Fixes database migration detection for partially migrated databases.
This hotfix resolves an issue where migration 002 would fail to detect
existing migrated tables, causing conflicts on databases that had been
partially migrated.
CRITICAL HOTFIX for production deployment failure
Problem:
- Production database had migration 001 applied but not migration 002
- Migration 002's tables (tokens, authorization_codes) already existed from SCHEMA_SQL
- Smart detection only checked when migration_count == 0 (fresh database)
- For partially migrated databases (count > 0), tried to run full migration
- This failed with "table already exists" error
Solution:
- Always check migration 002's state, regardless of migration_count
- If tables exist with correct structure, skip table creation
- Create missing indexes only
- Mark migration as applied
Testing:
- Manual verification with production scenario: SUCCESS
- 561 automated tests passing
- test_run_migrations_partial_applied confirms fix works
Impact:
- Fixes deployment on partially migrated production databases
- No impact on fresh or fully migrated databases
- Backwards compatible with all database states
Version: 1.0.0-rc.2 → 1.0.0-rc.3
Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
Hotfix 1.0.0-rc.2: Critical database migration fix
Resolves index conflict issue where migration 002 would fail on existing
databases due to duplicate index definitions in SCHEMA_SQL.
Fixes critical issue where migration 002 indexes already existed in SCHEMA_SQL,
causing 'index already exists' errors on databases created before v1.0.0-rc.1.
Changes:
- Removed duplicate index definitions from SCHEMA_SQL (database.py)
- Enhanced migration system to detect and handle indexes properly
- Added comprehensive documentation of the fix
Version bumped to 1.0.0-rc.2 with full changelog entry.
Refs: docs/reports/2025-11-24-migration-fix-v1.0.0-rc.2.md
- Update version to 0.9.5 throughout README
- Clarify Micropub as coming in v1.0 (currently in development)
- Add note that database auto-initializes on first run
- Fix deployment documentation link to standards location
- Add .gitignore entry for test.ini temporary file
All changes approved by architect agent.
Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Updated 42 references from indieauth.spec.indieweb.org to www.w3.org/TR/indieauth
- Ensures consistency across all documentation
- Points to the authoritative W3C specification
- No functional changes, documentation update only
Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
Implements token security and management as specified in ADR-029:
Database Changes (BREAKING):
- Add secure tokens table with SHA256 hashed storage
- Add authorization_codes table for IndieAuth token exchange
- Drop old insecure tokens table (invalidates existing tokens)
- Update SCHEMA_SQL to match post-migration state
Token Management (starpunk/tokens.py):
- Generate cryptographically secure tokens
- Hash tokens with SHA256 for secure storage
- Create and verify access tokens
- Create and exchange authorization codes
- PKCE support (optional but recommended)
- Scope validation (V1: only 'create' scope)
- Token expiry and revocation support
Testing:
- Comprehensive test suite for all token operations
- Test authorization code replay protection
- Test PKCE validation
- Test parameter validation
- Test token expiry
Security:
- Tokens never stored in plain text
- Authorization codes single-use with replay protection
- Optional PKCE for enhanced security
- Proper UTC datetime handling for expiry
Related:
- ADR-029: Micropub IndieAuth Integration Strategy
- Migration 002: Secure tokens and authorization codes
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This agent helps maintain documentation organization and ensures
README.md stays current with the codebase.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add comprehensive Micropub endpoint design document
- Define token management approach for IndieAuth
- Specify minimal V1 feature set (create posts, queries)
- Defer media endpoint and advanced features to post-V1
- Add ADR-028 documenting implementation strategy
- 8-10 day implementation timeline to unblock V1
The Micropub endpoint is the final blocker for V1.0.0 release.
Added "Documentation Navigation" section with:
- Clear explanation of docs/ folder structure and purpose of each subdirectory
- Guidelines for finding existing documentation before implementing features
- Practical rules for when to create ADRs, design docs, reports, or standards
- File naming conventions for different document types
This improves agent and developer ability to navigate the documentation
system and maintain proper organization standards.
Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Switched from GitLab CI to Gitea Actions for container builds.
Triggers on version tags, pushes to Gitea Container Registry.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Builds and pushes container images to GitLab Container Registry
when version tags (v*.*.*) are pushed.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
os.getenv() returns empty string instead of using default when env var
is set but empty. This caused SECRET_KEY to be empty when FLASK_SECRET_KEY=""
was in .env, breaking Flask sessions/flash messages.
