stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
docs/features/unchecked/authority/authority-identity-provider-registry.md Normal file
View File

@@ -0,0 +1,31 @@
# Authority Identity Provider Registry (Plugin Resolution)
## Module
Authority
## Status
IMPLEMENTED
## Description
Runtime metadata/handle pattern for resolving identity providers through a registry. Handlers use `IAuthorityIdentityProviderRegistry.AcquireAsync` with metadata (`AuthorityIdentityProviderMetadata`) for capability checks, enabling deterministic and capability-gated provider resolution.
## Implementation Details
- **Modules**: `src/Authority/StellaOps.Authority/StellaOps.Authority/`, `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions/`
- **Key Classes**:
- `AuthorityIdentityProviderRegistry` (`src/Authority/StellaOps.Authority/StellaOps.Authority/AuthorityIdentityProviderRegistry.cs`) - runtime registry that resolves identity providers by metadata capabilities; exposes `AcquireAsync` for deterministic provider selection
- `AuthorityIdentityProviderSelector` (`src/Authority/StellaOps.Authority/StellaOps.Authority/OpenIddict/AuthorityIdentityProviderSelector.cs`) - selects the appropriate identity provider plugin during OpenIddict authentication flows based on request context
- `AuthorityPluginRegistry` (`src/Authority/StellaOps.Authority/StellaOps.Authority/AuthorityPluginRegistry.cs`) - manages the lifecycle and registration of all authority plugins
- `IdentityProviderContracts` (`src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions/IdentityProviderContracts.cs`) - defines `IAuthorityIdentityProviderPlugin`, `AuthorityIdentityProviderMetadata`, and capability contracts
- `AuthorityPluginRegistrationContext` (`src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions/AuthorityPluginRegistrationContext.cs`) - context object passed to plugins during registration
- `AuthorityPluginLoader` (`src/Authority/StellaOps.Authority/StellaOps.Authority/Plugins/AuthorityPluginLoader.cs`) - loads plugin assemblies from disk and registers them with the plugin registry
- `AuthorityPluginRegistrationSummary` (`src/Authority/StellaOps.Authority/StellaOps.Authority/Plugins/AuthorityPluginRegistrationSummary.cs`) - captures registration outcome (loaded plugins, errors, capabilities)
- **Interfaces**: `IAuthorityIdentityProviderPlugin`, `IAuthorityPluginRegistrar` (defined in `IdentityProviderContracts.cs` and `AuthorityPluginContracts.cs`)
- **Source**: Feature matrix scan
## E2E Test Plan
- [ ] Register two identity provider plugins (Standard and LDAP) and verify `AuthorityIdentityProviderRegistry` resolves each by capability metadata
- [ ] Call `AcquireAsync` with metadata requesting LDAP capabilities and verify the LDAP provider is returned
- [ ] Call `AcquireAsync` with metadata requesting capabilities not supported by any provider and verify a clear error is returned
- [ ] Verify `AuthorityIdentityProviderSelector` routes authentication to the correct provider based on the client's `identity_provider` metadata during an OAuth2 token request
- [ ] Register a plugin at runtime and verify the registry reflects the new provider without restart
- [ ] Verify `AuthorityPluginRegistrationSummary` reports all registered providers with their capabilities