feat: integrate angular-oauth2-oidc for authentication

- Added angular-oauth2-oidc package to package.json.
- Configured OAuth client in app.config.ts with resource server settings.
- Implemented login component with basic HTTP request to fetch products.
- Set up routing for the login component.
- Updated app component to initialize OAuth service and handle login.
- Modified default app settings to open and collapse sidenav by default.
- Removed placeholder content from app.html to streamline the initial view.

Api/Program.cs

@@ -17,26 +17,35 @@ namespace Api
             // Add services to the container.
             builder.Services.AddAuthentication(options =>
             {
-                options.DefaultScheme = "Cookies";
-                options.DefaultChallengeScheme = "oidc";
+                options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
+                options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
             })
-            .AddCookie("Cookies")
-            .AddOpenIdConnect("oidc", options =>
+            .AddJwtBearer(options =>
             {
-                var pocketId = builder.Configuration.GetSection("Authentication:PocketId");
-                options.Authority = pocketId["Authority"];
-                options.ClientId = pocketId["ClientId"];
-                options.ClientSecret = pocketId["ClientSecret"];
-                options.CallbackPath = pocketId["CallbackPath"];
-                options.ResponseType = "code";
-                options.SaveTokens = true;
-                options.Scope.Clear();
-                var scopes = pocketId["Scopes"] ?? "openid";
-                foreach (var scope in scopes.Split(' '))
+                options.Events = new JwtBearerEvents
                 {
-                    options.Scope.Add(scope);
-                }
+                    OnTokenValidated = context => Task.CompletedTask,
+                    OnChallenge = context => Task.CompletedTask
+                };
+
+                options.Authority = builder.Configuration.GetConnectionString("Authentication:PocketId:Authority");
+                options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters()
+                {
+                    // ValidAudiences = builder.Configuration.GetSection("Authentication:PocketId:Audiences").Get<string[]>(),
+                    ValidIssuers = builder.Configuration.GetSection("Authentication:PocketId:Authority").Get<string[]>()
+                };
             });
+
+            builder.Services.AddCors(options =>
+            {
+                options.AddPolicy("AllowAll", policy =>
+                {
+                    policy.AllowAnyOrigin()
+                        .AllowAnyHeader()
+                        .AllowAnyMethod();
+                });
+            });
+
             builder.Services.AddControllers();
             // Add DbContext with SQL Server
             // Allow connection string to be set via environment variable (e.g., in Docker)
@@ -56,39 +65,25 @@ namespace Api
             app.UseSwagger();
             app.UseSwaggerUI();
 
+            app.Use(async (context, next) =>
+            {
+                if (context.Request.Method == HttpMethods.Options)
+                {
+                    context.Response.Headers.Add("Access-Control-Allow-Origin", "*");
+                    context.Response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
+                    context.Response.Headers.Add("Access-Control-Allow-Headers", "Content-Type");
+                    context.Response.StatusCode = StatusCodes.Status204NoContent;
+                    return;
+                }
+
+                await next();
+            });
             if (!app.Environment.IsDevelopment())
             {
                 app.UseHttpsRedirection();
             }
 
-            if (app.Environment.IsDevelopment())
-            {
-                var staticFilePath = "/workspaces/centrum/Web/dist/Web/browser";
-                app.UseDefaultFiles(new DefaultFilesOptions
-                {
-                    FileProvider = new Microsoft.Extensions.FileProviders.PhysicalFileProvider(staticFilePath),
-                    DefaultFileNames = new List<string> { "index.html" }
-                });
-                app.UseStaticFiles(new StaticFileOptions
-                {
-                    FileProvider = new Microsoft.Extensions.FileProviders.PhysicalFileProvider(staticFilePath),
-                    RequestPath = ""
-                });
-                // Angular routing fallback
-                app.Use(async (context, next) =>
-                {
-                    await next();
-                    var path = context.Request.Path.Value ?? string.Empty;
-                    if (context.Response.StatusCode == 404 &&
-                        !System.IO.Path.HasExtension(path) &&
-                        !path.StartsWith("/api"))
-                    {
-                        context.Request.Path = "/index.html";
-                        await next();
-                    }
-                });
-            }
-            else
+            if (!app.Environment.IsDevelopment())
             {
                 app.UseDefaultFiles(); // Uses wwwroot by default
                 app.UseStaticFiles();
@@ -106,6 +101,8 @@ namespace Api
                     }
                 });
             }
+            
+            app.UseCors("AllowAll");
             app.UseAuthentication();
             app.UseAuthorization();
 

Api/appsettings.Development.json

@@ -1,8 +1,8 @@
 {
   "Logging": {
     "LogLevel": {
-      "Default": "Information",
-      "Microsoft.AspNetCore": "Warning"
+      "Default": "Trace",
+      "Microsoft.AspNetCore": "Trace"
     }
   },
   "ConnectionStrings": {

Api/appsettings.json

@@ -14,5 +14,5 @@
       "Microsoft.AspNetCore": "Warning"
     }
   },
-  "AllowedHosts": "*"
+  "AllowedHosts": "http://localhost:4200"
 }