Revised Registration

Registration/Program.cs

@@ -1,29 +1,25 @@
-using Microsoft.Azure.Functions.Worker;           // ← SWAP: remove for AspNetCore
-using Microsoft.Extensions.Configuration;
-using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.Hosting;
-using Microsoft.Identity.Web;
-using Registration.Data;
-using Registration.Mock;
-
 // ─────────────────────────────────────────────────────────────────────────────
 // Shared service registrations — identical in both hosting modes.
 // Never changes regardless of which block is active below.
 // ─────────────────────────────────────────────────────────────────────────────
+using Microsoft.Identity.Web;
+using Registration.Data;
+
 void ConfigureServices(IServiceCollection services, IConfiguration config)
 {
     // JWT authentication — Entra External ID (CIAM)
-    // Validates Bearer tokens issued by usimclients.ciamlogin.com.
-    // AzureAd config comes from local.settings.json (Functions) or
-    // appsettings.json / environment variables (AspNetCore).
+    // Validates Bearer tokens issued by PositiveSpendClients.ciamlogin.com.
+    // Config keys:  AzureAd:Instance / TenantId / ClientId / Audience
+    // In ASP.NET Core mode:  appsettings.json + env vars (AzureAd__*)
+    // In Functions mode:     local.settings.json AzureAd section (dev only)
     services.AddAuthentication()
         .AddMicrosoftIdentityWebApi(config.GetSection("AzureAd"));
 
     services.AddAuthorization();
 
-    // Data layer — swap between MockDataService (no DB) and SqlDataService (dbRegistration).
+    // Data layer — swap here to flip between mock (no DB) and real DB.
     // MockDataService:  no connection string required, seeds 4 test applicants.
-    // SqlDataService:   requires ConnectionStrings:Sql pointed at dbRegistration.
+    // SqlDataService:   requires ConnectionStrings:Sql → dbRegistration on 10.10.99.212
     //                   Calls dbo.spRegistration with @action/@rqst/@resp OUTPUT pattern.
     services.AddSingleton<SqlService>();
     services.AddSingleton<IRegistrationDataService, SqlDataService>();
@@ -32,45 +28,51 @@ void ConfigureServices(IServiceCollection services, IConfiguration config)
 }
 
 // ═════════════════════════════════════════════════════════════════════════════
-// SWAP: Azure Functions host
+// SWAP: ASP.NET Core host  ◄ ACTIVE
+// Running in docker-compose as registration:8080 behind nginx / Gateway.
+// Dockerfile: mcr.microsoft.com/dotnet/aspnet:8.0  ← matches this mode.
+// ═════════════════════════════════════════════════════════════════════════════
+var builder = WebApplication.CreateBuilder(args);
+
+ConfigureServices(builder.Services, builder.Configuration);
+builder.Services.AddControllers();
+
+// CORS — reads CORS:AllowedOrigins from appsettings.json or env var CORS__AllowedOrigins.
+// Comma-separated list. Matches the value already in docker-compose .env:
+//   CORS__AllowedOrigins=https://client.positivespend.com,https://portal.positivespend.com,...
+builder.Services.AddCors(options => options.AddDefaultPolicy(policy =>
+    policy.WithOrigins(
+            (builder.Configuration["CORS:AllowedOrigins"] ?? "")
+                .Split(',', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries)
+        )
+        .AllowAnyHeader()
+        .AllowAnyMethod()));
+
+var app = builder.Build();
+
+app.UseCors();
+app.UseAuthentication();
+app.UseAuthorization();
+app.MapControllers();
+
+await app.RunAsync();
+
+// ═════════════════════════════════════════════════════════════════════════════
+// SWAP: Azure Functions host  ◄ INACTIVE — uncomment to restore
 // Active when deployed to Azure Functions or running via: func start
-// ═════════════════════════════════════════════════════════════════════════════
-var host = new HostBuilder()
-    .ConfigureFunctionsWebApplication()
-    .ConfigureServices((ctx, services) =>
-    {
-        services.AddApplicationInsightsTelemetryWorkerService();
-        services.ConfigureFunctionsApplicationInsights();
-        ConfigureServices(services, ctx.Configuration);
-    })
-    .Build();
-
-host.Run();
-
-// ═════════════════════════════════════════════════════════════════════════════
-// SWAP: ASP.NET Core host
-// Active when running in podman-compose or dotnet run (self-hosted).
 // Also update RegistrationFunctions.cs and Registration.csproj.
 // ═════════════════════════════════════════════════════════════════════════════
-// var builder = WebApplication.CreateBuilder(args);
-// 
-// ConfigureServices(builder.Services, builder.Configuration);
-// builder.Services.AddControllers();
-// 
-// // CORS — replace with actual client origin in production
-// builder.Services.AddCors(options => options.AddDefaultPolicy(policy =>
-//     policy.WithOrigins(
-//             builder.Configuration["Cors:AllowedOrigin"] ?? "http://localhost:3001"
-//         )
-//         .AllowAnyHeader()
-//         .AllowAnyMethod()));
-// 
-// var app = builder.Build();
-// 
-// app.UseCors();
-// app.UseAuthentication();
-// app.UseAuthorization();
-// app.MapControllers();
-// 
-// await app.RunAsync();
-// ─────────────────────────────────────────────────────────────────────────────
+// using Microsoft.Azure.Functions.Worker;
+//
+// var host = new HostBuilder()
+//     .ConfigureFunctionsWebApplication()
+//     .ConfigureServices((ctx, services) =>
+//     {
+//         services.AddApplicationInsightsTelemetryWorkerService();
+//         services.ConfigureFunctionsApplicationInsights();
+//         ConfigureServices(services, ctx.Configuration);
+//     })
+//     .Build();
+//
+// host.Run();
+// ─────────────────────────────────────────────────────────────────────────────