Merge pull request 'Completed token service' (#99 ) from payments into master

Reviewed-on: #99
Completed token service
2026-06-12 20:58:57 +02:00 · 2026-06-12 20:48:12 +02:00 · 2026-06-12 16:16:05 +02:00 · 2026-06-12 16:15:44 +02:00 · 2026-06-12 16:12:10 +02:00 · 2026-06-12 16:09:51 +02:00
58 changed files with 1019 additions and 295 deletions
@@ -362,3 +362,5 @@ MigrationBackup/
 # Fody - auto-generated XML schema
 FodyWeavers.xsd
 /LiteCharms.Features.Tests/http/http-client.env.json
+/LiteCharms.Features.Tests/http/midrandshop-api/http-client.env.json
+/LiteCharms.Features.Tests/http/authentik/http-client.env.json
@@ -11,12 +11,12 @@
  <!-- Quartz Scheduler-->
  <ItemGroup>
    <PackageReference Include="Bogus" Version="35.6.5" />
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.98">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.102">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
    <PackageReference Include="Microsoft.FeatureManagement.AspNetCore" Version="4.5.0" />
-    <PackageReference Include="OpenTelemetry" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry" Version="1.16.0" />
    <PackageReference Include="Quartz" Version="3.18.1" />
    <PackageReference Include="Quartz.Plugins" Version="3.18.1" />
    <PackageReference Include="Quartz.Plugins.TimeZoneConverter" Version="3.18.1" />
@@ -30,11 +30,11 @@

  <!-- Configuration -->
  <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.Configuration" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="10.0.8" />
+    <PackageReference Include="Microsoft.Extensions.Configuration" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="10.0.9" />

    <!-- Global Usings -->
    <Using Include="Microsoft.Extensions.Configuration" />
@@ -47,9 +47,9 @@
    <PackageReference Include="AspNetCore.HealthChecks.UI.Core" Version="9.0.0" />
    <PackageReference Include="AspNetCore.HealthChecks.UI.Data" Version="9.0.0" />
    <PackageReference Include="AspNetCore.HealthChecks.UI.InMemory.Storage" Version="9.0.0" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="10.0.8" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="10.0.9" />

    <!-- Global Usings -->
    <Using Include="Microsoft.Extensions.Diagnostics.HealthChecks" />
@@ -58,12 +58,12 @@

  <!-- Open Telemetry -->
  <ItemGroup>
-    <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.15.3" />
-    <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.16.0" />
+    <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.16.0" />
    <PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.15.2" />
    <PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.15.1" />
    <PackageReference Include="OpenTelemetry.Instrumentation.Runtime" Version="1.15.1" />
-    <PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.16.0" />

    <!-- Global Usings -->
    <Using Include="OpenTelemetry.Resources" />
@@ -75,13 +75,13 @@

  <!-- Database -->
  <ItemGroup>
-    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.8" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.8">
+    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.9" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.9">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.8" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="10.0.8">
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.9" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="10.0.9">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
@@ -116,8 +116,8 @@

  <!-- Amazon S3 SDK -->
  <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.6" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.3" />
    <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />

    <!-- global Usings -->
@@ -14,7 +14,7 @@ builder.Services.AddScopedFeatureManagement();

 builder.Services
    .AddLogging()
-    .AddShopServices()    
+    .AddShopServices()
    .AddHostedService<ProductsSeederService>()
    .AddHostedService<CategorySeederService>()
    .AddHostedService<CustomerSeederService>()
@@ -1,6 +1,6 @@
 {
  "FeatureManagement": {
-    "CategorySeederService": true,
+    "CategorySeederService": false,
    "CustomerSeederService": false,
    "ProductsSeederService": false
  },
@@ -1,7 +1,7 @@
 using LiteCharms.Features.MidrandBooks.Authors;
 using LiteCharms.Features.MidrandBooks.Authors.Models;
-using LiteCharms.Features.MidrandBooks.Tests.Common;
 using LiteCharms.Features.Models;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.MidrandBooks.Tests;

@@ -1,5 +1,5 @@
 using LiteCharms.Features.MidrandBooks.AuthorBooks;
-using LiteCharms.Features.MidrandBooks.Tests.Common;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.MidrandBooks.Tests;

@@ -1,5 +1,5 @@
 using LiteCharms.Features.MidrandBooks.Categories;
-using LiteCharms.Features.MidrandBooks.Tests.Common;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.MidrandBooks.Tests;

@@ -1,6 +1,6 @@
 using LiteCharms.Features.MidrandBooks.Customers;
 using LiteCharms.Features.MidrandBooks.Customers.Models;
-using LiteCharms.Features.MidrandBooks.Tests.Common;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.MidrandBooks.Tests;

@@ -35,6 +35,7 @@

  <ItemGroup>
    <ProjectReference Include="..\LiteCharms.Features.MidrandBooks\LiteCharms.Features.MidrandBooks.csproj" />
+    <ProjectReference Include="..\LiteCharms.Features.Tests.Common\LiteCharms.Features.Tests.Common.csproj" />
    <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
  </ItemGroup>

@@ -45,10 +46,4 @@
    <Using Include="Xunit" />
  </ItemGroup>

-  <ItemGroup>
-    <None Update="appsettings.json">
-      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
-    </None>
-  </ItemGroup>
-
 </Project>
@@ -1,7 +1,7 @@
 using LiteCharms.Features.MidrandBooks.Orders;
 using LiteCharms.Features.MidrandBooks.Orders.Models;
-using LiteCharms.Features.MidrandBooks.Tests.Common;
 using LiteCharms.Features.Models;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.MidrandBooks.Tests;

@@ -1,5 +1,5 @@
 using LiteCharms.Features.MidrandBooks.Pages;
-using LiteCharms.Features.MidrandBooks.Tests.Common;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.MidrandBooks.Tests;

@@ -1,6 +1,6 @@
 using LiteCharms.Features.MidrandBooks.Payments;
 using LiteCharms.Features.MidrandBooks.Payments.Models;
-using LiteCharms.Features.MidrandBooks.Tests.Common;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.MidrandBooks.Tests;

@@ -1,6 +1,6 @@
 using LiteCharms.Features.MidrandBooks.Payments;
 using LiteCharms.Features.MidrandBooks.Payments.Models;
-using LiteCharms.Features.MidrandBooks.Tests.Common;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.MidrandBooks.Tests;

@@ -1,7 +1,7 @@
 using LiteCharms.Features.MidrandBooks.Products;
 using LiteCharms.Features.MidrandBooks.Products.Models;
-using LiteCharms.Features.MidrandBooks.Tests.Common;
 using LiteCharms.Features.Models;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.MidrandBooks.Tests;

@@ -0,0 +1,3 @@
+namespace LiteCharms.Features.MidrandBooks.Abstractions;
+
+public interface IMidrandBooks;
@@ -1,4 +1,5 @@
 using LiteCharms.Features.Abstractions;
+using LiteCharms.Features.MidrandBooks.Abstractions;

 namespace LiteCharms.Features.MidrandBooks.Extensions;

@@ -8,11 +9,15 @@ public static class Shop
    {
        var serviceType = typeof(IService);

-        var implementations = Assembly.GetExecutingAssembly().GetTypes()
+        var sharedImplementations = typeof(IFeatures).Assembly.GetTypes()
            .Where(t => serviceType.IsAssignableFrom(t) && t.IsClass && !t.IsAbstract);

-        foreach (var implementation in implementations) 
-            services.AddScoped(implementation);
+        foreach (var sharedImplementation in sharedImplementations) services.AddScoped(sharedImplementation);
+
+        var coreImplementations = typeof(IMidrandBooks).Assembly.GetTypes()
+            .Where(t => serviceType.IsAssignableFrom(t) && t.IsClass && !t.IsAbstract);
+
+        foreach (var coreImplementation in coreImplementations) services.AddScoped(coreImplementation);

        return services;
    }
@@ -32,11 +32,11 @@
  <!-- Quartz Scheduler-->
  <ItemGroup>
    <PackageReference Include="Humanizer" Version="3.0.10" />
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.98">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.102">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
-    <PackageReference Include="OpenTelemetry" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry" Version="1.16.0" />
    <PackageReference Include="Quartz" Version="3.18.1" />
    <PackageReference Include="Quartz.Plugins" Version="3.18.1" />
    <PackageReference Include="Quartz.Plugins.TimeZoneConverter" Version="3.18.1" />
@@ -50,11 +50,11 @@

  <!-- Configuration -->
  <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.Configuration" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="10.0.8" />
+    <PackageReference Include="Microsoft.Extensions.Configuration" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="10.0.9" />

    <!-- Global Usings -->
    <Using Include="Microsoft.Extensions.Configuration" />
@@ -67,9 +67,9 @@
    <PackageReference Include="AspNetCore.HealthChecks.UI.Core" Version="9.0.0" />
    <PackageReference Include="AspNetCore.HealthChecks.UI.Data" Version="9.0.0" />
    <PackageReference Include="AspNetCore.HealthChecks.UI.InMemory.Storage" Version="9.0.0" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="10.0.8" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="10.0.9" />

    <!-- Global Usings -->
    <Using Include="Microsoft.Extensions.Diagnostics.HealthChecks" />
@@ -78,12 +78,12 @@

  <!-- Open Telemetry -->
  <ItemGroup>
-    <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.15.3" />
-    <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.16.0" />
+    <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.16.0" />
    <PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.15.2" />
    <PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.15.1" />
    <PackageReference Include="OpenTelemetry.Instrumentation.Runtime" Version="1.15.1" />
-    <PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.16.0" />

    <!-- Global Usings -->
    <Using Include="OpenTelemetry.Resources" />
@@ -95,13 +95,13 @@

  <!-- Database -->
  <ItemGroup>
-    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.8" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.8">
+    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.9" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.9">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.8" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="10.0.8">
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.9" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="10.0.9">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
@@ -136,8 +136,8 @@

  <!-- Amazon S3 SDK -->
  <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.6" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.3" />
    <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />

    <!-- global Usings -->
@@ -0,0 +1,154 @@
+using LiteCharms.Features.Abstractions;
+using LiteCharms.Features.Browser;
+using LiteCharms.Features.Hasher;
+using LiteCharms.Features.MidrandBooks.Authors.Models;
+using LiteCharms.Features.MidrandBooks.Payments.Models;
+using LiteCharms.Features.MidrandBooks.Products.Models;
+
+namespace LiteCharms.Features.MidrandBooks.Payments;
+
+public sealed class CartService(LocalStorageService localStorage) : IService
+{
+    private readonly string CartStorageKey = HashService.ToMd5Hash(nameof(Cart)).Value;
+
+    public Cart ShoppingCart { get; private set; } = new();
+
+    public event Action? OnCartChanged;
+
+    public static Func<Cart, long, int> GetCartItemQuantity = (shoppingCart, productPriceId) =>
+        shoppingCart.Items.FirstOrDefault(p => p.Price!.Id == productPriceId)?.Quantity ?? 1;
+
+    public Cart GetCart() => ShoppingCart;
+
+    public void NotifyStateChanged() => OnCartChanged?.Invoke();
+
+    public async Task LoadCartFromStorageAsync()
+    {
+        var loadResult = await localStorage.GetAsync<Cart>(CartStorageKey);
+
+        if (loadResult.IsFailed) await localStorage.SaveAsync(CartStorageKey, ShoppingCart);
+
+        if (loadResult.IsSuccess) ShoppingCart = loadResult.Value;
+
+        NotifyStateChanged();
+    }
+
+    public async Task SaveCartToStorageAsync() => await localStorage.SaveAsync(CartStorageKey, ShoppingCart);
+
+    public void AddItem(ProductPrice productPrice, Product product, Author author)
+    {
+        var itemExists = false;
+
+        for (var i = 0; i < ShoppingCart.Items.Count; i++)
+        {
+            if (ShoppingCart.Items[i].Price!.Id == productPrice.Id)
+            {
+                ShoppingCart.Items[i].Quantity++;
+                ShoppingCart.Items[i].Amount += productPrice.Amount;
+
+                itemExists = true;
+
+                break;
+            }
+        }
+
+        if (!itemExists)
+            ShoppingCart.Items.Add(new CartItem
+            {
+                Product = product,
+                Author = author,
+                Price = productPrice,
+                Amount = productPrice.Amount,
+                Quantity = 1,
+            });
+
+        CalculateTotalPrice();
+        NotifyStateChanged();
+    }
+
+    public void UpdateQuantity(long productPriceId, int delta)
+    {
+        for (var i = 0; i < ShoppingCart.Items.Count; i++)
+        {
+            if (ShoppingCart.Items[i].Price!.Id == productPriceId)
+            {
+                var oldQuantity = ShoppingCart.Items[i].Quantity;
+                var pricePerUnit = ShoppingCart.Items[i].Price!.Amount;
+
+                ShoppingCart.Items[i].Quantity += delta;
+                ShoppingCart.Items[i].Amount = pricePerUnit * ShoppingCart.Items[i].Quantity;
+                break;
+            }
+        }
+
+        CalculateTotalPrice();
+        NotifyStateChanged();
+    }
+
+    public void RemoveOneItem(long productPriceId)
+    {
+        for (var i = 0; i < ShoppingCart.Items.Count; i++)
+        {
+            if (ShoppingCart.Items[i].Price!.Id == productPriceId)
+            {
+                if (ShoppingCart.Items[i].Quantity <= 1)
+                {
+                    ShoppingCart.Items.Remove(ShoppingCart.Items[i]);
+
+                    break;
+                }
+                else
+                {
+                    ShoppingCart.Items[i].Quantity--;
+                    ShoppingCart.Items[i].Amount -= ShoppingCart.Items[i].Price!.Amount;
+                }
+
+                break;
+            }
+        }
+
+        CalculateTotalPrice();
+        NotifyStateChanged();
+    }
+
+    public void RemoveAllSameItem(long productPriceId)
+    {
+        if (ShoppingCart.Items.Count == 0) return;
+
+        var item = ShoppingCart.Items.FirstOrDefault(i => i.Price?.Id == productPriceId);
+
+        if (item is not null) ShoppingCart.Items.Remove(item);
+
+        CalculateTotalPrice();
+        NotifyStateChanged();
+    }
+
+    public void Clear()
+    {
+        if(ShoppingCart.CustomerId is not null || ShoppingCart.OrderId is not null)
+        {
+            ShoppingCart.TotalAmount = 0;
+            ShoppingCart.TotalVat = 0;
+            ShoppingCart.Items.Clear();
+
+            return;
+        }
+
+        ShoppingCart = new Cart();
+
+        NotifyStateChanged();
+    }
+
+    public decimal CalculateTotalPrice()
+    {
+        if (ShoppingCart.Items.Count == 0) return 0;
+
+        var gross = ShoppingCart.Items.Sum(i => i.Amount);
+
+        if (!ShoppingCart.IsVatInclusive) ShoppingCart.TotalVat = gross * ShoppingCart.VatRate;
+
+        ShoppingCart.TotalAmount = gross + ShoppingCart.TotalVat;
+
+        return ShoppingCart.TotalAmount;
+    }
+}
@@ -1,17 +1,22 @@
-using LiteCharms.Features.Hasher;
-using LiteCharms.Features.Hasher.Configuration;
+using LiteCharms.Features.Api.Configuration;
+using LiteCharms.Features.Hasher;
+using LiteCharms.Features.Mediator;
 using LiteCharms.Features.MidrandBooks.Orders;
 using LiteCharms.Features.MidrandBooks.Payments.Models;

 namespace LiteCharms.Features.MidrandBooks.Payments.Events.Handlers;

-public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvider services, IOptions<HasherSettings> hasherOptions, ILogger<PayfastPaymentConfirmationReceivedEvent> logger) : 
+public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvider services, 
+    IOptions<PayfastSettings> payfastOptions, ILogger<PayfastPaymentConfirmationReceivedEvent> logger) :
    INotificationHandler<PayfastPaymentConfirmationReceivedEvent>
 {
-    private readonly HasherSettings hasherSettings = hasherOptions.Value;
+    private readonly PayfastSettings pasfastSettings = payfastOptions.Value;

    public async ValueTask Handle(PayfastPaymentConfirmationReceivedEvent notification, CancellationToken cancellationToken)
    {
+        using var activity = MediatorTelemetry.Source.StartActivity($"Quartz: {typeof(PayfastPaymentConfirmationReceivedEvent).Name}");
+        activity?.SetTag("event.correlation_id", notification.CorrelationId);
+
        await using var scope = services.CreateAsyncScope();
        var hashService = scope.ServiceProvider.GetRequiredService<HashService>();
        var orderService = scope.ServiceProvider.GetRequiredService<OrderService>();
@@ -21,9 +26,9 @@ public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvi
        var payload = notification.Payload ?? throw new Exception("Payload metadata context context is null.");

        var dict = payload.ToParamDictionary();
-        var localSignature = PayfastService.GenerateSignature(dict, hasherSettings.PayfastPassphrase);
+        var localSignature = PayfastService.GenerateSignature(dict, pasfastSettings.Passphrase);

-        if(localSignature.IsFailed)
+        if (localSignature.IsFailed)
            throw new Exception("Failed to generate local signature for incoming webhook payload.");

        if (!string.Equals(localSignature.Value, payload.Signature, StringComparison.OrdinalIgnoreCase))
@@ -63,7 +68,7 @@ public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvi
        {
            var isHostValid = await payfastService.ValidateReferrerIpAsync(notification.RemoteIpAddress!, notification.AllowLoopback, cancellationToken);

-            if (isHostValid.IsFailed) 
+            if (isHostValid.IsFailed)
                throw new Exception("Security validation exception: Webhook packet source address failed cluster validation checks.");

            if (!isHostValid.Value)
@@ -71,7 +76,7 @@ public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvi

            var isAmountValid = payfastService.ValidatePaymentAmount(orderResult.Value.Total, payload.AmountGross);

-            if (!isAmountValid.Value) 
+            if (!isAmountValid.Value)
                throw new Exception("Security validation exception: Transaction cost variance bounds breached.");

            var paramList = new List<string>();
@@ -91,8 +96,8 @@ public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvi

            var serverConfirmation = await payfastService.ValidateServerConfirmationAsync(rawParamString, isSandbox: true, cancellationToken);

-            if (serverConfirmation.IsFailed) 
-                throw new Exception("Security validation exception: Payfast central handshake server rejected payload legitimacy."); 
+            if (serverConfirmation.IsFailed)
+                throw new Exception("Security validation exception: Payfast central handshake server rejected payload legitimacy.");
        }

        await payfastService.WriteLedgerEntryAsync(new CreateGatewayLedgerEntry
@@ -105,7 +110,7 @@ public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvi
            AmountFee = fee,
            AmountGross = gross,
            AmountNet = net,
-            PaymentStatus = status,            
+            PaymentStatus = status,
        }, cancellationToken);

        if (status.Equals("COMPLETE", StringComparison.OrdinalIgnoreCase))
@@ -154,5 +159,6 @@ public sealed class PayfastPaymentConfirmationReceivedEventHandler(IServiceProvi

            logger.LogInformation("Webhook validation pipeline passed checks successfully, logged entry to ledger with status: {Status}", status);
        }
+        activity?.SetStatus(ActivityStatusCode.Ok);
    }
 }
@@ -0,0 +1,18 @@
+namespace LiteCharms.Features.MidrandBooks.Payments.Models;
+
+public sealed class Cart
+{
+    public long? CustomerId { get; set; }
+
+    public long? OrderId { get; set; }
+
+    public decimal TotalAmount { get; set; }
+
+    public decimal TotalVat { get; set; }
+
+    public decimal VatRate { get; set; } = 0.15m;
+
+    public bool IsVatInclusive { get; set; } = true;
+
+    public IList<CartItem> Items { get; set; } = [];
+}
@@ -0,0 +1,17 @@
+using LiteCharms.Features.MidrandBooks.Authors.Models;
+using LiteCharms.Features.MidrandBooks.Products.Models;
+
+namespace LiteCharms.Features.MidrandBooks.Payments.Models;
+
+public sealed class CartItem
+{
+    public Author? Author { get; set; }
+
+    public Product? Product { get; set; }
+
+    public ProductPrice? Price { get; set; }
+
+    public int Quantity { get; set; }
+
+    public decimal Amount { get; set; }
+}
@@ -1,4 +1,5 @@
 using LiteCharms.Features.Abstractions;
+using LiteCharms.Features.Api.Configuration;
 using LiteCharms.Features.Hasher;
 using LiteCharms.Features.MidrandBooks.Payments.Models;
 using LiteCharms.Features.MidrandBooks.Postgres;
@@ -6,13 +7,11 @@ using LiteCharms.Features.MidrandBooks.Postgres;
 namespace LiteCharms.Features.MidrandBooks.Payments;

 public sealed partial class PayfastService(IDbContextFactory<MidrandBooksDbContext> contextFactory, 
-    ILogger<PayfastService> logger, IHttpClientFactory httpClientFactory, IConfiguration configuration) : IService
+    IOptions<PayfastSettings> payfastOptions, ILogger<PayfastService> logger, IHttpClientFactory httpClientFactory) : IService
 {
    [GeneratedRegex(@"%[0-9A-Fa-f]{2}", RegexOptions.None, matchTimeoutMilliseconds: 1000)]
    public static partial Regex PercentEncodingRegex { get; }

-    public readonly string[] ValidHosts = configuration.GetSection("ValidPayfastHosts").Get<string[]>() ?? [];
-
    public async ValueTask<Result<long>> WriteLedgerEntryAsync(CreateGatewayLedgerEntry request, CancellationToken cancellationToken = default)
    {
        try
@@ -51,6 +50,9 @@ public sealed partial class PayfastService(IDbContextFactory<MidrandBooksDbConte

    public async ValueTask<Result<bool>> ValidateReferrerIpAsync(string remoteIpAddress, bool allowLoopback = false, CancellationToken cancellationToken = default)
    {
+        if(payfastOptions.Value?.ValidHosts?.Length == 0)
+            return Result.Fail<bool>("Valid payfast hosts not configured.");
+
        if (string.IsNullOrWhiteSpace(remoteIpAddress)) 
            return Result.Fail<bool>("Remote IP address is null or whitespace.");

@@ -58,7 +60,7 @@ public sealed partial class PayfastService(IDbContextFactory<MidrandBooksDbConte
        {
            var validIps = new HashSet<IPAddress>();

-            foreach (var host in ValidHosts)
+            foreach (var host in payfastOptions.Value!.ValidHosts!)
            {
                try
                {
@@ -36,7 +36,7 @@

  <!-- Quartz Scheduler-->
  <ItemGroup>
-    <PackageReference Include="OpenTelemetry" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry" Version="1.16.0" />
    <PackageReference Include="Quartz" Version="3.18.1" />
    <PackageReference Include="Quartz.Plugins" Version="3.18.1" />
    <PackageReference Include="Quartz.Plugins.TimeZoneConverter" Version="3.18.1" />
@@ -50,11 +50,11 @@

  <!-- Configuration -->
  <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.Configuration" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="10.0.8" />
+    <PackageReference Include="Microsoft.Extensions.Configuration" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="10.0.9" />

    <!-- Global Usings -->
    <Using Include="Microsoft.Extensions.Configuration" />
@@ -67,9 +67,9 @@
    <PackageReference Include="AspNetCore.HealthChecks.UI.Core" Version="9.0.0" />
    <PackageReference Include="AspNetCore.HealthChecks.UI.Data" Version="9.0.0" />
    <PackageReference Include="AspNetCore.HealthChecks.UI.InMemory.Storage" Version="9.0.0" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="10.0.8" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="10.0.9" />

    <!-- Global Usings -->
    <Using Include="Microsoft.Extensions.Diagnostics.HealthChecks" />
@@ -78,12 +78,12 @@

  <!-- Open Telemetry -->
  <ItemGroup>
-    <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.15.3" />
-    <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.16.0" />
+    <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.16.0" />
    <PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.15.2" />
    <PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.15.1" />
    <PackageReference Include="OpenTelemetry.Instrumentation.Runtime" Version="1.15.1" />
-    <PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.16.0" />

    <!-- Global Usings -->
    <Using Include="OpenTelemetry.Resources" />
@@ -95,13 +95,13 @@

  <!-- Database -->
  <ItemGroup>
-    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.8" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.8">
+    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.9" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.9">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.8" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="10.0.8">
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.9" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="10.0.9">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
@@ -136,8 +136,8 @@

  <!-- Amazon S3 SDK -->
  <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.6" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.3" />
    <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />

    <!-- global Usings -->
@@ -1,7 +1,7 @@
 using LiteCharms.Features.Extensions;
 using LiteCharms.Features.MidrandBooks.Extensions;

-namespace LiteCharms.Features.MidrandBooks.Tests.Common;
+namespace LiteCharms.Features.Tests.Common;

 public class Fixture : IDisposable
 {
@@ -25,9 +25,8 @@ public class Fixture : IDisposable
            .Build();

        Services = new ServiceCollection()
-            .AddHttpClient()
-            .AddMediator()
            .AddLogging()
+            .AddMediator()
            .AddEmailServiceBus()
            .AddGarageS3(Configuration)
            .AddMidrandShopDatabase(Configuration)
@@ -35,7 +34,10 @@ public class Fixture : IDisposable
            .AddSingleton(Configuration)
            .AddShopServices()
            .AddHashServices(Configuration)
-            .BuildServiceProvider();
+            .AddLiteCharmsApiSecurity(Configuration)
+            .AddSecurityApiSdk(Configuration)
+            .AddPayfastServices(Configuration)
+            .BuildServiceProvider(); ;

        Mediator = Services.GetRequiredService<IMediator>();
    }
@@ -1,4 +1,4 @@
-namespace LiteCharms.Features.MidrandBooks.Tests.Common;
+namespace LiteCharms.Features.Tests.Common;

 public class IntegrationFactAttribute : FactAttribute
 {
@@ -0,0 +1,76 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net10.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <UserSecretsId>0521f45a-eba0-457f-bb5e-c3680f65d8b1</UserSecretsId>
+  </PropertyGroup>
+
+  <!-- xUnit -->
+  <ItemGroup>
+    <PackageReference Include="coverlet.collector" Version="10.0.1">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>    
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="18.6.0" />
+    <PackageReference Include="xunit" Version="2.9.3" />
+    <PackageReference Include="xunit.runner.visualstudio" Version="3.1.5">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+    
+    <Using Include="Xunit.Abstractions" />
+  </ItemGroup>
+
+  <!-- Mediator -->
+  <ItemGroup>
+    <PackageReference Include="Mediator.Abstractions" Version="3.0.2" />
+    <PackageReference Include="Mediator.SourceGenerator" Version="3.0.2">
+      <PrivateAssets>all</PrivateAssets>
+      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+    </PackageReference>
+
+    <Using Include="Mediator" />
+  </ItemGroup>
+  
+  <!-- Microsoft -->
+  <ItemGroup>
+    <PackageReference Include="Microsoft.Extensions.Configuration" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Binder" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.CommandLine" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection.Abstractions" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Logging.Configuration" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Options" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Options.ConfigurationExtensions" Version="10.0.9" />
+    
+    <Using Include="Microsoft.Extensions.DependencyInjection" />
+    <Using Include="Microsoft.Extensions.Configuration" />
+  </ItemGroup>
+
+  <!-- Shared Usings -->
+  <ItemGroup>
+    <Using Include="System.Net" />
+    <Using Include="System.Text.Json" />
+    <Using Include="System.Diagnostics" />
+    <Using Include="System.Reflection" />
+    <Using Include="Xunit" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="..\LiteCharms.Features.MidrandBooks\LiteCharms.Features.MidrandBooks.csproj" />
+    <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <None Update="appsettings.json">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </None>
+  </ItemGroup>
+
+</Project>
@@ -1,13 +1,25 @@
 {
-  "ValidPayfastHosts": [
-    "www.payfast.co.za",
-    "sandbox.payfast.co.za",
-    "w1w.payfast.co.za",
-    "w2w.payfast.co.za",
-    "ips.payfast.co.za",
-    "api.payfast.co.za",
-    "payment.payfast.io"
-  ],
+  "PayfastSettings": {
+    "CheckoutUrl": "https://sandbox.payfast.co.za/eng/process",
+    "ValidHosts": [
+      "www.payfast.co.za",
+      "sandbox.payfast.co.za",
+      "w1w.payfast.co.za",
+      "w2w.payfast.co.za",
+      "ips.payfast.co.za",
+      "api.payfast.co.za",
+      "payment.payfast.io"
+    ]
+  },
+  "LiteCharmsSettings": {
+    "Authority": "https://sts.security.khongisa.co.za",
+    "Audience": "midrandbooks-api"
+  },
+  "LiteCharmsClientSettings": {
+    "Authority": "https://sts.security.khongisa.co.za",
+    "GrantType": "client_credentials",
+    "Scope": "midrandbooks-api"
+  },
  "HasherSettings": {
    "MinHashLength": 11
  },
@@ -26,7 +38,6 @@
    "UseSsl": true
  },
  "Monitoring": {
-    "ApiKey": "",
    "Address": "http://aspire-dashboard-service.aspire.svc.cluster.local:18889",
    "ServiceName": "LiteCharms.LeadGenerator"
  },
@@ -1,36 +0,0 @@
-using LiteCharms.Features.Extensions;
-
-namespace LiteCharms.Features.Tests;
-
-public class Fixture : IDisposable
-{
-    public IConfiguration Configuration { get; set; }
-
-    public IServiceProvider Services { get; set; }
-
-    public IMediator Mediator { get; set; }
-
-    public Fixture()
-    {
-        Configuration = new ConfigurationBuilder()
-            .SetBasePath(Directory.GetCurrentDirectory())
-            .AddUserSecrets<Fixture>()
-            .AddJsonFile(Path.Combine(Directory.GetCurrentDirectory(), "appsettings.json"), optional: true, reloadOnChange: true)
-            .AddEnvironmentVariables()
-            .Build();
-
-        Services = new ServiceCollection()            
-            .AddMediator()
-            .AddLogging()            
-            .AddEmailServiceBus()
-            .AddGarageS3(Configuration)
-            .AddEmailServices(Configuration)
-            .AddSingleton(Configuration)
-            .AddHashServices(Configuration)
-            .BuildServiceProvider();
-
-        Mediator = Services.GetRequiredService<IMediator>();
-    }
-
-    public void Dispose() { }
-}
@@ -1,4 +1,5 @@
 using LiteCharms.Features.Hasher;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.Tests;

@@ -31,11 +31,13 @@
    <Using Include="System.Text" />
    <Using Include="Mediator" />
    <Using Include="Xunit.Abstractions" />
+    <Using Include="Microsoft.Extensions.Options" />
    <Using Include="Microsoft.Extensions.DependencyInjection" />
    <Using Include="Microsoft.Extensions.Configuration" />
  </ItemGroup>

  <ItemGroup>
+    <ProjectReference Include="..\LiteCharms.Features.Tests.Common\LiteCharms.Features.Tests.Common.csproj" />
    <ProjectReference Include="..\LiteCharms.Features\LiteCharms.Features.csproj" />
  </ItemGroup>

@@ -43,10 +45,4 @@
    <Using Include="Xunit" />
  </ItemGroup>

-  <ItemGroup>
-    <None Update="appsettings.json">
-      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
-    </None>
-  </ItemGroup>
-
 </Project>
@@ -0,0 +1,19 @@
+using LiteCharms.Features.Api;
+using LiteCharms.Features.Tests.Common;
+
+namespace LiteCharms.Features.Tests;
+
+public sealed class LiteCharmsApiFeatureTests(Fixture fixture) : IClassFixture<Fixture>
+{
+    private readonly TokenService tokenService = fixture.Services.GetRequiredService<TokenService>();
+
+    [IntegrationFact]
+    public async Task TokenService_GenerateTokenAsync_ShouldReturn_TokenInResult()
+    {
+        var result = await tokenService.GenerateAsync(fixture.CancellationToken);
+
+        Assert.True(result.IsSuccess);
+        Assert.NotNull(result.Value);
+        Assert.NotEmpty(result.Value.AccessToken!);
+    }
+}
@@ -0,0 +1,18 @@
+using LiteCharms.Features.Api.Configuration;
+using LiteCharms.Features.Tests.Common;
+
+namespace LiteCharms.Features.Tests;
+
+public sealed class PayfastFeatureTests(Fixture fixture) : IClassFixture<Fixture>
+{
+    private readonly PayfastSettings payfastSettings = fixture.Services.GetRequiredService<IOptions<PayfastSettings>>().Value;
+
+    [IntegrationFact]
+    public void PayfastSettings_ShouldFail_IfNotLoaded()
+    {
+        Assert.NotEmpty(payfastSettings.CheckoutUrl!);
+        Assert.NotEmpty(payfastSettings.MerchantId!);
+        Assert.NotEmpty(payfastSettings.MerchantKey!);
+        Assert.NotEmpty(payfastSettings.Passphrase!);
+    }
+}
@@ -1,4 +1,5 @@
 using LiteCharms.Features.S3.Abstractions;
+using LiteCharms.Features.Tests.Common;

 namespace LiteCharms.Features.Tests;

@@ -1,34 +0,0 @@
-{
-  "BookshopS3Settings": {
-    "ServiceUrl": "http://192.168.1.177:30900",
-    "Region": "garage",
-    "BucketName": "bookshop",
-    "CdnBaseUrl": "https://bookshop.cdn.khongisa.co.za"
-  },
-  "BookshopQuotesS3Settings": {
-    "ServiceUrl": "http://192.168.1.177:30900",
-    "Region": "garage",
-    "BucketName": "bookshop.quotes",
-    "CdnBaseUrl": "https://bookshop.quotes.cdn.khongisa.co.za"
-  },
-  "Email": {
-    "Credentials": {
-      "Username": "shop@litecharms.co.za"
-    },
-    "Port": 465,
-    "Host": "mail.litecharms.co.za",
-    "UseSsl": true
-  },
-  "Monitoring": {
-    "ApiKey": "",
-    "Address": "http://aspire-dashboard-service.aspire.svc.cluster.local:18889",
-    "ServiceName": "LiteCharms.LeadGenerator"
-  },
-  "Logging": {
-    "LogLevel": {
-      "Default": "Information",
-      "Microsoft.AspNetCore": "Warning"
-    }
-  },
-  "AllowedHosts": "*"
-}
@@ -0,0 +1,6 @@
+### Authentik Token Request (Service Account Explicit)
+POST {{authority}}/connect/token
+Content-Type: application/x-www-form-urlencoded
+Accept-Encoding: identity
+
+grant_type={{grantType}}&client_id={{clientId}}&client_secret={{clientSecret}}&scope={{scope}}
@@ -0,0 +1,9 @@
+{
+  "uat": {
+    "authority": "https://sts.security.khongisa.co.za",
+    "grantType": "client_credentials",
+    "clientId": "midrandbooks-api-scaler-uat",
+    "clientSecret": "secret_0a8dc1f99061590a52b1272db3a1871d2761c79fbd058b2a968911029e4b208a",
+    "scope": "midrandbooks-api"
+  }
+}
@@ -1,16 +0,0 @@
-{
-  "local": {
-    "baseUrl": "https://localhost:7196",
-    "paymentId": "jdPB2zaKM3Z",
-    "signature": "6aeff59bb74f2448ff2c3d81b2ec95de",
-    "item_name": "System Architecture Book",
-    "amount": "350.00"
-  },
-  "uat": {
-    "baseUrl": "https://api.uat.midrandbooks.co.za",
-    "paymentId": "jdPB2zaKM3Z",
-    "signature": "6aeff59bb74f2448ff2c3d81b2ec95de",
-    "item_name": "System Architecture Book",
-    "amount": "350.00"
-  }
-}
@@ -0,0 +1,3 @@
+namespace LiteCharms.Features.Abstractions;
+
+public interface IFeatures;
@@ -0,0 +1,12 @@
+namespace LiteCharms.Features.Abstractions;
+
+public interface IJobOrchestrator
+{
+    ValueTask SendAsync<TNotification>(TNotification notification, CancellationToken cancellationToken = default)
+        where TNotification : IEvent;
+
+    ValueTask ScheduleAsync<TNotification>(TNotification notification, string cronExpression, CancellationToken cancellationToken = default) 
+        where TNotification : IEvent;
+
+    ValueTask<bool> InterruptAsync(string eventName, string? correlationId = null, CancellationToken cancellationToken = default);
+}
@@ -0,0 +1,14 @@
+namespace LiteCharms.Features.Api.Configuration;
+
+public sealed class LiteCharmsClientSettings
+{
+    public string? Authority { get; set; }
+
+    public string? GrantType { get; set; }
+
+    public string? ClientId { get; set; }
+
+    public string? ClientSecret { get; set; }
+
+    public string? Scope { get; set; }
+}
@@ -0,0 +1,12 @@
+namespace LiteCharms.Features.Api.Configuration;
+
+public sealed class LiteCharmsSettings
+{
+    public string? Authority { get; set; }
+
+    public string? ClientId { get; set; }
+
+    public string? ClientSecret { get; set; }
+
+    public string? Audience { get; set; }
+}
@@ -0,0 +1,14 @@
+namespace LiteCharms.Features.Api.Configuration;
+
+public sealed class PayfastSettings
+{
+    public string? CheckoutUrl { get; set; }
+
+    public string? Passphrase { get; set; }
+
+    public string? MerchantId { get; set; }
+
+    public string? MerchantKey { get; set; }
+
+    public string[]? ValidHosts { get; set; }
+}
@@ -0,0 +1,13 @@
+namespace LiteCharms.Features.Api.Models;
+
+public sealed class TokenErrorResponse
+{
+    [JsonPropertyName("error")]
+    public string? Error { get; set; }
+
+    [JsonPropertyName("error_description")]
+    public string? ErrorDescription { get; set; }
+
+    [JsonPropertyName("error_uri")]
+    public string? ErrorUri { get; set; }
+}
@@ -0,0 +1,20 @@
+namespace LiteCharms.Features.Api.Models;
+
+public sealed class TokenRequest
+{
+    [JsonPropertyName("grant_type")]
+    [AliasAs("grant_type")]
+    public string? GrantType { get; set; }
+
+    [JsonPropertyName("client_id")]
+    [AliasAs("client_id")]
+    public string? ClientId { get; set; }
+
+    [JsonPropertyName("client_secret")]
+    [AliasAs("client_secret")]
+    public string? ClientSecret { get; set; }
+
+    [JsonPropertyName("scope")]
+    [AliasAs("scope")]
+    public string? Scope { get; set; }
+}
@@ -0,0 +1,17 @@
+namespace LiteCharms.Features.Api.Models;
+
+public sealed class TokenResponse
+{
+    [JsonPropertyName("access_token")]
+    public string? AccessToken { get; set; }
+
+    [JsonPropertyName("expires_in")]
+    public int ExpiresIn { get; set; }
+
+    [JsonPropertyName("token_type")]
+    public string? TokenType { get; set; }
+
+    [JsonPropertyName("scope")]
+    public string? Scope { get; set; }
+}
+
@@ -8,7 +8,7 @@ public sealed class OpenApiBearerSecuritySchemeTransformer : IOpenApiDocumentTra
        {
            Type = SecuritySchemeType.Http,
            Scheme = "bearer",
-            Description = "JWT Authorization header using the Bearer scheme. Example: \"Bearer {token}\"",
+            Description = "JWT Authorization header using the Bearer scheme",
        };

        document.AddComponent("Bearer", bearerScheme);
@@ -0,0 +1,10 @@
+using LiteCharms.Features.Api.Models;
+
+namespace LiteCharms.Features.Api.Sdk;
+
+public interface IConnectApi
+{
+    [Post("/connect/token")]
+    ValueTask<HttpResponseMessage> GetToken([Body(BodySerializationMethod.UrlEncoded)] TokenRequest request, 
+        CancellationToken cancellationToken = default);
+}
@@ -0,0 +1,67 @@
+using LiteCharms.Features.Abstractions;
+using LiteCharms.Features.Api.Configuration;
+using LiteCharms.Features.Api.Models;
+using LiteCharms.Features.Api.Sdk;
+
+namespace LiteCharms.Features.Api;
+
+public sealed class TokenService(IConnectApi connectApi, IOptions<LiteCharmsClientSettings> clientOptions) : IService
+{
+    private readonly LiteCharmsClientSettings clientSettings = clientOptions.Value;
+
+    public async Task<Result<TokenResponse>> GenerateAsync(CancellationToken cancellationToken = default)
+    {
+        try
+        {
+            var request = new TokenRequest
+            {
+                ClientId = clientSettings.ClientId,
+                ClientSecret = clientSettings.ClientSecret,
+                GrantType = clientSettings.GrantType,
+                Scope = clientSettings.Scope,
+            };
+
+            using var response = await connectApi.GetToken(request, cancellationToken);
+
+            var contentRaw = await response.Content.ReadAsStringAsync(cancellationToken);
+
+            if (string.IsNullOrWhiteSpace(contentRaw))
+                return Result.Fail(new Error($"The authentication endpoint returned an empty payload. Status code: {response.StatusCode}"));
+
+            if (response.IsSuccessStatusCode)
+            {
+                var tokenResponse = JsonSerializer.Deserialize<TokenResponse>(contentRaw);
+
+                return !string.IsNullOrWhiteSpace(tokenResponse?.AccessToken)
+                    ? Result.Ok(tokenResponse)
+                    : Result.Fail<TokenResponse>(new Error("Authentication succeeded, but no access token was found in the response payload."));
+            }
+
+            try
+            {
+                var errorResult = JsonSerializer.Deserialize<TokenErrorResponse>(contentRaw);
+
+                if (errorResult != null)
+                {
+                    string summary = $"{errorResult.Error}: {errorResult.ErrorDescription}";
+
+                    return Result.Fail(new Error(summary));
+                }
+            }
+            catch
+            {
+                return Result.Fail(new Error($"Authentication failed: {contentRaw}"));
+            }
+
+            return Result.Fail(new Error($"Authentication failed with status code: {response.StatusCode}"));
+        }
+        catch (OperationCanceledException ex)
+        {
+            return Result.Fail(new Error("The token generation request was canceled.").CausedBy(ex));
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+}
@@ -0,0 +1,80 @@
+using LiteCharms.Features.Abstractions;
+
+namespace LiteCharms.Features.Browser;
+
+public sealed class LocalStorageService(ProtectedLocalStorage storage) : IService
+{
+    public async ValueTask<Result> DeleteAsync(string key)
+    {
+        try
+        {
+            await storage.DeleteAsync(key);
+
+            return Result.Ok();
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+
+    public async ValueTask<Result> SaveAsync(string key, string value)
+    {
+        try
+        {
+            await storage.SetAsync(key, value);
+
+            return Result.Ok();
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+
+    public async ValueTask<Result> SaveAsync<TValue>(string key, TValue value) where TValue : class
+    {
+        try
+        {
+            await storage.SetAsync(key, value);
+
+            return Result.Ok();
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+
+    public async ValueTask<Result<string>> GetAsync(string key)
+    {
+        try
+        {
+            var retrieval = await storage.GetAsync<string>(key);
+
+            return retrieval.Success && !string.IsNullOrWhiteSpace(retrieval.Value)
+                ? Result.Ok(retrieval.Value)
+                : Result.Fail($"Could not find object by key {key}");
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+
+    public async ValueTask<Result<TValue>> GetAsync<TValue>(string key) where TValue : class
+    {
+        try
+        {
+            var retrieval = await storage.GetAsync<TValue>(key);
+
+            return retrieval.Success && retrieval.Value is not null
+                ? Result.Ok(retrieval.Value)
+                : Result.Fail($"Could not find object by key {key}");
+        }
+        catch (Exception ex)
+        {
+            return Result.Fail(new Error(ex.Message).CausedBy(ex));
+        }
+    }
+}
@@ -1,5 +1,7 @@
 using LiteCharms.Features.Abstractions;
 using LiteCharms.Features.Api;
+using LiteCharms.Features.Api.Configuration;
+using LiteCharms.Features.Api.Sdk;

 namespace LiteCharms.Features.Extensions;

@@ -8,6 +10,205 @@ public static class Api
    public const string Books = nameof(Books);
    public const string Payments = nameof(Payments);

+    public static IServiceCollection AddPayfastServices(this IServiceCollection services, IConfiguration configuration)
+    {
+        var configSection = configuration.GetSection(nameof(PayfastSettings));
+
+        services.Configure<PayfastSettings>(configSection);
+
+        return services;
+    }
+    
+    public static IServiceCollection AddSecurityApiSdk(this IServiceCollection services, IConfiguration configuration)
+    {
+        var configSection = configuration.GetSection(nameof(LiteCharmsClientSettings));
+
+        var authOptions = new LiteCharmsClientSettings();
+        configSection.Bind(authOptions);
+
+        services.Configure<LiteCharmsClientSettings>(configSection);
+
+        if (string.IsNullOrWhiteSpace(authOptions.Authority))
+            return services;
+
+        if (!authOptions.Authority.EndsWith("/", StringComparison.Ordinal)) authOptions.Authority += "/";
+
+        services.AddRefitClient<IConnectApi>()
+            .ConfigureHttpClient(config =>
+            {
+                config.BaseAddress = new Uri(authOptions.Authority);
+                config.Timeout = TimeSpan.FromSeconds(15);
+            })
+            .AddStandardResilienceHandler(options =>
+            {
+                options.Retry.MaxRetryAttempts = 3;
+                options.Retry.Delay = TimeSpan.FromSeconds(1);
+                options.Retry.BackoffType = Polly.DelayBackoffType.Exponential;
+            });
+
+        return services;
+    }
+
+    public static IServiceCollection AddLiteCharmsWebSecurity(this IServiceCollection services, IConfiguration configuration)
+    {
+        var configSection = configuration.GetSection(nameof(LiteCharmsSettings));
+
+        var authOptions = new LiteCharmsSettings();
+        configSection.Bind(authOptions);
+
+        services.Configure<LiteCharmsSettings>(configSection);
+
+        services.AddAuthentication(options =>
+        {
+            options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
+            options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
+        })
+        .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
+        .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
+        {
+            options.Authority = authOptions.Authority;
+
+            options.ClientId = authOptions.ClientId;
+            options.ClientSecret = authOptions.ClientSecret;
+            options.ResponseType = "code";
+
+            options.SaveTokens = true;
+            options.GetClaimsFromUserInfoEndpoint = true;
+
+            options.Scope.Clear();
+            options.Scope.Add("openid");
+            options.Scope.Add("profile");
+            options.Scope.Add("email");
+
+            options.Events = new OpenIdConnectEvents
+            {
+                OnRedirectToIdentityProviderForSignOut = context =>
+                {
+                    var idToken = context.ProtocolMessage.IdTokenHint;
+
+                    if (string.IsNullOrEmpty(idToken))
+                    {
+                        var tokens = context.Properties.GetTokens();
+                        var idTokenItem = tokens.FirstOrDefault(t => string.Equals(t.Name, "id_token", StringComparison.Ordinal));
+
+                        if (idTokenItem != null) context.ProtocolMessage.IdTokenHint = idTokenItem.Value;
+                    }
+
+                    return Task.CompletedTask;
+                },
+            };
+        });
+
+        services.AddCascadingAuthenticationState();
+
+        return services;
+    }
+
+    public static IServiceCollection AddLiteCharmsApiSecurity(this IServiceCollection services, IConfiguration configuration)
+    {
+        var configSection = configuration.GetSection(nameof(LiteCharmsSettings));
+
+        var authOptions = new LiteCharmsSettings();
+        configSection.Bind(authOptions);
+
+        services.Configure<LiteCharmsSettings>(configSection);
+
+        services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
+            .AddJwtBearer(options =>
+            {
+                options.Authority = authOptions.Authority;
+                options.Audience = authOptions.Audience;
+                options.TokenValidationParameters = new TokenValidationParameters
+                {
+                    ValidIssuer = authOptions.Authority,
+                    ValidateAudience = true,
+                    ValidateIssuer = true,
+                };
+            });
+
+        services.AddAuthorization();
+
+        return services;
+    }
+
+    public static WebApplication AddSecurityEndpoints(this WebApplication app)
+    {
+        app.MapGet("/login", async (HttpContext context, string redirectUri = "/") =>
+        {
+            await context.ChallengeAsync(OpenIdConnectDefaults.AuthenticationScheme, new AuthenticationProperties
+            {
+                RedirectUri = redirectUri,
+            });
+        });
+
+        app.MapGet("/logout", async (HttpContext context) =>
+        {
+            var idToken = await context.GetTokenAsync("id_token");
+
+            var authProperties = new AuthenticationProperties { RedirectUri = "/", };
+
+            if (!string.IsNullOrEmpty(idToken)) 
+                authProperties.Parameters.Add("id_token_hint", idToken);
+
+            await context.SignOutAsync(OpenIdConnectDefaults.AuthenticationScheme, authProperties);
+            await context.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
+        });
+
+        return app;
+    }
+
+    public static IServiceCollection AddApiServices(this IServiceCollection services, IConfiguration configuration)
+    {
+        services.AddHttpClient();
+
+        services.AddApiVersioning(options =>
+        {
+            options.DefaultApiVersion = new ApiVersion(1);
+            options.ReportApiVersions = true;
+            options.AssumeDefaultVersionWhenUnspecified = true;
+            options.ApiVersionReader = ApiVersionReader.Combine(new UrlSegmentApiVersionReader(),
+                new QueryStringApiVersionReader("version"),
+                new QueryStringApiVersionReader("version"),
+                new MediaTypeApiVersionReader("version"));
+        })
+        .AddApiExplorer(options =>
+        {
+            options.GroupNameFormat = "'v'VVV";
+            options.SubstituteApiVersionInUrl = true;
+        });
+
+        var urls = configuration["ASPNETCORE_URLS"] ?? configuration["Urls"];
+        var healthUrl = "http://localhost:8080/health";
+
+        if (!string.IsNullOrWhiteSpace(urls))
+        {
+            string firstUrl = urls.Split(';').FirstOrDefault(s => s.Contains("http://"))!
+                .Replace("0.0.0.0", "localhost")
+                .Replace("*", "localhost")
+                .Replace("+", "localhost");
+
+            healthUrl = $"{firstUrl.TrimEnd('/')}/health";
+        }
+
+        services.AddHealthChecksUI(setup =>
+        {
+            setup.SetNotifyUnHealthyOneTimeUntilChange();
+            setup.AddHealthCheckEndpoint("primary, heal", healthUrl);
+            setup.SetHeaderText("Midrand Books");
+        })
+        .AddInMemoryStorage();
+
+        services.AddOutputCache(options =>
+        {
+            options.AddBasePolicy(builder => builder.Cache());
+            options.DefaultExpirationTimeSpan = TimeSpan.FromSeconds(10);
+        });
+
+        services.AddOpenApi(options => options.AddDocumentTransformer<OpenApiBearerSecuritySchemeTransformer>());
+
+        return services;
+    }
+
    public static IApplicationBuilder MapEndpoints(this WebApplication app, IDictionary<int, RouteGroupBuilder> versionGroups)
    {
        var endpoints = app.Services.GetRequiredService<IEnumerable<IEndpoint>>();
@@ -43,54 +244,4 @@ public static class Api

