-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathProgramExtensions.cs
More file actions
126 lines (101 loc) · 4.07 KB
/
ProgramExtensions.cs
File metadata and controls
126 lines (101 loc) · 4.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
using Microsoft.AspNetCore.Http.Features;
using Microsoft.AspNetCore.Server.IISIntegration;
using Microsoft.AspNetCore.Server.Kestrel.Core;
using TestProject.Security;
using TestProject.Services;
using TestProject.Abstractions;
using TestProject.Adapters;
namespace TestProject;
/// <summary>
/// Extension methods for configuring services and middleware
/// </summary>
public static class ProgramExtensions
{
/// <summary>
/// Configure application services including security services
/// </summary>
public static IServiceCollection ConfigureApplicationServices(this IServiceCollection services, IConfiguration configuration)
{
// Configure security options
services.Configure<SecurityOptions>(
configuration.GetSection(SecurityOptions.SectionName));
// Register security services
services.AddSingleton<ISecurityValidationService, SecurityValidationService>();
// Register file system abstraction
services.AddScoped<IFileSystemAdapter, PhysicalFileSystemAdapter>();
// Register application services
services.AddScoped<IFileService, FileSystemService>();
// Register idempotency service
services.AddSingleton<IIdempotencyService, IdempotencyService>();
services.AddMemoryCache();
// Add controllers
services.AddControllers();
// Configure JSON options
services.ConfigureHttpJsonOptions(options =>
{
options.SerializerOptions.PropertyNamingPolicy = null; // Use PascalCase
});
// Add CORS if needed
services.AddCors(options =>
{
options.AddPolicy("FileDialogPolicy", policy =>
{
policy.WithOrigins("http://localhost:3000", "http://localhost:5120") // Adjust as needed
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
});
});
// Add request size limits (cross-platform) handles only multipart form uploads
// The FormOptions is still needed because it has different validation logic for
// multipart uploads specifically.
services.Configure<FormOptions>(options =>
{
options.MultipartBodyLengthLimit = 10 * 1024 * 1024; // 10MB
});
// Configure Kestrel and IIS for self-hosted scenarios
/* - Handle all request types at the serverlevel
- Raw JSON posts, XML, any request body content
*/
//Kestrel
services.Configure<KestrelServerOptions>(options =>
{
options.Limits.MaxRequestBodySize = 10 * 1024 * 1024; // 10MB
});
//IIS
services.Configure<IISServerOptions>(options =>
{
options.MaxRequestBodySize = 10 * 1024 * 1024; // 10MB
});
return services;
}
/// <summary>
/// Configure the HTTP request pipeline with security middleware
/// </summary>
public static WebApplication ConfigureSecurePipeline(this WebApplication app)
{
// Static files should be served from wwwroot by default
app.UseStaticFiles();
// Security headers and middleware should be early in pipeline
app.UseMiddleware<SecurityMiddleware>();
if (app.Environment.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
//this isn't setup -- is just a placeholder
app.UseExceptionHandler("/Error");
app.UseHsts(); // HTTP Strict Transport Security
}
// HTTPS redirection
app.UseHttpsRedirection();
// CORS
app.UseCors("FileDialogPolicy");
// Authentication/Authorization would go here if needed
// app.UseAuthentication();
// app.UseAuthorization();
app.MapControllers();
return app;
}
}