feat(bff): BFF with one endpoint per portal + OIDC validation (closes #8) #64
@@ -9,7 +9,10 @@ public static class OpenbaarProjection
|
|||||||
{
|
{
|
||||||
public static IReadOnlyList<OpenbaarEntry> PublicView(IReadOnlyList<ProjectionEntry> entries, string? q)
|
public static IReadOnlyList<OpenbaarEntry> PublicView(IReadOnlyList<ProjectionEntry> entries, string? q)
|
||||||
{
|
{
|
||||||
// STUB (red): returns nothing until the green commit implements filter + public-safe mapping.
|
var filtered = string.IsNullOrWhiteSpace(q)
|
||||||
return [];
|
? entries
|
||||||
|
: entries.Where(e => e.Id.Contains(q, StringComparison.OrdinalIgnoreCase));
|
||||||
|
|
||||||
|
return [.. filtered.Select(e => new OpenbaarEntry(e.Id, e.Status))];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
using System.Security.Claims;
|
||||||
using Bff.Api;
|
using Bff.Api;
|
||||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||||
|
|
||||||
@@ -36,9 +37,24 @@ app.UseAuthorization();
|
|||||||
app.MapHealthChecks("/health");
|
app.MapHealthChecks("/health");
|
||||||
app.MapOpenApi();
|
app.MapOpenApi();
|
||||||
|
|
||||||
// STUB (red): no auth requirement, no downstream call, no filtering.
|
// Self-service submit: requires a valid digid token; the bsn comes from the token, not the body,
|
||||||
app.MapPost("/self-service/registrations", () => Results.Ok());
|
// and is forwarded to the domain (ADR-0010). Returns 202 — the zaak is opened asynchronously (S-05).
|
||||||
app.MapGet("/openbaar/register", (string? q) => Results.Ok(Array.Empty<OpenbaarEntry>()));
|
app.MapPost("/self-service/registrations", async (ClaimsPrincipal user, IDomainClient domain, CancellationToken ct) =>
|
||||||
|
{
|
||||||
|
var bsn = user.FindFirstValue("bsn");
|
||||||
|
if (string.IsNullOrWhiteSpace(bsn))
|
||||||
|
return Results.BadRequest("The token carries no bsn claim.");
|
||||||
|
|
||||||
|
var accepted = await domain.SubmitRegistrationAsync(bsn, ct);
|
||||||
|
return Results.Accepted($"/self-service/registrations/{accepted.RegistrationId}", accepted);
|
||||||
|
}).RequireAuthorization();
|
||||||
|
|
||||||
|
// Openbaar register: an anonymous public lookup that exposes only public-safe fields (S-09).
|
||||||
|
app.MapGet("/openbaar/register", async (string? q, IProjectionClient projection, CancellationToken ct) =>
|
||||||
|
{
|
||||||
|
var entries = await projection.GetRegisterAsync(ct);
|
||||||
|
return Results.Ok(OpenbaarProjection.PublicView(entries, q));
|
||||||
|
});
|
||||||
|
|
||||||
app.Run();
|
app.Run();
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user