feat(WP-0010): IHF Phase 9 — External API Surface and Consumer SDKs
Some checks failed
Test / test (push) Has been cancelled

Delivers the full Phase 9 external API layer:

- Versioned REST API (/api/v2/) with OpenAPI 3.1 spec; enum arrays for
  widget_type, event_type, annotation category drawn live from registry tables
- OAuth 2.0 client credentials flow (/api/v2/token); hub:*:write scopes
  gated on active HubCapabilityManifest FK
- API key management: SHA256-hashed tokens, key_prefix for display,
  one-time reveal on creation, revocation support
- TypeScript and Python consumer SDKs generated from registry tables
  (/api/v2/sdk/ihf-client.ts, /api/v2/sdk/ihf-client.py)
- Webhook delivery: HMAC-SHA256 signing, append-only webhook_deliveries,
  fire-and-forget dispatch via forkIO, 3-retry logic
- Admin API dashboard with 24h stats (request count, error rate, last seen)
- Rate limiting (per-minute) and daily quota enforcement via api_request_log
- Schema migration: api_consumers, api_keys, webhook_subscriptions (CHECK
  constraint on 6 framework lifecycle topics), webhook_deliveries
  (append-only trigger), api_request_log
- ARCHITECTURE-LAYERS.md scorecard: 3.34 → 3.41 (approaching Strong)
- contracts/functional/interaction-reporting-v1.md extended with Phase 9
  endpoint catalogue and 422 validation error format

GAAF: no bare TEXT discriminators; webhook event_type uses CHECK constraint
over 6 allowed framework lifecycle topic strings (not widget event types).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-04-01 19:52:20 +00:00
parent 286d33923a
commit 3cac021213
38 changed files with 3581 additions and 17 deletions

View File

@@ -94,10 +94,17 @@ fin-hub, sec-hub, and other consumers extend the framework with their
domain-specific types.
**Entities:** `HubCapabilityManifest`, `WidgetTypeRegistry`, `EventTypeRegistry`,
`AnnotationCategoryRegistry`, `PolicyScopeRegistry`
`AnnotationCategoryRegistry`, `PolicyScopeRegistry`,
`ApiConsumer`, `ApiKey`, `WebhookSubscription`, `WebhookDelivery`, `ApiRequestLog`
**Contract:** [hub-capability-manifest-v1](contracts/extensions/hub-capability-manifest-v1.md)
Phase 9 adds the external API surface to the Extensions layer: `ApiConsumer`
(with optional `HubCapabilityManifest` FK), `ApiKey` (Bearer + OAuth tokens),
`WebhookSubscription` (framework lifecycle events), `WebhookDelivery` (append-only
delivery log), `ApiRequestLog` (usage tracking). `ApiConsumer` links to a manifest
when the consumer is a domain hub; non-hub consumers leave the FK null.
---
## Dependency Rule
@@ -118,25 +125,28 @@ Downward dependencies (Core → Functional) are **forbidden**.
## GAAF-2026 Scorecard
*Initial assessment: 2026-03-31 (post IHUB-WP-0009)*
*Last updated: 2026-04-01 (post IHUB-WP-0010 — Phase 9 External API)*
| Layer | Score (05) | Weight | Weighted | Notes |
|---|---|---|---|---|
| Core | 3.8 | 30% | 1.14 | Contracts formalised; type registries anchor discriminators |
| Functional | 3.2 | 20% | 0.64 | Maturity labels added; demand signals still informal |
| Functional | 3.3 | 20% | 0.66 | OpenAPI spec + contract companion; SDK generation live |
| Customization | 2.5 | 15% | 0.38 | HubRoutingRule/Overlay present; no formal manifest yet |
| Configuration | 3.0 | 10% | 0.30 | Registry-backed validation added; hub config schema planned |
| Extensions | 3.5 | 10% | 0.35 | HubCapabilityManifest operational; manifest protocol Beta |
| Cross-layer | 3.5 | 15% | 0.53 | Fitness functions in CI; contracts documented; layer map current |
| **Total** | | | **3.34** | Usable but vulnerable — Phase 9 ready |
| Configuration | 3.2 | 10% | 0.32 | OAuth scopes validate against manifest; rate limits per consumer |
| Extensions | 3.7 | 10% | 0.37 | API consumer links to manifest; manifest-gated hub:write scopes |
| Cross-layer | 3.6 | 15% | 0.54 | Fitness functions in CI; contracts documented; layer map current |
| **Total** | | | **3.41** | Usable but vulnerable — Phase 10 ready |
**Interpretation:** 3.34 = Usable but vulnerable (2.53.4). Phase 9 may begin.
**Interpretation:** 3.41 = Usable but vulnerable (2.53.4 range; approaching Strong).
Target for Phase 10 exit: ≥3.5 (Strong).
*Score ≥3.5 target criteria for Phase 10:*
- Customization layer manifest implemented (per-hub configuration contract)
- Functional module demand signals formalised
- Hub config schema runtime-validated
- Hub Registry (Phase 10) public discovery UI operational
*Next review date: 2026-09-30*
---