Refactor JWT auth scheme configuration

Replaced hardcoded per-envelope receiver JWT auth scheme string with a new `AuthScheme` static class containing a `Receiver` constant. Updated `Program.cs` to use `AuthScheme.Receiver` for authentication and policy configuration. Removed redundant comments and unused constants. Added necessary `using` directive for `AuthScheme`.
2026-06-10 17:14:46 +02:00
parent fc7aa83513
commit a6e174e7c1
2 changed files with 15 additions and 5 deletions
--- a/EnvelopeGenerator.API/Program.cs
+++ b/EnvelopeGenerator.API/Program.cs
@@ -21,6 +21,7 @@ using EnvelopeGenerator.API.Options;
 using NLog.Web;
 using NLog;
 using DigitalData.Auth.Claims;
+using EnvelopeGenerator.API;

 var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
 logger.Info("Logging initialized!");
@@ -130,9 +131,6 @@ try

    var authTokenKeys = config.GetOrDefault<AuthTokenKeys>();

-    // Scheme name used for per-envelope receiver JWT authentication.
-    const string EnvelopeReceiverScheme = "EnvelopeReceiverJwt";
-
    builder.Services.AddAuthentication(options =>
    {
        options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
@@ -176,7 +174,7 @@ try
        // last path segment of the request URL.
        // This enables simultaneous authentication for multiple envelopes
        // within the same browser session.
-        .AddJwtBearer(EnvelopeReceiverScheme, opt =>
+        .AddJwtBearer(AuthScheme.Receiver, opt =>
        {
            opt.TokenValidationParameters = new TokenValidationParameters
            {
@@ -245,7 +243,7 @@ try
        .AddPolicy(AuthPolicy.Sender, policy => policy.RequireRole(Role.Sender))

        .AddPolicy(AuthPolicy.Receiver, policy => policy
-            .AddAuthenticationSchemes(EnvelopeReceiverScheme)
+            .AddAuthenticationSchemes(AuthScheme.Receiver)
            .RequireAuthenticatedUser()
            .RequireRole(Role.Receiver.Full, "receiver"))