl.startsWith("/${environment.istilgangskontrollUrl}") -> tilgangskontrollResponse(
                     request
                 )
 

src/test/kotlin/no/nav/syfo/testhelper/mocks/SyfoTilgangskontrollMock.kt

@@ -6,9 +6,9 @@ import no.nav.syfo.client.veiledertilgang.Tilgang
 import no.nav.syfo.testhelper.UserConstants.ARBEIDSTAKER_VEILEDER_NO_ACCESS
 import no.nav.syfo.util.NAV_PERSONIDENT_HEADER
 
-fun MockRequestHandleScope.syfoTilgangskontrollResponse(request: HttpRequestData): HttpResponseData {
+fun MockRequestHandleScope.tilgangskontrollResponse(request: HttpRequestData): HttpResponseData {
     return when (request.headers[NAV_PERSONIDENT_HEADER]) {
-        ARBEIDSTAKER_VEILEDER_NO_ACCESS.value -> respondOk(Tilgang(harTilgang = false))
-        else -> respondOk(Tilgang(harTilgang = true))
+        ARBEIDSTAKER_VEILEDER_NO_ACCESS.value -> respondOk(Tilgang(erGodkjent = false))
+        else -> respondOk(Tilgang(erGodkjent = true))
     }
 }