compose and authority fixes. finish sprints.
This commit is contained in:
master
@@ -647,17 +647,24 @@ if (authorityConfigured)
|
||||
resourceOptions.MetadataAddress = concelierOptions.Authority.MetadataAddress;
|
||||
}
|
||||
|
||||
foreach (var audience in concelierOptions.Authority.Audiences)
|
||||
// Read collections directly from IConfiguration to work around
|
||||
// .NET Configuration.Bind() not populating IList<string> in nested init objects.
|
||||
var authSection = builder.Configuration.GetSection("Authority");
|
||||
|
||||
var cfgAudiences = authSection.GetSection("Audiences").Get<string[]>() ?? [];
|
||||
foreach (var audience in cfgAudiences)
|
||||
{
|
||||
resourceOptions.Audiences.Add(audience);
|
||||
}
|
||||
|
||||
foreach (var scope in concelierOptions.Authority.RequiredScopes)
|
||||
var cfgScopes = authSection.GetSection("RequiredScopes").Get<string[]>() ?? [];
|
||||
foreach (var scope in cfgScopes)
|
||||
{
|
||||
resourceOptions.RequiredScopes.Add(scope);
|
||||
}
|
||||
|
||||
foreach (var network in concelierOptions.Authority.BypassNetworks)
|
||||
var cfgBypassNetworks = authSection.GetSection("BypassNetworks").Get<string[]>() ?? [];
|
||||
foreach (var network in cfgBypassNetworks)
|
||||
{
|
||||
resourceOptions.BypassNetworks.Add(network);
|
||||
}
|
||||
@@ -762,7 +769,13 @@ if (authorityConfigured)
|
||||
resourceOptions.BackchannelTimeout = TimeSpan.FromSeconds(authority.BackchannelTimeoutSeconds);
|
||||
resourceOptions.TokenClockSkew = TimeSpan.FromSeconds(authority.TokenClockSkewSeconds);
|
||||
|
||||
foreach (var audience in authority.Audiences)
|
||||
// Also read collections directly from IConfiguration here (TestSigningSecret branch)
|
||||
// to work around .NET Configuration.Bind() not populating IList<string>.
|
||||
var cfg = builder.Configuration;
|
||||
var authCfgSection = cfg.GetSection("Authority");
|
||||
|
||||
var cfgAudiences2 = authCfgSection.GetSection("Audiences").Get<string[]>() ?? [];
|
||||
foreach (var audience in cfgAudiences2)
|
||||
{
|
||||
if (!resourceOptions.Audiences.Contains(audience))
|
||||
{
|
||||
@@ -770,7 +783,8 @@ if (authorityConfigured)
|
||||
}
|
||||
}
|
||||
|
||||
foreach (var scope in authority.RequiredScopes)
|
||||
var cfgScopes2 = authCfgSection.GetSection("RequiredScopes").Get<string[]>() ?? [];
|
||||
foreach (var scope in cfgScopes2)
|
||||
{
|
||||
if (!resourceOptions.RequiredScopes.Contains(scope))
|
||||
{
|
||||
@@ -778,7 +792,8 @@ if (authorityConfigured)
|
||||
}
|
||||
}
|
||||
|
||||
foreach (var network in authority.BypassNetworks)
|
||||
var cfgBypass2 = authCfgSection.GetSection("BypassNetworks").Get<string[]>() ?? [];
|
||||
foreach (var network in cfgBypass2)
|
||||
{
|
||||
if (!resourceOptions.BypassNetworks.Contains(network))
|
||||
{
|
||||
@@ -786,7 +801,8 @@ if (authorityConfigured)
|
||||
}
|
||||
}
|
||||
|
||||
foreach (var tenant in authority.RequiredTenants)
|
||||
var cfgTenants2 = authCfgSection.GetSection("RequiredTenants").Get<string[]>() ?? [];
|
||||
foreach (var tenant in cfgTenants2)
|
||||
{
|
||||
if (!resourceOptions.RequiredTenants.Contains(tenant))
|
||||
{
|
||||
@@ -898,6 +914,15 @@ app.MapInterestScoreEndpoints();
|
||||
// Federation endpoints for site-to-site bundle sync
|
||||
app.MapConcelierFederationEndpoints();
|
||||
|
||||
// AirGap endpoints for sealed-mode operations
|
||||
app.MapConcelierAirGapEndpoints();
|
||||
|
||||
// Feed snapshot endpoints for atomic multi-source snapshots
|
||||
app.MapFeedSnapshotEndpoints();
|
||||
|
||||
// Feed mirror management, bundles, version locks, offline status
|
||||
app.MapFeedMirrorManagementEndpoints();
|
||||
|
||||
app.MapGet("/.well-known/openapi", ([FromServices] OpenApiDiscoveryDocumentProvider provider, HttpContext context) =>
|
||||
{
|
||||
var (payload, etag) = provider.GetDocument();
|
||||
|
||||
Reference in New Issue
Block a user