Rydder opp i Ldap server

mocks/ldap-mock/src/main/java/no/nav/foreldrepenger/vtp/ldap/LdapServer.java

@@ -1,12 +1,14 @@
 package no.nav.foreldrepenger.vtp.ldap;
 
+import static com.unboundid.ldap.listener.InMemoryListenerConfig.createLDAPConfig;
+import static com.unboundid.ldap.listener.InMemoryListenerConfig.createLDAPSConfig;
+
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.InputStream;
-import java.net.URL;
 import java.security.KeyStore;
 import java.util.Arrays;
-import java.util.Enumeration;
+import java.util.List;
 
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
@@ -17,65 +19,94 @@
 
 import com.unboundid.ldap.listener.InMemoryDirectoryServer;
 import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig;
-import com.unboundid.ldap.listener.InMemoryListenerConfig;
+import com.unboundid.ldap.sdk.Attribute;
+import com.unboundid.ldap.sdk.Entry;
 import com.unboundid.ldap.sdk.LDAPException;
+import com.unboundid.ldif.LDIFAddChangeRecord;
 import com.unboundid.ldif.LDIFChangeRecord;
 import com.unboundid.ldif.LDIFReader;
 
-public class LdapServer {
+import no.nav.foreldrepenger.vtp.testmodell.ansatt.AnsatteIndeks;
+import no.nav.foreldrepenger.vtp.testmodell.ansatt.NAVAnsatt;
+import no.nav.foreldrepenger.vtp.testmodell.repo.impl.BasisdataProviderFileImpl;
 
+public class LdapServer {
     private static final Logger LOG = LoggerFactory.getLogger(LdapServer.class);
-    private static final String BASEDATA_USERS_LDIF = "basedata/users.ldif";
-    private final int listenerPortLdaps = Integer.valueOf(System.getProperty("ldaps.port", "8636")); // 636 er default port for LDAPS
-    private final int listenerPortLdap = Integer.valueOf(System.getProperty("ldap.port", "8389")); // 389 er default port for LDAP
-
-    private InMemoryDirectoryServer directoryServer;
+    private static final String SETUP_LDIF = "ldap_setup.ldif";
+    private static final int listenerPortLdaps = 8636; // 636 er default port for LDAPS
+    private static final int listenerPortLdap = 8389;  // 389 er default port for LDAP
 
-    private final File keystoreFile;
-    private final char[] password;
+    private static final AnsatteIndeks ansattIndeks = BasisdataProviderFileImpl.getInstance().getAnsatteIndeks();
+    private final InMemoryDirectoryServer directoryServer;
 
     public LdapServer(File keystoreFile, char[] password) throws Exception {
-        this.keystoreFile = keystoreFile;
-        this.password = password;
-        InMemoryDirectoryServerConfig cfg = new InMemoryDirectoryServerConfig("DC=local");
-
+        var cfg = new InMemoryDirectoryServerConfig("DC=local");
         cfg.setEnforceAttributeSyntaxCompliance(false);
         cfg.setEnforceSingleStructuralObjectClass(false);
         cfg.setSchema(null); // dropper valider schema slik at vi slipper å definere alle object classes
 
-        SSLContext TLScontext = SSLContext.getInstance("TLSv1.2");
-
-        KeyManager[] km = loadKeyManagers();
-        TLScontext.init(km, null, null);
+        var sslContext = SSLContext.getInstance("TLSv1.2");
+        var km = loadKeyManagers(keystoreFile, password);
+        sslContext.init(km, null, null);
 
-        InMemoryListenerConfig ldapsConfig = InMemoryListenerConfig.createLDAPSConfig("LDAPS", listenerPortLdaps, TLScontext.getServerSocketFactory());
-        InMemoryListenerConfig ldapConfig = InMemoryListenerConfig.createLDAPConfig("LDAP",listenerPortLdap );
+        var ldapsConfig = createLDAPSConfig("LDAPS", listenerPortLdaps, sslContext.getServerSocketFactory());
+        var ldapConfig = createLDAPConfig("LDAP",listenerPortLdap );
 
         cfg.setListenerConfigs(ldapsConfig,ldapConfig);
 
