hsiegeln 664acf2614 Merge feature/logout-hardening: server-side revocation + RP-Initiated Logout ...

Fixes a silent token-revocation bug (JwtAuthenticationFilter was looking
up users by prefixed JWT subject instead of the bare user_id), adds
POST /api/v1/auth/logout that bumps token_revoked_before, and replaces
the broken cross-origin fetch logout in the SPA with a proper top-level
RP-Initiated Logout redirect (id_token_hint + post_logout_redirect_uri
+ client_id). Adds a signed-out splash and prompt=login defence.

Operational follow-up: SaaS team must register
<base-url>/login as a post_logout_redirect_uri on each Logto tenant
client. See docs/handoff/2026-04-27-logout-hardening.md.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-27 12:05:27 +02:00

.claude/rules

docs(rules): document POST /auth/logout on UiAuthController

2026-04-27 12:00:05 +02:00

.gitea

ci: include cameleer-license-api in maven deploy project list

2026-04-26 20:41:26 +02:00

.planning

docs(triage): close-out follow-up — all 12 parked failures resolved, 560/560 green

2026-04-21 23:45:59 +02:00

.superpowers/brainstorm

revert: temporarily revert EIP_CIRCUIT_BREAKER compound rendering

2026-03-29 18:15:10 +02:00

audit

chore: rename cameleer3 to cameleer

2026-04-15 15:28:42 +02:00

cameleer-license-api

refactor(license): extract cameleer-license-api module from server-core

2026-04-26 20:06:52 +02:00

cameleer-license-minter

refactor(license): extract cameleer-license-api module from server-core

2026-04-26 20:06:52 +02:00

cameleer-server-app

fix(auth): close same-ms revocation race + tidy audit cleanup

2026-04-27 09:26:05 +02:00

cameleer-server-core

refactor(license): extract cameleer-license-api module from server-core

2026-04-26 20:06:52 +02:00

deploy

fix(auth): upsert UI login user_id unprefixed (drop docker seeder workaround)

2026-04-20 18:26:03 +02:00

docs

docs(handoff): logout-hardening verification notes

2026-04-27 12:04:02 +02:00

examples

chore: rename cameleer3 to cameleer

2026-04-15 15:28:42 +02:00

org/eclipse/elk

chore: rename cameleer3 to cameleer

2026-04-15 15:28:42 +02:00

screenshots

revert: temporarily revert EIP_CIRCUIT_BREAKER compound rendering

2026-03-29 18:15:10 +02:00

ui

feat(ui): signed-out splash + prompt=login on OIDC redirect

2026-04-27 11:59:04 +02:00

.dockerignore

Add Docker build, K8s manifests, and CI/CD deploy pipeline

2026-03-12 19:01:39 +01:00

.gitattributes

Scaffold cameleer3-server project structure

2026-03-11 10:06:17 +01:00

.gitignore

chore: track .claude/rules/ and add self-maintenance instruction

2026-04-16 09:26:53 +02:00

AGENTS.md

chore(gitnexus): sync indexed symbol count

2026-04-24 09:20:25 +02:00

CLAUDE.md

refactor(license): extract cameleer-license-api module from server-core

2026-04-26 20:06:52 +02:00

docker-compose.yml

fix(auth): upsert UI login user_id unprefixed (drop docker seeder workaround)

2026-04-20 18:26:03 +02:00

docker-entrypoint.sh

fix: import /certs/ca.pem into JVM truststore at startup

2026-04-11 11:31:26 +02:00

Dockerfile

chore(docker): full-stack docker-compose mirroring deploy/ k8s manifests

2026-04-20 15:52:24 +02:00

HOWTO.md

docs(runtime): document hardening contract and runtime override (#152)

2026-04-25 21:06:10 +02:00

openapi.json

chore: rename cameleer3 to cameleer

2026-04-15 15:28:42 +02:00

pom.xml

refactor(license): extract cameleer-license-api module from server-core

2026-04-26 20:06:52 +02:00

UI_FINDINGS.md

chore: rename cameleer3 to cameleer

2026-04-15 15:28:42 +02:00

UI-CONSISTENCY-AUDIT.md

chore: rename cameleer3 to cameleer

2026-04-15 15:28:42 +02:00

Description

Observability server for Cameleer agents

26 MiB

Languages

Java 63.7%

TypeScript 28.6%

HTML 4.9%

CSS 2.7%