================================================================
602TechSec Integration Configuration Examples
================================================================

This folder contains COMPLETE, WORKING examples for all integration methods.
Each example is self-contained and ready to copy into your project.

----------------------------------------------------------------
REQUIRED FOR ALL METHODS:
----------------------------------------------------------------
1. Copy TechSec602Client.vb OR TechSec602Client.cs to your project
2. Add this to your web.config <appSettings> section:

<appSettings>
  <add key="TechSec602.BaseUrl" value="https://sec.602.tech" />
  <add key="TechSec602.ApiKey" value="your-api-key-here" />
  <add key="TechSec602.TimeoutMs" value="5000" />
  <add key="TechSec602.FailOpen" value="true" />
</appSettings>

----------------------------------------------------------------
INTEGRATION METHODS (Choose ONE):
----------------------------------------------------------------

METHOD 1: Global.asax (Recommended - Early Pipeline)

Choose the appropriate version for your application type:

** For ASP.NET Web Forms / Non-MVC Applications: **
??? 1A-Global.asax.vb.webforms.example     (VB.NET Web Forms version)
??? 1A-Global.asax.cs.webforms.example     (C# Web Forms version)

** For ASP.NET MVC Applications: **
??? 1B-Global.asax.vb.mvc.example          (VB.NET MVC version)
??? 1B-Global.asax.cs.mvc.example          (C# MVC version)

Copy entire file content into your Global.asax.vb or Global.asax.cs
No web.config changes needed.
Protects ALL requests before any processing.

Key Differences:
- Web Forms version: No MVC initialization, includes Session events
- MVC version: Includes AreaRegistration, FilterConfig, RouteConfig, BundleConfig

----------------------------------------------------------------

METHOD 2: HTTP Module (IIS Integration)
??? 2-web.config.httpmodule.example     (web.config snippet)
??? IntegrationExamples.vb or .cs       (contains TechSec602SecurityModule class)

STEP 1: Copy TechSec602SecurityModule class from IntegrationExamples file
STEP 2: Add web.config configuration from example
STEP 3: Replace "YourNamespace" and "YourAssemblyName" with your actual values
Protects ALL requests at IIS level.

----------------------------------------------------------------

METHOD 3: Action Filter (Controller/Action Level)
??? 3-FilterConfig.vb.example       (Global registration - VB.NET)
??? 3-FilterConfig.cs.example       (Global registration - C#)
??? 3-Controller.vb.example         (Attribute usage - VB.NET)
??? 3-Controller.cs.example         (Attribute usage - C#)
??? IntegrationExamples.vb or .cs   (contains TechSec602AuthorizeAttribute class)

STEP 1: Copy TechSec602AuthorizeAttribute class from IntegrationExamples file
STEP 2A: Add to FilterConfig for global protection (all controllers)
   OR
STEP 2B: Use <TechSec602Authorize> or [TechSec602Authorize] on specific controllers/actions
No web.config changes needed.
Protects specific controllers or actions you choose.

----------------------------------------------------------------

METHOD 4: Manual Helper (Custom Verification)
??? 4-ManualUsage.vb.example       (VB.NET examples)
??? 4-ManualUsage.cs.example       (C# examples)
??? IntegrationExamples.vb or .cs  (contains TechSec602Helper class)

STEP 1: Copy TechSec602Helper class from IntegrationExamples file
STEP 2: Call TechSec602Helper.VerifyCurrentAsync() or TechSec602Helper.VerifyAsync() in your code
No web.config, FilterConfig, or Global.asax changes needed.
Call verification manually wherever you need it.

