[Spec Kit] Implementation progress

2026-04-22 19:57:03 -05:00
parent a763582bc4
commit 49a6b2e4e7
3 changed files with 146 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,33 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format follows [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
+This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+---
+
+## [Unreleased]
+
+---
+
+## [0.1.0] - 2026-04-23
+
+### Added
+
+- `src/proxyScripts/kmeContentSourceAdapter.js` — OIDC authentication proxy script running in a Node.js VM sandbox (zero imports/exports)
+- `src/globalVariables/kme_CSA_settings.json` — OIDC credentials and token endpoint configuration (gitignored)
+- `src/globalVariables/kme_CSA_settings.json.example` — placeholder settings file for version control
+- Redis-backed token cache (`authorization` hash, fields `token` and `expiry`) — token persists across adapter restarts
+- Token stampede guard via in-process `_pendingFetch` promise — only one token fetch in-flight at a time
+- Absolute Unix epoch expiry check (`Date.now() / 1000 < expiry`)
+- `200 OK / Authorized` response on successful authentication
+- `401 Unauthorized` response with descriptive message on auth failure (bad credentials, timeout, unreachable service)
+- 5-second timeout on OIDC token POST requests
+- Structured logging throughout proxy script using `console.debug`, `console.info`, and `console.error`
+- `redis` dependency wired into VM context via `createClient().connect()` in `server.js`
+- Unit tests (`tests/unit/proxy.test.js`) — 12 tests covering US1, US2, US3, and stampede guard
+- Contract tests (`tests/contract/proxy-http.test.js`) — 2 tests covering HTTP 200/401 response shape
+
+[Unreleased]: https://github.com/your-org/kme-content-adapter/compare/v0.1.0...HEAD
+[0.1.0]: https://github.com/your-org/kme-content-adapter/releases/tag/v0.1.0