3.0.1

Author: aliaksandrzianevich

samples/snglrtycrvtureofspce.Core.Samples.BasicApi/Program.cs

@@ -31,8 +31,7 @@ public static void Main(string[] args)
 
         // Sample endpoints
         app.MapGet("/", () => "Hello from snglrtycrvtureofspce.Core!")
-            .WithName("GetRoot")
-            .WithOpenApi();
+            .WithName("GetRoot");
 
         app.MapGet("/error/notfound", () =>
         {

src/snglrtycrvtureofspce.Core/Extensions/CorsExtensions.cs

@@ -0,0 +1,78 @@
+using Microsoft.AspNetCore.Cors.Infrastructure;
+using Microsoft.Extensions.DependencyInjection;
+using snglrtycrvtureofspce.Core.Microservices.Core.Configurations;
+
+namespace snglrtycrvtureofspce.Core.Extensions;
+
+/// <summary>
+/// Extension methods for configuring CORS in the DI container.
+/// </summary>
+public static class CorsExtensions
+{
+    /// <summary>
+    /// Adds CORS policy configuration to the service collection.
+    /// </summary>
+    /// <param name="services">The service collection.</param>
+    /// <param name="corsPolicy">The CORS policy options.</param>
+    /// <param name="policyName">The name of the CORS policy. Defaults to "AllowAll".</param>
+    /// <returns>The service collection.</returns>
+    /// <exception cref="ArgumentNullException">Thrown when <paramref name="corsPolicy"/> is null.</exception>
+    public static IServiceCollection AddCorsPolicy(
+        this IServiceCollection services,
+        CorsPolicyOptions corsPolicy,
+        string policyName = "AllowAll")
+    {
+        ArgumentNullException.ThrowIfNull(corsPolicy);
+
+        services.AddCors(options => options.AddPolicy(policyName, corsPolicyBuilder =>
+        {
+            ConfigureOrigins(corsPolicyBuilder, corsPolicy.AllowAnyOrigin, corsPolicy.AllowedOrigins);
+            ConfigureMethods(corsPolicyBuilder, corsPolicy.AllowAnyMethod, corsPolicy.AllowedMethods);
+            ConfigureHeaders(corsPolicyBuilder, corsPolicy.AllowAnyHeader, corsPolicy.AllowedHeaders);
+
+            if (corsPolicy.AllowCredentials)
+            {
+                corsPolicyBuilder.AllowCredentials();
+            }
+
+        }));
+
+        return services;
+    }
+
+    private static void ConfigureOrigins(CorsPolicyBuilder builder, bool allowAny, List<string>? allowed)
+    {
+        if (allowAny || allowed is not { Count: > 0 })
+        {
+            builder.AllowAnyOrigin();
+        }
+        else
+        {
+            builder.WithOrigins(allowed.ToArray());
+        }
+    }
+
+    private static void ConfigureMethods(CorsPolicyBuilder builder, bool allowAny, List<string>? allowed)
+    {
+        if (allowAny || allowed is not { Count: > 0 })
+        {
+            builder.AllowAnyMethod();
+        }
+        else
+        {
+            builder.WithMethods(allowed.ToArray());
+        }
+    }
+
+    private static void ConfigureHeaders(CorsPolicyBuilder builder, bool allowAny, List<string>? allowed)
+    {
+        if (allowAny || allowed is not { Count: > 0 })
+        {
+            builder.AllowAnyHeader();
+        }
+        else
+        {
+            builder.WithHeaders(allowed.ToArray());
+        }
+    }
+}

src/snglrtycrvtureofspce.Core/Extensions/ServiceCollectionExtensions.cs

@@ -39,18 +39,16 @@ public static IServiceCollection AddCore(this IServiceCollection services, param
     /// <returns>The service collection.</returns>
     public static IServiceCollection AddValidators(this IServiceCollection services, params Assembly[] assemblies)
     {
-        foreach (var assembly in assemblies)
-        {
-            var validatorTypes = assembly.GetTypes()
+        var validatorTypes = assemblies
+            .SelectMany(assembly => assembly.GetTypes()
                 .Where(t => !t.IsAbstract && !t.IsGenericTypeDefinition)
                 .SelectMany(t => t.GetInterfaces()
                     .Where(i => i.IsGenericType && i.GetGenericTypeDefinition() == typeof(IValidator<>))
-                    .Select(i => new { Interface = i, Implementation = t }));
+                    .Select(i => new { Interface = i, Implementation = t })));
 