    public static string ToEndpointName(this Type target, string? annotation = "") =>
        $"{target.Name.Replace("Endpoint", string.Empty)}{annotation}".ToLower(CultureInfo.CurrentCulture);
-
-    public static IServiceCollection AddApiServices(this IServiceCollection services, IConfiguration configuration)
-    {
-        services.AddHttpClient();
-
-        services.AddApiVersioning(options =>
-        {
-            options.DefaultApiVersion = new ApiVersion(1);
-            options.ReportApiVersions = true;
-            options.AssumeDefaultVersionWhenUnspecified = true;
-            options.ApiVersionReader = ApiVersionReader.Combine(new UrlSegmentApiVersionReader(),
-                new QueryStringApiVersionReader("version"),
-                new QueryStringApiVersionReader("version"),
-                new MediaTypeApiVersionReader("version"));
-        })
-        .AddApiExplorer(options =>
-        {
-            options.GroupNameFormat = "'v'VVV";
-            options.SubstituteApiVersionInUrl = true;
-        });
-
-        var urls = configuration["ASPNETCORE_URLS"] ?? configuration["Urls"];
-        var healthUrl = "http://localhost:8080/health";
-
-        if (!string.IsNullOrWhiteSpace(urls))
-        {
-            string firstUrl = urls.Split(';').FirstOrDefault(s => s.Contains("http://"))!
-                .Replace("*", "localhost").Replace("+", "localhost");
-
-            healthUrl = $"{firstUrl.TrimEnd('/')}/health";
-        }
-
-        services.AddHealthChecksUI(setup =>
-        {
-            setup.SetNotifyUnHealthyOneTimeUntilChange();
-            setup.AddHealthCheckEndpoint("primary, heal", healthUrl);
-            setup.SetHeaderText("Midrand Books");
-        })
-        .AddInMemoryStorage();
-
-        services.AddOutputCache(options =>
-        {
-            options.AddBasePolicy(builder => builder.Cache());
-            options.DefaultExpirationTimeSpan = TimeSpan.FromSeconds(10);
-        });
-
-        services.AddOpenApi(options => options.AddDocumentTransformer<OpenApiBearerSecuritySchemeTransformer>());
-
-        return services;
-    }
 }
@@ -1,5 +1,5 @@
-using LiteCharms.Features.Quartz;
-using LiteCharms.Features.Quartz.Abstractions;
+using LiteCharms.Features.Abstractions;
+using LiteCharms.Features.Quartz;
 using static LiteCharms.Features.Extensions.Postgres;

 namespace LiteCharms.Features.Extensions;
@@ -4,7 +4,7 @@ namespace LiteCharms.Features.Hasher;

 public sealed partial class HashService(IHashids hasher) : IService
 {
-    [GeneratedRegex(@"\A\b[0-9a-fA-F]+\b\Z")]
+    [GeneratedRegex(@"\A\b[0-9a-fA-F]+\b\Z", RegexOptions.None, matchTimeoutMilliseconds: 100)]
    private static partial Regex HexHashRegex { get; }

    [GeneratedRegex(@"\A[0-9a-fA-F]{32}\Z", RegexOptions.None, matchTimeoutMilliseconds: 100)]
@@ -29,6 +29,33 @@
    <None Include="..\icon.png" Pack="true" PackagePath="\" />
  </ItemGroup>

+  <!-- Security (IODC)-->
+  <ItemGroup>
+    <PackageReference Include="IdentityModel.AspNetCore" Version="4.3.0" />
+    <PackageReference Include="IdentityModel.AspNetCore.OAuth2introspection" Version="6.2.0" />
+    <PackageReference Include="IdentityServer4.AccessTokenValidation" Version="3.0.1" />
+    <PackageReference Include="IdentityModel" Version="6.2.0" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.Certificate" Version="10.0.9" />
+    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Http.Polly" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Http.Resilience" Version="10.7.0" />
+    <PackageReference Include="Polly" Version="8.7.0" />
+    <PackageReference Include="Polly.Extensions" Version="8.7.0" />
+
+    <Using Include="Microsoft.AspNetCore.Authentication" />
+    <Using Include="Microsoft.AspNetCore.Authentication.OpenIdConnect" />
+    <Using Include="Microsoft.AspNetCore.Authentication.Cookies" />
+    <Using Include="IdentityModel.AspNetCore.OAuth2Introspection" />
+    <Using Include="Microsoft.AspNetCore.Authentication.JwtBearer" />
+  </ItemGroup>
+
+  <!-- API SDK Composer-->
+  <ItemGroup>
+    <PackageReference Include="Refit.HttpClientFactory" Version="11.0.1" />
+
+    <Using Include="Refit" />
+  </ItemGroup>
+
  <!-- API Versioning -->
  <ItemGroup>
    <PackageReference Include="AccessTokenClient.Extensions" Version="5.1.0" />
@@ -41,8 +68,8 @@

  <!-- API Documentation -->
  <ItemGroup>
-    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.8" />
-    <PackageReference Include="Scalar.AspNetCore" Version="2.14.14" />
+    <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="10.0.9" />
+    <PackageReference Include="Scalar.AspNetCore" Version="2.16.3" />

    <Using Include="Scalar.AspNetCore" />
    <Using Include="Microsoft.OpenApi" />
@@ -52,11 +79,11 @@
  <!-- Quartz Scheduler-->
  <ItemGroup>    
    <PackageReference Include="Hashids.net" Version="1.7.0" />    
-    <PackageReference Include="Meziantou.Analyzer" Version="3.0.98">
+    <PackageReference Include="Meziantou.Analyzer" Version="3.0.102">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>    
-    <PackageReference Include="OpenTelemetry" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry" Version="1.16.0" />
    <PackageReference Include="Quartz" Version="3.18.1" />
    <PackageReference Include="Quartz.Plugins" Version="3.18.1" />
    <PackageReference Include="Quartz.Plugins.TimeZoneConverter" Version="3.18.1" />
@@ -70,11 +97,11 @@

  <!-- Configuration -->
  <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.Configuration" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="10.0.8" />
+    <PackageReference Include="Microsoft.Extensions.Configuration" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Abstractions" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.UserSecrets" Version="10.0.9" />

    <!-- Global Usings -->
    <Using Include="Microsoft.Extensions.Configuration" />
@@ -87,9 +114,9 @@
    <PackageReference Include="AspNetCore.HealthChecks.UI.Core" Version="9.0.0" />
    <PackageReference Include="AspNetCore.HealthChecks.UI.Data" Version="9.0.0" />
    <PackageReference Include="AspNetCore.HealthChecks.UI.InMemory.Storage" Version="9.0.0" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.0.8" />
-    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.8" />    
-    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="10.0.8" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="10.0.9" />
+    <PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="10.0.9" />    
+    <PackageReference Include="Microsoft.Extensions.Diagnostics.HealthChecks" Version="10.0.9" />

    <!-- Global Usings -->
    <Using Include="Microsoft.Extensions.Diagnostics.HealthChecks" />
@@ -98,12 +125,12 @@

  <!-- Open Telemetry -->
  <ItemGroup>
-    <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.15.3" />
-    <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry.Exporter.OpenTelemetryProtocol" Version="1.16.0" />
+    <PackageReference Include="OpenTelemetry.Extensions.Hosting" Version="1.16.0" />
    <PackageReference Include="OpenTelemetry.Instrumentation.AspNetCore" Version="1.15.2" />
    <PackageReference Include="OpenTelemetry.Instrumentation.Http" Version="1.15.1" />
    <PackageReference Include="OpenTelemetry.Instrumentation.Runtime" Version="1.15.1" />
-    <PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.15.3" />
+    <PackageReference Include="OpenTelemetry.Exporter.Console" Version="1.16.0" />

    <!-- Global Usings -->
    <Using Include="OpenTelemetry.Resources" />
@@ -115,13 +142,13 @@

  <!-- Database -->
  <ItemGroup>
-    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.8" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.8">
+    <PackageReference Include="Microsoft.EntityFrameworkCore" Version="10.0.9" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="10.0.9">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.8" />
-    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="10.0.8">
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" Version="10.0.9" />
+    <PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="10.0.9">
      <PrivateAssets>all</PrivateAssets>
      <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
    </PackageReference>
@@ -156,8 +183,8 @@
  
  <!-- Amazon S3 SDK -->
  <ItemGroup>
-    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.3" />
-    <PackageReference Include="AWSSDK.S3" Version="4.0.24" />
+    <PackageReference Include="AWSSDK.Extensions.NetCore.Setup" Version="4.0.4.6" />
+    <PackageReference Include="AWSSDK.S3" Version="4.0.24.3" />
    
