using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.Identity.Abstractions; using Microsoft.Identity.Web; using Microsoft.Identity.Web.Resource; namespace Api { using Microsoft.EntityFrameworkCore; using Api.Models; public static class Program { public static void Main(string[] args) { var builder = WebApplication.CreateBuilder(args); // Add services to the container. builder.Services.AddAuthentication(options => { options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.Events = new JwtBearerEvents { OnTokenValidated = context => Task.CompletedTask, OnChallenge = context => Task.CompletedTask }; options.Authority = builder.Configuration.GetConnectionString("Authentication:PocketId:Authority"); options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters() { // ValidAudiences = builder.Configuration.GetSection("Authentication:PocketId:Audiences").Get(), ValidIssuers = builder.Configuration.GetSection("Authentication:PocketId:Authority").Get() }; }); builder.Services.AddCors(options => { options.AddPolicy("AllowAll", policy => { policy.AllowAnyOrigin() .AllowAnyHeader() .AllowAnyMethod(); }); }); builder.Services.AddControllers(); // Add DbContext with SQL Server // Allow connection string to be set via environment variable (e.g., in Docker) var envConnectionString = Environment.GetEnvironmentVariable("DB_CONNECTION_STRING"); var connectionString = !string.IsNullOrWhiteSpace(envConnectionString) ? envConnectionString : builder.Configuration.GetConnectionString("DefaultConnection"); builder.Services.AddDbContext(options => options.UseSqlServer(connectionString)); // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle builder.Services.AddEndpointsApiExplorer(); builder.Services.AddSwaggerGen(); var app = builder.Build(); // Configure the HTTP request pipeline. app.UseSwagger(); app.UseSwaggerUI(); app.Use(async (context, next) => { if (context.Request.Method == HttpMethods.Options) { context.Response.Headers.Add("Access-Control-Allow-Origin", "*"); context.Response.Headers.Add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS"); context.Response.Headers.Add("Access-Control-Allow-Headers", "Content-Type"); context.Response.StatusCode = StatusCodes.Status204NoContent; return; } await next(); }); if (!app.Environment.IsDevelopment()) { app.UseHttpsRedirection(); } if (!app.Environment.IsDevelopment()) { app.UseDefaultFiles(); // Uses wwwroot by default app.UseStaticFiles(); // Angular routing fallback for production app.Use(async (context, next) => { await next(); var path = context.Request.Path.Value ?? string.Empty; if (context.Response.StatusCode == 404 && !System.IO.Path.HasExtension(path) && !path.StartsWith("/api")) { context.Request.Path = "/index.html"; await next(); } }); } app.UseCors("AllowAll"); app.UseAuthentication(); app.UseAuthorization(); app.MapControllers(); app.Run(); } } }