save checkpoint
This commit is contained in:
master
@@ -0,0 +1,38 @@
|
||||
# Plugin SDK / Plugin architecture (CLI, Authority, Crypto)
|
||||
|
||||
## Module
|
||||
Authority
|
||||
|
||||
## Status
|
||||
IMPLEMENTED
|
||||
|
||||
## Description
|
||||
Plugin architecture is implemented across CLI (manifest loader, module loader), Authority (identity provider plugins with OIDC/SAML/Standard), and Cryptography (HSM, SM crypto plugins). The Authority plugin SDK defines interfaces, registration context, and a standardized plugin lifecycle.
|
||||
|
||||
## Implementation Details
|
||||
- **Plugin Abstractions (Authority SDK)**: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions/` -- the SDK package:
|
||||
- `AuthorityPluginContracts.cs` -- `IAuthorityPlugin`, `IAuthorityPluginRegistrar` interfaces defining the plugin lifecycle
|
||||
- `IdentityProviderContracts.cs` -- `IAuthorityIdentityProviderPlugin` for credential validation and claims enrichment
|
||||
- `AuthorityPluginRegistrationContext.cs` -- DI registration context passed to plugins at startup
|
||||
- `AuthorityCredentialAuditContext.cs` -- audit context for credential operations
|
||||
- `AuthoritySecretHasher.cs` -- pluggable password/secret hashing abstraction
|
||||
- `AuthorityClientMetadataKeys.cs` -- standardized metadata keys for client configuration
|
||||
- **Plugin Loader**: `src/Authority/StellaOps.Authority/StellaOps.Authority/Plugins/AuthorityPluginLoader.cs` -- assembly-based plugin discovery from `plugins/authority/` directory.
|
||||
- **Plugin Registration Summary**: `src/Authority/StellaOps.Authority/StellaOps.Authority/Plugins/AuthorityPluginRegistrationSummary.cs` -- diagnostic summary of loaded plugins.
|
||||
- **Concrete Plugin Implementations**:
|
||||
- Standard: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Standard/StandardPluginRegistrar.cs`
|
||||
- LDAP: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Ldap/LdapPluginRegistrar.cs`
|
||||
- OIDC: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Oidc/OidcPluginRegistrar.cs`
|
||||
- SAML: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Saml/SamlPluginRegistrar.cs`
|
||||
- Unified: `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugin.Unified/AuthPluginAdapter.cs`
|
||||
- **Plugin Binary Hosting**: `src/Authority/StellaOps.Authority.PluginBinaries/` -- pre-compiled plugin DLLs; `src/Authority/plugins/authority/` -- plugin directory structure.
|
||||
- **Concelier Plugin Binaries**: `src/Authority/StellaOps.Concelier.PluginBinaries/StellaOps.Concelier.Connector.Common/` -- connector plugin abstractions for Concelier module.
|
||||
- **Tests**: `src/Authority/StellaOps.Authority/StellaOps.Authority.Tests/Plugins/AuthorityPluginLoaderTests.cs`, `src/Authority/StellaOps.Authority/StellaOps.Authority.Plugins.Abstractions.Tests/`
|
||||
|
||||
## E2E Test Plan
|
||||
- [ ] Build a minimal plugin implementing `IAuthorityPluginRegistrar` and `IAuthorityIdentityProviderPlugin`, place the DLL in `plugins/authority/`, and verify `AuthorityPluginLoader` discovers and loads it
|
||||
- [ ] Verify the plugin's `Register` method receives a valid `AuthorityPluginRegistrationContext` with access to DI services
|
||||
- [ ] Verify `AuthorityPluginRegistrationSummary` includes the custom plugin with its reported capabilities
|
||||
- [ ] Load multiple plugins simultaneously and verify they do not interfere with each other's DI registrations
|
||||
- [ ] Remove a plugin DLL and restart; verify the system starts without the removed plugin and reports it as missing in the summary
|
||||
- [ ] Verify `AuthoritySecretHasher` can be replaced by a plugin-provided implementation and verify password hashing uses the custom hasher
|
||||
Reference in New Issue
Block a user