diff --git a/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/AzureAdService.java b/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/AzureAdService.java index 6fa43dff9..e864ece08 100644 --- a/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/AzureAdService.java +++ b/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/AzureAdService.java @@ -1,10 +1,12 @@ package no.nav.data.common.security.azure; -import com.microsoft.graph.models.extensions.IGraphServiceClient; +import com.microsoft.graph.models.UserSendMailParameterSet; +import com.microsoft.graph.requests.GraphServiceClient; import lombok.extern.slf4j.Slf4j; import no.nav.data.common.mail.EmailProvider; import no.nav.data.common.mail.MailTask; import no.nav.data.common.storage.StorageService; +import okhttp3.Request; import org.springframework.stereotype.Service; import static no.nav.data.common.security.azure.support.MailMessage.compose; @@ -24,14 +26,17 @@ public AzureAdService(AzureTokenProvider azureTokenProvider, StorageService stor @Override public void sendMail(MailTask mailTask) { getMailGraphClient().me() - .sendMail(compose(mailTask.getTo(), mailTask.getSubject(), mailTask.getBody()), false) + .sendMail(UserSendMailParameterSet.newBuilder() + .withMessage(compose(mailTask.getTo(), mailTask.getSubject(), mailTask.getBody())) + .withSaveToSentItems(false) + .build()) .buildRequest() .post(); storage.save(mailTask.toMailLog()); } - private IGraphServiceClient getMailGraphClient() { + private GraphServiceClient getMailGraphClient() { return azureTokenProvider.getGraphClient(azureTokenProvider.getMailAccessToken()); } diff --git a/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/AzureTokenProvider.java b/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/AzureTokenProvider.java index 77cd7af9e..0585cc2be 100644 --- a/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/AzureTokenProvider.java +++ b/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/AzureTokenProvider.java @@ -5,20 +5,15 @@ import com.microsoft.aad.msal4j.AuthorizationCodeParameters; import com.microsoft.aad.msal4j.AuthorizationRequestUrlParameters; import com.microsoft.aad.msal4j.ClientCredentialParameters; -import com.microsoft.aad.msal4j.ConfidentialClientApplication; import com.microsoft.aad.msal4j.IAuthenticationResult; import com.microsoft.aad.msal4j.IConfidentialClientApplication; import com.microsoft.aad.msal4j.PublicClientApplication; import com.microsoft.aad.msal4j.RefreshTokenParameters; import com.microsoft.aad.msal4j.ResponseMode; import com.microsoft.aad.msal4j.UserNamePasswordParameters; -import com.microsoft.graph.concurrency.DefaultExecutors; -import com.microsoft.graph.logger.DefaultLogger; -import com.microsoft.graph.models.extensions.IGraphServiceClient; -import com.microsoft.graph.requests.extensions.GraphServiceClient; +import com.microsoft.graph.requests.GraphServiceClient; import com.nimbusds.oauth2.sdk.pkce.CodeChallengeMethod; import io.prometheus.client.Summary; -import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; import no.nav.data.common.exceptions.TechnicalException; import no.nav.data.common.security.AuthService; @@ -31,22 +26,21 @@ import no.nav.data.common.security.dto.OAuthState; import no.nav.data.common.utils.Constants; import no.nav.data.common.utils.MetricUtils; +import okhttp3.Request; import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.lang3.StringUtils; -import org.springframework.http.HttpHeaders; import org.springframework.stereotype.Service; import org.springframework.util.Assert; import org.springframework.util.ReflectionUtils; -import java.lang.reflect.Field; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.net.URI; import java.net.URL; import java.time.Duration; import java.util.Set; -import java.util.concurrent.ThreadPoolExecutor; +import java.util.concurrent.CompletableFuture; import static java.util.Objects.requireNonNull; import static no.nav.data.common.security.SecurityConstants.SESS_ID_LEN; @@ -62,8 +56,6 @@ public class AzureTokenProvider implements TokenProvider { private final IConfidentialClientApplication msalClient; private final PublicClientApplication msalPublicClient; private final AuthService authService; - private final MdcMsalExecutor msalExecutor; - private final ConfidentialClientApplication