         directoryServer = new InMemoryDirectoryServer(cfg);
-        readLdifFilesFromClasspath(directoryServer);
+        readLdifFilesFromClasspath();
+        readNAVAnsatte();
+    }
+
+    private void readNAVAnsatte() throws LDAPException {
+        for (NAVAnsatt navAnsatt : ansattIndeks.alleAnsatte()) {
+            addNavAnsatt(navAnsatt);
+        }
+    }
+
+    private void addNavAnsatt(NAVAnsatt navAnsatt) throws LDAPException {
+        var entry = new Entry(
+                String.format("CN=%s,OU=Users,OU=NAV,OU=BusinessUnits,DC=test,DC=local", navAnsatt.cn()),
+                new Attribute("objectClass", "user", "organizationalPerson", "person", "top"),
+                new Attribute("objectCategory", "CN=Person,CN=Schema,CN=Configuration,DC=test,DC=local"),
+                new Attribute("cn", navAnsatt.cn()),
+                new Attribute("displayName", navAnsatt.displayName()),
+                new Attribute("mail", navAnsatt.email()),
+                new Attribute("userPrincipalName", navAnsatt.cn()),
+                new Attribute("userPassword", "dummy"),
+                new Attribute("memberOf", tilMemberOf(navAnsatt.groups()))
+        );
+        var ldifAddChangeRecord = new LDIFAddChangeRecord(entry);
+        ldifAddChangeRecord.processChange(directoryServer);
+
     }
 
+    private static List<String> tilMemberOf(List<String> grupper) {
+        return grupper.stream()
+                .map(gruppe -> String.format("CN=%s,OU=AccountGroups,OU=Groups,OU=NAV,OU=BusinessUnits,DC=test,DC=local", gruppe))
+                .toList();
+    }
+
+
     @SuppressWarnings("resource")
-    private void readLdifFilesFromClasspath(InMemoryDirectoryServer server) throws Exception {
-        Enumeration<URL> ldifs = getClass().getClassLoader().getResources(BASEDATA_USERS_LDIF);
+    private void readLdifFilesFromClasspath() throws Exception {
+        var ldifs = getClass().getClassLoader().getResources(SETUP_LDIF);
         while(ldifs.hasMoreElements()) {
-            URL ldif = ldifs.nextElement();
+            var ldif = ldifs.nextElement();
             try(InputStream is = ldif.openStream()){
-                LDIFReader r = new LDIFReader(is);
-                LDIFChangeRecord readEntry = null;
+                var r = new LDIFReader(is);
+                LDIFChangeRecord readEntry;
                 while ((readEntry = r.readChangeRecord()) != null) {
-
                     LOG.info("Read entry from path {} LDIF: {}", ldif.getPath(), Arrays.toString(readEntry.toLDIF()));
-                  readEntry.processChange(server);
+                    readEntry.processChange(directoryServer);
                 }
             }
         }
     }
 
-    private KeyManager[] loadKeyManagers() throws Exception {
-        KeyStore ks = KeyStore.getInstance("JKS");
+    private KeyManager[] loadKeyManagers(File keystoreFile, char[] password) throws Exception {
+        var ks = KeyStore.getInstance("JKS");
         try (InputStream is = new FileInputStream(keystoreFile)) {
             ks.load(is, password);
             KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");

mocks/ldap-mock/src/main/resources/ldap_setup.ldif

@@ -0,0 +1,31 @@
+dn: dc=local
+changetype: add
+objectClass: top
+objectClass: dcObject
+dc: local
+
+dn: DC=test,DC=local
+changetype: add
+dc: test
+o: test
+objectClass: top
+objectclass: dcObject
+objectclass: organization
+
+dn: OU=BusinessUnits,DC=test,DC=local
+changetype: add
+dc: BusinessUnits
+objectClass: organizationalUnit
+objectClass: top
+
+dn: OU=NAV,OU=BusinessUnits,DC=test,DC=local
+changetype: add
+dc: NAV
+objectClass: organizationalUnit
+objectClass: top
+
+dn: OU=Users,OU=NAV,OU=BusinessUnits,DC=test,DC=local
+changetype: add
+dc: Users
+objectClass: organizationalUnit
+objectClass: top

model/src/main/java/no/nav/foreldrepenger/vtp/testmodell/ansatt/AnsatteIndeks.java

@@ -0,0 +1,22 @@
+package no.nav.foreldrepenger.vtp.testmodell.ansatt;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+public class AnsatteIndeks {
+
+    private final Map<String, NAVAnsatt> ansatte = new ConcurrentHashMap<>();
+
+    public void leggTil(List<NAVAnsatt> ansatte) {
+        ansatte.forEach(ansatt -> this.ansatte.putIfAbsent(ansatt.cn(), ansatt));
+    }
+
+    public Collection<NAVAnsatt> alleAnsatte() {
+        return ansatte.values();
+    }
+
+    public NAVAnsatt findByCn(String cn) {
+        return ansatte.get(cn);
+    }
+}

model/src/main/java/no/nav/foreldrepenger/vtp/testmodell/ansatt/NAVAnsatt.java

@@ -0,0 +1,11 @@
+package no.nav.foreldrepenger.vtp.testmodell.ansatt;
+
+ import java.util.List;
+
+ public record NAVAnsatt(String cn,
+                         String displayName,
+                         String email,
+                         List<String> groups,
+                         List<String> enheter) {
+
+ }

model/src/main/java/no/nav/foreldrepenger/vtp/testmodell/repo/BasisdataProvider.java

