Certificate Authorization using MinimalAPI

var builder = WebApplication.CreateBuilder(args);
builder.Logging.AddConsole();
builder.Services.Configure<KestrelServerOptions>(kestrelServerOptions =>
{
    kestrelServerOptions.ConfigureHttpsDefaults(httpsConnectionAdapterOptions =>
    {
        httpsConnectionAdapterOptions.ClientCertificateMode = ClientCertificateMode.RequireCertificate;
        httpsConnectionAdapterOptions.AllowAnyClientCertificate();
    });
});
builder.Services.AddScoped<ICertificateValidationService, X509CertificateValidationService>();

builder.Services.AddAuthentication(CertificateAuthenticationDefaults.AuthenticationScheme)
    .AddCertificate(ValidateCertificateHandlerMethod());
builder.Services.AddAuthorization(options =>
{
    options.AddPolicy("HasAccesPolicy", policy =>
        policy.RequireClaim("Access", "HasAccess"));
});
var app = builder.Build();
app.UseAuthentication();
app.UseAuthentication();

app.MapGet("/", (ClaimsPrincipal user) => user.Claims.Select(x => new {x.Type, x.Value}));

app.MapGet("/SecureService", (HttpContext context) =>
{
    var claims = context.User.Claims;
    if (claims.FirstOrDefault(x => x.Type == "Access" && x.Value == "HasAccess") == null)
    {
        context.Response.StatusCode = 403;
        return "";
    }
    return "Hello from secure service";
}).RequireAuthorization("HasAccesPolicy");