Ingress and security

deploy/k8s/helm/apigwms/envoy.yaml

@@ -37,6 +37,19 @@ static_resources:
                           route:
                             auto_host_rewrite: true
                             cluster: catalog
+                        - name: "cp-short"
+                          match:
+                            prefix: "/cp/"
+                          route:
+                            auto_host_rewrite: true
+                            prefix_rewrite: "/coupon-api/"
+                            cluster: coupon
+                        - name: "cp-long"
+                          match:
+                            prefix: "/coupon-api/"
+                          route:
+                            auto_host_rewrite: true
+                            cluster: coupon
                         - name: "o-short"
                           match:
                             prefix: "/o/"
@@ -106,6 +119,19 @@ static_resources:
                     socket_address:
                       address: catalog-api
                       port_value: 80
+    - name: coupon
+      connect_timeout: 0.25s
+      type: strict_dns
+      lb_policy: round_robin
+      load_assignment:
+        cluster_name: coupon
+        endpoints:
+          - lb_endpoints:
+              - endpoint:
+                  address:
+                    socket_address:
+                      address: coupon-api
+                      port_value: 80
     - name: basket
       connect_timeout: 0.25s
       type: strict_dns

deploy/k8s/helm/apigwws/envoy.yaml

@@ -37,6 +37,19 @@ static_resources:
                           route:
                             auto_host_rewrite: true
                             cluster: catalog
+                        - name: "cp-short"
+                          match:
+                            prefix: "/cp/"
+                          route:
+                            auto_host_rewrite: true
+                            prefix_rewrite: "/coupon-api/"
+                            cluster: coupon
+                        - name: "cp-long"
+                          match:
+                            prefix: "/coupon-api/"
+                          route:
+                            auto_host_rewrite: true
+                            cluster: coupon
                         - name: "o-short"
                           match:
                             prefix: "/o/"
@@ -109,6 +122,19 @@ static_resources:
                     socket_address:
                       address: catalog-api
                       port_value: 80
+    - name: coupon
+      connect_timeout: 0.25s
+      type: strict_dns
+      lb_policy: round_robin
+      load_assignment:
+        cluster_name: coupon
+        endpoints:
+          - lb_endpoints:
+              - endpoint:
+                  address:
+                    socket_address:
+                      address: coupon-api
+                      port_value: 80
     - name: basket
       connect_timeout: 0.25s
       type: strict_dns

src/Services/Identity/Identity.API/Configuration/Config.cs

@@ -15,6 +15,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration
                 new ApiResource("webshoppingagg", "Web Shopping Aggregator"),
                 new ApiResource("orders.signalrhub", "Ordering Signalr Hub"),
                 new ApiResource("webhooks", "Webhooks registration Service"),
+                new ApiResource("coupon", "Coupon Service"),
             };
         }
 
@@ -53,7 +54,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration
                         "basket",
                         "webshoppingagg",
                         "orders.signalrhub",
-                        "webhooks"
+                        "webhooks",
+                        "coupon"
                     },
                 },
                 new Client
@@ -79,7 +81,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration
                         "orders",
                         "basket",
                         "mobileshoppingagg",
-                        "webhooks"
+                        "webhooks",
+                        "coupon"
                     },
                     //Allow requesting refresh tokens for long lived API access
                     AllowOfflineAccess = true,
@@ -117,7 +120,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration
                         "basket",
                         "webshoppingagg",
                         "orders.signalrhub",
-                        "webhooks"
+                        "webhooks",
+                        "coupon"
                     },
                     AccessTokenLifetime = 60*60*2, // 2 hours
                     IdentityTokenLifetime= 60*60*2 // 2 hours
@@ -183,7 +187,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration
                         "orders",
                         "basket",
                         "webshoppingagg",
-                        "webhooks"
+                        "webhooks",
+                        "coupon"
                     },
                 },
                 new Client

src/Web/WebSPA/Client/src/modules/shared/services/security.service.ts

@@ -82,7 +82,7 @@ export class SecurityService {
         let client_id = 'js';
         let redirect_uri = location.origin + '/';
         let response_type = 'id_token token';
-        let scope = 'openid profile orders basket webshoppingagg orders.signalrhub';
+        let scope = 'openid profile orders basket webshoppingagg orders.signalrhub coupon';
         let nonce = 'N' + Math.random() + '' + Date.now();
         let state = Date.now() + '' + Math.random();