Merge branch 'main' of https://git.stella-ops.org/stella-ops.org/git.stella-ops.org

2025-12-29 20:10:48 +02:00
parent 7825a79083 a4badc275e
commit 1dc4bcbf10
297 changed files with 53621 additions and 390 deletions
--- a/src/Scanner/StellaOps.Scanner.WebService/Endpoints/SourcesEndpoints.cs
+++ b/src/Scanner/StellaOps.Scanner.WebService/Endpoints/SourcesEndpoints.cs
@@ -1,3 +1,4 @@
+using System.Security.Claims;
 using System.Text.Json;
 using System.Text.Json.Serialization;
 using Microsoft.AspNetCore.Http;
@@ -141,12 +142,10 @@ internal static class SourcesEndpoints
    private static async Task<IResult> HandleListAsync(
        [AsParameters] ListSourcesQueryParams queryParams,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -171,12 +170,10 @@ internal static class SourcesEndpoints
    private static async Task<IResult> HandleGetAsync(
        Guid sourceId,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -202,12 +199,10 @@ internal static class SourcesEndpoints
    private static async Task<IResult> HandleGetByNameAsync(
        string name,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -233,14 +228,11 @@ internal static class SourcesEndpoints
    private static async Task<IResult> HandleCreateAsync(
        CreateSourceRequest request,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
-        IUserContext userContext,
        LinkGenerator links,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -249,7 +241,7 @@ internal static class SourcesEndpoints
                StatusCodes.Status400BadRequest);
        }

-        var userId = userContext.UserId ?? "system";
+        var userId = ResolveActor(context);

        try
        {
@@ -291,13 +283,10 @@ internal static class SourcesEndpoints
        Guid sourceId,
        UpdateSourceRequest request,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
-        IUserContext userContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -306,7 +295,7 @@ internal static class SourcesEndpoints
                StatusCodes.Status400BadRequest);
        }

-        var userId = userContext.UserId ?? "system";
+        var userId = ResolveActor(context);

        try
        {
@@ -344,12 +333,10 @@ internal static class SourcesEndpoints
    private static async Task<IResult> HandleDeleteAsync(
        Guid sourceId,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -376,12 +363,10 @@ internal static class SourcesEndpoints
    private static async Task<IResult> HandleTestConnectionAsync(
        Guid sourceId,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -408,12 +393,10 @@ internal static class SourcesEndpoints
    private static async Task<IResult> HandleTestNewConnectionAsync(
        TestConnectionRequest request,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -430,13 +413,10 @@ internal static class SourcesEndpoints
        Guid sourceId,
        PauseSourceRequest request,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
-        IUserContext userContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -445,7 +425,7 @@ internal static class SourcesEndpoints
                StatusCodes.Status400BadRequest);
        }

-        var userId = userContext.UserId ?? "system";
+        var userId = ResolveActor(context);

        try
        {
@@ -465,13 +445,10 @@ internal static class SourcesEndpoints
    private static async Task<IResult> HandleResumeAsync(
        Guid sourceId,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
-        IUserContext userContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -480,7 +457,7 @@ internal static class SourcesEndpoints
                StatusCodes.Status400BadRequest);
        }

-        var userId = userContext.UserId ?? "system";
+        var userId = ResolveActor(context);

        try
        {
@@ -500,13 +477,10 @@ internal static class SourcesEndpoints
    private static async Task<IResult> HandleActivateAsync(
        Guid sourceId,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
-        IUserContext userContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -515,7 +489,7 @@ internal static class SourcesEndpoints
                StatusCodes.Status400BadRequest);
        }

-        var userId = userContext.UserId ?? "system";
+        var userId = ResolveActor(context);

        try
        {
@@ -536,13 +510,10 @@ internal static class SourcesEndpoints
        Guid sourceId,
        TriggerScanRequest? request,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
-        IUserContext userContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -551,7 +522,7 @@ internal static class SourcesEndpoints
                StatusCodes.Status400BadRequest);
        }

-        var userId = userContext.UserId ?? "system";
+        var userId = ResolveActor(context);

        try
        {
@@ -581,12 +552,10 @@ internal static class SourcesEndpoints
        Guid sourceId,
        [AsParameters] ListRunsQueryParams queryParams,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -622,12 +591,10 @@ internal static class SourcesEndpoints
        Guid sourceId,
        Guid runId,
        ISbomSourceService sourceService,
-        ITenantContext tenantContext,
        HttpContext context,
        CancellationToken ct)
    {
-        var tenantId = tenantContext.TenantId;
-        if (string.IsNullOrEmpty(tenantId))
+        if (!TryResolveTenant(context, out var tenantId))
        {
            return ProblemResultFactory.Create(
                context,
@@ -690,6 +657,57 @@ internal static class SourcesEndpoints
        _ => "Unknown source type"
    };

+    private static bool TryResolveTenant(HttpContext context, out string tenantId)
+    {
+        tenantId = string.Empty;
+
+        var tenant = context.User?.FindFirstValue(StellaOpsClaimTypes.Tenant);
+        if (!string.IsNullOrWhiteSpace(tenant))
+        {
+            tenantId = tenant.Trim();
+            return true;
+        }
+
+        if (context.Request.Headers.TryGetValue("X-Stella-Tenant", out var headerTenant))
+        {
+            var headerValue = headerTenant.ToString();
+            if (!string.IsNullOrWhiteSpace(headerValue))
+            {
+                tenantId = headerValue.Trim();
+                return true;
+            }
+        }
+
+        if (context.Request.Headers.TryGetValue("X-Tenant-Id", out var legacyTenant))
+        {
+            var headerValue = legacyTenant.ToString();
+            if (!string.IsNullOrWhiteSpace(headerValue))
+            {
+                tenantId = headerValue.Trim();
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    private static string ResolveActor(HttpContext context)
+    {
+        var subject = context.User?.FindFirstValue(StellaOpsClaimTypes.Subject);
+        if (!string.IsNullOrWhiteSpace(subject))
+        {
+            return subject.Trim();
+        }
+
+        var clientId = context.User?.FindFirstValue(StellaOpsClaimTypes.ClientId);
+        if (!string.IsNullOrWhiteSpace(clientId))
+        {
+            return clientId.Trim();
+        }
+
+        return "system";
+    }
+
    private static IResult Json<T>(T value, int statusCode)
    {
        var payload = JsonSerializer.Serialize(value, SerializerOptions);