mirror of
https://github.com/azaion/satellite-provider.git
synced 2026-06-21 08:41:13 +00:00
Oleksandr Bezdieniezhnykh
f979e18811
Option B per user decision: production ships with empty Jwt.Issuer / Jwt.Audience in appsettings.json so the API process refuses to start unless JWT_ISSUER + JWT_AUDIENCE env vars are supplied. Development ships with grep-friendly DEV-ONLY- placeholders so local + docker flows keep working unchanged. AuthenticationServiceCollectionExtensions flips ValidateIssuer + ValidateAudience to true and wires ValidIssuer / ValidAudience via a new ResolveRequiredOrThrow helper that all three required values (secret, iss, aud) now share. JwtTokenFactory.Create + CreateExpired gain optional iss / aud parameters (default null) so existing call sites compile unchanged. JwtTestHelpers adds MintAuthenticated / MintExpired wrappers that resolve iss + aud from env, plus ResolveIssuerOrThrow / ResolveAudienceOrThrow. PerfBootstrap.MintToken + Program.cs JWT bootstrap migrated to the new surface so the perf harness and the integration runner both validate against the same contract. Adds 4 fail-fast unit tests (missing/empty issuer + audience), 2 negative integration scenarios (WrongIssuer_Returns401, WrongAudience_Returns401), and re-tags every existing integration mint site via MintAuthenticated. Compose, .env.example, run-tests.sh, run-performance-tests.sh all load + export JWT_ISSUER + JWT_AUDIENCE alongside JWT_SECRET. Resolves F-AUTH-2 (security_report.md + owasp_review.md). AC-7 (cross-repo suite/_docs/10_auth.md write) deferred — outside this workspace; tracked in deploy_cycle2.md R3 follow-up. Co-authored-by: Cursor <cursoragent@cursor.com>
33 lines
1.3 KiB
Bash
33 lines
1.3 KiB
Bash
# Satellite Provider environment configuration template.
|
|
# Copy this file to `.env` and replace placeholder values before running
|
|
# docker-compose or scripts/run-tests.sh.
|
|
#
|
|
# IMPORTANT: `.env` is gitignored on purpose. Never commit real secrets.
|
|
|
|
# Google Maps Platform API key for satellite imagery downloads.
|
|
GOOGLE_MAPS_API_KEY=
|
|
|
|
# HMAC-SHA256 signing key for JWT validation (suite-level auth contract,
|
|
# `suite/_docs/10_auth.md`). MUST be at least 32 bytes (UTF-8) — the API
|
|
# fails fast on startup if this is unset or shorter.
|
|
#
|
|
# Generate a strong secret with, for example:
|
|
# openssl rand -hex 32
|
|
#
|
|
# Test/CI runs may use a clearly tagged TEST-ONLY value (still >=32 bytes).
|
|
JWT_SECRET=
|
|
|
|
# JWT issuer / audience claims (AZ-494). Both are REQUIRED — the API
|
|
# fails fast at startup if either is unset or whitespace-only.
|
|
#
|
|
# Production values MUST be confirmed by the admin team before deploy
|
|
# (the admin API stamps the `iss` claim; satellite-provider validates
|
|
# the `aud` claim). For local dev these can use the DEV-ONLY values
|
|
# baked into appsettings.Development.json — leave blank to fall back.
|
|
#
|
|
# Example values (NEVER use these in prod):
|
|
# JWT_ISSUER=DEV-ONLY-iss-admin-azaion-local
|
|
# JWT_AUDIENCE=DEV-ONLY-aud-satellite-provider
|
|
JWT_ISSUER=
|
|
JWT_AUDIENCE=
|