From 9d01a264f0ab0b53f667010a194635cbfe68fcc4 Mon Sep 17 00:00:00 2001
From: David Fowler <davidfowl@gmail.com>
Date: Tue, 2 May 2023 11:11:13 -0700
Subject: [PATCH] More schema

---
 src/Services/Basket/Basket.API/Program.cs     |  6 -----
 .../Basket/Basket.API/appsettings.json        |  5 +++++
 .../Services.Common/CommonExtensions.cs       | 22 ++++++++++++++++---
 3 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/src/Services/Basket/Basket.API/Program.cs b/src/Services/Basket/Basket.API/Program.cs
index be35fd3fc..3a8091fff 100644
--- a/src/Services/Basket/Basket.API/Program.cs
+++ b/src/Services/Basket/Basket.API/Program.cs
@@ -15,12 +15,6 @@ builder.Services.AddControllers(options =>
     options.Filters.Add(typeof(ValidateModelStateFilter));
 });
 
-builder.WebHost.UseFailing(options =>
-{
-    options.ConfigPath = "/Failing";
-    options.NotFilteredPaths.AddRange(new[] { "/hc", "/liveness" });
-});
-
 builder.Services.AddRedis(builder.Configuration);
 
 builder.Services.AddTransient<ProductPriceChangedIntegrationEventHandler>();
diff --git a/src/Services/Basket/Basket.API/appsettings.json b/src/Services/Basket/Basket.API/appsettings.json
index 66c41a889..738586f04 100644
--- a/src/Services/Basket/Basket.API/appsettings.json
+++ b/src/Services/Basket/Basket.API/appsettings.json
@@ -19,6 +19,11 @@
   "ConnectionStrings": {
     "Redis": "127.0.0.1"
   },
+  "Identity": {
+    "Url": "",
+    "Auidence": "basket",
+    "Scope": "basket"
+  },
   "EventBus": {
     "SubscriptionClientName": "Basket",
     "ConnectionString": "your-event-bus-connection-string",
diff --git a/src/Services/Services.Common/CommonExtensions.cs b/src/Services/Services.Common/CommonExtensions.cs
index 770d2b41f..7048af39f 100644
--- a/src/Services/Services.Common/CommonExtensions.cs
+++ b/src/Services/Services.Common/CommonExtensions.cs
@@ -150,13 +150,29 @@ public static class CommonExtensions
 
     public static IServiceCollection AddDefaultAuthentication(this IServiceCollection services, IConfiguration configuration)
     {
+        // {
+        //   "Identity": {
+        //     "Url": "http://identity",
+        //     "Audience": "basket",
+        //     "Scope": "basket"
+        //    }
+        // }
+
+        var identitySection = configuration.GetSection("Identity");
+
+        if (identitySection is null)
+        {
+            // No identity section, so no authentication
+            return services;
+        }
+
         // prevent from mapping "sub" claim to nameidentifier.
         JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Remove("sub");
 
         services.AddAuthentication().AddJwtBearer(options =>
         {
-            var identityUrl = configuration.GetRequiredValue("IdentityUrl");
-            var audience = configuration.GetRequiredValue("Audience");
+            var identityUrl = identitySection.GetRequiredValue("Url");
+            var audience = identitySection.GetRequiredValue("Audience");
 
             options.Authority = identityUrl;
             options.RequireHttpsMetadata = false;
@@ -166,7 +182,7 @@ public static class CommonExtensions
 
         services.AddAuthorization(options =>
         {
-            var scope = configuration.GetRequiredValue("Scope");
+            var scope = identitySection.GetRequiredValue("Scope");
 
             options.AddPolicy("ApiScope", policy =>
             {