GraeJones01/AdPlatform-Server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revised Gateway
All checks were successful
Gateway / build-deploy (push) Successful in 2m34s
Details

Browse Source
This commit is contained in:
Grae Jones
2026-03-22 07:50:04 -07:00
parent 866ab983c5
commit 8de463cd17
5 changed files with 38 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
Gateway/Program.cs
View File

@@ -13,6 +13,28 @@ var builder = WebApplication.CreateBuilder(args);
var port = Environment.GetEnvironmentVariable("PORT") ?? "8080"; var port = Environment.GetEnvironmentVariable("PORT") ?? "8080";
builder.WebHost.UseUrls($"http://0.0.0.0:{port}"); builder.WebHost.UseUrls($"http://0.0.0.0:{port}");
// --------------------
// CORS — allowed origins from env var, comma-separated
// --------------------
var allowedOrigins = (builder.Configuration["CORS__AllowedOrigins"] ?? "")
.Split(',', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries);
builder.Services.AddCors(options =>
{
options.AddDefaultPolicy(policy =>
{
if (allowedOrigins.Length > 0)
policy.WithOrigins(allowedOrigins)
.AllowAnyHeader()
.AllowAnyMethod();
else
policy.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod();
});
});
// -------------------- // --------------------
// Services // Services
// -------------------- // --------------------
@@ -174,6 +196,9 @@ app.MapGet("/", () => Results.Ok(new
status = "Application Gateway running" status = "Application Gateway running"
})); }));
// CORS — must be before auth middleware
app.UseCors();
// Access logging middleware (captures all requests) // Access logging middleware (captures all requests)
// Placed BEFORE auth so we log even failed auth attempts // Placed BEFORE auth so we log even failed auth attempts
app.UseAccessLogging(); app.UseAccessLogging();

4
Gateway/Security/MultiProviderAuthMiddleware.cs
View File

@@ -250,8 +250,8 @@ public sealed class MultiProviderAuthMiddleware
{ {
// Standard Entra ID — could be CIAM tenant or Staff tenant (Tech, Admin) // Standard Entra ID — could be CIAM tenant or Staff tenant (Tech, Admin)
// Detect by comparing issuer against configured Staff tenant ID // Detect by comparing issuer against configured Staff tenant ID
var staffTenantId = _config["Auth:Microsoft:StaffTenantId"]; var staffTenantId = _config["Auth:Staff:TenantId"];
var staffClientId = _config["Auth:Microsoft:StaffClientId"]; var staffClientId = _config["Auth:Staff:ClientId"];
var isStaff = !string.IsNullOrWhiteSpace(staffTenantId) && var isStaff = !string.IsNullOrWhiteSpace(staffTenantId) &&
jwt.Issuer.Contains(staffTenantId, StringComparison.OrdinalIgnoreCase); jwt.Issuer.Contains(staffTenantId, StringComparison.OrdinalIgnoreCase);

2
Gateway/Services/ImageStorageService.cs
View File

@@ -36,7 +36,7 @@ public class ImageStorageService
_logger = logger; _logger = logger;
_blobClient = blobClient; _blobClient = blobClient;
_containerName = config["BlobStorage:ContainerName"] ?? "creative-images"; _containerName = config["BlobStorage:ContainerName"] ?? "creative-images";
_blobBaseUrl = config["BlobStorage:BaseUrl"] ?? "https://usimadpcreatives.blob.core.windows.net"; _blobBaseUrl = config["BlobStorage:BaseUrl"] ?? string.Empty;
_isConfigured = blobClient != null; _isConfigured = blobClient != null;
if (!_isConfigured) if (!_isConfigured)

25
Gateway/appsettings.json
View File

@@ -6,41 +6,34 @@
} }
}, },
"AllowedHosts": "*", "AllowedHosts": "*",
"Auth": { "Auth": {
"AllowDevBypass": false, "AllowDevBypass": false,
"Microsoft": { "Microsoft": {
"TenantId": "891f98f1-ed34-42a1-9b6c-28b0554d92c2", "TenantId": "891f98f1-ed34-42a1-9b6c-28b0554d92c2",
"ClientId": "154c9111-14a0-4c0f-8132-7bc68254a74e", "ClientId": "154c9111-14a0-4c0f-8132-7bc68254a74e"
"StaffTenantId": "0be4c23a-6941-4bdb-b397-a4faf88de4b3",
"StaffClientId": "b0f29246-91e7-4615-96db-5de9b6f8da2e"
}, },
"EntraId": { "EntraId": {
"Instance": "https://login.microsoftonline.com/", "Instance": "https://PositiveSpendClients.ciamlogin.com/",
"TenantId": "891f98f1-ed34-42a1-9b6c-28b0554d92c2", "TenantId": "891f98f1-ed34-42a1-9b6c-28b0554d92c2",
"ClientId": "154c9111-14a0-4c0f-8132-7bc68254a74e" "ClientId": "154c9111-14a0-4c0f-8132-7bc68254a74e"
} }
}, },
"BlobStorage": { "BlobStorage": {
"ConnectionString": "", "ConnectionString": "",
"ContainerName": "creative-images", "ContainerName": "creative-images",
"BaseUrl": "https://usimadpcreatives.blob.core.windows.net" "BaseUrl": ""
}, },
"MultiChannel": { "MultiChannel": {
"Allocation": { "Allocation": {
"MinMultiChannelMonthlyBudget": 500.00, "MinMultiChannelMonthlyBudget": 500.0,
"MaxChannelsPerInitiative": 5, "MaxChannelsPerInitiative": 5,
"DefaultAllocationStrategy": "template", "DefaultAllocationStrategy": "template",
"PerformanceEvalIntervalDays": 7, "PerformanceEvalIntervalDays": 7,
"PerformanceLookbackDays": 14, "PerformanceLookbackDays": 14,
"PerformanceLearningPeriodDays": 14, "PerformanceLearningPeriodDays": 14,
"MaxAllocationShiftPct": 15.00, "MaxAllocationShiftPct": 15.0,
"MinChannelAllocationPct": 10.00, "MinChannelAllocationPct": 10.0,
"MaxChannelAllocationPct": 80.00 "MaxChannelAllocationPct": 80.0
} }
} }
} }

5
Gateway/appsettings.multiprovider.json
View File

@@ -6,17 +6,14 @@
} }
}, },
"AllowedHosts": "*", "AllowedHosts": "*",
"Auth": { "Auth": {
"AllowDevBypass": false, "AllowDevBypass": false,
"Microsoft": { "Microsoft": {
"TenantId": "891f98f1-ed34-42a1-9b6c-28b0554d92c2", "TenantId": "891f98f1-ed34-42a1-9b6c-28b0554d92c2",
"ClientId": "154c9111-14a0-4c0f-8132-7bc68254a74e" "ClientId": "154c9111-14a0-4c0f-8132-7bc68254a74e"
}, },
"Google": { "Google": {
"ClientId": "" "ClientId": ""
} }
} }
} }