stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
557feefdc3283f7dec61795c9ec17fd9c360cd1d
git.stella-ops.org/src/__Libraries/StellaOps.Auth.Security/AGENTS.md
StellaOps Bot 82e55c206a Tests fixes, audit progress, UI completions
2025-12-30 09:03:22 +02:00

1003 B
Raw Blame History

Auth Security AGENTS

Purpose & Scope

  • Working directory: src/__Libraries/StellaOps.Auth.Security/.
  • Roles: backend engineer, QA automation.
  • Focus: DPoP proof validation, nonce issuance/consumption, replay cache strategies, and security primitives.

Required Reading (treat as read before DOING)

  • docs/README.md
  • docs/07_HIGH_LEVEL_ARCHITECTURE.md
  • docs/modules/platform/architecture-overview.md
  • docs/modules/authority/architecture.md
  • Relevant sprint files.

Working Agreements

  • Keep validation deterministic (TimeProvider) and avoid nondeterministic RNG in tests.
  • Normalize inputs consistently across nonce stores; avoid mutable shared state.
  • Respect offline/air-gap posture and keep secrets out of logs.
  • Update docs/implplan/SPRINT_*.md and local TASKS.md when starting or completing work.

Testing

  • Use xUnit + FluentAssertions + TestKit.
  • Cover DPoP validation (algorithms, htm/htu/nonce, clock skew, replay), nonce stores, and replay cache behavior.