Apply suggestions from code review

Co-authored-by: Bart Koelman <[email protected]>
SteeltoeOSS · Jan 16, 2025 · 0e32e0e · 0e32e0e
1 parent ca44c38
commit 0e32e0e
Show file tree

Hide file tree

Showing 6 changed files with 23 additions and 15 deletions.
diff --git a/api/v4/management/metrics.md b/api/v4/management/metrics.md
@@ -167,7 +167,7 @@ cf register-metrics-endpoint APP-NAME /actuator/metrics --internal-port 8091
 ```
 
 > [!CAUTION]
-> Due to an issue with the cf cli plugin interface, some variations on this command do not work on Windows.
+> Due to an issue with the Cloud Foundry CLI plugin interface, some variations on this command do not work on Windows.
 > If you are a Windows user, you should either use the metric registrar plugin from WSL or use another method.
 
 ### Create User Provided Service

diff --git a/api/v4/management/prometheus.md b/api/v4/management/prometheus.md
@@ -157,7 +157,7 @@ cf register-metrics-endpoint APP-NAME /actuator/prometheus --internal-port 8091
 ```
 
 > [!CAUTION]
-> Due to an issue with the cf cli plugin interface, some variations on this command do not work on Windows.
+> Due to an issue with the Cloud Foundry CLI plugin interface, some variations on this command do not work on Windows.
 > If you are a Windows user, you should either use the metric registrar plugin from WSL or use another method.
 
 #### Create User Provided Service

diff --git a/api/v4/security/certificate.md b/api/v4/security/certificate.md
@@ -78,7 +78,7 @@ builder.Services.AddAuthorizationBuilder()
 
 > [!TIP]
 > Steeltoe configures the certificate forwarding middleware to look for a certificate in the `X-Client-Cert` HTTP header.
-> To change the header name used for authorization, pass your value in when registering the policy: `.AddOrgAndSpacePolicies("Custom-Certificate-Header")`.
+> To change the HTTP header name used for authorization, include it when registering the policy. For example: `.AddOrgAndSpacePolicies("X-Custom-Certificate-Header")`.
 
 To activate certificate-based authorization in the request pipeline, use the `IApplicationBuilder` extension method `UseCertificateAuthorization`:
 
@@ -152,11 +152,11 @@ In order to use app instance identity certificates in a client application, serv
 
 #### IHttpClientFactory integration
 
-For applications that need to send identity certificates in outgoing requests, Steeltoe provides a smooth experience through an extension method for `IHttpClientBuilder` named `AddAppInstanceIdentityCertificate`.
+For applications that need to send identity certificates in outgoing requests, Steeltoe provides a smooth experience through an extension method on `IHttpClientBuilder` named `AddAppInstanceIdentityCertificate`.
 This method invokes code that handles loading certificates from paths defined in the application's configuration, monitors those file paths and their content for changes, and places the certificate in an HTTP header named `X-Client-Cert` on all outbound requests.
 
 > [!TIP]
-> If needed, see the Microsoft documentation on [IHttpClientFactory documentation](https://learn.microsoft.com/aspnet/core/fundamentals/http-requests)
+> If needed, see the Microsoft documentation on [IHttpClientFactory documentation](https://learn.microsoft.com/aspnet/core/fundamentals/http-requests) for details.
 
 ```csharp
 builder.Services.AddHttpClient("AppInstanceIdentity").AddAppInstanceIdentityCertificate();

diff --git a/api/v4/security/jwt-bearer.md b/api/v4/security/jwt-bearer.md
@@ -27,7 +27,7 @@ If you are using Cloud Foundry service bindings, you will also need to add a ref
 
 ### Configure Settings
 
-Since Steeltoe's Jwt Bearer library configures Microsoft's JWT Bearer implementation, all available settings can be found in [`Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerOptions`](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.authentication.jwtbearer.jwtbeareroptions)
+Since Steeltoe's JWT Bearer library configures Microsoft's JWT Bearer implementation, all available settings can be found in [`Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerOptions`](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.authentication.jwtbearer.jwtbeareroptions).
 
 `JwtBearerOptions` is bound to configuration values found under `Authentication:Schemes:Bearer`. The following example shows how to declare the audience for which tokens should be considered valid (such as when a token is issued to a specific web application and then passed to backend services to perform actions on behalf of a user):
 
@@ -48,7 +48,10 @@ Since Steeltoe's Jwt Bearer library configures Microsoft's JWT Bearer implementa
 The Steeltoe package `Steeltoe.Configuration.CloudFoundry` reads Single Sign-On credentials from Cloud Foundry service bindings (`VCAP_SERVICES`) and re-maps them for Microsoft's JwtBearer library to read. Add the configuration provider to your application with this code:
 
