OPC # 0001: Extract Clarity into standalone repo

Clarity.Server/Endpoints/DebugEndpoints.cs

@@ -0,0 +1,33 @@
+using System.Runtime.CompilerServices;
+using System.Security.Claims;
+
+namespace Clarity.Server.Endpoints
+{
+    public static class DebugEndpoints
+    {
+        public static IEndpointRouteBuilder MapDebugEndpoints(this IEndpointRouteBuilder app)
+        {
+            var api = app.MapGroup("/api").RequireAuthorization();
+
+            api.MapGet("debug/claims", (ClaimsPrincipal user) =>
+            {
+                var sub = user.FindFirstValue(ClaimTypes.NameIdentifier) ?? user.FindFirstValue("sub");
+
+                return Results.Ok(new
+                {
+                    Subject = sub,
+                    Username = user.FindFirstValue("preferred_username"),
+                    Email = user.FindFirstValue(ClaimTypes.Email) ?? user.FindFirstValue("email"),
+                    IsAuthenticated = user.Identity?.IsAuthenticated,
+                    AllClaims = user.Claims.Select(c => new { c.Type, c.Value })
+                });
+            });
+
+            // Sanity check - no auth required, confirms API is reachable
+            api.MapGet("auth/ping", () => Results.Ok(new { Status = "ok", Time = DateTimeOffset.UtcNow }))
+               .AllowAnonymous();
+
+            return app;
+        }
+    }
+}

Clarity.Server/Endpoints/ProfileEndpoints.cs

@@ -0,0 +1,57 @@
+using Clarity.Server.Services;
+using Microsoft.AspNetCore.Mvc;
+using System.Security.Claims;
+
+namespace Clarity.Server.Endpoints
+{
+    public static class ProfileEndpoints
+    {
+        public record OnboardingRequest(string FirstName, string? MiddleName, string LastName, string Ssn);
+
+        public static IEndpointRouteBuilder MapProfileEndpoints(this IEndpointRouteBuilder app)
+        {
+            var group = app.MapGroup("/api/profile").RequireAuthorization();
+
+            group.MapGet("/", async (ClaimsPrincipal user, ProfileService svc, CancellationToken ct) =>
+            {
+                var sub = user.FindFirstValue(ClaimTypes.NameIdentifier) ?? user.FindFirstValue("sub");
+                if (sub is null) return Results.Unauthorized();
+
+                var profile = await svc.GetBySubjectAsync(sub, ct);
+                if (profile is null)
+                    return Results.NotFound(new { onboardingComplete = false });
+
+                return Results.Ok(profile);
+            });
+
+            group.MapGet("/{subject}", async (string subject, ProfileService profileService) =>
+            {
+                var profile = await profileService.GetBySubjectAsync(subject);
+
+                if (profile == null)
+                    return Results.NotFound(new { message = "Profile not found!" });
+
+                return Results.Ok(profile);
+            });
+
+            group.MapPost("/onboarding", async (
+                [FromBody] OnboardingRequest req,
+                ClaimsPrincipal user,
+                ProfileService svc,
+                CancellationToken ct) =>
+            {
+                var sub = user.FindFirstValue(ClaimTypes.NameIdentifier) ?? user.FindFirstValue("sub");
+                if (sub is null) return Results.Unauthorized();
+
+                var existing = await svc.GetBySubjectAsync(sub, ct);
+                if (existing is not null)
+                    return Results.Conflict(new { message = "Profile already exists." });
+
+                var profile = await svc.CreateAsync(sub, req.FirstName, req.MiddleName, req.LastName, req.Ssn, ct);
+                return Results.Ok(profile);
+            });
+
+            return app;
+        }
+    }
+}