80bd51e4c1
fix: Implement IndieAuth endpoint discovery (v1.0.0-rc.5)
...
CRITICAL: Fix hardcoded IndieAuth endpoint configuration that violated
the W3C IndieAuth specification. Endpoints are now discovered dynamically
from the user's profile URL as required by the spec.
This combines two critical fixes for v1.0.0-rc.5:
1. Migration race condition fix (previously committed)
2. IndieAuth endpoint discovery (this commit)
## What Changed
### Endpoint Discovery Implementation
- Completely rewrote starpunk/auth_external.py with full endpoint discovery
- Implements W3C IndieAuth specification Section 4.2 (Discovery by Clients)
- Supports HTTP Link headers and HTML link elements for discovery
- Always discovers from ADMIN_ME (single-user V1 assumption)
- Endpoint caching (1 hour TTL) for performance
- Token verification caching (5 minutes TTL)
- Graceful fallback to expired cache on network failures
### Breaking Changes
- REMOVED: TOKEN_ENDPOINT configuration variable
- Endpoints now discovered automatically from ADMIN_ME profile
- ADMIN_ME profile must include IndieAuth link elements or headers
- Deprecation warning shown if TOKEN_ENDPOINT still in environment
### Added
- New dependency: beautifulsoup4>=4.12.0 for HTML parsing
- HTTP Link header parsing (RFC 8288 basic support)
- HTML link element extraction with BeautifulSoup4
- Relative URL resolution against profile URL
- HTTPS enforcement in production (HTTP allowed in debug mode)
- Comprehensive error handling with clear messages
- 35 new tests covering all discovery scenarios
### Security
- Token hashing (SHA-256) for secure caching
- HTTPS required in production, localhost only in debug mode
- URL validation prevents injection
- Fail closed on security errors
- Single-user validation (token must belong to ADMIN_ME)
### Performance
- Cold cache: ~700ms (first request per hour)
- Warm cache: ~2ms (subsequent requests)
- Grace period maintains service during network issues
## Testing
- 536 tests passing (excluding timing-sensitive migration tests)
- 35 new endpoint discovery tests (all passing)
- Zero regressions in existing functionality
## Documentation
- Updated CHANGELOG.md with comprehensive v1.0.0-rc.5 entry
- Implementation report: docs/reports/2025-11-24-v1.0.0-rc.5-implementation.md
- Migration guide: docs/migration/fix-hardcoded-endpoints.md (architect)
- ADR-031: Endpoint Discovery Implementation Details (architect)
## Migration Required
1. Ensure ADMIN_ME profile has IndieAuth link elements
2. Remove TOKEN_ENDPOINT from .env file
3. Restart StarPunk - endpoints discovered automatically
Following:
- ADR-031: Endpoint Discovery Implementation Details
- docs/architecture/endpoint-discovery-answers.md (architect Q&A)
- docs/architecture/indieauth-endpoint-discovery.md (architect guide)
- W3C IndieAuth Specification Section 4.2
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-24 19:41:39 -07:00
a3bac86647
feat: Complete IndieAuth server removal (Phases 2-4)
...
Completed all remaining phases of ADR-030 IndieAuth provider removal.
StarPunk no longer acts as an authorization server - all IndieAuth
operations delegated to external providers.
Phase 2 - Remove Token Issuance:
- Deleted /auth/token endpoint
- Removed token_endpoint() function from routes/auth.py
- Deleted tests/test_routes_token.py
Phase 3 - Remove Token Storage:
- Deleted starpunk/tokens.py module entirely
- Created migration 004 to drop tokens and authorization_codes tables
- Deleted tests/test_tokens.py
- Removed all internal token CRUD operations
Phase 4 - External Token Verification:
- Created starpunk/auth_external.py module
- Implemented verify_external_token() for external IndieAuth providers
- Updated Micropub endpoint to use external verification
- Added TOKEN_ENDPOINT configuration
- Updated all Micropub tests to mock external verification
- HTTP timeout protection (5s) for external requests
Additional Changes:
- Created migration 003 to remove code_verifier from auth_state
- Fixed 5 migration tests that referenced obsolete code_verifier column
- Updated 11 Micropub tests for external verification
- Fixed test fixture and app context issues
- All 501 tests passing
Breaking Changes:
- Micropub clients must use external IndieAuth providers
- TOKEN_ENDPOINT configuration now required
- Existing internal tokens invalid (tables dropped)
Migration Impact:
- Simpler codebase: -500 lines of code
- Fewer database tables: -2 tables (tokens, authorization_codes)
- More secure: External providers handle token security
- More maintainable: Less authentication code to maintain
Standards Compliance:
- W3C IndieAuth specification
- OAuth 2.0 Bearer token authentication
- IndieWeb principle: delegate to external services
Related:
- ADR-030: IndieAuth Provider Removal Strategy
- ADR-050: Remove Custom IndieAuth Server
- Migration 003: Remove code_verifier from auth_state
- Migration 004: Drop tokens and authorization_codes tables
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-24 17:23:46 -07:00
9c65723e9d
fix: Handle empty FLASK_SECRET_KEY in config (v0.9.5)
...
os.getenv() returns empty string instead of using default when env var
is set but empty. This caused SECRET_KEY to be empty when FLASK_SECRET_KEY=""
was in .env, breaking Flask sessions/flash messages.
