namespace OpenHarbor.MCP.Gateway.Core.Configuration; ///

/// Configuration for security features (authentication, authorization, rate limiting). ///

public class SecurityConfig { ///

/// Whether to enable authentication. ///

public bool EnableAuthentication { get; set; } = false; ///

/// Authentication scheme: "ApiKey" or "JWT". ///

public string? AuthenticationScheme { get; set; } ///

/// List of valid API keys (for ApiKey authentication). ///

public List? ApiKeys { get; set; } ///

/// JWT secret key (for JWT authentication). ///

public string? JwtSecret { get; set; } ///

/// JWT issuer (for JWT authentication). ///

public string? JwtIssuer { get; set; } ///

/// JWT audience (for JWT authentication). ///

public string? JwtAudience { get; set; } ///

/// Whether to enable authorization. ///

public bool EnableAuthorization { get; set; } = false; ///

/// Client permissions mapping (client ID -> list of allowed operations). ///

public Dictionary>? ClientPermissions { get; set; } ///

/// Whether to enable rate limiting. ///

public bool EnableRateLimiting { get; set; } = false; ///

/// Maximum requests per minute per client. ///

public int RequestsPerMinute { get; set; } = 60; ///

/// Burst size for rate limiting. ///

public int BurstSize { get; set; } = 10; ///

/// Validates the security configuration. ///

/// True if configuration is valid, false otherwise. public bool Validate() { // If authentication is disabled, configuration is valid if (!EnableAuthentication) { return true; } // If authentication is enabled, must have a scheme if (string.IsNullOrEmpty(AuthenticationScheme)) { return false; } // Validate ApiKey scheme if (AuthenticationScheme == "ApiKey") { if (ApiKeys == null || ApiKeys.Count == 0) { return false; } } // Validate JWT scheme if (AuthenticationScheme == "JWT") { if (string.IsNullOrEmpty(JwtSecret)) { return false; } } return true; } }