From 13f4158d7e05498d5e52b837e6bbf9aff08f6a91 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=98yvind=20N=2E=20Wed=C3=B8e?=
 <oyvind.norsted.wedoe@nav.no>
Date: Wed, 10 Jul 2024 14:01:20 +0200
Subject: [PATCH] Test downloading vedlegg by signed url.

---
 .../kotlin/no/nav/klage/clients/FileClient.kt   | 17 +++++++++++++++++
 .../no/nav/klage/controller/KlankeController.kt | 15 ++++-----------
 .../no/nav/klage/service/VedleggService.kt      | 14 ++++++++++++++
 .../kotlin/no/nav/klage/util/LoggerUtils.kt     | 13 ++++++++++++-
 src/main/resources/application-dev-gcp.yml      |  2 +-
 5 files changed, 48 insertions(+), 13 deletions(-)

diff --git a/src/main/kotlin/no/nav/klage/clients/FileClient.kt b/src/main/kotlin/no/nav/klage/clients/FileClient.kt
index fde615e5..704cda3f 100644
--- a/src/main/kotlin/no/nav/klage/clients/FileClient.kt
+++ b/src/main/kotlin/no/nav/klage/clients/FileClient.kt
@@ -1,7 +1,10 @@
 package no.nav.klage.clients
 
 import no.nav.klage.util.getLogger
+import no.nav.klage.util.getSecureLogger
+import no.nav.klage.util.logErrorResponse
 import org.springframework.http.HttpHeaders
+import org.springframework.http.HttpStatusCode
 import org.springframework.http.client.MultipartBodyBuilder
 import org.springframework.stereotype.Component
 import org.springframework.web.reactive.function.BodyInserters
@@ -17,6 +20,7 @@ class FileClient(
     companion object {
         @Suppress("JAVA_CLASS_ON_COMPANION")
         private val logger = getLogger(javaClass.enclosingClass)
+        private val secureLogger = getSecureLogger()
     }
 
     //TODO: Rydd i fillageret nå som vi ikke lenger trenger det.
@@ -52,6 +56,19 @@ class FileClient(
             .block() ?: throw RuntimeException("Attachment could not be fetched")
     }
 
+    fun getVedleggFileAsSignedUrl(vedleggRef: String): String {
+        logger.debug("Fetching vedlegg file (signed URL) with vedlegg ref {}", vedleggRef)
+        return fileWebClient.get()
+            .uri { it.path("/attachment/{id}/signedurl").build(vedleggRef) }
+            .header(HttpHeaders.AUTHORIZATION, "Bearer ${azureADClient.klageFileApiOidcToken()}")
+            .retrieve()
+            .onStatus(HttpStatusCode::isError) { response ->
+                logErrorResponse(response, ::getVedleggFileAsSignedUrl.name, secureLogger)
+            }
+            .bodyToMono<String>()
+            .block()!!
+    }
+
     fun deleteVedleggFile(vedleggRef: String): Boolean {
         logger.debug("Deleting vedlegg file with vedlegg ref {}", vedleggRef)
         val deletedInFileStore = fileWebClient.delete()
diff --git a/src/main/kotlin/no/nav/klage/controller/KlankeController.kt b/src/main/kotlin/no/nav/klage/controller/KlankeController.kt
index bc40db2f..fd071e25 100644
--- a/src/main/kotlin/no/nav/klage/controller/KlankeController.kt
+++ b/src/main/kotlin/no/nav/klage/controller/KlankeController.kt
@@ -23,6 +23,7 @@ import org.springframework.http.ResponseEntity
 import org.springframework.http.codec.ServerSentEvent
 import org.springframework.web.bind.annotation.*
 import org.springframework.web.multipart.MultipartFile
+import org.springframework.web.servlet.ModelAndView
 import reactor.core.publisher.Flux
 import java.io.FileInputStream
 import java.io.InputStream
@@ -338,7 +339,7 @@ class KlankeController(
     fun getVedleggFromKlanke(
         @PathVariable klankeId: UUID,
         @PathVariable vedleggId: UUID
-    ): ResponseEntity<ByteArray> {
+    ): ModelAndView {
         val bruker = brukerService.getBruker()
         logger.debug("Get vedlegg to klanke is requested. KlankeId: {} - VedleggId: {}", klankeId, vedleggId)
         secureLogger.debug(
@@ -348,16 +349,8 @@ class KlankeController(
             bruker.folkeregisteridentifikator.identifikasjonsnummer
         )
 
