using System; using System.Collections.Generic; using System.Linq; using static StellaOps.Localization.T; namespace StellaOps.Configuration; public sealed class AuthorityDelegationOptions { private readonly IList _serviceAccounts = new List(); private readonly Dictionary _tenantOverrides = new(StringComparer.OrdinalIgnoreCase); public AuthorityDelegationQuotaOptions Quotas { get; } = new(); public IList ServiceAccounts => (IList)_serviceAccounts; internal void NormalizeAndValidate(IList tenants) { Quotas.Validate(nameof(Quotas)); var tenantIds = tenants is { Count: > 0 } ? tenants .Where(static tenant => !string.IsNullOrWhiteSpace(tenant.Id)) .Select(static tenant => tenant.Id.Trim()) .ToHashSet(StringComparer.OrdinalIgnoreCase) : new HashSet(StringComparer.OrdinalIgnoreCase); var seenAccounts = new HashSet(StringComparer.OrdinalIgnoreCase); _tenantOverrides.Clear(); foreach (var tenant in tenants) { if (string.IsNullOrWhiteSpace(tenant.Id)) { continue; } var normalizedTenant = tenant.Id.Trim().ToLowerInvariant(); _tenantOverrides[normalizedTenant] = tenant.Delegation; } foreach (var account in _serviceAccounts) { account.Normalize(); account.Validate(tenantIds); if (!seenAccounts.Add(account.AccountId)) { throw new InvalidOperationException(_t("config.delegation.duplicate_account", account.AccountId)); } } } public int ResolveMaxActiveTokens(string? tenantId) { if (string.IsNullOrWhiteSpace(tenantId)) { return Quotas.MaxActiveTokens; } var normalized = tenantId.Trim().ToLowerInvariant(); if (_tenantOverrides.TryGetValue(normalized, out var options)) { return options.ResolveMaxActiveTokens(this); } return Quotas.MaxActiveTokens; } }