Lagt til en enkel juridisk logg klient

.nais/ebms-payload-dev.yaml

@@ -51,6 +51,11 @@ spec:
     inbound:
       rules:
         - application: ebms-provider
+  vault:
+    enabled: true
+    paths:
+      - kvPath: serviceuser/data/dev/srv-ebms-payload
+        mountPath: /var/run/secrets/nais.io/vault/serviceuser
   webproxy: true
   envFrom:
     - secret: ebms-payload-secret
@@ -68,3 +73,7 @@ spec:
       value: DEBUG
     - name: TRUSTSTORE_PATH
       value: truststore_test.p12
+    - name: APP_JURIDISKLOGG_URI
+      value: https://app-q1.adeo.no/juridisklogg
+    - name: JURIDISKLOGG_STORAGE_TIME_YEARS
+      value: "1"

.nais/ebms-payload-prod.yaml

@@ -53,6 +53,9 @@ spec:
         - application: ebms-provider
   vault:
     enabled: true
+    paths:
+      - kvPath: serviceuser/data/prod/srv-ebms-payload
+        mountPath: /var/run/secrets/nais.io/vault/serviceuser
   webproxy: true
   env:
     - name: VIRKSOMHETSSERTIFIKAT_PATH
@@ -65,3 +68,7 @@ spec:
       value: credentials.2022
     - name: TRUSTSTORE_PATH
       value: truststore_prod.p12
+    - name: APP_JURIDISKLOGG_URI
+      value: https://app.adeo.no/juridisklogg
+    - name: JURIDISKLOGG_STORAGE_TIME_YEARS
+      value: "10"

ebms-payload/init/init.sh

@@ -0,0 +1,2 @@
+export JURIDESKLOGG_USERNAME=$(cat /var/run/secrets/nais.io/vault/serviceuser/username)
+export JURIDESKLOGG_PASSWORD=$(cat /var/run/secrets/nais.io/vault/serviceuser/password)

ebms-payload/src/main/kotlin/no/nav/emottak/payload/Processor.kt

@@ -10,6 +10,7 @@ import no.nav.emottak.payload.crypto.Dekryptering
 import no.nav.emottak.payload.crypto.Kryptering
 import no.nav.emottak.payload.crypto.PayloadSignering
 import no.nav.emottak.payload.crypto.payloadSigneringConfig
+import no.nav.emottak.payload.juridisklogg.JuridiskLoggService
 import no.nav.emottak.payload.ocspstatus.OcspStatusService
 import no.nav.emottak.payload.ocspstatus.trustStoreConfig
 import no.nav.emottak.payload.util.GZipUtil
@@ -30,7 +31,8 @@ class Processor(
     private val dekryptering: Dekryptering = Dekryptering(),
     private val signering: PayloadSignering = PayloadSignering(),
     private val gZipUtil: GZipUtil = GZipUtil(),
-    private val signatureVerifisering: SignaturVerifisering = SignaturVerifisering()
+    private val signatureVerifisering: SignaturVerifisering = SignaturVerifisering(),
+    private val juridiskLogging: JuridiskLoggService = JuridiskLoggService()
 ) {
 
     fun process(payloadRequest: PayloadRequest): PayloadResponse {
@@ -49,7 +51,16 @@ class Processor(
 
         shouldThrowExceptionForTestPurposes(payloadRequest.payload.bytes)
 
-        return payloadRequest.payload.let {
+        return payloadRequest.payload.also {
+            try {
+                if (processConfig.juridiskLogg) {
+                    log.debug("Sender forespørsel til juridisk logg")
+                    juridiskLogging.logge(payloadRequest)
+                }
+            } catch (e: Exception) {
+                log.error("Feil med å lage forespørsel til juridisk logg", e)
+            }
+        }.let {
             when (processConfig.kryptering) {
                 true -> dekryptering.dekrypter(it.bytes, false).also { log.info(payloadRequest.marker(), "Payload dekryptert") }
                 false -> it.bytes

ebms-payload/src/main/kotlin/no/nav/emottak/payload/juridisklogg/JuridiskLoggService.kt

@@ -0,0 +1,73 @@
+package no.nav.emottak.payload.juridisklogg
+
+import io.ktor.client.HttpClient
+import io.ktor.client.call.body
+import io.ktor.client.engine.cio.CIO
+import io.ktor.client.request.basicAuth
+import io.ktor.client.request.post
+import io.ktor.client.request.setBody
+import io.ktor.http.ContentType
+import io.ktor.http.contentType
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.withContext
+import kotlinx.serialization.Serializable
+import no.nav.emottak.message.model.Direction
+import no.nav.emottak.message.model.PayloadRequest
+import no.nav.emottak.payload.log
+import no.nav.emottak.util.getEnvVar
+
+class JuridiskLoggService() {
+    private val juridiskLoggUrl = getEnvVar("APP_JURIDISKLOGG_URI", "https://app-q1.adeo.no/juridisklogg") + "/api/rest/logg"
+    private val juridiskLoggStorageTime = getEnvVar("JURIDISKLOGG_STORAGE_TIME_YEARS", "1").toInt()
+    private val userName = getEnvVar("JURIDESKLOGG_USERNAME", "dummyUsername")
+    private val userPassword = getEnvVar("JURIDESKLOGG_PASSWORD", "dummyPassword")
+
+    init {
+        log.debug("Juridisk logg URL: $juridiskLoggUrl")
+        log.debug("Juridisk logg user: $userName")
+        log.debug("Juridisk logg password length: ${userPassword.length}")
+    }
+
+    fun logge(payloadRequest: PayloadRequest) {
+        val httpClient = HttpClient(CIO)
+        val request = JuridiskLoggRequest(
+            payloadRequest.messageId,
+            if (payloadRequest.direction == Direction.IN) "Ekstern bruker" else "NAV",
+            if (payloadRequest.direction == Direction.IN) "NAV" else "Ekstern bruker",
+            juridiskLoggStorageTime,
+            payloadRequest.payload.bytes
+        )
+        log.debug("Juridisk logg forespørsel: $request")
+
+        val response = suspend {
+            withContext(Dispatchers.IO) {
+                try {
+                    httpClient.post(juridiskLoggUrl) {
+                        setBody(request)
+                        contentType(ContentType.Application.Json)
+                        basicAuth(userName, userPassword)
+                    }.body<JuridiskLoggResponse>()
+                } catch (e: Exception) {
+                    log.error("Feil med å sende forespørsel til juridisk logg", e)
+                } finally {
+                    httpClient.close()
+                }
+            }
+        }
+        log.debug("Juridisk logg respons: $response")
+    }
+}
+
+@Serializable
+data class JuridiskLoggRequest(
+    val meldingsId: String,
+    val avsender: String,
+    val mottaker: String,
+    val antallAarLagres: Int = 10,
+    val meldingsInnhold: ByteArray
+)
+
+@Serializable
+data class JuridiskLoggResponse(
+    val id: String
+)