confidentialClientApplication; private final AADAuthenticationProperties aadAuthProps; private final Encryptor encryptor; @@ -72,14 +64,11 @@ public class AzureTokenProvider implements TokenProvider { public AzureTokenProvider(AADAuthenticationProperties aadAuthProps, IConfidentialClientApplication msalClient, PublicClientApplication msalPublicClient, - AuthService authService, ThreadPoolExecutor msalThreadPool, - ConfidentialClientApplication confidentialClientApplication, Encryptor encryptor) { + AuthService authService, Encryptor encryptor) { this.aadAuthProps = aadAuthProps; this.msalClient = msalClient; this.msalPublicClient = msalPublicClient; this.authService = authService; - this.msalExecutor = new MdcMsalExecutor(msalThreadPool); - this.confidentialClientApplication = confidentialClientApplication; this.encryptor = encryptor; this.tokenMetrics = MetricUtils.summary() .labels("accessToken") @@ -97,10 +86,11 @@ public AzureTokenProvider(AADAuthenticationProperties aadAuthProps, MetricUtils.register("accessTokenCache", accessTokenCache); } - IGraphServiceClient getGraphClient(String accessToken) { + // buildClient has omitted it's generic type... + @SuppressWarnings("unchecked") + GraphServiceClient getGraphClient(String accessToken) { return GraphServiceClient.builder() - .authenticationProvider(request -> request.addHeader(HttpHeaders.AUTHORIZATION, TOKEN_TYPE + accessToken)) - .executors(msalExecutor) + .authenticationProvider(url -> CompletableFuture.completedFuture(accessToken)) .logger(new GraphLogger()) .buildClient(); } @@ -137,7 +127,7 @@ public String createAuthRequestRedirectUrl(String postLoginRedirectUri, String p var codeVerifier = auth.getCodeVerifier(); var s256 = DigestUtils.sha256(codeVerifier); var codeChallenge = Base64.encodeBase64URLSafeString(s256); - URL url = confidentialClientApplication.getAuthorizationRequestUrl(AuthorizationRequestUrlParameters + URL url = msalClient.getAuthorizationRequestUrl(AuthorizationRequestUrlParameters .builder(redirectUri, MICROSOFT_GRAPH_SCOPES) .state(new OAuthState(auth.getId().toString(), postLoginRedirectUri, postLoginErrorUri).toJson(encryptor)) .responseMode(ResponseMode.FORM_POST) @@ -227,21 +217,4 @@ private IAuthenticationResult acquireTokenByCredential(String resource) { } } - private static class MdcMsalExecutor extends DefaultExecutors { - - static Field backgroundExecutor; - - static { - backgroundExecutor = ReflectionUtils.findField(DefaultExecutors.class, "backgroundExecutor", ThreadPoolExecutor.class); - Assert.notNull(backgroundExecutor, "couldn't find executor field"); - backgroundExecutor.setAccessible(true); - } - - @SneakyThrows - public MdcMsalExecutor(ThreadPoolExecutor threadPoolExecutor) { - super(new DefaultLogger()); - backgroundExecutor.set(this, threadPoolExecutor); - } - } - } diff --git a/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/support/MailMessage.java b/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/support/MailMessage.java index d1693057b..42b45c461 100644 --- a/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/support/MailMessage.java +++ b/apps/backend/polly-app/src/main/java/no/nav/data/common/security/azure/support/MailMessage.java @@ -1,10 +1,10 @@ package no.nav.data.common.security.azure.support; -import com.microsoft.graph.models.extensions.EmailAddress; -import com.microsoft.graph.models.extensions.ItemBody; -import com.microsoft.graph.models.extensions.Message; -import com.microsoft.graph.models.extensions.Recipient; -import com.microsoft.graph.models.generated.BodyType; +import com.microsoft.graph.models.BodyType; +import com.microsoft.graph.models.EmailAddress; +import com.microsoft.graph.models.ItemBody; +import com.microsoft.graph.models.Message; +import com.microsoft.graph.models.Recipient; import lombok.experimental.UtilityClass; import java.util.List; diff --git a/apps/backend/pom.xml b/apps/backend/pom.xml index eb48298f9..90ab48d92 100644 --- a/apps/backend/pom.xml +++ b/apps/backend/pom.xml @@ -31,7 +31,7 @@ 6.6 11.2.8 - 2.10.0 + 3.0.0 1.9.1 @@ -40,6 +40,8 @@ 30.1-jre 2.3 5.7.0 + 15.0 + 4.2.1 1.15.2 @@ -111,6 +113,21 @@ + + net.java.dev.jna + jna-platform + ${jna.version} + + + org.jetbrains + annotations + ${jetbrains.annotation.version} + + + org.codehaus.woodstox + stax2-api + ${stax2-api.version} +