21650fb194
Implements FederationClientService — a NestJS injectable that dials peer
gateways over mTLS (undici Agent with cert+sealed-key from federation_peers),
invokes list/get/capabilities verbs, validates responses via Zod, and surfaces
all failure modes as typed FederationClientError with a coherent error code
taxonomy (PEER_NOT_FOUND, PEER_INACTIVE, PEER_MISCONFIGURED, NETWORK,
FORBIDDEN, HTTP_{status}, INVALID_RESPONSE).
Per-peer Agent instances are cached in a Map for the service lifetime;
flushPeer(peerId) invalidates the cache for M5/M6 cert rotation and
revocation events.
Wired into FederationModule providers + exports so QuerySourceService
(M3-09) can inject it.
13 unit tests covering all required scenarios via undici MockAgent +
real sealClientKey/unsealClientKey round-trip.
Closes #462
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
16 lines
737 B
TypeScript
16 lines
737 B
TypeScript
import { Module } from '@nestjs/common';
|
|
import { AdminGuard } from '../admin/admin.guard.js';
|
|
import { CaService } from './ca.service.js';
|
|
import { EnrollmentController } from './enrollment.controller.js';
|
|
import { EnrollmentService } from './enrollment.service.js';
|
|
import { FederationController } from './federation.controller.js';
|
|
import { GrantsService } from './grants.service.js';
|
|
import { FederationClientService } from './client/index.js';
|
|
|
|
@Module({
|
|
controllers: [EnrollmentController, FederationController],
|
|
providers: [AdminGuard, CaService, EnrollmentService, GrantsService, FederationClientService],
|
|
exports: [CaService, EnrollmentService, GrantsService, FederationClientService],
|
|
})
|
|
export class FederationModule {}
|