mirror of
https://github.com/azaion/annotations.git
synced 2026-06-21 08:11:05 +00:00
Oleksandr Bezdieniezhnykh
03f879206e
This commit captures everything produced during autodev existing-code Steps 1 (Document), 2 (Architecture Baseline Scan), and 3 (Test Spec), together with the targeted auth + CORS re-sync triggered on 2026-05-14 when codebase drift was detected at Step 4 entry. None of this work was previously committed. Step 1 (Document) — 50+ _docs/02_document/ files: problem, solution, architecture, system flows, glossary, module-layout, per-component specs (01..06), modules, deployment, diagrams, data model, FINAL report, verification log, discovery. Step 2 (Architecture Baseline) — architecture_compliance_baseline.md. Verdict PASS_WITH_WARNINGS (0 Critical, 0 High, 1 Medium, 2 Low). No High/Critical findings; auto-chained to Step 3 per existing-code flow. Step 3 (Test Spec) — _docs/02_document/tests/* (67 scenarios across blackbox, security, resilience, resource-limit, performance), plus e2e/docker-compose.test.yml, e2e/seed/run.sh, scripts/run-tests.sh, scripts/run-performance-tests.sh. Coverage 88% over the active scope (40 of 45 items covered, 6 RB-deferred, 5 documented-as-uncovered). Targeted auth + CORS re-sync — replaces the deleted in-house token issuer with a JWKS-verifier model. AuthController and TokenService removed; JwtExtensions switched from HS256 symmetric to ES256 over admin's JWKS. ConfigurationResolver and CorsConfigurationValidator added under src/Infrastructure/. ADR-002 and ADR-006 retired; SEC-01, SEC-02, SEC-03 marked Closed. One new testability risk recorded in architecture.md Open Risks Section 6 (JWKS HTTPS gating). Source changes: - src/Auth/JwtExtensions.cs (modified) — ES256, JWKS, alg pinning - src/Program.cs (modified) — DI wiring for ConfigurationResolver and CorsConfigurationValidator - src/Controllers/AuthController.cs (deleted) — no in-service issuance - src/Services/TokenService.cs (deleted) — same - src/Infrastructure/ConfigurationResolver.cs (new) - src/Infrastructure/CorsConfigurationValidator.cs (new) - .env.example (new) — required env var documentation - .gitignore (updated) Cross-repo coordination: _docs/cross-repo/flights_h1_h2_h3_change_spec captures the change-spec for downstream services that consumed the now deleted /auth endpoints. Co-authored-by: Cursor <cursoragent@cursor.com>
42 lines
1.7 KiB
C#
42 lines
1.7 KiB
C#
namespace Azaion.Annotations.Infrastructure;
|
|
|
|
public static class CorsConfigurationValidator
|
|
{
|
|
public const string MissingOriginsMessage =
|
|
"CORS is misconfigured: CorsConfig:AllowedOrigins is empty and CorsConfig:AllowAnyOrigin is not true. " +
|
|
"Refusing to start in Production with a permissive CORS policy. " +
|
|
"Set CorsConfig:AllowedOrigins to a non-empty array, or set CorsConfig:AllowAnyOrigin=true to opt in.";
|
|
|
|
public const string PermissiveDefaultWarning =
|
|
"CorsConfig:AllowedOrigins is empty and CorsConfig:AllowAnyOrigin is not true. " +
|
|
"Permissive CORS is being applied for environment {Environment}; do not run with this configuration in Production.";
|
|
|
|
public static void EnsureSafeForEnvironment(
|
|
string[] allowedOrigins,
|
|
bool allowAnyOrigin,
|
|
string environmentName)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(allowedOrigins);
|
|
ArgumentNullException.ThrowIfNull(environmentName);
|
|
|
|
if (allowedOrigins.Length == 0
|
|
&& !allowAnyOrigin
|
|
&& string.Equals(environmentName, "Production", StringComparison.OrdinalIgnoreCase))
|
|
{
|
|
throw new InvalidOperationException(MissingOriginsMessage);
|
|
}
|
|
}
|
|
|
|
public static bool ShouldUsePermissivePolicy(string[] allowedOrigins, bool allowAnyOrigin)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(allowedOrigins);
|
|
return allowAnyOrigin || allowedOrigins.Length == 0;
|
|
}
|
|
|
|
public static bool ShouldWarnAboutPermissiveDefault(string[] allowedOrigins, bool allowAnyOrigin)
|
|
{
|
|
ArgumentNullException.ThrowIfNull(allowedOrigins);
|
|
return allowedOrigins.Length == 0 && !allowAnyOrigin;
|
|
}
|
|
}
|