-            foreach (var validator in validatorTypes)
-            {
-                services.AddTransient(validator.Interface, validator.Implementation);
-            }
+        foreach (var validator in validatorTypes)
+        {
+            services.AddTransient(validator.Interface, validator.Implementation);
         }
 
         return services;

src/snglrtycrvtureofspce.Core/Filters/LoggingBehavior.cs

@@ -47,7 +47,7 @@ public async Task<TResponse> Handle(
 
         try
         {
-            var response = await next();
+            var response = await next(cancellationToken);
 
             stopwatch.Stop();
             var elapsedMs = stopwatch.ElapsedMilliseconds;

src/snglrtycrvtureofspce.Core/Filters/RequestValidationBehavior.cs

@@ -49,7 +49,9 @@ public async Task<TResponse> Handle(
         ArgumentNullException.ThrowIfNull(next);
 
         if (!validators.Any())
+        {
             return await next(cancellationToken);
+        }
 
         var context = new ValidationContext<TRequest>(request);
 
@@ -63,7 +65,9 @@ public async Task<TResponse> Handle(
             .ToList();
 
         if (failures.Count > 0)
+        {
             throw new ValidationException(failures);
+        }
 
         return await next(cancellationToken);
     }

src/snglrtycrvtureofspce.Core/Microservices/Core/Configurations/CorsConfiguration.cs

@@ -0,0 +1,80 @@
+namespace snglrtycrvtureofspce.Core.Microservices.Core.Configurations;
+
+/// <summary>
+/// CORS policy configuration options.
+/// This class defines the settings for configuring Cross-Origin Resource Sharing (CORS) policies in ASP.NET Core applications.
+/// </summary>
+public class CorsPolicyOptions
+{
+    /// <summary>
+    /// Gets or sets a value indicating whether any origin is allowed.
+    /// When set to true, the CORS policy allows requests from any origin.
+    /// When set to false, only origins specified in <see cref="AllowedOrigins"/> are permitted.
+    /// </summary>
+    /// <remarks>
+    /// Default value is true for development convenience, but should be set to false in production with specific allowed origins.
+    /// </remarks>
+    public bool AllowAnyOrigin { get; set; } = true;
+
+    /// <summary>
+    /// Gets or sets a value indicating whether any HTTP method is allowed.
+    /// When set to true, the CORS policy allows all HTTP methods (GET, POST, PUT, DELETE, etc.).
+    /// When set to false, only methods specified in <see cref="AllowedMethods"/> are permitted.
+    /// </summary>
+    /// <remarks>
+    /// Default value is true. For security, consider restricting to specific methods in production.
+    /// </remarks>
+    public bool AllowAnyMethod { get; set; } = true;
+
+    /// <summary>
+    /// Gets or sets a value indicating whether any header is allowed.
+    /// When set to true, the CORS policy allows all request headers.
+    /// When set to false, only headers specified in <see cref="AllowedHeaders"/> are permitted.
+    /// </summary>
+    /// <remarks>
+    /// Default value is true. Common practice is to allow specific headers like "Content-Type", "Authorization", etc.
+    /// </remarks>
+    public bool AllowAnyHeader { get; set; } = true;
+
+    /// <summary>
+    /// Gets or sets a value indicating whether credentials (cookies, authorization headers) are allowed.
+    /// When set to true, the CORS policy allows credentials to be included in cross-origin requests.
+    /// </summary>
+    /// <remarks>
+    /// This should only be enabled when necessary, as it reduces security. When enabled, <see cref="AllowAnyOrigin"/> should be false.
+    /// </remarks>
+    public bool AllowCredentials { get; set; }
+
+    /// <summary>
+    /// Gets or sets the list of allowed origins.
+    /// This property is used when <see cref="AllowAnyOrigin"/> is false.
+    /// </summary>
+    /// <example>
+    /// <code>
+    /// AllowedOrigins = new List&lt;string&gt; { "https://example.com", "https://api.example.com" }
+    /// </code>
+    /// </example>
+    public List<string>? AllowedOrigins { get; set; }
+
+    /// <summary>
+    /// Gets or sets the list of allowed HTTP methods.
+    /// This property is used when <see cref="AllowAnyMethod"/> is false.
+    /// </summary>
+    /// <example>
+    /// <code>
+    /// AllowedMethods = new List&lt;string&gt; { "GET", "POST", "PUT" }
+    /// </code>
+    /// </example>
+    public List<string>? AllowedMethods { get; set; }
+
+    /// <summary>
+    /// Gets or sets the list of allowed headers.
+    /// This property is used when <see cref="AllowAnyHeader"/> is false.
+    /// </summary>
+    /// <example>
+    /// <code>
+    /// AllowedHeaders = new List&lt;string&gt; { "Content-Type", "Authorization", "X-Custom-Header" }
+    /// </code>
+    /// </example>
+    public List<string>? AllowedHeaders { get; set; }
+}

src/snglrtycrvtureofspce.Core/snglrtycrvtureofspce.Core.csproj

@@ -2,6 +2,7 @@
 
     <PropertyGroup>
         <TargetFramework>net10.0</TargetFramework>
+        <LangVersion>14</LangVersion>
         <OutputType>Library</OutputType>
         <IsPackable>true</IsPackable>
         <GeneratePackageOnBuild>true</GeneratePackageOnBuild>