Now treats empty string same as unset, properly falling back to SESSION_SECRET.
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-23 19:36:08 -07:00
ba0f409a2a
fix: Add trailing slash to SITE_URL and enhance debug logging (v0.9.1)
...
Fix 1: SITE_URL trailing slash normalization
- IndieLogin.com requires client_id URLs to have trailing slash for root domains
- Added automatic normalization in load_config() after env loading
- Added secondary normalization after config overrides (for test compatibility)
- Fixes "client_id is not registered" authentication errors
- Updated redirect_uri construction to avoid double slashes
Fix 2: Enhanced httpx debug logging
- Added detailed request logging before token exchange POST
- Added detailed response logging after token exchange POST
- Shows exact HTTP method, URL, headers, and body for troubleshooting
- All sensitive data (tokens, verifiers) automatically redacted
- Supplements existing _log_http_request/_log_http_response helpers
Version: 0.9.1 (PATCH - bug fixes)
- Updated __version__ in starpunk/__init__.py
- Added CHANGELOG entry for v0.9.1
Tests: 486/514 passing (28 pre-existing failures from v0.8.0)
- No new test failures introduced
- Trailing slash normalization verified in config
- Debug logging outputs verified
Related: IndieLogin.com authentication flow
Following: docs/standards/git-branching-strategy.md
Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-19 16:27:13 -07:00
93634d2bb0
fix: use __version__ as default for VERSION config
...
The config.py was defaulting to hardcoded '0.6.0' instead of using
the package __version__ variable. This caused the footer to show the
wrong version number even after updating to 0.6.1.
Now config.py imports and uses __version__ as the default, ensuring
version consistency across the codebase.
Fixes version display bug in v0.6.1.
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-19 12:17:08 -07:00
d420269bc0
feat: add RSS feed endpoint and configuration
...
Implements /feed.xml route with caching and ETag support.
Features:
- GET /feed.xml returns RSS 2.0 feed of published notes
- Server-side caching (5 minutes default, configurable)
- ETag generation for conditional requests
- Cache-Control headers for client-side caching
- Configurable feed item limit (50 default)
Configuration:
- FEED_MAX_ITEMS: Maximum items in feed (default: 50)
- FEED_CACHE_SECONDS: Cache duration in seconds (default: 300)
Related: docs/decisions/ADR-014-rss-feed-implementation.md
2025-11-19 08:42:32 -07:00
0cca8169ce
feat: Implement Phase 4 Web Interface with bugfixes (v0.5.2)
...
## Phase 4: Web Interface Implementation
Implemented complete web interface with public and admin routes,
templates, CSS, and development authentication.
### Core Features
**Public Routes**:
- Homepage with recent published notes
- Note permalinks with microformats2
- Server-side rendering (Jinja2)
**Admin Routes**:
- Login via IndieLogin
- Dashboard with note management
- Create, edit, delete notes
- Protected with @require_auth decorator
**Development Authentication**:
- Dev login bypass for local testing (DEV_MODE only)
- Security safeguards per ADR-011
- Returns 404 when disabled
**Templates & Frontend**:
- Base layouts (public + admin)
- 8 HTML templates with microformats2
- Custom responsive CSS (114 lines)
- Error pages (404, 500)
### Bugfixes (v0.5.1 → v0.5.2)
1. **Cookie collision fix (v0.5.1)**:
- Renamed auth cookie from "session" to "starpunk_session"
- Fixed redirect loop between dev login and admin dashboard
- Flask's session cookie no longer conflicts with auth
2. **HTTP 404 error handling (v0.5.1)**:
- Update route now returns 404 for nonexistent notes
- Delete route now returns 404 for nonexistent notes
- Follows ADR-012 HTTP Error Handling Policy
- Pattern consistency across all admin routes
3. **Note model enhancement (v0.5.2)**:
- Exposed deleted_at field from database schema
- Enables soft deletion verification in tests
- Follows ADR-013 transparency principle
### Architecture
**New ADRs**:
- ADR-011: Development Authentication Mechanism
- ADR-012: HTTP Error Handling Policy
- ADR-013: Expose deleted_at Field in Note Model
**Standards Compliance**:
- Uses uv for Python environment
- Black formatted, Flake8 clean
- Follows git branching strategy
- Version incremented per versioning strategy
### Test Results
- 405/406 tests passing (99.75%)
- 87% code coverage
- All security tests passing
- Manual testing confirmed working
### Documentation
- Complete implementation reports in docs/reports/
- Architecture reviews in docs/reviews/
- Design documents in docs/design/
- CHANGELOG updated for v0.5.2
### Files Changed
**New Modules**:
- starpunk/dev_auth.py
- starpunk/routes/ (public, admin, auth, dev_auth)
**Templates**: 10 files (base, pages, admin, errors)
**Static**: CSS and optional JavaScript
**Tests**: 4 test files for routes and templates
**Docs**: 20+ architectural and implementation documents
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude <noreply@anthropic.com >
2025-11-18 23:01:53 -07:00
a68fd570c7
that initial commit
2025-11-18 19:21:31 -07:00
