diff --git a/token-client-core/src/main/kotlin/no/nav/security/token/support/client/core/oauth2/OAuth2AccessTokenResponse.kt b/token-client-core/src/main/kotlin/no/nav/security/token/support/client/core/oauth2/OAuth2AccessTokenResponse.kt index ef40cb42..51ef8458 100644 --- a/token-client-core/src/main/kotlin/no/nav/security/token/support/client/core/oauth2/OAuth2AccessTokenResponse.kt +++ b/token-client-core/src/main/kotlin/no/nav/security/token/support/client/core/oauth2/OAuth2AccessTokenResponse.kt @@ -1,14 +1,15 @@ package no.nav.security.token.support.client.core.oauth2 - data class OAuth2AccessTokenResponse (@get:JvmName("getAccessToken") var access_token : String? = null, - @get:JvmName("getExpiresAt") var expires_at : Int? = null, - @get:JvmName("getExpiresIn") var expires_in : Int? = 60, - private val additionalParameters : Map = emptyMap()) { +data class OAuth2AccessTokenResponse (@get:JvmName("getAccessToken") var access_token : String? = null, + @get:JvmName("getExpiresAt") var expires_at : Int? = null, + @get:JvmName("getExpiresIn") var expires_in : Int? = 60, + private val additionalParameters : Map = emptyMap()) { - @Deprecated(message = "Ikke bruk denne", replaceWith = ReplaceWith("getAccessToken()")) - fun getAccess_token() = access_token - @Deprecated(message = "Ikke bruk denne", replaceWith = ReplaceWith("getExpiresAt()")) - fun getExpires_at() = expires_at - @Deprecated(message = "Ikke bruk denne", replaceWith = ReplaceWith("getExpiresIn()")) - fun getExpires_in() = expires_in + + @Deprecated(message = "Ikke bruk denne", replaceWith = ReplaceWith("getAccessToken()")) + fun getAccess_token() = access_token + @Deprecated(message = "Ikke bruk denne", replaceWith = ReplaceWith("getExpiresAt()")) + fun getExpires_at() = expires_at + @Deprecated(message = "Ikke bruk denne", replaceWith = ReplaceWith("getExpiresIn()")) + fun getExpires_in() = expires_in } \ No newline at end of file diff --git a/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/ClientCredentialsTokenClientTest.kt b/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/ClientCredentialsTokenClientTest.kt index 0260ace5..3171001b 100644 --- a/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/ClientCredentialsTokenClientTest.kt +++ b/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/ClientCredentialsTokenClientTest.kt @@ -121,9 +121,9 @@ internal class ClientCredentialsTokenClientTest { private const val ERROR_RESPONSE = """{"error": "some client error occurred"}""" private fun assertThatResponseContainsAccessToken(response : OAuth2AccessTokenResponse?) { assertThat(response).isNotNull() - assertThat(response!!.accessToken).isNotBlank() - assertThat(response.expiresAt).isPositive() - assertThat(response.expiresIn).isPositive() + assertThat(response!!.access_token).isNotBlank() + assertThat(response.expires_at).isPositive() + assertThat(response.expires_in).isPositive() } private fun assertThatClientAuthMethodIsPrivateKeyJwt(body : String, clientProperties : ClientProperties) { diff --git a/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/OAuth2AccessTokenServiceTest.kt b/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/OAuth2AccessTokenServiceTest.kt index 4e40a3d4..21a7bc0e 100644 --- a/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/OAuth2AccessTokenServiceTest.kt +++ b/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/OAuth2AccessTokenServiceTest.kt @@ -63,7 +63,7 @@ internal class OAuth2AccessTokenServiceTest { val res = oAuth2AccessTokenService.getAccessToken(onBehalfOfProperties()) verify(onBehalfOfTokenResponseClient).getTokenResponse(reifiedAny( OnBehalfOfGrantRequest::class.java)) assertThat(res).hasNoNullFieldsOrProperties() - assertThat(res.accessToken).isEqualTo("first_access_token") + assertThat(res.access_token).isEqualTo("first_access_token") } @Test @@ -74,7 +74,7 @@ internal class OAuth2AccessTokenServiceTest { val res = oAuth2AccessTokenService.getAccessToken(clientCredentialsProperties()) verify(clientCredentialsTokenResponseClient).getTokenResponse(reifiedAny(ClientCredentialsGrantRequest::class.java)) assertThat(res).hasNoNullFieldsOrProperties() - assertThat(res.accessToken).isEqualTo("first_access_token") + assertThat(res.access_token).isEqualTo("first_access_token") } @Test @@ -96,13 +96,13 @@ internal class OAuth2AccessTokenServiceTest { val res = oAuth2AccessTokenService.getAccessToken(clientProperties) verify(onBehalfOfTokenResponseClient).getTokenResponse(reifiedAny(OnBehalfOfGrantRequest::class.java)) assertThat(res).hasNoNullFieldsOrProperties() - assertThat(res.accessToken).isEqualTo("first_access_token") + assertThat(res.access_token).isEqualTo("first_access_token") //should get response from cache and NOT invoke client reset(onBehalfOfTokenResponseClient) val res2 = oAuth2AccessTokenService.getAccessToken(clientProperties) verify(onBehalfOfTokenResponseClient, never()).getTokenResponse(reifiedAny(OnBehalfOfGrantRequest::class.java)) - assertThat(res2.accessToken).isEqualTo("first_access_token") + assertThat(res2.access_token).isEqualTo("first_access_token") //another user/token but same clientconfig, should invoke client and populate cache reset(assertionResolver) @@ -113,7 +113,7 @@ internal class OAuth2AccessTokenServiceTest { .thenReturn(accessTokenResponse(secondAccessToken, 60)) val res3 = oAuth2AccessTokenService.getAccessToken(clientProperties) verify(onBehalfOfTokenResponseClient).getTokenResponse(reifiedAny(OnBehalfOfGrantRequest::class.java)) - assertThat(res3.accessToken).isEqualTo(secondAccessToken) + assertThat(res3.access_token).isEqualTo(secondAccessToken) } @Test @@ -128,14 +128,14 @@ internal class OAuth2AccessTokenServiceTest { val res1 = oAuth2AccessTokenService.getAccessToken(clientProperties) verify(clientCredentialsTokenResponseClient).getTokenResponse(reifiedAny(ClientCredentialsGrantRequest::class.java)) assertThat(res1).hasNoNullFieldsOrProperties() - assertThat(res1.accessToken).isEqualTo("first_access_token") + assertThat(res1.access_token).isEqualTo("first_access_token") //should get response from cache and NOT invoke client reset(clientCredentialsTokenResponseClient) val res2 = oAuth2AccessTokenService.getAccessToken(clientProperties) verify(clientCredentialsTokenResponseClient, never()).getTokenResponse(reifiedAny( ClientCredentialsGrantRequest::class.java)) - assertThat(res2.accessToken).isEqualTo("first_access_token") + assertThat(res2.access_token).isEqualTo("first_access_token") //another clientconfig, should invoke client and populate cache clientProperties = clientCredentialsProperties("scope3") @@ -145,7 +145,7 @@ internal class OAuth2AccessTokenServiceTest { .thenReturn(accessTokenResponse(secondAccessToken, 60)) val res3 = oAuth2AccessTokenService.getAccessToken(clientProperties) verify(clientCredentialsTokenResponseClient).getTokenResponse(reifiedAny(ClientCredentialsGrantRequest::class.java)) - assertThat(res3.accessToken).isEqualTo(secondAccessToken) + assertThat(res3.access_token).isEqualTo(secondAccessToken) } @Test @@ -161,7 +161,7 @@ internal class OAuth2AccessTokenServiceTest { val res1 = oAuth2AccessTokenService.getAccessToken(clientProperties) verify(onBehalfOfTokenResponseClient).getTokenResponse(reifiedAny(OnBehalfOfGrantRequest::class.java)) assertThat(res1).hasNoNullFieldsOrProperties() - assertThat(res1.getAccessToken()).isEqualTo("first_access_token") + assertThat(res1.access_token).isEqualTo("first_access_token") Thread.sleep(1000) //entry should be missing from cache due to expiry @@ -171,7 +171,7 @@ internal class OAuth2AccessTokenServiceTest { .thenReturn(accessTokenResponse(secondAccessToken, 1)) val res2 = oAuth2AccessTokenService.getAccessToken(clientProperties) verify(onBehalfOfTokenResponseClient).getTokenResponse(reifiedAny(OnBehalfOfGrantRequest::class.java)) - assertThat(res2.accessToken).isEqualTo(secondAccessToken) + assertThat(res2.access_token).isEqualTo(secondAccessToken) } @Test @@ -186,7 +186,7 @@ internal class OAuth2AccessTokenServiceTest { verify(exchangeTokeResponseClient, times(1)).getTokenResponse(reifiedAny( TokenExchangeGrantRequest::class.java)) assertThat(res1).hasNoNullFieldsOrProperties() - assertThat(res1.accessToken).isEqualTo("first_access_token") + assertThat(res1.access_token).isEqualTo("first_access_token") } companion object { diff --git a/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/OnBehalfOfTokenClientTest.kt b/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/OnBehalfOfTokenClientTest.kt index 126403a5..bc276643 100644 --- a/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/OnBehalfOfTokenClientTest.kt +++ b/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/OnBehalfOfTokenClientTest.kt @@ -50,9 +50,9 @@ internal class OnBehalfOfTokenClientTest { .contains("requested_token_use=on_behalf_of") .contains("assertion=$assertion") assertThat(response).isNotNull() - assertThat(response.accessToken).isNotBlank() - assertThat(response.expiresAt).isPositive() - assertThat(response.expiresIn).isPositive() + assertThat(response.access_token).isNotBlank() + assertThat(response.expires_at).isPositive() + assertThat(response.expires_in).isPositive() } @Test diff --git a/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/TokenExchangeClientTest.kt b/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/TokenExchangeClientTest.kt index fdfbbf4d..07af1553 100644 --- a/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/TokenExchangeClientTest.kt +++ b/token-client-core/src/test/kotlin/no/nav/security/token/support/client/core/oauth2/TokenExchangeClientTest.kt @@ -92,9 +92,9 @@ internal class TokenExchangeClientTest { private const val ERROR_RESPONSE = """{"error": "some client error occurred"}""" private fun assertThatResponseContainsAccessToken(response : OAuth2AccessTokenResponse?) { assertThat(response).isNotNull() - assertThat(response!!.accessToken).isNotBlank() - assertThat(response.expiresAt).isPositive() - assertThat(response.expiresIn).isPositive() + assertThat(response!!.access_token).isNotBlank() + assertThat(response.expires_in).isPositive() + assertThat(response.expires_at).isPositive() } private fun assertThatClientAuthMethodIsPrivateKeyJwt( diff --git a/token-client-kotlin-demo/src/main/kotlin/no/nav/security/token/support/ktor/Application.kt b/token-client-kotlin-demo/src/main/kotlin/no/nav/security/token/support/ktor/Application.kt index e4a0ecb1..6fa73d0d 100644 --- a/token-client-kotlin-demo/src/main/kotlin/no/nav/security/token/support/ktor/Application.kt +++ b/token-client-kotlin-demo/src/main/kotlin/no/nav/security/token/support/ktor/Application.kt @@ -80,7 +80,7 @@ fun Application.module() { } data class DemoTokenResponse(val grantType: String, val tokenResponse: OAuth2AccessTokenResponse) { - val claims = SignedJWT.parse(tokenResponse.accessToken).jwtClaimsSet.claims + val claims = SignedJWT.parse(tokenResponse.access_token).jwtClaimsSet.claims } internal fun TokenValidationContextPrincipal?.asTokenString() = diff --git a/token-client-kotlin-demo/src/main/kotlin/no/nav/security/token/support/ktor/oauth/OAuth2Cache.kt b/token-client-kotlin-demo/src/main/kotlin/no/nav/security/token/support/ktor/oauth/OAuth2Cache.kt index 48260917..9f4bbe76 100644 --- a/token-client-kotlin-demo/src/main/kotlin/no/nav/security/token/support/ktor/oauth/OAuth2Cache.kt +++ b/token-client-kotlin-demo/src/main/kotlin/no/nav/security/token/support/ktor/oauth/OAuth2Cache.kt @@ -24,7 +24,7 @@ data class OAuth2CacheConfig(val enabled: Boolean, val maximumSize: Long = 1000, override fun expireAfterCreate(key: GrantRequest, response: OAuth2AccessTokenResponse, currentTime: Long): Long { val seconds = - if (response.expiresIn!! > skewInSeconds) response.expiresIn!! - skewInSeconds else response.expiresIn!! + if (response.expires_in!! > skewInSeconds) response.expires_in!! - skewInSeconds else response.expires_in!! .toLong() return TimeUnit.SECONDS.toNanos(seconds) } diff --git a/token-client-spring/src/main/kotlin/no/nav/security/token/support/client/spring/oauth2/OAuth2ClientRequestInterceptor.kt b/token-client-spring/src/main/kotlin/no/nav/security/token/support/client/spring/oauth2/OAuth2ClientRequestInterceptor.kt index f8ff6741..aaff59f3 100644 --- a/token-client-spring/src/main/kotlin/no/nav/security/token/support/client/spring/oauth2/OAuth2ClientRequestInterceptor.kt +++ b/token-client-spring/src/main/kotlin/no/nav/security/token/support/client/spring/oauth2/OAuth2ClientRequestInterceptor.kt @@ -24,7 +24,7 @@ class OAuth2ClientRequestInterceptor(private val properties: ClientConfiguration private val matcher: ClientConfigurationPropertiesMatcher) : ClientHttpRequestInterceptor { override fun intercept(req: HttpRequest, body: ByteArray, execution: ClientHttpRequestExecution): ClientHttpResponse { matcher.findProperties(properties, req.uri)?.let { - service.getAccessToken(it).accessToken?.let { token -> req.headers.setBearerAuth(token) } + service.getAccessToken(it).access_token?.let { token -> req.headers.setBearerAuth(token) } } return execution.execute(req, body) } diff --git a/token-client-spring/src/test/kotlin/no/nav/security/token/support/client/spring/oauth2/OAuth2AccessTokenServiceIntegrationTest.kt b/token-client-spring/src/test/kotlin/no/nav/security/token/support/client/spring/oauth2/OAuth2AccessTokenServiceIntegrationTest.kt index 76f64ee4..081317cb 100644 --- a/token-client-spring/src/test/kotlin/no/nav/security/token/support/client/spring/oauth2/OAuth2AccessTokenServiceIntegrationTest.kt +++ b/token-client-spring/src/test/kotlin/no/nav/security/token/support/client/spring/oauth2/OAuth2AccessTokenServiceIntegrationTest.kt @@ -75,9 +75,9 @@ internal class OAuth2AccessTokenServiceIntegrationTest { whenever(tokenValidationContextHolder!!.getTokenValidationContext()).thenReturn(tokenValidationContext("sub1")) val response = oAuth2AccessTokenService.getAccessToken(this) - assertThat(response.accessToken).isNotBlank - assertThat(response.expiresAt).isGreaterThan(0) - assertThat(response.expiresIn).isGreaterThan(0) + assertThat(response.access_token).isNotBlank + assertThat(response.expires_at).isGreaterThan(0) + assertThat(response.expires_in).isGreaterThan(0) val request = server.takeRequest() assertThat(request.headers["Content-Type"]).contains(APPLICATION_FORM_URLENCODED_VALUE) @@ -99,9 +99,9 @@ internal class OAuth2AccessTokenServiceIntegrationTest { whenever(tokenValidationContextHolder!!.getTokenValidationContext()).thenReturn(tokenValidationContext("sub1")) val response = oAuth2AccessTokenService.getAccessToken(clientProperties) - assertThat(response.accessToken).isNotBlank - assertThat(response.expiresAt).isGreaterThan(0) - assertThat(response.expiresIn).isGreaterThan(0) + assertThat(response.access_token).isNotBlank + assertThat(response.expires_in).isGreaterThan(0) + assertThat(response.expires_at).isGreaterThan(0) val request = server.takeRequest() val body = request.body.readUtf8() @@ -115,9 +115,9 @@ internal class OAuth2AccessTokenServiceIntegrationTest { val clientProperties = clientConfigurationProperties.registration["example1-clientcredentials1"]?.toBuilder()?.tokenEndpointUrl(tokenEndpointUrl)?.build() ?: fail("clientProperties is null") server.enqueue(jsonResponse(TOKEN_RESPONSE)) val response = oAuth2AccessTokenService.getAccessToken(clientProperties) - assertThat(response.accessToken).isNotBlank - assertThat(response.expiresAt).isGreaterThan(0) - assertThat(response.expiresIn).isGreaterThan(0) + assertThat(response.access_token).isNotBlank + assertThat(response.expires_in).isGreaterThan(0) + assertThat(response.expires_at).isGreaterThan(0) val request = server.takeRequest() val body = request.body.readUtf8()