Tag: external-api-v0.1.0
Date: 2026-04-29
Spec: External API Design Spec
Plan: External API Implementation Plan
host: Darwin 24.3.0 arm64
dotnet: 8.0.125
dotnet-ef: 8.0.10
sql: Azure SQL Edge 1.0.7 (dev) / SQL Server 2022 (prod target)
git tag preceding: internal-api-v0.1.0
| # | Item | Status | Evidence |
|---|---|---|---|
| 1 | ~55 public REST endpoints under /api/... and BFF auth under /auth/... |
PASS | Endpoints: Countries, CountryProfiles, News, Events, Resources, ResourceCategories, Pages, HomepageSections, Topics, Community (read + write), KnowledgeMaps, InteractiveCity, Search, Notifications, Profile, Assistant, Kapsarc, Surveys |
| 2 | BFF cookie + Bearer dual-mode auth | PASS | BffSessionMiddleware decrypts cookie → synthesises Bearer header; downstream code is identical for both paths; ADR-0031 |
| 3 | Redis output cache (60s TTL, anonymous-only) | PASS | RedisOutputCacheMiddleware in CCE.Api.Common.Caching; authenticated requests bypass; ADR-0033 |
| 4 | Tiered rate limiter (Anonymous / Authenticated / SearchAndWrite, config-driven) | PASS | AddCceTieredRateLimiter + UseCceTieredRateLimiter; permit limits bound from RateLimiter:PermitLimit config key |
| 5 | Meilisearch search backend (ISearchClient + MeilisearchIndexer hosted service) |
PASS | MeilisearchClient implements ISearchClient; MeilisearchIndexer hosted service in Infrastructure; GET /api/search; ADR-0032 |
| 6 | HtmlSanitizer for user-submitted content | PASS | HtmlSanitizerWrapper wraps mganss NuGet; IHtmlSanitizer injected into community + profile validators; ADR-0034 |
| 7 | ICountryScopeAccessor for StateRep-scoped reads |
PASS | HttpContextCountryScopeAccessor reads StateRepAssignments; null = admin unrestricted, empty = see nothing; ADR-0030 |
| 8 | Smart-assistant stub endpoint (POST /api/assistant/query) |
PASS | SmartAssistantClient stub returns labelled placeholder; ISmartAssistantClient abstraction ready for Sub-8 LLM integration |
| 9 | KAPSARC snapshot read (GET /api/kapsarc/snapshots/{countryId}) |
PASS | Returns latest CountryKapsarcSnapshot by SnapshotTakenOn DESC; 404 when table is empty (expected in dev) |
| 10 | Service rating submit (POST /api/surveys/service-rating) |
PASS | ServiceRating.Submit(...) called; 201 + id returned; anonymous OK |
| 11 | 5 new ADRs (0030–0034) | PASS | docs/adr/0030-...0034-*.md all Status=Accepted, Date=2026-04-29 |
| 12 | Full test suite green, 0 failures | PASS | 1026 passed + 1 skipped (MigrationParityTests — inherited) |
| Layer | At start (internal-api-v0.1.0) | Current (external-api-v0.1.0) | Delta |
|---|---|---|---|
| Domain | 290 | 290 | 0 |
| Application | 278 | 424 | +146 |
| Infrastructure | 37 (+1 skipped) | 50 (+1 skipped) | +13 |
| Architecture | 12 | 12 | 0 |
| Source generator | 10 | 10 | 0 |
| Api Integration | 167 | 240 | +73 |
| Cumulative backend | 794 + 1 skipped | 1026 + 1 skipped | +232 |
- Phase 4.1 (auth + BFF): Established the dual-mode auth pipeline shared by all subsequent endpoint phases.
BffSessionMiddleware,AddCceBff,AddCceJwtAuth, andHttpContextCurrentUserAccessor/HttpContextCountryScopeAccessorwired here. - Phase 4.2 (output cache + rate limiter):
RedisOutputCacheMiddlewareandAddCceTieredRateLimiteradded as cross-cutting infrastructure before any domain endpoints. - Phase 4.3 (search):
ISearchClient,MeilisearchClient,MeilisearchIndexer,ISearchQueryLogger, andGET /api/searchlanded together. Architecture tests verified the layer boundary. - Phase 4.4–4.7 (content public endpoints): News, Events, Resources, ResourceCategories, Pages, HomepageSections, Categories — all anonymous GET endpoints with output-cache tags.
- Phase 4.8 (community): Read (public topics/posts/replies) + Write (create post/reply, follows, ratings) — write endpoints require authentication.
- Phase 4.9 (this phase): Smart-assistant stub, KAPSARC read, service-rating submit — plus 5 ADRs and the release artifacts.
- Smart-assistant LLM provider deferred to Sub-8.
ISmartAssistantClientis the extension point. The stub returns a clearly-labelled placeholder reply. Real integration (e.g., Azure OpenAI, Anthropic) will replaceSmartAssistantClientwithout changing the endpoint or handler. - KAPSARC ingest pipeline deferred to Sub-8. The
CountryKapsarcSnapshottable is empty in dev/test. Sub-8's scheduled ingest job will populate it from the KAPSARC API. The endpoint returns 404 until data arrives — this is correct and expected. - Mobile OIDC flow deferred. Full PKCE + refresh-token rotation for mobile clients is partially implemented (Bearer works today). The native mobile OIDC silent-refresh flow and token-binding are planned for Sub-8.
- Redis output-cache active invalidation deferred to Sub-8. Current TTL is 60 s (timeout-only). Event-driven invalidation (
IOutputCacheStore.EvictByTagAsyncon publish) is the Sub-8 follow-up item tracked in ADR-0033. MigrationParityTestsremains[Skip]'d. Inherited from Sub-project 2; run locally before each release.
external-api-v0.1.0 annotated tag created at HEAD of main after Phase 9 close.