stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
1bf6bbf3955ecbd8d20f5eeb767da5c7f8324b57
git.stella-ops.org/docs/features/unchecked/gateway/gateway-http-middleware-pipeline.md

32 lines
2.0 KiB
Markdown
Raw Blame History

# Gateway HTTP Middleware Pipeline
## Module
Gateway
## Status
IMPLEMENTED
## Description
Full HTTP middleware pipeline for the Gateway WebService including endpoint resolution, authorization with claims propagation, routing decision, transport dispatch, correlation ID tracking, tenant isolation, health checks, and global error handling.
## Implementation Details
- **Authorization**: `src/Gateway/StellaOps.Gateway.WebService/Authorization/AuthorizationMiddleware.cs` -- endpoint authorization
- **Claims propagation**: `src/Gateway/StellaOps.Gateway.WebService/Middleware/ClaimsPropagationMiddleware.cs` -- propagates authenticated claims to downstream services
- **Correlation ID**: `src/Gateway/StellaOps.Gateway.WebService/Middleware/CorrelationIdMiddleware.cs` -- request correlation tracking
- **Routing**: `src/Gateway/StellaOps.Gateway.WebService/Middleware/RequestRoutingMiddleware.cs` -- route resolution and dispatch
- **Routes**: `src/Gateway/StellaOps.Gateway.WebService/Middleware/GatewayRoutes.cs` -- route definitions
- **Health checks**: `src/Gateway/StellaOps.Gateway.WebService/Middleware/HealthCheckMiddleware.cs`
- **Identity header policy**: `src/Gateway/StellaOps.Gateway.WebService/Middleware/IdentityHeaderPolicyMiddleware.cs` -- identity header enforcement
- **Sender constraints**: `src/Gateway/StellaOps.Gateway.WebService/Middleware/SenderConstraintMiddleware.cs`
- **Tenant isolation**: `src/Gateway/StellaOps.Gateway.WebService/Middleware/TenantMiddleware.cs`
- **Context keys**: `src/Gateway/StellaOps.Gateway.WebService/Middleware/GatewayContextKeys.cs`
- **Security**: `src/Gateway/StellaOps.Gateway.WebService/Security/AllowAllAuthenticationHandler.cs`
- **Source**: batch_51/file_21.md
## E2E Test Plan
- [ ] Verify middleware pipeline executes in correct order
- [ ] Test authorization middleware blocks unauthorized requests
- [ ] Verify correlation IDs propagate through gateway to downstream services
- [ ] Test tenant isolation prevents cross-tenant access
- [ ] Verify edge cases and error handling
Reference in New Issue View Git Blame Copy Permalink