compose and authority fixes. finish sprints.

2026-02-17 21:59:47 +02:00
parent fb46a927ad
commit 49cdebe2f1
187 changed files with 23189 additions and 1439 deletions
--- a/src/Policy/StellaOps.Policy.Gateway/Services/PolicyEngineTokenProvider.cs
+++ b/src/Policy/StellaOps.Policy.Gateway/Services/PolicyEngineTokenProvider.cs
@@ -88,11 +88,22 @@ internal sealed class PolicyEngineTokenProvider
            }

            var scopeString = BuildScopeClaim(options);
-            var result = await tokenClient.RequestClientCredentialsTokenAsync(scopeString, null, cancellationToken).ConfigureAwait(false);
-            var expiresAt = result.ExpiresAtUtc;
-            cachedToken = new CachedToken(result.AccessToken, string.IsNullOrWhiteSpace(result.TokenType) ? "Bearer" : result.TokenType, expiresAt);
-            logger.LogInformation("Issued Policy Engine client credentials token; expires at {ExpiresAt:o}.", expiresAt);
-            return cachedToken;
+            try
+            {
+                var result = await tokenClient.RequestClientCredentialsTokenAsync(scopeString, null, cancellationToken).ConfigureAwait(false);
+                var expiresAt = result.ExpiresAtUtc;
+                cachedToken = new CachedToken(result.AccessToken, string.IsNullOrWhiteSpace(result.TokenType) ? "Bearer" : result.TokenType, expiresAt);
+                logger.LogInformation("Issued Policy Engine client credentials token; expires at {ExpiresAt:o}.", expiresAt);
+                return cachedToken;
+            }
+            catch (Exception ex)
+            {
+                logger.LogWarning(
+                    ex,
+                    "Unable to issue Policy Engine client credentials token for scopes '{Scopes}'.",
+                    scopeString);
+                return null;
+            }
        }
        finally
        {