IS-2547: Avoid unnecessary calls to get obo token

navikt · Oct 23, 2024 · 29b4447 · 29b4447
1 parent b0c3927
commit 29b4447
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 14 deletions.
diff --git a/src/main/kotlin/no/nav/syfo/application/api/ApiModule.kt b/src/main/kotlin/no/nav/syfo/application/api/ApiModule.kt
@@ -81,7 +81,6 @@ fun Application.apiModule(
         baseUrl = environment.istilgangskontrollUrl,
         clientId = environment.istilgangskontrollClientId,
     )
-
     val kodeverkClient = KodeverkClient(
         azureAdClient = azureAdClient,
         redisStore = redisStore,

diff --git a/src/main/kotlin/no/nav/syfo/client/skjermedepersonerpip/SkjermedePersonerPipClient.kt b/src/main/kotlin/no/nav/syfo/client/skjermedepersonerpip/SkjermedePersonerPipClient.kt
@@ -23,18 +23,14 @@ class SkjermedePersonerPipClient(
     suspend fun isSkjermet(
         callId: String,
         personIdentNumber: PersonIdentNumber,
-        token: String,
+        oboToken: String,
     ): Boolean {
         val cacheKey = "$CACHE_SKJERMET_PERSONIDENT_KEY_PREFIX${personIdentNumber.value}"
         val cachedValue: Boolean? = redisStore.getObject(key = cacheKey)
         if (cachedValue != null) {
             return cachedValue
         } else {
             try {
-                val oboToken = azureAdClient.getOnBehalfOfToken(
-                    scopeClientId = clientId,
-                    token = token,
-                )?.accessToken ?: throw RuntimeException("Failed to request access to Person: Failed to get OBO token")
                 val url = getSkjermedePersonerPipUrl(personIdentNumber)
                 val skjermedePersonerResponse: Boolean = httpClient.get(url) {
                     header(io.ktor.http.HttpHeaders.Authorization, bearerHeader(oboToken))
@@ -69,6 +65,12 @@ class SkjermedePersonerPipClient(
         }
     }
 
+    suspend fun getOnBehalfOfToken(token: String): String =
+        azureAdClient.getOnBehalfOfToken(
+            scopeClientId = clientId,
+            token = token,
+        )?.accessToken ?: throw RuntimeException("Failed to request access to Person: Failed to get OBO token")
+
     private fun getSkjermedePersonerPipUrl(personIdent: PersonIdentNumber): String {
         return "$baseUrl/skjermet?personident=${personIdent.value}"
     }

diff --git a/src/main/kotlin/no/nav/syfo/client/veiledertilgang/VeilederTilgangskontrollClient.kt b/src/main/kotlin/no/nav/syfo/client/veiledertilgang/VeilederTilgangskontrollClient.kt
@@ -68,10 +68,8 @@ class VeilederTilgangskontrollClient(
             scopeClientId = clientId,
             token = token,
         )?.accessToken ?: throw RuntimeException("Failed to request access to Person: Failed to get OBO token")
-
         return try {
             val requestBody = personidenter.map { it.value }
-
             val response: HttpResponse = httpClient.post(tilgangskontrollPersonListUrl) {
                 accept(ContentType.Application.Json)
                 contentType(ContentType.Application.Json)

diff --git a/src/main/kotlin/no/nav/syfo/person/api/PersonAPI.kt b/src/main/kotlin/no/nav/syfo/person/api/PersonAPI.kt
@@ -105,7 +105,7 @@ fun Route.registrerPersonApi(
                 val isSkjermet = skjermedePersonerPipClient.isSkjermet(
                     callId = callId,
                     personIdentNumber = personIdentNumber,
-                    token = token
+                    oboToken = skjermedePersonerPipClient.getOnBehalfOfToken(token),
                 )
                 call.respond(isSkjermet)
             }

diff --git a/src/main/kotlin/no/nav/syfo/person/skjermingskode/SkjermingskodeService.kt b/src/main/kotlin/no/nav/syfo/person/skjermingskode/SkjermingskodeService.kt
@@ -18,12 +18,13 @@ class SkjermingskodeService(
         callId: String,
         personidenter: List<PersonIdentNumber>,
         token: String,
-    ) =
-        personidenter.map { personident ->
+    ): List<PersonInfo> {
+        val pipOboToken = skjermedePersonerPipClient.getOnBehalfOfToken(token)
+        return personidenter.map { personident ->
             val skjermingskode = hentBrukersSkjermingskode(
                 callId = callId,
                 personident = personident,
-                token = token,
+                oboToken = pipOboToken,
             )
             Pair(personident, skjermingskode)
         }.mapNotNull { (personident, skjermingskode) ->
@@ -34,11 +35,12 @@ class SkjermingskodeService(
                 )
             }
         }
+    }
 
     private suspend fun hentBrukersSkjermingskode(
         callId: String,
         personident: PersonIdentNumber,
-        token: String,
+        oboToken: String,
     ): Deferred<Skjermingskode?> =
         CoroutineScope(DISPATCHER).async {
             val hasAdressebeskyttelse = pdlClient.hasAdressebeskyttelse(callId = callId, personIdent = personident)
@@ -49,7 +51,7 @@ class SkjermingskodeService(
                     val isSkjermet = skjermedePersonerPipClient.isSkjermet(
                         callId = callId,
                         personIdentNumber = personident,
-                        token = token,
+                        oboToken = oboToken,
                     )
                     if (isSkjermet) Skjermingskode.EGEN_ANSATT else Skjermingskode.INGEN
                 }