Add comprehensive Getting Started guide for new users

[el-feo]

Summary

Adds detailed setup instructions for users forking this repo and deploying to their own AWS account. Previously, the README assumed users already had AWS configured and JWT secrets created, making it difficult for new users to get started.

Changes

README.md

• Added new "Getting Started" section with 6 step-by-step instructions:
  1. Configure AWS CLI with credentials
  2. Create JWT secret in AWS Secrets Manager (with example commands)
  3. Clone repository and deploy with SAM
  4. Get API endpoint from deployment outputs
  5. Generate JWT tokens for authentication (Ruby and Python examples)
  6. Test the deployment with curl example
• Moved original Prerequisites section to "Prerequisites (Local Development)"
• Expanded prerequisites to include AWS CLI, required permissions, and Docker running requirement

CLAUDE.md

• Added concise "Initial Setup" section with quick reference steps
• Points to README.md for detailed instructions

Why This Matters

Without these instructions, new users would need to:

• Guess what AWS credentials to configure
• Figure out they need to create a JWT secret (not documented anywhere)
• Determine the secret name and how to generate a secure value
• Learn how to generate JWT tokens after deployment
• Understand they need pre-signed S3 URLs for testing

This PR makes the project immediately usable for anyone with an AWS account.

Test plan

• Verified all commands are correct and functional
• Tested secret creation command with openssl
• Confirmed JWT token generation examples work in both Ruby and Python
• Validated AWS CLI configuration steps
• Checked that deployment prompts match actual sam deploy --guided behavior

🤖 Generated with Claude Code

[Copilot]

Pull Request Overview

This PR adds comprehensive Getting Started documentation to help new users deploy the PDF Converter Service to AWS. The guide includes step-by-step instructions for AWS configuration, JWT secret creation, deployment, and testing. Three new utility scripts are included to simplify JWT token generation and S3 URL creation. Two internal planning documents (TEST_REFACTOR.md and REFACTORING.md) are removed as they were development artifacts not needed for end users.

Key Changes:

• Added detailed 6-step Getting Started guide with AWS CLI setup, JWT secret creation, SAM deployment, and testing instructions
• Created utility scripts (generate_jwt_token.rb, generate_presigned_urls.rb) with comprehensive documentation to simplify testing
• Added Initial Setup quick reference to CLAUDE.md

Reviewed Changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
README.md	Added comprehensive Getting Started guide with prerequisites, deployment steps, JWT token generation examples (Ruby/Python), and testing instructions
CLAUDE.md	Added concise Initial Setup section referencing detailed README instructions
scripts/generate_jwt_token.rb	New utility script to generate JWT tokens from AWS Secrets Manager with configurable options
scripts/generate_presigned_urls.rb	New utility script to generate pre-signed S3 URLs for testing (contains implementation bug)
scripts/README.md	Comprehensive documentation for testing scripts with usage examples and troubleshooting
TEST_REFACTOR.md	Removed internal test refactoring plan (development artifact)
REFACTORING.md	Removed internal code quality refactoring plan (development artifact)

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The approach of generating a pre-signed PUT URL with a placeholder key and then removing it via string substitution is flawed. Pre-signed URLs include the object key in the signature calculation, so removing 'placeholder.png' will invalidate the signature. The resulting URL cannot be used to PUT objects with different keys (e.g., 'unique_id-0.png', 'unique_id-1.png').

For S3 pre-signed URLs, each specific object key requires its own pre-signed URL. You cannot create a "prefix-based" pre-signed PUT URL that works for multiple object keys. Consider either:

1. Generating individual pre-signed PUT URLs for each expected image file
2. Using a different approach like S3 POST policies with prefix matching
3. Documenting that users need to generate URLs per-file rather than per-prefix

Suggested change

	# Generate a pre-signed PUT URL for uploading converted images
	# The key should be a prefix/folder path ending with /
	def generate_destination_url(prefix)
	# Ensure prefix ends with / for folder-style access
	prefix = prefix.end_with?('/') ? prefix : "#{prefix}/"
	signer = Aws::S3::Presigner.new(client: @s3_client)
	signer.presigned_url(
	:put_object,
	bucket: @bucket,
	key: "#{prefix}placeholder.png", # Example key, actual keys will be unique_id-N.png
	expires_in: @expiration
	).gsub('placeholder.png', '') # Remove placeholder to get base URL
	end
	# Generate both URLs and return as a hash
	def generate_urls(source_key:, destination_prefix:, unique_id: 'test')
	{
	source: generate_source_url(source_key),
	destination: generate_destination_url(destination_prefix),
	# Generate a pre-signed PUT URL for uploading a converted image
	# The key should be the full S3 object key, e.g., "prefix/unique_id-0.png"
	def generate_destination_url(key)
	signer = Aws::S3::Presigner.new(client: @s3_client)
	signer.presigned_url(
	:put_object,
	bucket: @bucket,
	key: key,
	expires_in: @expiration
	)
	end
	# Generate both URLs and return as a hash
	# Generate both URLs and return as a hash
	# destination_key should be the full S3 key for the image, e.g., "prefix/unique_id-0.png"
	def generate_urls(source_key:, destination_key:, unique_id: 'test')
	{
	source: generate_source_url(source_key),
	destination: generate_destination_url(destination_key),