stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
4bdc298ec1fc821ee0d9dda6d2d4643dcedf6b35
git.stella-ops.org/docs/features/unchecked/gateway/router-authority-claims-integration.md

1.3 KiB
Raw Blame History

Router Authority Claims Integration

Module

Gateway

Status

IMPLEMENTED

Description

IAuthorityClaimsProvider integration enabling centralized Authority service to override endpoint claim requirements. Three-tier precedence: Code attributes < YAML config < Authority overrides. EffectiveClaimsStore caches resolved claims.

Implementation Details

  • Effective claims store: src/Gateway/StellaOps.Gateway.WebService/Authorization/EffectiveClaimsStore.cs, IEffectiveClaimsStore.cs -- caches resolved claims with three-tier precedence
  • Authorization middleware: src/Gateway/StellaOps.Gateway.WebService/Authorization/AuthorizationMiddleware.cs -- enforces Authority-provided claim requirements
  • Claims propagation: src/Gateway/StellaOps.Gateway.WebService/Middleware/ClaimsPropagationMiddleware.cs -- propagates resolved claims downstream
  • Gateway value parser: src/Gateway/StellaOps.Gateway.WebService/Configuration/GatewayValueParser.cs -- parses configuration values for claims
  • Source: batch_52/file_09.md

E2E Test Plan

  • Verify three-tier precedence: code attributes < YAML config < Authority overrides
  • Test EffectiveClaimsStore caching behaves correctly
  • Verify Authority-provided claim overrides take highest priority
  • Test claims propagation to downstream services