From 329fb94a3a54f6297486aaed83723b4e553ac3fc Mon Sep 17 00:00:00 2001
From: Marek Lesko <marek@lesko.me>
Date: Tue, 29 Jul 2025 16:23:12 +0000
Subject: [PATCH] feat: update ProductController route and enhance
 authentication configuration

---
 Api/Controllers/ProductController.cs |  1 +
 Api/Program.cs                       | 40 ++++++++++++++--------------
 Api/appsettings.json                 |  2 +-
 Web/src/app/login/login.ts           |  7 ++---
 4 files changed, 26 insertions(+), 24 deletions(-)

diff --git a/Api/Controllers/ProductController.cs b/Api/Controllers/ProductController.cs
index b49942f..4548fb3 100644
--- a/Api/Controllers/ProductController.cs
+++ b/Api/Controllers/ProductController.cs
@@ -19,6 +19,7 @@ namespace Api.Controllers
 
         // GET: api/Product
         [HttpGet]
+        [Route("api/product")]
         public async Task<ActionResult<IEnumerable<Product>>> GetProducts([FromQuery] int? id = null)
         {
             if (id.HasValue)
diff --git a/Api/Program.cs b/Api/Program.cs
index 0670cae..0e315e5 100644
--- a/Api/Program.cs
+++ b/Api/Program.cs
@@ -22,17 +22,17 @@ namespace Api
             })
             .AddJwtBearer(options =>
             {
-                options.Events = new JwtBearerEvents
-                {
-                    OnTokenValidated = context => Task.CompletedTask,
-                    OnChallenge = context => Task.CompletedTask
-                };
+                // options.Events = new JwtBearerEvents
+                // {
+                //     OnTokenValidated = context => Task.CompletedTask,
+                //     OnChallenge = context => Task.CompletedTask
+                // };
 
-                options.Authority = builder.Configuration.GetConnectionString("Authentication:PocketId:Authority");
+                options.Authority = builder.Configuration["Authentication:PocketId:Authority"];
                 options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters()
                 {
-                    // ValidAudiences = builder.Configuration.GetSection("Authentication:PocketId:Audiences").Get<string[]>(),
-                    ValidIssuers = builder.Configuration.GetSection("Authentication:PocketId:Authority").Get<string[]>()
+                    ValidAudiences = builder.Configuration["Authentication:PocketId:ClientId"].Split(';').Select(i => i.Trim()).ToArray(),
+                    ValidIssuers = builder.Configuration["Authentication:PocketId:Authority"].Split(';').Select(i => i.Trim()).ToArray()
                 };
             });
 
@@ -65,19 +65,19 @@ namespace Api
             app.UseSwagger();
             app.UseSwaggerUI();
 
-            app.Use(async (context, next) =>
-            {
-                if (context.Request.Method == HttpMethods.Options)
-                {
-                    context.Response.Headers.Add("Access-Control-Allow-Origin", "*");
-                    context.Response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
-                    context.Response.Headers.Add("Access-Control-Allow-Headers", "Content-Type");
-                    context.Response.StatusCode = StatusCodes.Status204NoContent;
-                    return;
-                }
+            // app.Use(async (context, next) =>
+            // {
+            //     if (context.Request.Method == HttpMethods.Options)
+            //     {
+            //         context.Response.Headers.Add("Access-Control-Allow-Origin", "*");
+            //         context.Response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
+            //         context.Response.Headers.Add("Access-Control-Allow-Headers", "Content-Type");
+            //         context.Response.StatusCode = StatusCodes.Status204NoContent;
+            //         return;
+            //     }
 
-                await next();
-            });
+            //     await next();
+            // });
             if (!app.Environment.IsDevelopment())
             {
                 app.UseHttpsRedirection();
diff --git a/Api/appsettings.json b/Api/appsettings.json
index ae27eab..9925c2d 100644
--- a/Api/appsettings.json
+++ b/Api/appsettings.json
@@ -14,5 +14,5 @@
       "Microsoft.AspNetCore": "Warning"
     }
   },
-  "AllowedHosts": "http://localhost:4200"
+  "AllowedHosts": "*"
 }
\ No newline at end of file
diff --git a/Web/src/app/login/login.ts b/Web/src/app/login/login.ts
index 23d3d29..7d4cc07 100644
--- a/Web/src/app/login/login.ts
+++ b/Web/src/app/login/login.ts
@@ -1,4 +1,4 @@
-import { HttpClient } from '@angular/common/http';
+import { HttpClient, HttpHeaders } from '@angular/common/http';
 import { Component, OnInit } from '@angular/core';
 import { OAuthService } from 'angular-oauth2-oidc';
 
@@ -13,8 +13,9 @@ export class Login implements OnInit {
 
   }
   ngOnInit(): void {
-    this.httpClient.get('http://localhost:5000/api/product'
-      // { headers: { Authorization: `Bearer ${this.as.getAccessToken()}` } }
+    this.httpClient.get('http://localhost:5000/swagger/v1/swagger.json', {
+      headers: new HttpHeaders({ Authorization: `Bearer ${this.as.getAccessToken()}` }).append('Content-Type', 'application/json')
+    }
     ).subscribe(console.warn);
   }
 }