tking/fastapi-gsap
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Python GSAP broker reference implementation
27 commits 2 branches 3 tags 31 MiB
Python 99.8%
Dockerfile 0.2%
Find a file
Tyler J King e744336385 fix: capability enforcement, credential safety, atomic delegations, input validation 
C-6: ConnectorRuntime enforces capability_mask per operation.
     READ-only ACs cannot invoke MUTATE operations (wipe, lock, retire).
C-7: AC validated against database (exists, active, not expired)
     before connector invocation.
C-9: Delegated AC capability bounded by delegator's capability.
C-10: Command counter uses atomic SQL increment with limit check.
M-23: expire_stale() uses same atomic SQL pattern.

H-1: Sensitive credential fields hidden from repr/logs via repr=False.
H-2: Stub backend requires ALLOW_STUB_CREDENTIALS=true to activate.
H-3: Kerberos backend raises CredentialResolutionError instead of
     returning stub ticket.
H-4: Chronicle INTENT emitted before execution, RESULT after.
H-5: device_id validated as UUID before Graph API URL interpolation.
H-8: ConnectorRuntime enforces governance for all connector invocations.

Signed-off-by: Tyler King <tking@guildhouse.dev>
2026-04-14 08:13:27 -04:00
.venv fix: capability enforcement, credential safety, atomic delegations, input validation 2026-04-14 08:13:27 -04:00
gsap_broker fix: capability enforcement, credential safety, atomic delegations, input validation 2026-04-14 08:13:27 -04:00
tests fix: capability enforcement, credential safety, atomic delegations, input validation 2026-04-14 08:13:27 -04:00
.gitignore feat: fastapi-gsap — lightweight GSAP broker PoC 2026-03-30 14:10:21 -04:00
Dockerfile feat: fastapi-gsap — lightweight GSAP broker PoC 2026-03-30 14:10:21 -04:00
INTUNE.md docs: add Intune connector configuration guide 2026-04-14 05:30:06 -04:00
pyproject.toml feat: absorb llm-principal-broker as gsap_broker/delegations/ 2026-04-08 13:37:06 -04:00
README.md Initial commit 2026-03-30 18:03:34 +00:00
requirements.txt feat: fastapi-gsap — lightweight GSAP broker PoC 2026-03-30 14:10:21 -04:00
uv.lock fix: capability enforcement, credential safety, atomic delegations, input validation 2026-04-14 08:13:27 -04:00

README.md

fastapi-gsap

Lightweight FastAPI reference implementation of the GSAP broker (GCAP-SPEC-SHELLBOUND-BROKER-0001)