style: formatKotlin

tronghn · tronghn · commit c49cab931d0a · 2025-03-03T11:01:59.000+01:00
diff --git a/wonderwalled-common/src/main/kotlin/io/nais/common/Auth.kt b/wonderwalled-common/src/main/kotlin/io/nais/common/Auth.kt
@@ -23,7 +23,9 @@ import io.opentelemetry.api.trace.Tracer
 import org.slf4j.Logger
 import org.slf4j.LoggerFactory
 
-enum class IdentityProvider(@JsonValue val alias: String) {
+enum class IdentityProvider(
+    @JsonValue val alias: String,
+) {
     MASKINPORTEN("maskinporten"),
     AZURE_AD("azuread"),
     IDPORTEN("idporten"),
@@ -84,43 +86,63 @@ class AuthClient(
 ) {
     private val tracer: Tracer = GlobalOpenTelemetry.get().getTracer("io.nais.common.AuthClient")
 
-    suspend fun token(target: String): TokenResponse = try {
-        tracer.withSpan("AuthClient/token (${provider.alias})", traceAttributes(target)) {
-            httpClient.submitForm(config.tokenEndpoint, parameters {
-                set("target", target)
-                set("identity_provider", provider.alias)
-            }).body<TokenResponse.Success>()
+    suspend fun token(target: String): TokenResponse =
+        try {
+            tracer.withSpan("AuthClient/token (${provider.alias})", traceAttributes(target)) {
+                httpClient
+                    .submitForm(
+                        config.tokenEndpoint,
+                        parameters {
+                            set("target", target)
+                            set("identity_provider", provider.alias)
+                        },
+                    ).body<TokenResponse.Success>()
+            }
+        } catch (e: ResponseException) {
+            TokenResponse.Error(e.response.body<TokenErrorResponse>(), e.response.status)
         }
-    } catch (e: ResponseException) {
-        TokenResponse.Error(e.response.body<TokenErrorResponse>(), e.response.status)
-    }
 
-    suspend fun exchange(target: String, userToken: String): TokenResponse = try {
-        tracer.withSpan("AuthClient/exchange (${provider.alias})", traceAttributes(target)) {
-            httpClient.submitForm(config.tokenExchangeEndpoint, parameters {
-                set("target", target)
-                set("user_token", userToken)
-                set("identity_provider", provider.alias)
-            }).body<TokenResponse.Success>()
+    suspend fun exchange(
+        target: String,
+        userToken: String,
+    ): TokenResponse =
+        try {
+            tracer.withSpan("AuthClient/exchange (${provider.alias})", traceAttributes(target)) {
+                httpClient
+                    .submitForm(
+                        config.tokenExchangeEndpoint,
+                        parameters {
+                            set("target", target)
+                            set("user_token", userToken)
+                            set("identity_provider", provider.alias)
+                        },
+                    ).body<TokenResponse.Success>()
+            }
+        } catch (e: ResponseException) {
+            TokenResponse.Error(e.response.body<TokenErrorResponse>(), e.response.status)
         }
-    } catch (e: ResponseException) {
-        TokenResponse.Error(e.response.body<TokenErrorResponse>(), e.response.status)
-    }
 
     suspend fun introspect(accessToken: String): TokenIntrospectionResponse =
         tracer.withSpan("AuthClient/introspect (${provider.alias})", traceAttributes()) {
-            httpClient.submitForm(config.tokenIntrospectionEndpoint, parameters {
-                set("token", accessToken)
-                set("identity_provider", provider.alias)
-            }).body()
+            httpClient
+                .submitForm(
+                    config.tokenIntrospectionEndpoint,
+                    parameters {
+                        set("token", accessToken)
+                        set("identity_provider", provider.alias)
+                    },
+                ).body()
         }
 
-    private fun traceAttributes(target: String? = null) = Attributes.builder().apply {
-        put(attributeKeyIdentityProvider, provider.alias)
-        if (target != null) {
-            put(attributeKeyTarget, target)
-        }
-    }.build()
+    private fun traceAttributes(target: String? = null) =
+        Attributes
+            .builder()
+            .apply {
+                put(attributeKeyIdentityProvider, provider.alias)
+                if (target != null) {
+                    put(attributeKeyTarget, target)
+                }
+            }.build()
 
     companion object {
         private val attributeKeyTarget: AttributeKey<String> = AttributeKey.stringKey("target")
@@ -134,57 +156,60 @@ class AuthPluginConfiguration(
     var logger: Logger = LoggerFactory.getLogger("io.nais.common.ktor.NaisAuth"),
 )
 
-val NaisAuth = createRouteScopedPlugin(
-    name = "NaisAuth",
-    createConfiguration = ::AuthPluginConfiguration,
-) {
-    val logger = pluginConfig.logger
-    val client = pluginConfig.client ?: throw IllegalArgumentException("NaisAuth plugin: client must be set")
-    val ingress = pluginConfig.ingress ?: ""
-
-    val challenge: suspend (ApplicationCall) -> Unit = { call ->
-        val target = call.loginUrl(ingress)
-        logger.info("unauthenticated: redirecting to '$target'")
-        call.respondRedirect(target)
-    }
-
-    pluginConfig.apply {
-        onCall { call ->
-            val token = call.bearerToken()
-            if (token == null) {
-                logger.warn("unauthenticated: no Bearer token found in Authorization header")
-                challenge(call)
-                return@onCall
-            }
+val NaisAuth =
+    createRouteScopedPlugin(
+        name = "NaisAuth",
+        createConfiguration = ::AuthPluginConfiguration,
+    ) {
+        val logger = pluginConfig.logger
+        val client = pluginConfig.client ?: throw IllegalArgumentException("NaisAuth plugin: client must be set")
+        val ingress = pluginConfig.ingress ?: ""
+
+        val challenge: suspend (ApplicationCall) -> Unit = { call ->
+            val target = call.loginUrl(ingress)
+            logger.info("unauthenticated: redirecting to '$target'")
+            call.respondRedirect(target)
+        }
 