@@ -1,5 +1,6 @@
 package no.nav.foreldrepenger.vtp.testmodell.repo;
 
+import no.nav.foreldrepenger.vtp.testmodell.ansatt.AnsatteIndeks;
 import no.nav.foreldrepenger.vtp.testmodell.enheter.EnheterIndeks;
 import no.nav.foreldrepenger.vtp.testmodell.identer.IdentGenerator;
 import no.nav.foreldrepenger.vtp.testmodell.personopplysning.AdresseIndeks;
@@ -13,6 +14,8 @@ public interface BasisdataProvider {
 
     AdresseIndeks getAdresseIndeks();
 
+    AnsatteIndeks getAnsatteIndeks();
+
     /** Genererer nye personidenter. */
     IdentGenerator getIdentGenerator();
 

model/src/main/java/no/nav/foreldrepenger/vtp/testmodell/repo/impl/BasisdataProviderFileImpl.java

@@ -2,9 +2,12 @@
 
 import java.io.IOException;
 import java.util.Arrays;
+import java.util.Comparator;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 
+import no.nav.foreldrepenger.vtp.testmodell.ansatt.AnsatteIndeks;
+import no.nav.foreldrepenger.vtp.testmodell.ansatt.NAVAnsatt;
 import no.nav.foreldrepenger.vtp.testmodell.enheter.EnheterIndeks;
 import no.nav.foreldrepenger.vtp.testmodell.enheter.Norg2Modell;
 import no.nav.foreldrepenger.vtp.testmodell.identer.FiktiveFnr;
@@ -23,11 +26,13 @@ public class BasisdataProviderFileImpl implements BasisdataProvider {
     private static final String ADRESSE_MALER = BASEDATA_RESOURCE_FOLDER_PATH + "adresse-maler.json";
     private static final String ENHETER = BASEDATA_RESOURCE_FOLDER_PATH + "enheter.json";
     private static final String VIRKSOMHETER = BASEDATA_RESOURCE_FOLDER_PATH + "virksomheter.json";
+    private static final String ANSATTE = BASEDATA_RESOURCE_FOLDER_PATH + "nav-ansatte.json";
     private static final String ORGANISASJON = BASEDATA_RESOURCE_FOLDER_PATH + "organisasjon.json";
 
     private final VirksomhetIndeks virksomhetIndeks = new VirksomhetIndeks();
     private final EnheterIndeks enheterIndeks = new EnheterIndeks();
     private final AdresseIndeks adresseIndeks = new AdresseIndeks();
+    private final AnsatteIndeks ansatteIndeks = new AnsatteIndeks();
     private final OrganisasjonIndeks organisasjonIndeks = new OrganisasjonIndeks();
     private final IdentGenerator identGenerator = new FiktiveFnr();
 
@@ -38,6 +43,7 @@ private BasisdataProviderFileImpl() {
         loadAdresser();
         loadEnheter();
         loadVirksomheter();
+        loadAnsatte();
         loadOrganisasjoner();
     }
 
@@ -64,6 +70,11 @@ public AdresseIndeks getAdresseIndeks() {
         return adresseIndeks;
     }
 
+    @Override
+    public AnsatteIndeks getAnsatteIndeks() {
+        return ansatteIndeks;
+    }
+
     @Override
     public IdentGenerator getIdentGenerator() {
         return identGenerator;
@@ -96,6 +107,16 @@ private void loadVirksomheter() {
         }
     }
 
+    private void loadAnsatte() {
+        try (var is = getClass().getResourceAsStream(ANSATTE)) {
+            var ansatte = Arrays.asList(mapper.readValue(is, NAVAnsatt[].class));
+            ansatte.sort(Comparator.comparing(NAVAnsatt::cn));
+            ansatteIndeks.leggTil(ansatte);
+        } catch (IOException e) {
+            throwIllegaleStateExecption(ANSATTE, e);
+        }
+    }
+
     private void loadOrganisasjoner() {
         try (var is = getClass().getResourceAsStream(ORGANISASJON)) {
             var organisasjoner = Arrays.asList(mapper.readValue(is, OrganisasjonModell[].class));