Peter.Morton
50b87297d2
- Refactor kmeContentSourceAdapter.js into getValidToken(), oidcAuthFlow(), and sitemapFlow(); add sitemap generation using hydra:member response structure - Add searchApiBaseUrl, tenant, proxyBaseUrl fields to kme_CSA_settings.json and kme_CSA_settings.json.example - Add 17 unit tests for sitemap flow and non-sitemap routing regression - Add 5 contract tests for sitemap endpoint (proxy-http.test.js) - Add [Unreleased] sitemap entry to CHANGELOG.md - Add full specs/002-sitemap-generation/ artifact directory (spec, plan, tasks, data-model, contracts, research, quickstart, checklist) - Update constitution.md: add redis as permitted global, refresh kme_CSA_settings references - Update copilot-instructions.md SPECKIT marker to sitemap plan
45 lines
2.8 KiB
Markdown
45 lines
2.8 KiB
Markdown
# Changelog
|
|
|
|
All notable changes to this project will be documented in this file.
|
|
|
|
The format follows [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
|
|
---
|
|
|
|
## [Unreleased]
|
|
|
|
### Added
|
|
|
|
- `GET /sitemap.xml` endpoint: returns a well-formed XML Sitemap (Sitemaps protocol 0.9) containing one `<url><loc>` per knowledge item from the KME Knowledge Search Service
|
|
- `sitemapFlow()` async function in `kmeContentSourceAdapter.js` — settings validation, OIDC token reuse, search API call, XML build via `xmlBuilder`, 10-second timeout, 502/504/500 error responses
|
|
- `getValidToken()` shared helper extracted from the existing OIDC auth flow — used by both sitemap and non-sitemap paths
|
|
- URL routing at IIFE entry point: requests ending in `/sitemap.xml` → `sitemapFlow()`, all others → `oidcAuthFlow()`
|
|
- Three new fields in `src/globalVariables/kme_CSA_settings.json`: `searchApiBaseUrl`, `tenant`, `proxyBaseUrl`
|
|
- Three new placeholder fields in `src/globalVariables/kme_CSA_settings.json.example`
|
|
- Unit tests for sitemap flow: happy path (items present), empty results, `vkm:url` filtering, 502/504/500 error scenarios, non-sitemap regression tests
|
|
- Contract tests for sitemap endpoint: full round-trip 200, empty results 200, 502 upstream error, 504 timeout
|
|
|
|
---
|
|
|
|
## [0.1.0] - 2026-04-23
|
|
|
|
### Added
|
|
|
|
- `src/proxyScripts/kmeContentSourceAdapter.js` — OIDC authentication proxy script running in a Node.js VM sandbox (zero imports/exports)
|
|
- `src/globalVariables/kme_CSA_settings.json` — OIDC credentials and token endpoint configuration (gitignored)
|
|
- `src/globalVariables/kme_CSA_settings.json.example` — placeholder settings file for version control
|
|
- Redis-backed token cache (`authorization` hash, fields `token` and `expiry`) — token persists across adapter restarts
|
|
- Token stampede guard via in-process `_pendingFetch` promise — only one token fetch in-flight at a time
|
|
- Absolute Unix epoch expiry check (`Date.now() / 1000 < expiry`)
|
|
- `200 OK / Authorized` response on successful authentication
|
|
- `401 Unauthorized` response with descriptive message on auth failure (bad credentials, timeout, unreachable service)
|
|
- 5-second timeout on OIDC token POST requests
|
|
- Structured logging throughout proxy script using `console.debug`, `console.info`, and `console.error`
|
|
- `redis` dependency wired into VM context via `createClient().connect()` in `server.js`
|
|
- Unit tests (`tests/unit/proxy.test.js`) — 12 tests covering US1, US2, US3, and stampede guard
|
|
- Contract tests (`tests/contract/proxy-http.test.js`) — 2 tests covering HTTP 200/401 response shape
|
|
|
|
[Unreleased]: https://github.com/your-org/kme-content-adapter/compare/v0.1.0...HEAD
|
|
[0.1.0]: https://github.com/your-org/kme-content-adapter/releases/tag/v0.1.0
|