    <!-- global Usings -->
    <Using Include="Amazon.S3" />
@@ -167,6 +194,8 @@

  <!-- Shared Usings -->
  <ItemGroup>
+    <Using Include="Microsoft.AspNetCore.Components.Server.ProtectedBrowserStorage" />
+    <Using Include="System.Text.Json.Serialization" />
    <Using Include="System.Reflection" />
    <Using Include="Microsoft.Extensions.DependencyInjection.Extensions" />
    <Using Include="Microsoft.AspNetCore.Routing" />
@@ -1,12 +0,0 @@
-using LiteCharms.Features.Abstractions;
-
-namespace LiteCharms.Features.Quartz.Abstractions;
-
-public interface IJobOrchestrator
-{
-    Task SendAsync<TNotification>(TNotification notification, CancellationToken cancellationToken = default)
-        where TNotification : IEvent;
-
-    Task ScheduleAsync<TNotification>(TNotification notification, string cronExpression, CancellationToken cancellationToken = default) 
-        where TNotification : IEvent;
-}
@@ -1,11 +1,10 @@
 using LiteCharms.Features.Abstractions;
-using LiteCharms.Features.Quartz.Abstractions;

 namespace LiteCharms.Features.Quartz;

 public sealed class JobOrchestrator(ISchedulerFactory schedulerFactory) : IJobOrchestrator
 {
-    public async Task SendAsync<TNotification>(TNotification notification, CancellationToken cancellationToken = default)
+    public async ValueTask SendAsync<TNotification>(TNotification notification, CancellationToken cancellationToken = default)
        where TNotification : IEvent
    {
        var chainedJobGroup = "onetime-jobs";
@@ -19,17 +18,18 @@ public sealed class JobOrchestrator(ISchedulerFactory schedulerFactory) : IJobOr
            .WithDescription($"Correlation ID: {notification.CorrelationId}")
            .UsingJobData(new JobDataMap { ["Payload"] = JsonSerializer.Serialize(notification) })
            .DisallowConcurrentExecution()
+            .RequestRecovery()
            .Build();

        var trigger = global::Quartz.TriggerBuilder.Create()
            .WithIdentity(triggerKey)
-            .StartNow()            
+            .StartNow()
            .Build();

        await scheduler.ScheduleJob(job, new List<ITrigger> { trigger }.AsReadOnly(), replace: true, cancellationToken);
    }

-    public async Task ScheduleAsync<TNotification>(TNotification notification, string cronExpression, CancellationToken cancellationToken = default)
+    public async ValueTask ScheduleAsync<TNotification>(TNotification notification, string cronExpression, CancellationToken cancellationToken = default)
        where TNotification : IEvent
    {
        var chainedJobGroup = "scheduled-jobs";
@@ -63,4 +63,25 @@ public sealed class JobOrchestrator(ISchedulerFactory schedulerFactory) : IJobOr
        else
            await scheduler.ScheduleJob(job, new List<ITrigger> { trigger }.AsReadOnly(), replace: true, cancellationToken);
    }
+
+    public async ValueTask<bool> InterruptAsync(string eventName, string? correlationId = null, CancellationToken cancellationToken = default)
+    {
+        var scheduler = await schedulerFactory.GetScheduler(cancellationToken);
+
+        var jobKeyName = string.Empty;
+        var jobGroup = string.Empty;
+
+        if (!string.IsNullOrWhiteSpace(correlationId))
+        {
+            jobKeyName = $"{eventName.ToLower(CultureInfo.InvariantCulture)}-{correlationId.ToLower(CultureInfo.InvariantCulture)}";
+            jobGroup = "onetime-jobs";
+        }
+        else
+        {
+            jobKeyName = eventName.ToLower(CultureInfo.InvariantCulture);
+            jobGroup = "scheduled-jobs";
+        }
+
+        return await scheduler.Interrupt(JobKey.Create(jobKeyName, jobGroup), cancellationToken);
+    }
 }
@@ -8,6 +8,9 @@ public sealed class MediatorJob<TNotification>(IMediator mediator) : IJob where
 {
    public async Task Execute(IJobExecutionContext context)
    {
+        if (context.Recovering)
+            Trace.WriteLine($"CRITICAL RECOVERY: Resurrecting job '{typeof(TNotification).Name}' after a previous cluster node crashed mid-execution.");
+
        var data = context.MergedJobDataMap["Payload"] as string;

        if (string.IsNullOrWhiteSpace(data))
@@ -21,17 +24,28 @@ public sealed class MediatorJob<TNotification>(IMediator mediator) : IJob where

        if (notification is null)
        {
-            Trace.WriteLine("Notification could not be JSon converted from data string, job ended");
+            Trace.WriteLine("Notification could not be Json converted from data string, job ended");

            return;
        }
-                
-        using var activity = MediatorTelemetry.Source.StartActivity($"Quartz: {typeof(TNotification).Name}");
-                
+
+        using var activity = MediatorTelemetry.Source.StartActivity(typeof(TNotification).Name);
+
        activity?.SetTag("event.correlation_id", notification.CorrelationId);

-        await mediator.Publish(notification, context.CancellationToken);
+        try
+        {
+            await mediator.Publish(notification, context.CancellationToken);

-        Trace.WriteLine("Job published");
+            Trace.WriteLine("Job published successfully");
+        }
+        catch (OperationCanceledException) when (context.CancellationToken.IsCancellationRequested)
+        {
+            Trace.WriteLine($"Job '{typeof(TNotification).Name}' was gracefully interrupted by the cluster control plane.");
+            
+            activity?.SetStatus(ActivityStatusCode.Ok);
+
+            return;
+        }
    }
 }
@@ -12,6 +12,9 @@ public sealed class RetryJobListener : IJobListener

