Address review comments

DanielLarsenNZ · DanielLarsenNZ · commit 18f424de008a · 2022-01-11T17:15:14.000+13:00
diff --git a/bicep/parameters.json b/bicep/parameters.json
@@ -12,12 +12,12 @@
       }
     },
     "sqlAdminLogin": {
-      "value": "wviriya"
+      "value": ""
     },
     "sqlAdminPassword": {
       "reference": {
         "keyVault": {
-          "id": "/subscriptions/10fe34c7-c442-46d8-b43f-2c92651e6545/resourceGroups/common-rg/providers/Microsoft.KeyVault/vaults/wviriya-kv"
+          "id": ""
         },
         "secretName": "sqlAdminPassword"
       }
diff --git a/documentation/setup.md b/documentation/setup.md
@@ -170,6 +170,8 @@ There are 4 ways to provision the required resources:
 
 ### Manual via the Portal
 
+> ⚠️ Manual provisioning docs are obsolete will be deprecated soon. Please use [Bicep provisioning](#deploy-from-bicep) instead.
+
 Log in to the [Azure portal](https://portal.azure.com).
 
 #### Create the Resource Group
@@ -641,6 +643,8 @@ Once completed, please jump to the [setup](#setup) section to continue.
 
 ### Cake Provision
 
+> ⚠️ Cake provisioning support and docs will be deprecated soon. Please use [Bicep provisioning](#deploy-from-bicep) instead.
+
 The `Cake` script responsible to `deploy` and `provision` is included in the `dotnet` source directory. In order to run the Cake Script locally and deploy to your Azure Subscription, there are some pre-requisites:
 
 1. Create a service principal that can be used to authenticate the script to use your Azure subscription. This can be easily accomplished using the following PowerShell script:
diff --git a/dotnet/ServerlessMicroservices.Shared/Services/TokenValidationService.cs b/dotnet/ServerlessMicroservices.Shared/Services/TokenValidationService.cs
@@ -90,9 +90,10 @@ async Task<ClaimsPrincipal> ValidateJwt(string token)
             {
                 var handler = new JwtSecurityTokenHandler();
                 handler.InboundClaimTypeMap.Clear();
-
+#if DEBUG
                 // Debugging purposes only, set this to false for production
                 Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;
+#endif
 
                 try
                 {
diff --git a/test/settings.example.js b/test/settings.example.js
@@ -1,10 +1,10 @@
 // Auth
-window.authClientId = 'a298b04d-dbe2-4fc8-8191-b64c1fd287e2';
-window.authAuthority = 'https://wviriyab2c.b2clogin.com/wviriyab2c.onmicrosoft.com/B2C_1_default-signin';
-window.knownAuthority = 'wviriyab2c.b2clogin.com';
+window.authClientId = '';
+window.authAuthority = 'https://{tenant_name}.b2clogin.com/{tenant_name}.onmicrosoft.com/{policy_name}';
+window.knownAuthority = '{tenant_name}.b2clogin.com';
 window.redirectUri = 'http://localhost:4280';
-window.loginScopes = ['https://wviriyab2c.onmicrosoft.com/509b5353-3a44-4d09-85ed-64bf2e30ccb8/rideshare'];
-window.apiScopes = ['https://wviriyab2c.onmicrosoft.com/509b5353-3a44-4d09-85ed-64bf2e30ccb8/rideshare'];
+window.loginScopes = ['openid', '{api_scope}'];  // e.g. 'https://rideshare.onmicrosoft.com/serverless-spa-api/Rides.ReadWrite'
+window.apiScopes = ['{api_scopes}'];  // e.g. 'https://rideshare.onmicrosoft.com/serverless-spa-api/Rides.ReadWrite'
 window.authEnabled = true;
 
 

Original file line number	Diff line number	Diff line change
`@@ -90,9 +90,10 @@ async Task<ClaimsPrincipal> ValidateJwt(string token)`
`90`	`90`	`{`
`91`	`91`	`var handler = new JwtSecurityTokenHandler();`
`92`	`92`	`handler.InboundClaimTypeMap.Clear();`
`93`		`-`
	`93`	`+#if DEBUG`
`94`	`94`	`// Debugging purposes only, set this to false for production`
`95`	`95`	`Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true;`
	`96`	`+#endif`
`96`	`97`
`97`	`98`	`try`
`98`	`99`	`{`