 ```csharp
-WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
+using Steeltoe.Configuration.CloudFoundry;
+using Steeltoe.Configuration.CloudFoundry.ServiceBindings;
+
+var builder = WebApplication.CreateBuilder(args);
 
 // Steeltoe: Add Cloud Foundry application and service info to configuration.
 builder.AddCloudFoundryConfiguration();
@@ -80,7 +83,8 @@ A UAA server (such as [UAA Server for Steeltoe samples](https://github.com/Steel
 Since the majority of the JWT Bearer functionality is provided by Microsoft's libraries, the only difference when using Steeltoe will be the addition of calling `ConfigureJwtBearerForCloudFoundry` on the `AuthenticationBuilder`, as shown in the following example:
 
 ```csharp
-using Steeltoe.Security.Authentication.CloudFoundry;
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+using Steeltoe.Security.Authentication.JwtBearer;
 
 // Add Microsoft Authentication services
 builder.Services
@@ -122,7 +126,8 @@ app.Run();
 Once the services and middleware have been configured, you can secure endpoints with the standard ASP.NET Core `Authorize` attribute, as follows:
 
 ```csharp
-using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
 
 [Route("api/[controller]")]
 public class ValuesController : Controller
@@ -153,7 +158,7 @@ cf create-service p-identity SERVICE_PLAN_NAME MY_SERVICE_INSTANCE
 
 If you are using a manifest file when you deploy to Cloud Foundry, [add a service binding reference](https://docs.cloudfoundry.org/devguide/deploy-apps/manifest-attributes.html#services-block).
 
-Alternatively, bind the instance and restage the app with the cf cli:
+Alternatively, bind the instance and restage the app with the Cloud Foundry CLI:
 
 ```shell
 # Bind service to your app
@@ -171,13 +176,13 @@ If Single Sign-On for Tanzu is not available or desired for your application, yo
 
 There is no service broker available to manage service instances or bindings for UAA, so a [user provided service instance](https://docs.cloudfoundry.org/devguide/services/user-provided.html) should be used to hold the credentials.
 
-This command is an example of how the binding could be created:
+The following command is an example of how the binding could be created:
 
 ```shell
 cf cups MY_SERVICE_INSTANCE -p '{"auth_domain": "https://uaa.login.sys.cf-app.com","grant_types": [ "authorization_code", "client_credentials" ],"client_secret": "SOME_CLIENT_SECRET","client_id": "SOME_CLIENT_ID"}'
 ```
 
-And this command is an example of how to bind the service instance to the app:
+And the command below is an example of how to bind the service instance to the app:
 
 ```shell
 cf bind-service MY_APPLICATION MY_SERVICE_INSTANCE

diff --git a/api/v4/security/redis-key-storage-provider.md b/api/v4/security/redis-key-storage-provider.md
@@ -29,7 +29,7 @@ Add the configuration provider to your application with this code:
 ```csharp
 using Steeltoe.Configuration.CloudFoundry;
 
-WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
+var builder = WebApplication.CreateBuilder(args);
 builder.AddCloudFoundryConfiguration();
 ```
 

diff --git a/api/v4/security/sso-open-id.md b/api/v4/security/sso-open-id.md
@@ -48,7 +48,10 @@ Since Steeltoe's OpenID Connect library configures Microsoft's OpenID Connect im
 The Steeltoe package `Steeltoe.Configuration.CloudFoundry` reads Single Sign-On credentials from Cloud Foundry service bindings (`VCAP_SERVICES`) and re-maps them for Microsoft's OpenID Connect to read. Add the configuration provider to your application with this code:
 
 ```csharp
-WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
+using Steeltoe.Configuration.CloudFoundry;
+using Steeltoe.Configuration.CloudFoundry.ServiceBindings;
+
+var builder = WebApplication.CreateBuilder(args);
 
 // Steeltoe: Add Cloud Foundry application and service info to configuration.
 builder.AddCloudFoundryConfiguration();
@@ -172,7 +175,7 @@ cf create-service p-identity SERVICE_PLAN_NAME MY_SERVICE_INSTANCE
 
 If you are using a manifest file when you deploy to Cloud Foundry, [add a service binding reference](https://docs.cloudfoundry.org/devguide/deploy-apps/manifest-attributes.html#services-block).
 
-Alternatively, bind the instance and restage the app with the cf cli:
+Alternatively, bind the instance and restage the app with the Cloud Foundry CLI:
 
 ```shell
 # Bind service to your app