-        val content = vedleggService.getVedleggFromKlanke(klankeId, vedleggId, bruker)
-
-        val responseHeaders = HttpHeaders()
-        responseHeaders.contentType = MediaType.valueOf("application/pdf")
-        responseHeaders.add("Content-Disposition", "inline; filename=" + "vedlegg.pdf")
-        return ResponseEntity(
-            content,
-            responseHeaders,
-            HttpStatus.OK
-        )
+        val url = vedleggService.getVedleggFromKlankeAsSignedUrl(klankeId, vedleggId, bruker)
+        return ModelAndView("redirect:$url")
     }
 
     @ResponseBody
diff --git a/src/main/kotlin/no/nav/klage/service/VedleggService.kt b/src/main/kotlin/no/nav/klage/service/VedleggService.kt
index 4192c1c1..8ae180a1 100644
--- a/src/main/kotlin/no/nav/klage/service/VedleggService.kt
+++ b/src/main/kotlin/no/nav/klage/service/VedleggService.kt
@@ -87,6 +87,20 @@ class VedleggService(
         }
     }
 
+    fun getVedleggFromKlankeAsSignedUrl(klankeId: UUID, vedleggId: UUID, bruker: Bruker): String {
+        val existingKlanke = klankeRepository.findById(klankeId).get()
+        validationService.checkKlankeStatus(existingKlanke, false)
+        validationService.validateKlankeAccess(existingKlanke, bruker)
+
+        val vedlegg = existingKlanke.vedlegg.find { it.id == vedleggId }
+
+        if (vedlegg != null) {
+            return fileClient.getVedleggFileAsSignedUrl(vedlegg.ref)
+        } else {
+            throw RuntimeException("No vedlegg found with this id: $vedleggId")
+        }
+    }
+
 
     private fun Klanke.attachmentsTotalSize() = this.vedlegg.sumOf { it.sizeInBytes }
 }
diff --git a/src/main/kotlin/no/nav/klage/util/LoggerUtils.kt b/src/main/kotlin/no/nav/klage/util/LoggerUtils.kt
index 1612d373..baf6842d 100644
--- a/src/main/kotlin/no/nav/klage/util/LoggerUtils.kt
+++ b/src/main/kotlin/no/nav/klage/util/LoggerUtils.kt
@@ -2,9 +2,20 @@ package no.nav.klage.util
 
 import org.slf4j.Logger
 import org.slf4j.LoggerFactory
+import org.springframework.web.reactive.function.client.ClientResponse
+import reactor.core.publisher.Mono
 
 fun getLogger(forClass: Class<*>): Logger = LoggerFactory.getLogger(forClass)
 fun getSecureLogger(): Logger = LoggerFactory.getLogger("secure")
 
 fun rootCause(t: Throwable): Throwable = t.cause?.run { rootCause(this) } ?: t
-fun causeClass(t: Throwable) = t.stackTrace?.firstOrNull()?.className ?: ""
\ No newline at end of file
+fun causeClass(t: Throwable) = t.stackTrace?.firstOrNull()?.className ?: ""
+
+fun logErrorResponse(response: ClientResponse, functionName: String, logger: Logger): Mono<RuntimeException> {
+    return response.bodyToMono(String::class.java).map {
+        val errorString =
+            "Got ${response.statusCode()} when requesting $functionName - response body: '$it'"
+        logger.error(errorString)
+        RuntimeException(errorString)
+    }
+}
\ No newline at end of file
diff --git a/src/main/resources/application-dev-gcp.yml b/src/main/resources/application-dev-gcp.yml
index 50f2cf5c..17e6a874 100644
--- a/src/main/resources/application-dev-gcp.yml
+++ b/src/main/resources/application-dev-gcp.yml
@@ -23,7 +23,7 @@ FSS_CLUSTER: dev-fss
 #STS_APIKEY
 #PDL_APIKEY
 
-DRAFT_CLEANUP_CRON: 0 13 13 * * *
+DRAFT_CLEANUP_CRON: 0 13 13 * * THU
 MAX_DRAFT_AGE_IN_DAYS: 90
 
 TENANT_ID: 966ac572-f5b7-4bbe-aa88-c76419c0f851