Tests fixes, audit progress, UI completions
This commit is contained in:
StellaOps Bot
@@ -0,0 +1,23 @@
|
||||
# Auth Server Integration AGENTS
|
||||
|
||||
## Purpose & Scope
|
||||
- Working directory: `src/Authority/StellaOps.Authority/StellaOps.Auth.ServerIntegration/`.
|
||||
- Roles: backend engineer, QA automation.
|
||||
- Focus: ASP.NET Core resource server auth configuration, scope policies, and authorization audit events.
|
||||
|
||||
## Required Reading (treat as read before DOING)
|
||||
- `docs/README.md`
|
||||
- `docs/07_HIGH_LEVEL_ARCHITECTURE.md`
|
||||
- `docs/modules/platform/architecture-overview.md`
|
||||
- `docs/modules/authority/architecture.md`
|
||||
- Relevant sprint files.
|
||||
|
||||
## Working Agreements
|
||||
- Keep auth decisions deterministic and time-aware (TimeProvider).
|
||||
- Preserve offline/air-gap posture with resilient metadata/JWKS caching.
|
||||
- Avoid logging sensitive claims; use classified strings.
|
||||
- Update `docs/implplan/SPRINT_*.md` and local `TASKS.md` when starting or completing work.
|
||||
|
||||
## Testing
|
||||
- Use xUnit + FluentAssertions + TestKit.
|
||||
- Cover options normalization, bypass evaluation, metadata/JWKS caching, scope decisions, and audit event emission.
|
||||
Reference in New Issue
Block a user