Add optional auth, add some notes on how to use

README.md

@@ -32,4 +32,45 @@ Demonstrate how to build a web based system with multiple interdependent compone
 
 # How to use
 
-- `POST /check-seo` with payload `{}`
+Setup the appsettings.json for required WincherAuth and WincherApi configs.
+
+```bash
+# signup
+curl --location 'http://localhost:5055/signup' \
+--header 'Content-Type: application/json' \
+--header 'Authorization: ••••••' \
+--data '{
+    "Username": "test2",
+    "Password": "test"
+}'
+
+# login
+curl --location 'http://localhost:5065/login' \
+--header 'Content-Type: application/json' \
+--header 'Authorization: ••••••' \
+--data '{
+    "Username": "test2",
+    "Password": "test"
+}'
+
+# Check if authorized
+curl --location 'http://localhost:5055/check-auth' \
+--header 'Authorization: Bearer eyJhbG...'
+
+# Make SEO check
+curl --location 'http://localhost:5055/seo-check' \
+--header 'Content-Type: application/json' \
+--header 'Authorization: Bearer eyJhbG...' \
+--data '{
+    "Url": "http://www.advtechdays.com",
+    "Keywords": ["technology"]
+}'
+
+# Read all checks
+curl --location 'http://localhost:5055/seo-checks' \
+ --header 'Authorization: Bearer eyJhbG...'
+
+# Read a specific SEO check
+curl --location 'http://localhost:5055/seo-check/67484a730f012a66a82b6e76' \
+ --header 'Authorization: Bearer eyJhbG...'
+```

src/DotnetIntegrationTested.ExternalApis/Http/Wincher/V1/HttpClient.cs

@@ -6,6 +6,7 @@
 using DotnetIntegrationTested.ExternalApis.Http.Wincher.V1.Endpoints.PostOnPageSeoChecks;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Logging;
 using Nito.AsyncEx;
 
 namespace DotnetIntegrationTested.ExternalApis.Http.Wincher.V1;
@@ -44,6 +45,7 @@ public sealed class WincherHttpClientV1
 {
   private readonly IJsonSerializer _jsonSerializer;
   private readonly IConfiguration _config;
+  private readonly ILogger<WincherHttpClientV1> _logger;
   private readonly AsyncLock _lock = new();
   private string? _accessToken;
 
@@ -55,28 +57,42 @@ public WincherHttpClientV1(
     HttpClient httpHttpClient,
     IHttpClientFactory httpClientFactory,
     IJsonSerializer jsonSerializer,
-    IConfiguration config
+    IConfiguration config,
+    ILogger<WincherHttpClientV1> logger
   )
   {
     HttpClient = httpHttpClient;
     AuthHttpClient = httpClientFactory.CreateClient(ServiceCollectionExtensions.AuthClientName);
     _jsonSerializer = jsonSerializer;
     _config = config;
+    _logger = logger;
   }
 
   public async Task<(
     PostOnPageSeoChecksRequestResponse? Result,
     HttpStatusCode HttpResonseCode
   )> PostOnPageSeoChecksAsync(PostOnPageSeoChecksRequest payload, CancellationToken ct)
   {
-    var (accessToken, _) = await PostLoginAsync(ct);
-    if (accessToken is null)
+    var skipAuth = _config.GetValue<bool>("WincherAuth:Skip");
+
+    string? accessToken = null;
+    if (!skipAuth)
     {
-      throw new UnauthorizedAccessException("API access unauthorized");
+      (accessToken, _) = await PostLoginAsync(ct);
     }
 
-    HttpClient.DefaultRequestHeaders.Remove("Authorization");
-    HttpClient.DefaultRequestHeaders.Add("Authorization", $"Bearer {accessToken}");
+    if (accessToken is null)
+    {
+      _logger.LogInformation("Not using Wincher auth");
+    }
+    else
+    {
+      HttpClient.DefaultRequestHeaders.Remove("Authorization");
+      if (HttpClient.DefaultRequestHeaders.Authorization is not null)
+      {
+        HttpClient.DefaultRequestHeaders.Add("Authorization", $"Bearer {accessToken}");
+      }
+    }
 
     var response = await HttpClient.PostAsJsonAsync(
       _config["WincherApi:Paths:PostOnPageSeoChecks"]!,