migrate microsoft graph 3.0.0

apps/backend/pom.xml

@@ -35,6 +35,8 @@
         <guava.version>30.1.1-jre</guava.version>
         <json-smart.version>2.3</json-smart.version>
         <jna.version>5.7.0</jna.version>
+        <jetbrains.annotation.version>15.0</jetbrains.annotation.version>
+        <stax2-api.version>4.2.1</stax2-api.version>
 
         <!-- Test -->
         <testcontainers.version>1.15.2</testcontainers.version>
@@ -301,6 +303,21 @@
                     </exclusion>
                 </exclusions>
             </dependency>
+            <dependency>
+                <groupId>net.java.dev.jna</groupId>
+                <artifactId>jna-platform</artifactId>
+                <version>${jna.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.jetbrains</groupId>
+                <artifactId>annotations</artifactId>
+                <version>${jetbrains.annotation.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.codehaus.woodstox</groupId>
+                <artifactId>stax2-api</artifactId>
+                <version>${stax2-api.version}</version>
+            </dependency>
 
             <dependency>
                 <groupId>com.google.guava</groupId>

apps/backend/src/main/java/no/nav/data/common/security/azure/AzureAdService.java

@@ -1,10 +1,12 @@
 package no.nav.data.common.security.azure;
 
-import com.microsoft.graph.models.extensions.IGraphServiceClient;
+import com.microsoft.graph.models.UserSendMailParameterSet;
+import com.microsoft.graph.requests.GraphServiceClient;
 import lombok.extern.slf4j.Slf4j;
 import no.nav.data.common.mail.EmailProvider;
 import no.nav.data.common.mail.MailTask;
 import no.nav.data.common.storage.StorageService;
+import okhttp3.Request;
 import org.springframework.stereotype.Service;
 
 import static no.nav.data.common.security.azure.support.MailMessage.compose;
@@ -25,14 +27,17 @@ public AzureAdService(AzureTokenProvider azureTokenProvider, StorageService stor
     public void sendMail(MailTask mailTask) {
         log.info("Sending mail {} to {}", mailTask.getSubject(), mailTask.getTo());
         getMailGraphClient().me()
-                .sendMail(compose(mailTask.getTo(), mailTask.getSubject(), mailTask.getBody()), false)
+                .sendMail(UserSendMailParameterSet.newBuilder()
+                        .withMessage(compose(mailTask.getTo(), mailTask.getSubject(), mailTask.getBody()))
+                        .withSaveToSentItems(false)
+                        .build())
                 .buildRequest()
                 .post();
 
         storage.save(mailTask.toMailLog());
     }
 
-    private IGraphServiceClient getMailGraphClient() {
+    private GraphServiceClient<Request> getMailGraphClient() {
         return azureTokenProvider.getGraphClient(azureTokenProvider.getMailAccessToken());
     }
 

apps/backend/src/main/java/no/nav/data/common/security/azure/AzureTokenProvider.java

@@ -11,10 +11,7 @@
 import com.microsoft.aad.msal4j.RefreshTokenParameters;
 import com.microsoft.aad.msal4j.ResponseMode;
 import com.microsoft.aad.msal4j.UserNamePasswordParameters;
-import com.microsoft.graph.concurrency.DefaultExecutors;
-import com.microsoft.graph.logger.DefaultLogger;
-import com.microsoft.graph.models.extensions.IGraphServiceClient;
-import com.microsoft.graph.requests.extensions.GraphServiceClient;
+import com.microsoft.graph.requests.GraphServiceClient;
 import com.nimbusds.oauth2.sdk.pkce.CodeChallengeMethod;
 import io.prometheus.client.Summary;
 import lombok.extern.slf4j.Slf4j;
@@ -29,22 +26,21 @@
 import no.nav.data.common.security.dto.Credential;
 import no.nav.data.common.security.dto.OAuthState;
 import no.nav.data.common.utils.MetricUtils;
+import okhttp3.Request;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.lang3.StringUtils;
-import org.springframework.http.HttpHeaders;
 import org.springframework.stereotype.Service;
 import org.springframework.util.Assert;
 import org.springframework.util.ReflectionUtils;
 