    public async Task JobWasExecuted(IJobExecutionContext context, JobExecutionException? jobException, CancellationToken cancellationToken = default)
    {
+        if (context.CancellationToken.IsCancellationRequested)
+            return;
+
        if (jobException is not null && context.RefireCount < RetryCount)
            jobException.RefireImmediately = true;
    }
@@ -12,6 +12,7 @@
    <Project Path="LiteCharms.Features.MidrandBooks.Seed/LiteCharms.Features.MidrandBooks.Seed.csproj" Id="aa80643a-28dc-431f-b163-053a94e5c77c" />
    <Project Path="LiteCharms.Features.MidrandBooks.Tests/LiteCharms.Features.MidrandBooks.Tests.csproj" Id="cac2f738-dbb5-4538-8565-3c2bd6f65259" />
    <Project Path="LiteCharms.Features.TechShop.Tests/LiteCharms.Features.TechShop.Tests.csproj" Id="0e0967c2-7f28-4668-a387-2fc437ab066f" />
+    <Project Path="LiteCharms.Features.Tests.Common/LiteCharms.Features.Tests.Common.csproj" Id="d4ada579-b898-44ff-82f4-de3171c21600" />
    <Project Path="LiteCharms.Features.Tests/LiteCharms.Features.Tests.csproj" Id="0696323f-7148-4ab9-9145-68b7b5df5415" />
  </Folder>
 </Solution>
Author	SHA1	Message	Date
khwezi	37e0d3b93f	Merge pull request 'Completed token service' (#99 ) from payments into master Reviewed-on: #99	2026-06-12 20:58:57 +02:00
Khwezi Mngoma	4d2b37ace7	Completed token service continuous-integration/drone/pr Build is passing Details	2026-06-12 20:48:12 +02:00
khwezi	b42c0fcc4f	Merge pull request 'Fixd double package reference to Mediator.SourceGenerator' (#98 ) from payments into master Reviewed-on: #98	2026-06-12 16:16:05 +02:00
Khwezi Mngoma	3daf192ce9	Fixd double package reference to Mediator.SourceGenerator continuous-integration/drone/pr Build is passing Details	2026-06-12 16:15:44 +02:00
khwezi	9418c77f0e	Merge pull request 'Implemented LiteCharms Security TokenService' (#97 ) from payments into master Reviewed-on: #97	2026-06-12 16:12:10 +02:00
Khwezi Mngoma	a98adea8f3	Implemented LiteCharms Security TokenService continuous-integration/drone/pr Build is passing Details	2026-06-12 16:09:51 +02:00
khwezi	2bb1c8c3bc	Merge pull request 'Added CartService' (#96 ) from payments into master Reviewed-on: #96	2026-06-12 08:44:58 +02:00
Khwezi Mngoma	f5f1035598	Added CartService continuous-integration/drone/pr Build is passing Details	2026-06-12 08:43:58 +02:00
khwezi	388a5f4c87	Merge pull request 'Removed shopping cart objects' (#95 ) from payments into master Reviewed-on: #95	2026-06-09 22:33:20 +02:00
Khwezi Mngoma	40f4656036	Removed shopping cart objects continuous-integration/drone/pr Build is passing Details	2026-06-09 22:32:54 +02:00
khwezi	c31dd308a4	Merge pull request 'payments' (#94 ) from payments into master Reviewed-on: #94	2026-06-09 21:53:52 +02:00
Khwezi Mngoma	11dfd18a44	Ensured the assembly scanner picks up shared and core components continuous-integration/drone/pr Build is passing Details	2026-06-09 21:52:31 +02:00
Khwezi Mngoma	e7f02eca9b	Refactored Shop services assembly scanner to be more generic	2026-06-09 21:43:47 +02:00
khwezi	787507bed9	Merge pull request 'Added CartService and LocalStorageService (browser)' (#93 ) from payments into master Reviewed-on: #93	2026-06-09 09:10:32 +02:00
Khwezi Mngoma	59af9a5406	Added CartService and LocalStorageService (browser) continuous-integration/drone/pr Build is passing Details	2026-06-09 09:08:46 +02:00
khwezi	5140da2c6c	Merge pull request 'Passing token hint during signout' (#92 ) from payments into master Reviewed-on: #92	2026-06-07 14:09:31 +02:00
Khwezi Mngoma	02ff14ccc8	Passing token hint during signout continuous-integration/drone/pr Build is passing Details	2026-06-07 14:09:02 +02:00
khwezi	0ad410c64e	Merge pull request 'payments' (#91 ) from payments into master Reviewed-on: #91	2026-06-07 13:57:15 +02:00
Khwezi Mngoma	e193aa7c1c	Adopted standard logout flow continuous-integration/drone/pr Build is running Details	2026-06-07 13:56:49 +02:00
Khwezi Mngoma	840d4568e2	Refactored logout process	2026-06-07 13:55:20 +02:00
khwezi	6e580ecdf6	Merge pull request 'Added token hint to logout event' (#90 ) from payments into master Reviewed-on: #90	2026-06-07 13:12:05 +02:00
Khwezi Mngoma	60095057b7	Added token hint to logout event continuous-integration/drone/pr Build is passing Details	2026-06-07 13:11:33 +02:00
khwezi	4c194c1141	Merge pull request 'Added AddSecurityEndpoints login endpoint' (#89 ) from payments into master Reviewed-on: #89	2026-06-07 12:00:50 +02:00
Khwezi Mngoma	b41136e2c7	Added AddSecurityEndpoints login endpoint continuous-integration/drone/pr Build is passing Details	2026-06-07 12:00:07 +02:00
khwezi	41eb4daeb4	Merge pull request 'Refactored AddSecurityEndpoints' (#88 ) from payments into master Reviewed-on: #88	2026-06-07 11:09:02 +02:00
Khwezi Mngoma	c423f04b42	Refactored AddSecurityEndpoints continuous-integration/drone/pr Build is passing Details	2026-06-07 11:08:05 +02:00
khwezi	7fe5f7aef3	Merge pull request 'Refactored client auth method' (#87 ) from payments into master Reviewed-on: #87	2026-06-07 10:33:33 +02:00
Khwezi Mngoma	a567fc7cd7	Refactored client auth method continuous-integration/drone/pr Build is passing Details	2026-06-07 10:30:56 +02:00
khwezi	31254932ae	Merge pull request 'Enabled api audience verification' (#86 ) from payments into master Reviewed-on: #86	2026-06-06 23:54:13 +02:00
Khwezi Mngoma	c53434a578	Enabled api audience verification continuous-integration/drone/pr Build is passing Details	2026-06-06 23:53:19 +02:00
khwezi	5a0aae8182	Merge pull request 'Disabled audience verification on jwt tokens' (#85 ) from payments into master Reviewed-on: #85	2026-06-06 21:50:48 +02:00
Khwezi Mngoma	3f3e0dbe88	Disabled audience verification on jwt tokens continuous-integration/drone/pr Build is passing Details	2026-06-06 21:49:32 +02:00
khwezi	8d8ebffabf	Merge pull request 'Removed required scope policy, no longer needed, audience covers the intent' (#84 ) from payments into master Reviewed-on: #84	2026-06-06 16:44:52 +02:00
Khwezi Mngoma	dc4addb43a	Removed required scope policy, no longer needed, audience covers the intent continuous-integration/drone/pr Build is passing Details	2026-06-06 16:44:22 +02:00
khwezi	e2d29261da	Merge pull request 'Updated API to use LiteCharms Security' (#83 ) from payments into master Reviewed-on: #83	2026-06-06 16:27:16 +02:00
Khwezi Mngoma	5d5b59d610	Updated API to use LiteCharms Security continuous-integration/drone/pr Build is passing Details	2026-06-06 16:26:27 +02:00
khwezi	f001b02633	Merge pull request 'Refactored to deal with cookie hell' (#82 ) from payments into master Reviewed-on: #82	2026-06-05 09:20:17 +02:00
Khwezi Mngoma	90a11dc65e	Refactored to deal with cookie hell continuous-integration/drone/pr Build is passing Details	2026-06-05 09:19:32 +02:00
khwezi	de955a96a8	Merge pull request 'Removed login proto handling' (#81 ) from payments into master Reviewed-on: #81	2026-06-05 08:56:17 +02:00
Khwezi Mngoma	cdf5cfb5cd	Removed login proto handling continuous-integration/drone/pr Build is passing Details	2026-06-05 08:55:31 +02:00
khwezi	c4d3bb4cdf	Merge pull request 'Simplified login process' (#80 ) from payments into master Reviewed-on: #80	2026-06-05 08:18:12 +02:00
Khwezi Mngoma	65f102f18a	Simplified login process continuous-integration/drone/pr Build is passing Details	2026-06-05 08:17:32 +02:00
khwezi	cdc80db214	Merge pull request 'Refactored logout endpoint' (#79 ) from payments into master Reviewed-on: #79	2026-06-05 08:15:50 +02:00
Khwezi Mngoma	4576b5aa2b	Refactored logout endpoint continuous-integration/drone/pr Build is passing Details	2026-06-05 08:15:13 +02:00
khwezi	3847927ace	Merge pull request 'Added port stripping' (#78 ) from payments into master Reviewed-on: #78	2026-06-05 07:37:16 +02:00
Khwezi Mngoma	d38d1dd059	Added port stripping continuous-integration/drone/pr Build is passing Details	2026-06-05 07:36:41 +02:00
khwezi	c27aba1954	Merge pull request 'Forcing login https proto on redirect' (#77 ) from payments into master Reviewed-on: #77	2026-06-05 06:40:33 +02:00
Khwezi Mngoma	e646d16053	Forcing login https proto on redirect continuous-integration/drone/pr Build is passing Details	2026-06-05 06:39:47 +02:00
khwezi	1c946dab26	Merge pull request 'Refactored security components' (#76 ) from payments into master Reviewed-on: #76	2026-06-05 05:44:47 +02:00
Khwezi Mngoma	20c3ad9569	Refactored security components continuous-integration/drone/pr Build is passing Details	2026-06-05 05:43:56 +02:00
khwezi	9977cf27b9	Merge pull request 'Added a redirect packet attachment to UI signout process' (#75 ) from payments into master Reviewed-on: #75	2026-06-04 16:03:06 +02:00
Khwezi Mngoma	cf7eed0603	Added a redirect packet attachment to UI signout process continuous-integration/drone/pr Build is passing Details	2026-06-04 16:02:29 +02:00
khwezi	8e9ac1e1ad	Merge pull request 'Added signout functionality for user authentik link' (#74 ) from payments into master Reviewed-on: #74	2026-06-04 14:40:00 +02:00
Khwezi Mngoma	fa79bd8021	Added signout functionality for user authentik link continuous-integration/drone/pr Build is passing Details	2026-06-04 14:39:14 +02:00
khwezi	16dae7c9fb	Merge pull request 'Added UI security' (#73 ) from payments into master Reviewed-on: #73	2026-06-04 14:09:08 +02:00
Khwezi Mngoma	5666ffd474	Added UI security continuous-integration/drone/pr Build is passing Details	2026-06-04 14:08:27 +02:00
khwezi	f8153e86b4	Merge pull request 'Applied required scope policy' (#72 ) from payments into master Reviewed-on: #72	2026-06-04 08:58:03 +02:00
Khwezi Mngoma	eef1096ec5	Applied required scope policy continuous-integration/drone/pr Build is passing Details	2026-06-04 08:57:16 +02:00
khwezi	84d33d3607	Merge pull request 'Refactored authentication' (#71 ) from payments into master Reviewed-on: #71	2026-06-04 08:48:15 +02:00
Khwezi Mngoma	8f97d7cf38	Refactored authentication continuous-integration/drone/pr Build is passing Details	2026-06-04 08:47:18 +02:00
khwezi	f51cc03327	Merge pull request 'Disabled caching' (#70 ) from payments into master Reviewed-on: #70	2026-06-03 17:49:04 +02:00
Khwezi Mngoma	652ca82a57	Disabled caching continuous-integration/drone/pr Build is passing Details	2026-06-03 17:48:38 +02:00
khwezi	aff6fcabf4	Merge pull request 'payments' (#69 ) from payments into master Reviewed-on: #69	2026-06-03 17:38:45 +02:00
Khwezi Mngoma	a50830ffaa	Refactored auth continuous-integration/drone/pr Build is passing Details	2026-06-03 17:37:56 +02:00
Khwezi Mngoma	ee6f8a283e	Refactored oauth registration	2026-06-03 17:37:33 +02:00
khwezi	8140b5fe65	Merge pull request 'Added authentik configuration and service registration' (#68 ) from payments into master Reviewed-on: #68	2026-06-03 12:53:55 +02:00
Khwezi Mngoma	fda97db5fa	Added authentik configuration and service registration continuous-integration/drone/pr Build is passing Details	2026-06-03 12:52:59 +02:00
khwezi	9285cedfa9	Merge pull request 'Refactored token message' (#67 ) from payments into master Reviewed-on: #67	2026-06-03 12:16:31 +02:00
Khwezi Mngoma	29574f4df0	Refactored token message continuous-integration/drone/pr Build is passing Details	2026-06-03 12:15:31 +02:00
khwezi	343874551a	Merge pull request 'Added 0.0.0.0 health checks url transformation' (#66 ) from payments into master Reviewed-on: #66	2026-06-03 11:24:02 +02:00
Khwezi Mngoma	b4a48c9cbf	Added 0.0.0.0 health checks url transformation continuous-integration/drone/pr Build is passing Details	2026-06-03 11:23:13 +02:00
khwezi	0eac9d533f	Merge pull request 'payments' (#65 ) from payments into master Reviewed-on: #65	2026-06-03 11:12:10 +02:00
Khwezi Mngoma	961f03c1c7	Added guardrails around the cluster as well as software level continuous-integration/drone/pr Build is passing Details	2026-06-03 11:11:22 +02:00
Khwezi Mngoma	a0cf847e51	Added job interruption handling	2026-06-03 10:40:29 +02:00
khwezi	24ba609e0c	Merge pull request 'Excluded http environment from checkin' (#64 ) from payments into master Reviewed-on: #64	2026-06-03 00:51:30 +02:00
Khwezi Mngoma	4bac14881d	Excluded http environment from checkin continuous-integration/drone/pr Build is passing Details	2026-06-03 00:50:20 +02:00