stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 16 Releases Wiki Activity
Files
d519782a8f0b30f425c9b6ae0f316b19259972a2
git.stella-ops.org/docs/modules/excititor/prep/2025-11-20-tenant-authority-prep.md
master d519782a8f
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
prep docs and service updates
2025-11-21 06:56:36 +00:00

1.5 KiB
Raw Blame History

Excititor · Tenant-Aware Authority Prep (AOC-19-013)

  • Date: 2025-11-20
  • Scope: PREP-EXCITITOR-CORE-AOC-19-013-SEED-TENANT-AW
  • Working directory: src/Excititor/StellaOps.Excititor.WebService, src/Excititor/StellaOps.Excititor.Worker, src/Excititor/__Libraries/StellaOps.Excititor.Core

Goals

  • Enforce tenant-scoped Authority clients for all WebService/Worker actions to prevent cross-tenant leakage when consensus is removed.
  • Provide deterministic fixture/seed guidance for e2e tests.

Contract

  • All Authority calls must be created through IAuthorityClientFactory.Create(tenantId); factories that lack tenant must throw.
  • Configuration: excititor:authority:baseUrl, excititor:authority:audience, per-tenant clientId/clientSecret retrieved via internal secret resolver (no cross-tenant cache).
  • Headers: include X-Tenant on every outbound request; reject response lacking matching tenant claim.
  • Telemetry: meter StellaOps.Excititor.Auth counters authority.call tagged tenant, operation, result (ok|unauthorized|forbidden|error).

Testing seeds

  • Provide seeded tenants alpha, bravo with stub secrets in test settings; integration tests must assert cross-tenant requests are rejected (401/403) when header mismatch or missing client mapping.
  • Fake Authority server returns tenant claim; tests validate enforcement and logs.

Acceptance for prep completion

  • Tenant-scoped client contract, config keys, and test seeds documented; downstream tasks 19-013 can proceed using this as authority.