From 266c75643e0cec7474752fd907cc4b1c29f4ac8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Skarp=C3=A5s?= Date: Mon, 18 Nov 2024 12:26:14 +0100 Subject: [PATCH] =?UTF-8?q?F!!Oppgraderer=20til=20siste=20version=20av=20n?= =?UTF-8?q?av=20token=20support=20som=20inneholder=20fix=20for=20spring=20?= =?UTF-8?q?s=C3=A5rbarhet=20ref=20CWE-178?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build.gradle | 2 +- .../kotlin/no/nav/eessi/pensjon/config/RestTemplateConfig.kt | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/build.gradle b/build.gradle index 51d42b93..b78ca334 100644 --- a/build.gradle +++ b/build.gradle @@ -5,7 +5,7 @@ buildscript { springKafkaVersion = '3.2.4' jacksonModuleKotlinVersion = '2.18.1' cxfVersion = '3.3.4' - tokenSupportVersion = '4.1.4' + tokenSupportVersion = '5.0.11' } } diff --git a/src/main/kotlin/no/nav/eessi/pensjon/config/RestTemplateConfig.kt b/src/main/kotlin/no/nav/eessi/pensjon/config/RestTemplateConfig.kt index a6cac526..178aaef4 100644 --- a/src/main/kotlin/no/nav/eessi/pensjon/config/RestTemplateConfig.kt +++ b/src/main/kotlin/no/nav/eessi/pensjon/config/RestTemplateConfig.kt @@ -87,8 +87,8 @@ class RestTemplateConfig( ): ClientHttpRequestInterceptor { return ClientHttpRequestInterceptor { request: HttpRequest, body: ByteArray?, execution: ClientHttpRequestExecution -> val response = oAuth2AccessTokenService.getAccessToken(clientProperties) - request.headers.setBearerAuth(response.accessToken!!) - val tokenChunks = response.accessToken!!.split(".") + request.headers.setBearerAuth(response.access_token!!) + val tokenChunks = response.access_token!!.split(".") val tokenBody = tokenChunks[1] logger.debug("subject: " + JWTClaimsSet.parse(Base64.getDecoder().decode(tokenBody).decodeToString()).subject) execution.execute(request, body!!)