-import java.lang.reflect.Field;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.net.URI;
 import java.net.URL;
 import java.time.Duration;
 import java.util.Set;
-import java.util.concurrent.ThreadPoolExecutor;
+import java.util.concurrent.CompletableFuture;
 
 import static java.util.Objects.requireNonNull;
 import static no.nav.data.common.security.SecurityConstants.SESS_ID_LEN;
@@ -60,7 +56,6 @@ public class AzureTokenProvider implements TokenProvider {
     private final IConfidentialClientApplication msalClient;
     private final PublicClientApplication msalPublicClient;
     private final AuthService authService;
-    private final MdcMsalExecutor msalExecutor;
 
     private final AADAuthenticationProperties aadAuthProps;
     private final Encryptor encryptor;
@@ -69,12 +64,11 @@ public class AzureTokenProvider implements TokenProvider {
 
     public AzureTokenProvider(AADAuthenticationProperties aadAuthProps,
             IConfidentialClientApplication msalClient, PublicClientApplication msalPublicClient,
-            AuthService authService, ThreadPoolExecutor msalThreadPool, Encryptor encryptor) {
+            AuthService authService, Encryptor encryptor) {
         this.aadAuthProps = aadAuthProps;
         this.msalClient = msalClient;
         this.msalPublicClient = msalPublicClient;
         this.authService = authService;
-        this.msalExecutor = new MdcMsalExecutor(msalThreadPool);
         this.encryptor = encryptor;
         this.tokenMetrics = MetricUtils.summary()
                 .labels("accessToken")
@@ -92,10 +86,11 @@ public AzureTokenProvider(AADAuthenticationProperties aadAuthProps,
         MetricUtils.register("accessTokenCache", accessTokenCache);
     }
 
-    IGraphServiceClient getGraphClient(String accessToken) {
+    // buildClient has omitted it's generic type...
+    @SuppressWarnings("unchecked")
+    GraphServiceClient<Request> getGraphClient(String accessToken) {
         return GraphServiceClient.builder()
-                .authenticationProvider(request -> request.addHeader(HttpHeaders.AUTHORIZATION, TOKEN_TYPE + accessToken))
-                .executors(msalExecutor)
+                .authenticationProvider(url -> CompletableFuture.completedFuture(accessToken))
                 .logger(new GraphLogger())
                 .buildClient();
     }
@@ -223,24 +218,4 @@ private IAuthenticationResult acquireTokenByCredential(String resource) {
         }
     }
 
-    private static class MdcMsalExecutor extends DefaultExecutors {
-
-        static Field backgroundExecutor;
-
-        static {
-            backgroundExecutor = ReflectionUtils.findField(DefaultExecutors.class, "backgroundExecutor", ThreadPoolExecutor.class);
-            Assert.notNull(backgroundExecutor, "couldn't find executor field");
-            backgroundExecutor.setAccessible(true);
-        }
-
-        public MdcMsalExecutor(ThreadPoolExecutor threadPoolExecutor) {
-            super(new DefaultLogger());
-            try {
-                backgroundExecutor.set(this, threadPoolExecutor);
-            } catch (Exception e) {
-                throw new TechnicalException("reflection error", e);
-            }
-        }
-    }
-
 }

apps/backend/src/main/java/no/nav/data/common/security/azure/support/MailMessage.java

@@ -1,10 +1,10 @@
 package no.nav.data.common.security.azure.support;
 
-import com.microsoft.graph.models.extensions.EmailAddress;
-import com.microsoft.graph.models.extensions.ItemBody;
-import com.microsoft.graph.models.extensions.Message;
-import com.microsoft.graph.models.extensions.Recipient;
-import com.microsoft.graph.models.generated.BodyType;
+import com.microsoft.graph.models.BodyType;
+import com.microsoft.graph.models.EmailAddress;
+import com.microsoft.graph.models.ItemBody;
+import com.microsoft.graph.models.Message;
+import com.microsoft.graph.models.Recipient;
 import lombok.experimental.UtilityClass;
 
 import java.util.List;