f98cea3bcf
- Introduced AuthorityAdvisoryAiOptions and related classes for managing advisory AI configurations, including remote inference options and tenant-specific settings. - Added AuthorityApiLifecycleOptions to control API lifecycle settings, including legacy OAuth endpoint configurations. - Implemented validation and normalization methods for both advisory AI and API lifecycle options to ensure proper configuration. - Created AuthorityNotificationsOptions and its related classes for managing notification settings, including ack tokens, webhooks, and escalation options. - Developed IssuerDirectoryClient and related models for interacting with the issuer directory service, including caching mechanisms and HTTP client configurations. - Added support for dependency injection through ServiceCollectionExtensions for the Issuer Directory Client. - Updated project file to include necessary package references for the new Issuer Directory Client library.
78 lines
2.4 KiB
C#
78 lines
2.4 KiB
C#
using System;
|
|
|
|
namespace StellaOps.Configuration;
|
|
|
|
/// <summary>
|
|
/// API lifecycle controls for the Authority service.
|
|
/// </summary>
|
|
public sealed class AuthorityApiLifecycleOptions
|
|
{
|
|
/// <summary>
|
|
/// Settings for the legacy OAuth endpoint shim (/oauth/* → canonical).
|
|
/// </summary>
|
|
public AuthorityLegacyAuthEndpointOptions LegacyAuth { get; } = new();
|
|
|
|
internal void Validate()
|
|
{
|
|
LegacyAuth.Validate();
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
/// Configuration for legacy OAuth endpoint shims and deprecation signalling.
|
|
/// </summary>
|
|
public sealed class AuthorityLegacyAuthEndpointOptions
|
|
{
|
|
private static readonly DateTimeOffset DefaultDeprecationDate = new(2025, 11, 1, 0, 0, 0, TimeSpan.Zero);
|
|
private static readonly DateTimeOffset DefaultSunsetDate = new(2026, 5, 1, 0, 0, 0, TimeSpan.Zero);
|
|
|
|
/// <summary>
|
|
/// Enables the legacy endpoint shim that routes /oauth/* to the canonical endpoints.
|
|
/// </summary>
|
|
public bool Enabled { get; set; } = true;
|
|
|
|
/// <summary>
|
|
/// Date when clients should consider the legacy endpoints deprecated.
|
|
/// </summary>
|
|
public DateTimeOffset DeprecationDate { get; set; } = DefaultDeprecationDate;
|
|
|
|
/// <summary>
|
|
/// Date when legacy endpoints will be removed.
|
|
/// </summary>
|
|
public DateTimeOffset SunsetDate { get; set; } = DefaultSunsetDate;
|
|
|
|
/// <summary>
|
|
/// Optional documentation URL included in the Sunset link header.
|
|
/// </summary>
|
|
public string? DocumentationUrl { get; set; } = "https://docs.stella-ops.org/authority/legacy-auth";
|
|
|
|
internal void Validate()
|
|
{
|
|
if (!Enabled)
|
|
{
|
|
return;
|
|
}
|
|
|
|
var normalizedDeprecation = DeprecationDate.ToUniversalTime();
|
|
var normalizedSunset = SunsetDate.ToUniversalTime();
|
|
|
|
if (normalizedSunset <= normalizedDeprecation)
|
|
{
|
|
throw new InvalidOperationException("Legacy auth sunset date must be after the deprecation date.");
|
|
}
|
|
|
|
DeprecationDate = normalizedDeprecation;
|
|
SunsetDate = normalizedSunset;
|
|
|
|
if (!string.IsNullOrWhiteSpace(DocumentationUrl))
|
|
{
|
|
if (!Uri.TryCreate(DocumentationUrl, UriKind.Absolute, out var uri) ||
|
|
(uri.Scheme != Uri.UriSchemeHttps && uri.Scheme != Uri.UriSchemeHttp))
|
|
{
|
|
throw new InvalidOperationException("Legacy auth documentation URL must be an absolute HTTP or HTTPS URL.");
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|