Configured security

MidrandBookshop/MidrandBookshop.csproj

@@ -18,13 +18,13 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="LiteCharms.Features" Version="1.71.0" />
+    <PackageReference Include="LiteCharms.Features" Version="1.80.0" />
   </ItemGroup>
 
   <!-- UI -->
   <ItemGroup>
     <PackageReference Include="ANM.Blazored.Toast" Version="0.1.1" />
-    <PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.71.0" />
+    <PackageReference Include="LiteCharms.Features.MidrandBooks" Version="1.80.0" />
     
     <!-- Global Usings -->
     <Using Include="Blazored.Toast.Services" />

MidrandBookshop/Program.cs

@@ -13,6 +13,7 @@ builder.AddMonitoring();
 builder.Services.AddEndpointsApiExplorer();
 
 builder.Services.AddMediator();
+builder.Services.AddAuthentikUiSecurity(builder.Configuration);
 
 builder.Services.AddScoped(typeof(IPipelineBehavior<,>), typeof(TelemetryPipelineBehavior<,>));
 builder.Services.AddScoped(typeof(IPipelineBehavior<,>), typeof(LoggingPipelineBehavior<,>));

MidrandBookshop/appsettings.json

@@ -1,5 +1,8 @@
 {
-  "HasherSettings": {    
+  "AuthentikSettings": {
+    "Authority": "https://id.khongisa.co.za/application/o/midrand-books-uat/"
+  },
+  "HasherSettings": {
     "MinHashLength": 11
   },
   "BookshopS3Settings": {

midrandbooks-uat.yml

@@ -26,6 +26,7 @@ data:
   ValidPayfastHosts__4: "ips.payfast.co.za"
   ValidPayfastHosts__5: "api.payfast.co.za"
   ValidPayfastHosts__6: "payment.payfast.io"
+  AuthentikSettings__Authority: "https://id.khongisa.co.za/application/o/midrand-books-api-uat/"
 ---
 apiVersion: v1
 kind: Secret
@@ -41,6 +42,8 @@ data:
   hasher-payfastpassphrase: OUdBSVIwdFdwaFgwcU8=
   bookshop-s3-accesskey: R0s1MTRkMmNlOGRjNjkyMzdhMDVjMDFlZWY=
   bookshop-s3-secretkey: ZWFhZmVkYTFhZWQ0MDllY2ZlNjA3MTRlY2RhNTQ5YjgyYmRmNWEzZGFmOWYxOGRkNjFmNjZiNDk3M2E2NDgyZQ==
+  authentik-clientid: Nm9oZk1lSndQNWR0YWY1RFMzZU9MY2NNSHF6WXlma1YzRTNGeE5Tbw==
+  authentik-clientsecret: TXV2a0FLQklHR3BkdEsyaFlabVU1dFRaUmNuM2FhRzhoMWhlVE1nazFYOGVwczYyMzNCS0REWGdpNXo0T01RalVzMGZEUEFmakpmVVRNN1h3ZjllMU01MTQyVGlvOXRycUdmZTM1THhPaExEUnp6N2gxSm5jVkNLYXZXUllndmQ=
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
@@ -93,6 +96,16 @@ spec:
             - configMapRef:
                 name: midrandbooks-config
           env:
+            - name: AuthentikSettings__ClientId
+              valueFrom:
+                secretKeyRef:
+                  name: midrandbooksapi-secrets
+                  key: authentik-clientid
+            - name: AuthentikSettings__ClientSecret
+              valueFrom:
+                secretKeyRef:
+                  name: midrandbooksapi-secrets
+                  key: authentik-clientsecret
             - name: BookshopS3Settings__AccessKey
               valueFrom:
                 secretKeyRef: