diff --git a/libs/security-core/src/main/java/no/nav/testnav/libs/securitycore/domain/azuread/AzureNavClientCredential.java b/libs/security-core/src/main/java/no/nav/testnav/libs/securitycore/domain/azuread/AzureNavClientCredential.java index caf3c8a43b4..ee2909d5b6a 100644 --- a/libs/security-core/src/main/java/no/nav/testnav/libs/securitycore/domain/azuread/AzureNavClientCredential.java +++ b/libs/security-core/src/main/java/no/nav/testnav/libs/securitycore/domain/azuread/AzureNavClientCredential.java @@ -3,12 +3,20 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Configuration; +/** + * Get configuration from, in prioritized order: + *
    + *
  1. {@code AZURE_APP_CLIENT_[ID|SECRET]} (provided by NAIS when running in pod)
  2. + *
  3. {@code spring.security.oauth2.client.registration.aad.client-[id|secret]} (configured when running locally)
  4. + *
  5. {@code null} (for test purposes)
  6. + *
+ */ @Configuration public class AzureNavClientCredential extends ClientCredential { public AzureNavClientCredential( - @Value("${spring.security.oauth2.client.registration.aad.client-id:#{null}}") String clientId, - @Value("${spring.security.oauth2.client.registration.aad.client-secret:#{null}}") String clientSecret + @Value("#{systemProperties['AZURE_APP_CLIENT_ID'] ?: '${spring.security.oauth2.client.registration.aad.client-id:#{null}}'}") String clientId, + @Value("#{systemProperties['AZURE_APP_CLIENT_SECRET'] ?: '${spring.security.oauth2.client.registration.aad.client-secret:#{null}}'}") String clientSecret ) { super(clientId, clientSecret); }