work with authentik

OTSSignsOrchestrator.Core/Services/IAuthentikService.cs

@@ -0,0 +1,24 @@
+using OTSSignsOrchestrator.Core.Models.DTOs;
+
+namespace OTSSignsOrchestrator.Core.Services;
+
+/// <summary>
+/// Provisions SAML applications in Authentik and retrieves IdP metadata
+/// needed to render the Xibo SAML settings-custom.php template.
+/// </summary>
+public interface IAuthentikService
+{
+    /// <summary>
+    /// Creates an Authentik SAML provider and application for the given Xibo instance,
+    /// then fetches the IdP metadata (entity ID, x509 cert, SSO/SLO URLs).
+    /// If the application already exists (by slug), returns its existing metadata.
+    /// </summary>
+    /// <param name="instanceAbbrev">Short customer abbreviation (used in naming).</param>
+    /// <param name="instanceBaseUrl">Full base URL of the Xibo instance (e.g. https://app.ots-signs.com/demo).</param>
+    /// <param name="ct">Cancellation token.</param>
+    /// <returns>IdP metadata needed for the SAML PHP configuration.</returns>
+    Task<AuthentikSamlConfig> ProvisionSamlAsync(
+        string instanceAbbrev,
+        string instanceBaseUrl,
+        CancellationToken ct = default);
+}