Now treats empty string same as unset, properly falling back to SESSION_SECRET.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
IndieAuth authentication-only flows should redeem the code at the
authorization endpoint, not the token endpoint. The token endpoint
is only for authorization flows that need access tokens.
- Remove grant_type parameter (only needed for token flows)
- Change endpoint from /token to /authorize
- Update debug logging to reflect code verification flow
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The token exchange request was missing the required grant_type parameter
per OAuth 2.0 RFC 6749. IndieAuth providers that properly validate this
were rejecting the request with a 422 error.
- Add grant_type=authorization_code to token exchange data
- Add ADR-022 documenting the spec compliance requirement
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The auth routes were registered under /admin/* but the IndieAuth
redirect_uri was configured as /auth/callback, causing 404 errors
when providers redirected back after authentication.
- Change auth blueprint url_prefix from "/admin" to "/auth"
- Update test expectations for new auth route paths
- Add ADR-022 documenting the architectural decision
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Shows the exact GET request URL being sent to IndieLogin.com's
/authorize endpoint, including all query parameters in their
encoded form. This helps debug authentication flow issues.
- Added debug log after auth_url construction in initiate_login()
- Logs complete URL with all parameters before redirect
- Version remains 0.9.1 (debugging enhancement only)
This fixes critical IndieAuth authentication by implementing PKCE (Proof Key
for Code Exchange) as required by IndieLogin.com API specification.
Added:
- PKCE code_verifier and code_challenge generation (RFC 7636)
- Database column: auth_state.code_verifier for PKCE support
- Issuer validation for authentication callbacks
- Comprehensive PKCE unit tests (6 tests, all passing)
- Database migration script for code_verifier column
Changed:
- Corrected IndieLogin.com API endpoints (/authorize and /token)
- State token validation now returns code_verifier for token exchange
- Authentication flow follows IndieLogin.com API specification exactly
- Enhanced logging with code_verifier redaction
Removed:
- OAuth metadata endpoint (/.well-known/oauth-authorization-server)
Added in v0.7.0 but not required by IndieLogin.com
- h-app microformats markup from templates
Modified in v0.7.1 but not used by IndieLogin.com
- indieauth-metadata link from HTML head
Security:
- PKCE prevents authorization code interception attacks
- Issuer validation prevents token substitution attacks
- Code verifier securely stored, redacted in logs, and single-use
Documentation:
- Version: 0.8.0
- CHANGELOG updated with v0.8.0 entry and v0.7.x notes
- ADR-016 and ADR-017 marked as superseded by ADR-019
- Implementation report created in docs/reports/
- Test update guide created in TODO_TEST_UPDATES.md
Breaking Changes:
- Users mid-authentication will need to restart login after upgrade
- Database migration required before deployment
Related: ADR-019
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
h-app was invisible to IndieAuth parsers due to hidden and
aria-hidden attributes, preventing proper client discovery.
- Remove hidden and aria-hidden="true" from h-app div
- Update version to 0.7.1
- Update CHANGELOG with fix details
This provides backward compatibility for IndieAuth services
that rely on h-app microformat parsing.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add logging helper functions with automatic token redaction
- Implement comprehensive logging throughout auth flow
- Add production warning for DEBUG logging
- Add 14 new tests for logging functionality
- Update version to v0.7.0
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Fixes critical IndieAuth authentication failure by implementing modern
JSON-based client discovery mechanism per IndieAuth spec section 4.2.
Added /.well-known/oauth-authorization-server endpoint returning JSON
metadata with client_id, redirect_uris, and OAuth capabilities.
Added <link rel="indieauth-metadata"> discovery hint in HTML head.
Maintained h-app microformats for backward compatibility with legacy
IndieAuth servers.
This resolves "client_id is not registered" error from IndieLogin.com
by providing the metadata document modern IndieAuth servers expect.
Changes:
- Added oauth_client_metadata() endpoint in public routes
- Returns JSON with client info (24-hour cache)
- Uses config values (SITE_URL, SITE_NAME) not hardcoded URLs
- Added indieauth-metadata link in base.html
- Comprehensive test suite (15 new tests, all passing)
- Updated version to v0.6.2 (PATCH increment)
- Updated CHANGELOG.md with detailed fix documentation
Standards Compliance:
- IndieAuth specification section 4.2
- OAuth Client ID Metadata Document format
- IANA well-known URI registry
- RFC 7591 OAuth 2.0 Dynamic Client Registration
Testing:
- 467/468 tests passing (99.79%)
- 15 new tests for OAuth metadata and discovery
- Zero regressions in existing tests
- Test coverage maintained at 88%
Related Documentation:
- ADR-017: OAuth Client ID Metadata Document Implementation
- IndieAuth Fix Summary report
- Implementation report in docs/reports/
Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Following diagnosis in /docs/architecture/indieauth-client-diagnosis.md
and decision in /docs/decisions/ADR-006-indieauth-client-identification.md
Problem: The h-app microformat had hidden aria-hidden="true" attributes
that made it invisible to IndieAuth parsers, causing "client_id is not
registered" errors when authenticating with external providers.