----------------------------------------------------------------
ADVANCED METHODS (High Performance & Enterprise Features)
----------------------------------------------------------------

METHOD 5: Advanced Global.asax (With Caching & Circuit Breaker)
??? 5-Advanced-Global.asax.vb.mvc.example
??? 5-Advanced-Global.asax.cs.mvc.example

Features:
? Result caching (5-minute cache reduces API calls by 80%+)
? Circuit breaker (auto-disable on failures, auto-recover)
? Performance monitoring (track cache hits, response times)
? Detailed logging (debug, info, warning, error levels)

Requirements:
- Copy TechSec602AdvancedClient.vb or .cs to your project
- Add advanced configuration options to web.config

Configuration:
<add key="TechSec602.EnableCaching" value="true" />
<add key="TechSec602.CacheTimeoutMinutes" value="5" />
<add key="TechSec602.EnableLogging" value="true" />
<add key="TechSec602.EnableCircuitBreaker" value="true" />
<add key="TechSec602.CircuitBreakerThreshold" value="5" />
<add key="TechSec602.CircuitBreakerResetMinutes" value="2" />

----------------------------------------------------------------

METHOD 6: Advanced Manual (Batch Verification & Cache Management)
??? 6-Advanced-ManualUsage.vb.example
??? 6-Advanced-ManualUsage.cs.example

Features:
? Batch verification (verify 100 requests in 200ms instead of 10s)
? Cache pre-warming for high-traffic endpoints
? Performance metrics monitoring
? Manual cache management
? Security event logging

Perfect for:
- Bulk operations (processing multiple orders, users, etc.)
- High-traffic APIs
- Scheduled jobs
- Administrative dashboards
- Performance-critical paths

Example Performance:
- Single verification: ~40ms per request
- Cached verification: <1ms per request
- Batch verification: ~2ms per request (100 requests)

----------------------------------------------------------------
WHICH METHOD SHOULD I USE?
----------------------------------------------------------------

Use METHOD 1 (Global.asax) if:
? You want to protect ALL requests
? You want security checks as early as possible
? You have a simple application
? Use METHOD 5 for high-traffic applications

Use METHOD 2 (HTTP Module) if:
? You want to protect ALL requests
? You prefer modular, reusable components
? You want easy enable/disable via web.config

Use METHOD 3 (Action Filter) if:
? You want to protect specific controllers or actions
? You like attribute-based protection
? You need granular control over what's protected

Use METHOD 4 (Manual Helper) if:
? You need custom verification logic
? You want conditional protection
? You're integrating with existing security code
? Use METHOD 6 for bulk operations and high performance

Use METHOD 5 (Advanced Global.asax) if:
? You have high traffic (1000+ req/min)
? You need maximum performance with caching
? You want automatic failover with circuit breaker
? You need detailed monitoring and logging

Use METHOD 6 (Advanced Manual) if:
? You process bulk operations (orders, users, reports)
? You need batch verification
? You want cache pre-warming
? You need performance metrics

----------------------------------------------------------------
TROUBLESHOOTING:
----------------------------------------------------------------

Problem: HTTP Module not loading
Solution: Verify namespace and assembly name format:
  <add name="TechSec602Security" 
       type="MyApp.Security.TechSec602SecurityModule, MyApp" />
       <!-- Format: Namespace.ClassName, AssemblyName -->

Problem: Action Filter not working
Solution: Make sure you copied TechSec602AuthorizeAttribute class and used correct attribute syntax:
  VB.NET: <TechSec602Authorize>
  C#:     [TechSec602Authorize]

Problem: Verification failing with timeout
Solution: Check TechSec602.BaseUrl in web.config and ensure server is accessible

Problem: All requests blocked
Solution: Check your API key is correct and active in 602TechSec admin panel

Problem: Slow performance
Solution: Use METHOD 5 or METHOD 6 with caching enabled. Result caching reduces
         API calls by 80%+ for typical applications.

Problem: Advanced client not caching
Solution: Verify EnableCaching=true and check cache timeout settings in web.config

----------------------------------------------------------------
NEED HELP?
----------------------------------------------------------------
Documentation: https://sec.602.tech/Home/Documentation
Download Files: https://sec.602.tech/ClientLibraries