From 097ecd64215506e22df789b26df654d998b6bbac Mon Sep 17 00:00:00 2001
From: Khwezi Mngoma <khwezi@msn.com>
Date: Thu, 4 Jun 2026 14:45:33 +0200
Subject: [PATCH] Configured security

---
 MidrandBookshop/MidrandBookshop.csproj |  4 ++--
 MidrandBookshop/Program.cs             |  1 +
 MidrandBookshop/appsettings.json       |  5 ++++-
 midrandbooks-uat.yml                   | 13 +++++++++++++
 4 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/MidrandBookshop/MidrandBookshop.csproj b/MidrandBookshop/MidrandBookshop.csproj
index c51dc1b..eed9056 100644
--- a/MidrandBookshop/MidrandBookshop.csproj
+++ b/MidrandBookshop/MidrandBookshop.csproj
@@ -18,13 +18,13 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="LiteCharms.Features" Version="1.71.0" />
+    <PackageReference Include="LiteCharms.Features" Version="1.80.0" />
   </ItemGroup>
 
   <!-- UI -->
   <ItemGroup>
     <PackageReference Include="ANM.Blazored.Toast" Version="0.1.1" />
-    <PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.71.0" />
+    <PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.80.0" />
     
     <!-- Global Usings -->
     <Using Include="Blazored.Toast.Services" />
diff --git a/MidrandBookshop/Program.cs b/MidrandBookshop/Program.cs
index 2308885..a3d32c8 100644
--- a/MidrandBookshop/Program.cs
+++ b/MidrandBookshop/Program.cs
@@ -13,6 +13,7 @@ builder.AddMonitoring();
 builder.Services.AddEndpointsApiExplorer();
 
 builder.Services.AddMediator();
+builder.Services.AddAuthentikUiSecurity(builder.Configuration);
 
 builder.Services.AddScoped(typeof(IPipelineBehavior<,>), typeof(TelemetryPipelineBehavior<,>));
 builder.Services.AddScoped(typeof(IPipelineBehavior<,>), typeof(LoggingPipelineBehavior<,>));
diff --git a/MidrandBookshop/appsettings.json b/MidrandBookshop/appsettings.json
index 1b59dae..cefe3b0 100644
--- a/MidrandBookshop/appsettings.json
+++ b/MidrandBookshop/appsettings.json
@@ -1,5 +1,8 @@
 {
-  "HasherSettings": {    
+  "AuthentikSettings": {
+    "Authority": "https://id.khongisa.co.za/application/o/midrand-books-uat/"
+  },
+  "HasherSettings": {
     "MinHashLength": 11
   },
   "BookshopS3Settings": {
diff --git a/midrandbooks-uat.yml b/midrandbooks-uat.yml
index 34bba68..11677e1 100644
--- a/midrandbooks-uat.yml
+++ b/midrandbooks-uat.yml
@@ -26,6 +26,7 @@ data:
   ValidPayfastHosts__4: "ips.payfast.co.za"
   ValidPayfastHosts__5: "api.payfast.co.za"
   ValidPayfastHosts__6: "payment.payfast.io"
+  AuthentikSettings__Authority: "https://id.khongisa.co.za/application/o/midrand-books-api-uat/"
 ---
 apiVersion: v1
 kind: Secret
@@ -41,6 +42,8 @@ data:
   hasher-payfastpassphrase: OUdBSVIwdFdwaFgwcU8=
   bookshop-s3-accesskey: R0s1MTRkMmNlOGRjNjkyMzdhMDVjMDFlZWY=
   bookshop-s3-secretkey: ZWFhZmVkYTFhZWQ0MDllY2ZlNjA3MTRlY2RhNTQ5YjgyYmRmNWEzZGFmOWYxOGRkNjFmNjZiNDk3M2E2NDgyZQ==
+  authentik-clientid: Nm9oZk1lSndQNWR0YWY1RFMzZU9MY2NNSHF6WXlma1YzRTNGeE5Tbw==
+  authentik-clientsecret: TXV2a0FLQklHR3BkdEsyaFlabVU1dFRaUmNuM2FhRzhoMWhlVE1nazFYOGVwczYyMzNCS0REWGdpNXo0T01RalVzMGZEUEFmakpmVVRNN1h3ZjllMU01MTQyVGlvOXRycUdmZTM1THhPaExEUnp6N2gxSm5jVkNLYXZXUllndmQ=
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
@@ -93,6 +96,16 @@ spec:
             - configMapRef:
                 name: midrandbooks-config
           env:
+            - name: AuthentikSettings__ClientId
+              valueFrom:
+                secretKeyRef:
+                  name: midrandbooksapi-secrets
+                  key: authentik-clientid
+            - name: AuthentikSettings__ClientSecret
+              valueFrom:
+                secretKeyRef:
+                  name: midrandbooksapi-secrets
+                  key: authentik-clientsecret
             - name: BookshopS3Settings__AccessKey
               valueFrom:
                 secretKeyRef: