Restructure solution layout by module

src/Scheduler/StellaOps.Scheduler.WebService/Auth/HeaderScopeAuthorizer.cs

@@ -0,0 +1,31 @@
+using Microsoft.AspNetCore.Http;
+
+namespace StellaOps.Scheduler.WebService.Auth;
+
+internal sealed class HeaderScopeAuthorizer : IScopeAuthorizer
+{
+    private const string ScopeHeader = "X-Scopes";
+
+    public void EnsureScope(HttpContext context, string requiredScope)
+    {
+        if (!context.Request.Headers.TryGetValue(ScopeHeader, out var values))
+        {
+            throw new UnauthorizedAccessException($"Missing required header '{ScopeHeader}'.");
+        }
+
+        var scopeBuffer = string.Join(' ', values.ToArray());
+        if (string.IsNullOrWhiteSpace(scopeBuffer))
+        {
+            throw new UnauthorizedAccessException($"Header '{ScopeHeader}' cannot be empty.");
+        }
+
+        var scopes = scopeBuffer
+            .Split(' ', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries)
+            .ToHashSet(StringComparer.OrdinalIgnoreCase);
+
+        if (!scopes.Contains(requiredScope))
+        {
+            throw new InvalidOperationException($"Missing required scope '{requiredScope}'.");
+        }
+    }
+}