core/php-api
8
0
Fork 0
Code Issues 17 Pull requests Projects Releases Packages Wiki Activity Actions
10 commits 2 branches 0 tags 347 KiB
Commit graph

3 commits

Author SHA1 Message Date
Snider
97d0b32ed5 test(scopes): add comprehensive API scope enforcement tests (P2-008) 
- Implement wildcard scope matching in ApiKey::hasScope():
  - Resource wildcards (posts:*) grant all actions on resource
  - Action wildcards (*:read) grant action on all resources
  - Full wildcard (*) grants universal access
- Add hasAnyScope() method for OR-style scope checking
- Add extensive tests for:
  - EnforceApiScope middleware validation
  - CheckApiScope middleware with explicit requirements
  - Wildcard scope matching (posts:*, *:read, *)
  - Scope inheritance and hierarchy
  - Error response formatting with required/provided scopes
  - Edge cases (null scopes, case sensitivity, nested colons)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 19:34:40 +00:00
Snider
49c862b6c1 feat(security): add API key IP whitelisting with CIDR support (P1-004) 
- P1-002: API key security tests verified (bcrypt, rotation)
- P1-003: Webhook signature tests verified (HMAC-SHA256)
- P1-004: IP whitelisting with IPv4/IPv6 CIDR support

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-29 13:20:58 +00:00
Snider
931974645b monorepo sepration 2026-01-26 20:57:08 +00:00