-            val introspectResponse = try {
-                client.introspect(token)
-            } catch (e: Exception) {
-                logger.error("unauthenticated: introspect request failed: ${e.message}")
+        pluginConfig.apply {
+            onCall { call ->
+                val token = call.bearerToken()
+                if (token == null) {
+                    logger.warn("unauthenticated: no Bearer token found in Authorization header")
+                    challenge(call)
+                    return@onCall
+                }
+
+                val introspectResponse =
+                    try {
+                        client.introspect(token)
+                    } catch (e: Exception) {
+                        logger.error("unauthenticated: introspect request failed: ${e.message}")
+                        challenge(call)
+                        return@onCall
+                    }
+
+                if (introspectResponse.active) {
+                    logger.info("authenticated - claims='${introspectResponse.other}'")
+                    return@onCall
+                }
+
+                logger.warn("unauthenticated: ${introspectResponse.error}")
                 challenge(call)
                 return@onCall
             }
-
-            if (introspectResponse.active) {
-                logger.info("authenticated - claims='${introspectResponse.other}'")
-                return@onCall
-            }
-
-            logger.warn("unauthenticated: ${introspectResponse.error}")
-            challenge(call)
-            return@onCall
         }
-    }
 
-    logger.info("NaisAuth plugin loaded.")
-}
+        logger.info("NaisAuth plugin loaded.")
+    }
 
 // loginUrl constructs a URL string that points to the login endpoint (Wonderwall) for redirecting a request.
 // It also indicates that the user should be redirected back to the original request path after authentication
 private fun ApplicationCall.loginUrl(defaultHost: String): String {
-    val host = defaultHost.ifEmpty(defaultValue = {
-        "${this.request.local.scheme}://${this.request.host()}"
-    })
+    val host =
+        defaultHost.ifEmpty(defaultValue = {
+            "${this.request.local.scheme}://${this.request.host()}"
+        })
 
     return "$host/oauth2/login?redirect=${this.request.uri}"
 }
diff --git a/wonderwalled-common/src/main/kotlin/io/nais/common/Http.kt b/wonderwalled-common/src/main/kotlin/io/nais/common/Http.kt
@@ -21,33 +21,34 @@ import io.ktor.server.routing.get
 import io.ktor.server.routing.route
 import io.ktor.server.routing.routing
 import io.opentelemetry.api.GlobalOpenTelemetry
-import org.slf4j.event.Level
-import java.util.UUID
 import io.opentelemetry.instrumentation.ktor.v3_0.KtorClientTelemetry
 import io.opentelemetry.instrumentation.ktor.v3_0.KtorServerTelemetry
+import org.slf4j.event.Level
+import java.util.UUID
 import io.ktor.client.engine.cio.CIO as ClientCIO
 import io.ktor.client.plugins.contentnegotiation.ContentNegotiation as ClientContentNegotiation
 import io.ktor.server.cio.CIO as ServerCIO
 import io.ktor.server.plugins.contentnegotiation.ContentNegotiation as ServerContentNegotiation
 
-fun defaultHttpClient() = HttpClient(ClientCIO) {
-    expectSuccess = true
-    install(ClientContentNegotiation) {
-        jackson {
-            deserializationConfig.apply {
-                configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false)
+fun defaultHttpClient() =
+    HttpClient(ClientCIO) {
+        expectSuccess = true
+        install(ClientContentNegotiation) {
+            jackson {
+                deserializationConfig.apply {
+                    configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false)
+                }
             }
         }
-    }
 
-    install(KtorClientTelemetry) {
-        setOpenTelemetry(GlobalOpenTelemetry.get())
+        install(KtorClientTelemetry) {
+            setOpenTelemetry(GlobalOpenTelemetry.get())
+        }
     }
-}
 
 fun server(
     config: Config = Config(),
-    module: Application.(Config) -> Unit
+    module: Application.(Config) -> Unit,
 ) = embeddedServer(ServerCIO, port = config.port) {
     install(ServerContentNegotiation) {
         jackson {
@@ -100,7 +101,8 @@ fun ApplicationCall.requestHeaders(): Map<String, String> =
         .associate { header -> header.key to header.value.joinToString() }
 
 fun ApplicationCall.bearerToken(): String? =
-    request.authorization()
+    request
+        .authorization()
         ?.takeIf { it.startsWith("Bearer ", ignoreCase = true) }
         ?.removePrefix("Bearer ")
         ?.removePrefix("bearer ")
diff --git a/wonderwalled-common/src/main/kotlin/io/nais/common/Tracing.kt b/wonderwalled-common/src/main/kotlin/io/nais/common/Tracing.kt
@@ -11,14 +11,15 @@ import kotlin.coroutines.coroutineContext
 suspend fun <T> Tracer.withSpan(
     spanName: String,
     attributes: Attributes? = null,
-    block: suspend (span: Span) -> T
+    block: suspend (span: Span) -> T,
 ): T {
-    val span: Span = this.spanBuilder(spanName).run {
-        if (attributes != null) {
-            setAllAttributes(attributes)
+    val span: Span =
+        this.spanBuilder(spanName).run {
+            if (attributes != null) {
+                setAllAttributes(attributes)
+            }
+            startSpan()
         }
-        startSpan()
-    }
 
     return withContext(coroutineContext + span.asContextElement()) {
         try {
