tenant fixes

src/VexHub/StellaOps.VexHub.WebService/Extensions/VexHubEndpointExtensions.cs

@@ -1,5 +1,6 @@
 
 using Microsoft.AspNetCore.Mvc;
+using StellaOps.Auth.ServerIntegration.Tenancy;
 using StellaOps.VexHub.Core;
 using StellaOps.VexHub.Core.Export;
 using StellaOps.VexHub.Core.Models;
@@ -23,7 +24,8 @@ public static class VexHubEndpointExtensions
     {
         var vexGroup = app.MapGroup("/api/v1/vex")
             .WithTags("VEX")
-            .RequireAuthorization(VexHubPolicies.Read);
+            .RequireAuthorization(VexHubPolicies.Read)
+            .RequireTenant();
 
         // GET /api/v1/vex/cve/{cve-id}
         vexGroup.MapGet("/cve/{cveId}", GetByCve)

src/VexHub/StellaOps.VexHub.WebService/Program.cs

@@ -1,6 +1,7 @@
 
 using Serilog;
 using StellaOps.Auth.ServerIntegration;
+using StellaOps.Auth.ServerIntegration.Tenancy;
 using StellaOps.Router.AspNet;
 using StellaOps.VexHub.Core.Extensions;
 using StellaOps.VexHub.Persistence.Extensions;
@@ -44,6 +45,7 @@ builder.Services.AddAuthentication("ApiKey")
         }
     });
 
+builder.Services.AddStellaOpsTenantServices();
 builder.Services.AddAuthorization(options =>
 {
     // VexHub uses API-key authentication; policies require an authenticated API key holder.
@@ -82,6 +84,7 @@ app.UseVexHubRateLimiting();
 app.UseStellaOpsCors();
 app.UseAuthentication();
 app.UseAuthorization();
+app.UseStellaOpsTenantMiddleware();
 app.TryUseStellaRouter(routerEnabled);
 
 // Map API endpoints