{
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning",
      "Microsoft.AspNetCore.Authentication": "Warning"
    }
  },
  "AllowedHosts": "*",

  // Vault 路径配置（生产值通过 env 覆盖）
  "Vault": {
    "Root": "./test-vault",
    "Blacklist": [],
    "WriteWhitelist": []
  },

  // JWT 验签配置（生产值必须通过 env 覆盖）
  // Algorithm: "HS256"（默认，与 AS 共享 SigningKey）或 "RS256"（从 Issuer 走 OIDC discovery 拉 JWKS）
  "Jwt": {
    "Algorithm": "HS256",
    "Issuer": "",
    "Audience": "obsidian",
    "SigningKey": {
      "Current": "",
      "Previous": ""
    }
  },

  // /.well-known/oauth-authorization-server 元数据（生产值必须通过 env 覆盖）
  "Mcp": {
    "OAuthDiscovery": {
      "Issuer": "",
      "AuthorizationEndpoint": "",
      "TokenEndpoint": "",
      "RegistrationEndpoint": ""
    }
  },

  // 审计日志目录（容器内 /app/logs）
  "AuditLog": {
    "Directory": "/app/logs"
  }
}