From f19fc45c40c69f728dae62b060342e17c9e6c4d3 Mon Sep 17 00:00:00 2001
From: StuartFerguson <stuart_ferguson1development@outlook.com>
Date: Sun, 8 Feb 2026 19:04:26 +0000
Subject: [PATCH] Read client credentials from config, not hardcoded

ClientId and ClientSecret are now loaded from appsettings.json and appsettings.Test.json using a configuration reader, improving flexibility and security. ApiClient constructor updated accordingly. Added Shared package dependency. Commented-out credential lines added for reference in test config.
---
 EstateManagementUI.BlazorServer/appsettings.Test.json     | 4 +++-
 EstateManagementUI.BlazorServer/appsettings.json          | 4 +++-
 EstateManagmentUI.BusinessLogic/Client/DateMethods.cs     | 8 ++++++--
 .../EstateManagementUI.BusinessLogic.csproj               | 1 +
 4 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/EstateManagementUI.BlazorServer/appsettings.Test.json b/EstateManagementUI.BlazorServer/appsettings.Test.json
index f1ca1f50..efcdd8bc 100644
--- a/EstateManagementUI.BlazorServer/appsettings.Test.json
+++ b/EstateManagementUI.BlazorServer/appsettings.Test.json
@@ -11,7 +11,9 @@
     "SecurityServicePort": null,
     "HttpClientIgnoreCertificateErrors": false,
     "TestMode": true,
-    "TestUserRole": "Estate"
+    "TestUserRole": "Estate",
+    //"ClientId": "estateUIClient",
+    //"ClientSecret": "Secret1"
   },
   "Authentication": {
     "Authority": "https://localhost:5001",
diff --git a/EstateManagementUI.BlazorServer/appsettings.json b/EstateManagementUI.BlazorServer/appsettings.json
index 643f32d8..b646592b 100644
--- a/EstateManagementUI.BlazorServer/appsettings.json
+++ b/EstateManagementUI.BlazorServer/appsettings.json
@@ -14,7 +14,9 @@
     "TransactionProcessorApi": "http://127.0.0.1:5002",
     "EstateReportingApi": "http://127.0.0.1:5011",
     "FileProcessorApi": "http://127.0.0.1:5009",
-    "SecurityService": "https://127.0.0.1:5001"
+    "SecurityService": "https://127.0.0.1:5001",
+    "ClientId": "serviceClient",
+    "ClientSecret": "d192cbc46d834d0da90e8a9d50ded543"
   },
   "Authentication": {
     "Authority": "https://localhost:5001",
diff --git a/EstateManagmentUI.BusinessLogic/Client/DateMethods.cs b/EstateManagmentUI.BusinessLogic/Client/DateMethods.cs
index eb79b5ad..71403636 100644
--- a/EstateManagmentUI.BusinessLogic/Client/DateMethods.cs
+++ b/EstateManagmentUI.BusinessLogic/Client/DateMethods.cs
@@ -10,6 +10,7 @@
 using System.Collections.Generic;
 using System.Text;
 using System.Threading;
+using Shared.General;
 using TransactionProcessor.Client;
 
 namespace EstateManagementUI.BusinessLogic.Client
@@ -24,7 +25,8 @@ public partial class ApiClient : IApiClient {
         private readonly ISecurityServiceClient SecurityServiceClient;
         private readonly ITransactionProcessorClient TransactionProcessorClient;
 
-        public ApiClient(IEstateReportingApiClient estateReportingApiClient, ISecurityServiceClient securityServiceClient,
+        public ApiClient(IEstateReportingApiClient estateReportingApiClient, 
+                         ISecurityServiceClient securityServiceClient,
                          ITransactionProcessorClient transactionProcessorClient) {
             this.EstateReportingApiClient = estateReportingApiClient;
             this.SecurityServiceClient = securityServiceClient;
@@ -50,7 +52,9 @@ public async Task<Result<List<ComparisonDateModel>>> GetComparisonDates(Queries.
         private async Task<Result<String>> GetToken(CancellationToken cancellationToken) {
             // Get a token here 
             // TODO: Add caching
-            Result<TokenResponse>? token = await this.SecurityServiceClient.GetToken("serviceClient", "d192cbc46d834d0da90e8a9d50ded543", cancellationToken);
+            var clientId = ConfigurationReader.GetValueOrDefault("AppSettings", "ClientId", "");
+            var clientSecret = ConfigurationReader.GetValueOrDefault("AppSettings", "ClientSecret", "");
+            Result<TokenResponse>? token = await this.SecurityServiceClient.GetToken(clientId, clientSecret, cancellationToken);
             if (token.IsFailed)
                 return ResultHelpers.CreateFailure(token);
             return Result.Success<String>(token.Data.AccessToken);
diff --git a/EstateManagmentUI.BusinessLogic/EstateManagementUI.BusinessLogic.csproj b/EstateManagmentUI.BusinessLogic/EstateManagementUI.BusinessLogic.csproj
index 317bd052..652c0516 100644
--- a/EstateManagmentUI.BusinessLogic/EstateManagementUI.BusinessLogic.csproj
+++ b/EstateManagmentUI.BusinessLogic/EstateManagementUI.BusinessLogic.csproj
@@ -9,6 +9,7 @@
 		<PackageReference Include="ClientProxyBase" Version="2025.12.2" />
 		<PackageReference Include="MediatR" Version="14.0.0" />
 		<PackageReference Include="SecurityService.Client" Version="2025.12.2" />
+		<PackageReference Include="Shared" Version="2025.12.2" />
 		<PackageReference Include="Shared.Results" Version="2025.12.2" />
 		<PackageReference Include="SimpleResults" Version="4.0.0" />
 		<PackageReference Include="TransactionProcessor.Client" Version="2025.12.1" />