Add retry capability with exponential backoff for HTTP requests.
- Implement withRetry utility with configurable retry logic
- Exponential backoff: 1s, 2s, 4s, 8s (max)
- Maximum 3 retries by default
- Retry on network errors (ECONNREFUSED, ETIMEDOUT, etc.)
- Retry on 5xx server errors and 429 rate limit
- Do NOT retry on 4xx client errors
- Integrate with connection service for HTTP requests
Fixes#293
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Add protocol version validation during connection handshake.
- Define FEDERATION_PROTOCOL_VERSION constant (1.0)
- Validate version on both outgoing and incoming connections
- Require exact version match for compatibility
- Log and audit version mismatches
Fixes#292
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Add test to verify workspace connection limit enforcement.
Default limit is 100 connections per workspace.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Implemented comprehensive audit logging for all incoming federation
connection attempts to provide visibility and security monitoring.
Changes:
- Added logIncomingConnectionAttempt() to FederationAuditService
- Added logIncomingConnectionCreated() to FederationAuditService
- Added logIncomingConnectionRejected() to FederationAuditService
- Injected FederationAuditService into ConnectionService
- Updated handleIncomingConnectionRequest() to log all connection events
Audit logging captures:
- All incoming connection attempts with remote instance details
- Successful connection creations with connection ID
- Rejected connections with failure reason and error details
- Workspace ID for all events (security compliance)
- All events marked as securityEvent: true
Testing:
- Added 3 new tests for audit logging verification
- All 24 connection service tests passing
- Quality gates: lint, typecheck, build all passing
Security Impact:
- Provides visibility into all incoming connection attempts
- Enables security monitoring and threat detection
- Audit trail for compliance requirements
- Foundation for future authorization controls
Note: This implements Phase 1 (audit logging) of issue #276.
Full authorization (allowlist/denylist, admin approval) will be
implemented in a follow-up issue requiring schema changes.
Fixes#276
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixed silent connection initiation failures where HTTP errors were caught
but success was returned to the user, leaving zombie connections in
PENDING state forever.
Changes:
- Delete failed connection from database when HTTP request fails
- Throw BadRequestException with clear error message
- Added test to verify connection deletion and exception throwing
- Import BadRequestException in connection.service.ts
User Impact:
- Users now receive immediate feedback when connection initiation fails
- No more zombie connections stuck in PENDING state
- Clear error messages indicate the reason for failure
Testing:
- Added test case: "should delete connection and throw error if request fails"
- All 21 connection service tests passing
- Quality gates: lint, typecheck, build all passing
Fixes#275
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Implements federated authentication infrastructure using OIDC:
- Add FederatedIdentity model to Prisma schema for identity mapping
- Create OIDCService with identity linking and token validation
- Add FederationAuthController with 5 endpoints:
* POST /auth/initiate - Start federated auth flow
* POST /auth/link - Link identity to remote instance
* GET /auth/identities - List user's federated identities
* DELETE /auth/identities/:id - Revoke identity
* POST /auth/validate - Validate federated token
- Create comprehensive type definitions for OIDC flows
- Add audit logging for security events
- Write 24 passing tests (14 service + 10 controller)
- Achieve 79% coverage for OIDCService, 100% for controller
Notes:
- Token validation and auth URL generation are placeholder implementations
- Full JWT validation will be added when federation OIDC is actively used
- Identity mappings enforce workspace isolation
- All endpoints require authentication except /validate
Refs #86
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implemented connection handshake protocol for federation building on
the Instance Identity Model from issue #84.
**Services:**
- SignatureService: Message signing/verification with RSA-SHA256
- ConnectionService: Federation connection management
**API Endpoints:**
- POST /api/v1/federation/connections/initiate
- POST /api/v1/federation/connections/:id/accept
- POST /api/v1/federation/connections/:id/reject
- POST /api/v1/federation/connections/:id/disconnect
- GET /api/v1/federation/connections
- GET /api/v1/federation/connections/:id
- POST /api/v1/federation/incoming/connect
**Tests:** 70 tests pass (18 Signature + 20 Connection + 13 Controller + 19 existing)
**Coverage:** 100% on new code
**TDD Approach:** Tests written before implementation
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