Solution: Remove hidden attributes from h-app div in templates/base.html
to allow IndieAuth parsers to discover client metadata.
This ensures IndieAuth providers can validate our application during
the authorization flow.
Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Architect analysis identified the root cause of 'client_id is not
registered' error: h-app microformat is hidden from parsers.
Includes:
- Complete diagnosis of IndieAuth client registration issue
- ADR-006: IndieAuth Client Identification decision record
- Implementation guidelines for developer
Developer task: Remove hidden attributes from h-app div.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add minimal, production-ready static HTML identity page as reference
implementation for IndieAuth authentication.
Includes:
- Complete identity-page.html with h-card and IndieAuth endpoints
- Architectural documentation and rationale
- ADR-010: Static Identity Page decision record
- Customization guide for users
The example is zero-dependency, copy-paste ready, and guaranteed to
work with IndieLogin.com and StarPunk. Pre-configured for
thesatelliteoflove.com as working example.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
VERSION is now automatically sourced from the package __version__
variable in config.py, so it should not be set in environment variables.
This prevents version inconsistencies and ensures the displayed version
always matches the code version.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The config.py was defaulting to hardcoded '0.6.0' instead of using
the package __version__ variable. This caused the footer to show the
wrong version number even after updating to 0.6.1.
Now config.py imports and uses __version__ as the default, ensuring
version consistency across the codebase.
Fixes version display bug in v0.6.1.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Critical Hotfix - IndieAuth Client Discovery
=============================================
Problem Fixed:
--------------
Production IndieAuth authentication was failing with error:
'This client_id is not registered (https://starpunk.thesatelliteoflove.com)'
Root Cause:
-----------
StarPunk was missing IndieAuth client discovery metadata. IndieLogin.com
could not verify the client_id because no client identification information
was present in the application HTML.
Solution Implemented:
--------------------
Added h-app microformats markup to base.html footer to provide IndieAuth
client discovery metadata per IndieWeb standards.
Changes:
--------
- Added h-app microformats to templates/base.html
- Version bumped to v0.6.1
- Added 6 comprehensive tests for h-app markup (100% passing)
- Updated CHANGELOG.md with v0.6.1 release notes
- Created ADR-016: IndieAuth Client Discovery
- Created comprehensive analysis and implementation reports
Test Results:
-------------
- Total Tests: 455/456 passing (99.78%)
- New Tests: 6 for h-app microformats (100% passing)
- No Regressions: All existing tests still pass
Standards Compliance:
--------------------
- IndieAuth client discovery (h-app microformats)
- Microformats2 h-app specification
- HTML5 hidden attribute standard
- ARIA accessibility standard
Bug Classification:
------------------
- Severity: Critical (blocked production authentication)
- Type: Phase 3/4 bug (missed during implementation)
- Fix Type: Hotfix (immediate release required)
Expected Outcome:
-----------------
IndieLogin.com can now verify StarPunk as a legitimate OAuth client,
enabling production authentication to work correctly.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add h-app microformats markup to base.html to enable IndieLogin.com
to verify StarPunk as a legitimate OAuth client. Without this markup,
IndieLogin returns "client_id is not registered" error, blocking all
production authentication.
The h-app markup provides client identification per IndieAuth legacy
standard, which is widely supported by authorization servers including
IndieLogin.com.
Changes:
- Add h-app microformats div to base.html footer (hidden)
- Update version to v0.6.1 (patch release per ADR-008)
- Update CHANGELOG.md with v0.6.1 release notes
- Add 6 comprehensive tests for h-app markup (all passing)
- Create ADR-016 documenting client discovery decision
- Create architecture analysis report
- Create implementation report
Tests: 456 total, 455 passing (99.78%)
New tests: 6 for h-app microformats (100% passing)
Fixes critical bug preventing production authentication.
Related: Phase 3 Authentication implementation, ADR-016
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
