mirror of
https://github.com/azaion/satellite-provider.git
synced 2026-06-21 08:41:13 +00:00
Oleksandr Bezdieniezhnykh
96cd3c4495
Adds Microsoft.AspNetCore.Authentication.JwtBearer 8.0.21 and the SatelliteProvider.Api.Authentication.AddSatelliteJwt extension that validates HS256 tokens against a shared JWT_SECRET (>=32 bytes, fail fast at startup). Every minimal-API endpoint now carries .RequireAuthorization(); the middleware chain is UseExceptionHandler -> UseHttpsRedirection -> UseCors -> UseAuthentication -> UseAuthorization -> endpoints. Swagger UI gets a Bearer security definition so the Authorize button works. Test infrastructure: JwtTokenFactory (unit) and JwtTestHelpers (integration) mint deterministic tokens against the same secret; the integration test runner attaches a default Bearer token to its shared HttpClient so existing tests continue to exercise protected endpoints. JwtIntegrationTests adds AC-1..AC-4 and AC-7 (Swagger advertises Bearer) end-to-end; AuthenticationServiceCollectionExtensionsTests covers AC-5 (missing/empty/short secret fail-fast) plus env-var precedence; JwtTokenFactoryTests covers AC-6 (claims pass through the JwtSecurityTokenHandler.ValidateToken path JwtBearer uses). docker-compose and scripts/run-tests.sh now propagate JWT_SECRET to the api and integration-tests containers, with a >=32-byte guard. .env.example documents the required keys; .env stays gitignored. Code review verdict: PASS_WITH_WARNINGS (2 Low findings surfaced in _docs/03_implementation/reviews/batch_01_cycle2_review.md). Cross-component coordination: gps-denied-onboard and the mission planner UI must attach Bearer tokens before this lands in dev. Co-authored-by: Cursor <cursoragent@cursor.com>
57 lines
1.4 KiB
JSON
57 lines
1.4 KiB
JSON
{
|
|
"Serilog": {
|
|
"Using": [ "Serilog.Sinks.Console", "Serilog.Sinks.File" ],
|
|
"MinimumLevel": {
|
|
"Default": "Warning",
|
|
"Override": {
|
|
"Microsoft.AspNetCore": "Warning"
|
|
}
|
|
},
|
|
"WriteTo": [
|
|
{ "Name": "Console" },
|
|
{
|
|
"Name": "File",
|
|
"Args": {
|
|
"path": "./logs/satellite-provider-.log",
|
|
"rollingInterval": "Day",
|
|
"outputTemplate": "{Timestamp:yyyy-MM-dd HH:mm:ss.fff zzz} [{Level:u3}] {Message:lj}{NewLine}{Exception}"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"AllowedHosts": "*",
|
|
"ConnectionStrings": {
|
|
"DefaultConnection": "Host=localhost;Database=satelliteprovider;Username=postgres;Password=postgres"
|
|
},
|
|
"Jwt": {
|
|
"Secret": ""
|
|
},
|
|
"MapConfig": {
|
|
"Service": "GoogleMaps",
|
|
"ApiKey": "",
|
|
"TileSizePixels": 256,
|
|
"AllowedZoomLevels": [ 15, 16, 17, 18, 19 ],
|
|
"RetryBaseDelaySeconds": 1,
|
|
"RetryMaxDelaySeconds": 30
|
|
},
|
|
"StorageConfig": {
|
|
"TilesDirectory": "./tiles",
|
|
"ReadyDirectory": "./ready"
|
|
},
|
|
"ProcessingConfig": {
|
|
"MaxConcurrentDownloads": 4,
|
|
"MaxConcurrentRegions": 20,
|
|
"DefaultZoomLevel": 20,
|
|
"QueueCapacity": 1000,
|
|
"DelayBetweenRequestsMs": 50,
|
|
"SessionTokenReuseCount": 100,
|
|
"RegionProcessingTimeoutSeconds": 300,
|
|
"RouteProcessingPollIntervalSeconds": 5,
|
|
"MaxRoutePointSpacingMeters": 200.0,
|
|
"LatLonTolerance": 0.0001
|
|
},
|
|
"CorsConfig": {
|
|
"AllowedOrigins": []
|
|
}
|
|
}
|