- Added a CustomOidcReactiveOAuth2UserService bean.

- Added a CustomReactiveOAuth2UserService bean.

apps/endringsmelding-frontend/src/main/java/no/nav/testnav/apps/endringsmeldingfrontend/config/CustomOidcUserService.java → apps/endringsmelding-frontend/src/main/java/no/nav/testnav/apps/endringsmeldingfrontend/config/CustomOidcReactiveOAuth2UserService.java

@@ -3,31 +3,35 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService;
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
-import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
 import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
-import org.springframework.stereotype.Service;
-import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
+import reactor.core.publisher.Mono;
 
 import java.util.LinkedHashSet;
-import java.util.function.BiFunction;
 
-@Service
-@RequiredArgsConstructor
-class CustomOidcUserService extends OidcUserService {
+import static lombok.AccessLevel.PACKAGE;
 
-    private final BiFunction<OidcUserRequest, OidcUserInfo, OidcUser> oidcUserMapper = CustomOidcUserService::getUser;
+@RequiredArgsConstructor(access = PACKAGE)
+class CustomOidcReactiveOAuth2UserService extends OidcReactiveOAuth2UserService {
+
+    /**
+     * Stripped from {@code org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequestUtils#getUser(OidcUserRequest, OidcUserInfo)}.
+     *
+     * @param userRequest OIDC user request.
+     * @return OIDC user.
+     */
+    private static OidcUser getUser(OidcUserRequest userRequest) {
 
-    private static OidcUser getUser(OidcUserRequest userRequest, OidcUserInfo userInfo) {
         var authorities = new LinkedHashSet<GrantedAuthority>();
-        authorities.add(new OidcUserAuthority(userRequest.getIdToken(), userInfo));
-        var token = userRequest.getAccessToken();
-        token
+        authorities.add(new OidcUserAuthority(userRequest.getIdToken(), null));
+        userRequest
+                .getAccessToken()
                 .getScopes()
                 .forEach(scope -> authorities.add(new SimpleGrantedAuthority("SCOPE_" + scope)));
         var providerDetails = userRequest
@@ -37,15 +41,15 @@ private static OidcUser getUser(OidcUserRequest userRequest, OidcUserInfo userIn
                 .getUserInfoEndpoint()
                 .getUserNameAttributeName();
         if (StringUtils.hasText(userNameAttributeName)) {
-            return new DefaultOidcUser(authorities, userRequest.getIdToken(), userInfo, userNameAttributeName);
+            return new DefaultOidcUser(authorities, userRequest.getIdToken(), null, userNameAttributeName);
         }
-        return new DefaultOidcUser(authorities, userRequest.getIdToken(), userInfo);
+        return new DefaultOidcUser(authorities, userRequest.getIdToken(), (OidcUserInfo) null);
+
     }
 
     @Override
-    public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2AuthenticationException {
-        Assert.notNull(userRequest, "userRequest cannot be null");
-        return oidcUserMapper.apply(userRequest, null);
+    public Mono<OidcUser> loadUser(OidcUserRequest userRequest) throws OAuth2AuthenticationException {
+        return Mono.just(getUser(userRequest));
     }
 
 }

apps/endringsmelding-frontend/src/main/java/no/nav/testnav/apps/endringsmeldingfrontend/config/CustomReactiveOAuth2UserService.java

@@ -0,0 +1,20 @@
+package no.nav.testnav.apps.endringsmeldingfrontend.config;
+
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.client.userinfo.ReactiveOAuth2UserService;
+import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import reactor.core.publisher.Mono;
+
+import static lombok.AccessLevel.PACKAGE;
+
+@RequiredArgsConstructor(access = PACKAGE)
+class CustomReactiveOAuth2UserService implements ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User> {
+
+    @Override
+    public Mono<OAuth2User> loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
+        return Mono.empty();
+    }
+
+}

apps/endringsmelding-frontend/src/main/java/no/nav/testnav/apps/endringsmeldingfrontend/config/CustomReactiveOauth2Config.java

@@ -0,0 +1,23 @@
+package no.nav.testnav.apps.endringsmeldingfrontend.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
+import org.springframework.security.oauth2.client.userinfo.ReactiveOAuth2UserService;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+
+@Configuration
+public class CustomReactiveOauth2Config {
+
+    @Bean
+    public ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User> reactiveOAuth2UserService() {
+        return new CustomReactiveOAuth2UserService();
+    }
+
+    @Bean
+    public OidcReactiveOAuth2UserService oidcReactiveOAuth2UserService() {
+        return new CustomOidcReactiveOAuth2UserService();
+    }
+
+}

apps/endringsmelding-frontend/src/main/java/no/nav/testnav/apps/endringsmeldingfrontend/config/SecurityConfig.java

@@ -4,18 +4,17 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
-import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
-import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
-import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 
+import static org.springframework.security.config.Customizer.withDefaults;
+
 
 @Configuration
 @EnableWebFluxSecurity
 public class SecurityConfig {
 
     @Bean
-    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
+    public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
         return http
                 .cors(ServerHttpSecurity.CorsSpec::disable)
                 .csrf(ServerHttpSecurity.CsrfSpec::disable)
@@ -27,14 +26,8 @@ public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http)
                         .permitAll()
                         .anyExchange()
                         .authenticated())
-                .oauth2Login(oauth2Login -> {
-                })
+                .oauth2Login(withDefaults())
                 .build();
     }
 
-    @Bean
-    public OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService() {
-        return new CustomOidcUserService();
-    }
-
 }