70a6bc82e0
Implements FED-004: Cross-Instance Identity Linking, building on the foundation from FED-001, FED-002, and FED-003. New Services: - IdentityLinkingService: Handles identity verification and mapping with signature validation and OIDC token verification - IdentityResolutionService: Resolves identities between local and remote instances with support for bulk operations New API Endpoints (IdentityLinkingController): - POST /api/v1/federation/identity/verify - Verify remote identity - POST /api/v1/federation/identity/resolve - Resolve remote to local user - POST /api/v1/federation/identity/bulk-resolve - Bulk resolution - GET /api/v1/federation/identity/me - Get current user's identities - POST /api/v1/federation/identity/link - Create identity mapping - PATCH /api/v1/federation/identity/:id - Update mapping - DELETE /api/v1/federation/identity/:id - Revoke mapping - GET /api/v1/federation/identity/:id/validate - Validate mapping Security Features: - Signature verification using remote instance public keys - OIDC token validation before creating mappings - Timestamp validation to prevent replay attacks - Workspace isolation via authentication guards - Comprehensive audit logging for all identity operations Enhancements: - Added SignatureService.verifyMessage() for remote signature verification - Added FederationService.getConnectionByRemoteInstanceId() - Extended FederationAuditService with identity logging methods - Created comprehensive DTOs with class-validator decorators Testing: - 38 new tests (19 service + 7 resolution + 12 controller) - All 132 federation tests passing - TypeScript compilation passing with no errors - High test coverage achieved (>85% requirement exceeded) Technical Details: - Leverages existing FederatedIdentity model from FED-003 - Uses RSA SHA-256 signatures for cryptographic verification - Supports one identity mapping per remote instance per user - Resolution service optimized for read-heavy operations - Built following TDD principles (Red-Green-Refactor) Closes #87 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Mosaic Stack Documentation
Complete documentation for Mosaic Stack, organized in Bookstack-compatible shelf/book/chapter/page structure.
📚 Books
1. Getting Started
Essential guides to get Mosaic Stack installed and configured.
- Quick Start — Get up and running in 5 minutes
- Installation
- Configuration
2. Development
Developer guides for contributing to Mosaic Stack.
- Workflow
- Database
- Schema, migrations, and Prisma guides (to be added)
- Type Sharing
3. Architecture
Technical architecture and design decisions.
- Overview — System design (to be added)
- Authentication — BetterAuth and OIDC (to be added)
- Design Principles
4. API Reference
Complete API endpoint documentation.
📝 Scratchpads
Development notes and implementation details for specific issues:
- Issue #1: Project Scaffold
- Issue #2: PostgreSQL Schema
- Issue #3: Prisma ORM Setup
- Issue #4: Authentik OIDC Integration
🔍 Quick Links
For New Users
For Developers
For Architects
- PDA-Friendly Design
- Authentication Flow (to be added)
- System Overview (to be added)
For API Consumers
📋 Documentation Standards
File Organization
docs/
├── {N}-{book-name}/ # Book (numbered)
│ ├── README.md # Book overview
│ ├── {N}-{chapter-name}/ # Chapter (numbered)
│ │ ├── {N}-{page-name}.md # Page (numbered)
│ │ └── ...
│ └── ...
└── scratchpads/ # Development notes (unnumbered)
Numbering Convention
- Books:
1-getting-started,2-development,3-architecture,4-api - Chapters:
1-quick-start,2-installation,3-configuration - Pages:
1-overview.md,2-local-setup.md,3-docker-setup.md
Numbers maintain order in file systems and Bookstack.
Writing Style
- Concise — No unnecessary verbosity
- Action-oriented — Use imperative mood ("Run the command", not "You should run")
- Example-heavy — Show, don't just tell
- Code blocks — Always include working examples
- Links — Cross-reference related topics
- PDA-friendly — Follow design principles
Code Examples
Always include:
- Language identifier for syntax highlighting
- Complete, runnable examples
- Expected output when relevant
- Error cases and troubleshooting
🛠️ Contributing to Docs
Adding New Pages
- Identify the appropriate book/chapter
- Create numbered markdown file
- Add to chapter's parent README
- Link from related pages
- Test all links and code examples
Updating Existing Pages
- Keep formatting consistent
- Update last-modified date
- Test all examples
- Check cross-references
Creating New Books
- Number sequentially (
5-{new-book}) - Create
README.mdoverview - Add chapter directories
- Update this index
📊 Documentation Status
| Book | Completion |
|---|---|
| Getting Started | 🟢 Complete |
| Development | 🟡 Partial |
| Architecture | 🟡 Partial |
| API Reference | 🟡 Partial |
Legend:
- 🟢 Complete
- 🟡 Partial
- 🔵 Planned
- ⚪ Not started
🔗 External Resources
- Project Repository: https://git.mosaicstack.dev/mosaic/stack
- Issue Tracker: https://git.mosaicstack.dev/mosaic/stack/issues
- Google Style Guides: https://github.com/google/styleguide
- BetterAuth Docs: https://www.better-auth.com
- Prisma Docs: https://www.prisma.io/docs
- NestJS Docs: https://docs.nestjs.com
📧 Support
- Issues: Create an issue
- Discussions: Project discussions
Last Updated: 2026-01-28 Version: 0.0.1 (Pre-MVP)