sentryagent-idp

vijay_admin/sentryagent-idp

Fork 0

Commit Graph

Author	SHA1	Message	Date
SentryAgent.ai Developer	af630b43d4	chore(phase-4): QA fixes + gitignore portal build artifacts - Fix 7 test fixtures missing isPublic field added in WS4 Marketplace - Add portal/.next/ to .gitignore (build artifacts should not be tracked) - Mark all Phase 4 tasks 11.1-11.11 complete in tasks.md QA results: 611/611 tests pass, tsc zero errors, portal build OK, CLI build OK Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-02 10:59:11 +00:00
SentryAgent.ai Developer	5e465e596a	feat(phase-3): workstream 3 — OpenID Connect (OIDC) Provider Implements full OIDC layer on top of the existing OAuth 2.0 token service: - Migration 014: oidc_keys table (RSA/EC key pairs, is_current flag, expires_at for rotation grace period) - OIDCKeyService: key generation (RS256/ES256), Vault storage, JWKS with Redis cache, key rotation with grace period, pruneExpiredKeys - IDTokenService: buildIDTokenClaims (agent claims, nonce, DID), signIDToken (kid in JWT header), verifyIDToken (alg:none rejected, RS256/ES256 only) - OIDCController: discovery document, JWKS (Cache-Control), /agent-info - OIDC routes mounted at / — /.well-known/openid-configuration, /.well-known/jwks.json, /agent-info - OAuth2Service: id_token appended to token response when openid scope requested - 473 unit tests passing (100% OIDCKeyService stmts, 95.91% IDTokenService stmts) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-30 09:54:26 +00:00

Author

SHA1

Message

Date

SentryAgent.ai Developer

af630b43d4

chore(phase-4): QA fixes + gitignore portal build artifacts

- Fix 7 test fixtures missing isPublic field added in WS4 Marketplace
- Add portal/.next/ to .gitignore (build artifacts should not be tracked)
- Mark all Phase 4 tasks 11.1-11.11 complete in tasks.md

QA results: 611/611 tests pass, tsc zero errors, portal build OK, CLI build OK

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-02 10:59:11 +00:00

SentryAgent.ai Developer

5e465e596a

feat(phase-3): workstream 3 — OpenID Connect (OIDC) Provider

Implements full OIDC layer on top of the existing OAuth 2.0 token service:

- Migration 014: oidc_keys table (RSA/EC key pairs, is_current flag, expires_at
  for rotation grace period)
- OIDCKeyService: key generation (RS256/ES256), Vault storage, JWKS with Redis
  cache, key rotation with grace period, pruneExpiredKeys
- IDTokenService: buildIDTokenClaims (agent claims, nonce, DID), signIDToken
  (kid in JWT header), verifyIDToken (alg:none rejected, RS256/ES256 only)
- OIDCController: discovery document, JWKS (Cache-Control), /agent-info
- OIDC routes mounted at / — /.well-known/openid-configuration,
  /.well-known/jwks.json, /agent-info
- OAuth2Service: id_token appended to token response when openid scope requested
- 473 unit tests passing (100% OIDCKeyService stmts, 95.91% IDTokenService stmts)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-30 09:54:26 +00:00

2 Commits