pplate/plate-auth
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4 Commits 2 Branches 1 Tag
9d314a49c6aa92d9f72a38893b6829c1a3256937
Commit Graph

4 Commits

Author SHA1 Message Date
Patrick Plate 9d314a49c6 test(w7): greenfield consumer integration test
CI / build (push) Failing after 33s
Details
Release / publish-maven (push) Failing after 25s
Details
Release / publish-npm (push) Failing after 1m7s
Details 
Integration test module (it/) simulates a zero-code consumer of plate-auth-starter:
- TestConsumerApplication: minimal @SpringBootApplication
- AuthBootstrapIT: verifies all required beans are present + PermissiveOrgValidator default
- ExchangeFlowIT: full exchange flow (valid envelope → tokens, tampered sig → 401, replay → 401)
- PlateAuthFlywayMigrationIT: V1-V6 migration test (CI-only, requires Docker/Testcontainers)

Also adds:
- SecurityConfig: extracted from auto-config to separate @Configuration for proper bean ordering
- PlateAuthExceptionHandler: SecurityException → 401, IllegalArgument → 400
- PlateAuthFlywayConfig: @ConditionalOnProperty(plate.auth.flyway.enabled) for test flexibility
- @AutoConfigurationPackage for entity scanning from starter JAR
- @Order(-100) on SecurityFilterChain for priority over defaults
- CORS: allowedOriginPatterns(*) when no origins configured (dev-friendly)

All 5 tests green locally (2 Docker-dependent skipped without CI env).
 2026-06-24 16:11:38 +02:00
Patrick Plate a2e4393d05 feat(w5): dual Flyway history (V1-V6) 
Migrations in db/migration/auth/ with separate flyway_schema_history_auth table:
- V1: users + user_identities (with provider/subject unique constraint)
- V2: memberships (polymorphic org_type/org_id, unique per user+org)
- V3: invitations (64-char token, status lifecycle)
- V4: access_requests (requester → reviewer workflow)
- V5: Microsoft tenant_id partial index on user_identities
- V6: login_events + refresh_tokens + revinfo actor_user_id column

PlateAuthFlywayConfig runs a second Flyway bean against flyway_schema_history_auth,
independent of consumer's own flyway_schema_history. Runs at bean init (before JPA).
 2026-06-24 15:48:00 +02:00
Patrick Plate 63c953d9b9 feat(w2): auth core entities + Google OAuth + JWT + NextAuth bridge 
Extracted from InspectFlow Sprint 14.1-14.2, repackaged to de.platesoft.auth.*:
- Entities: User, UserIdentity, Membership, Invitation, AccessRequest, LoginEvent, RefreshToken
- Enums: Role, OrgType, MembershipRole, MembershipStatus, InvitationStatus, AccessRequestStatus, LoginProvider
- Services: JwtService, ExchangeService, MembershipService, LoginEventService
- Filter: JwtAuthenticationFilter
- Controller: OAuthController (POST /api/auth/exchange)
- Config: PlateAuthAutoConfiguration, PlateAuthProperties (plate.auth.* namespace)
- Repositories: all auth-related JPA repositories
- SPI: OrgValidator, OrgDisplayNameResolver, InvitationMailer, AccessRequestMailer, OnboardingHook
- SPI defaults: PermissiveOrgValidator (WARN per call), LoggingInvitationMailer,
  LoggingAccessRequestMailer, DefaultOrgDisplayNameResolver, NoOpOnboardingHook
- DTOs: ExchangePayload, TokenResponse
- Security: BCrypt encoder, stateless session, CORS from PlateAuthProperties
- META-INF/spring AutoConfiguration.imports registered

All @Value refs replaced with PlateAuthProperties injection.
No references to de.platesoft.inspectflow.* remain.
 2026-06-24 15:46:54 +02:00
Patrick Plate 973c82f304 feat(w1): maven skeleton + CI scaffold 
- Parent POM: de.platesoft:plate-auth-parent with ${revision} CI-friendly versioning
- plate-auth-starter module: Spring Boot 4.1.0 starter deps (web, jpa, security, validation, jwt, flyway, envers)
- @platesoft/auth npm package skeleton: tsup bundler, conditional exports, TypeScript strict
- Gitea Actions: ci.yml (on push/PR) + release.yml (on v* tag)
- distributionManagement pointing to Gitea Package Registry (Maven + npm)
- Apache-2.0 LICENSE, README with quickstart, CHANGELOG, .editorconfig, .gitignore
- pnpm workspace with packages/auth
- Maven BUILD SUCCESS verified locally
 2026-06-24 15:40:17 +02:00