MokoConsulting/MokoGitea-Fork
1
0
Fork 0
Code Issues 162 Pull Requests Releases 96 Wiki Activity

feat: licensing API phase 2 — validation, signed downloads, management, tier admin #660

Merged
jmiller merged 10 commits from dev into main 2026-06-21 02:37:32 +00:00
Conversation 0 Commits 10 Files Changed 10
+1229 -4
jmiller commented 2026-06-21 02:34:59 +00:00
Owner
Copy Link
Copy Source

Summary

Closes #622, #623, #624, #627

Phase 2-3 of the DLID licensing system:

API Endpoints (routers/api/v1/licensing/)

  • GET /validate — public DLID validation with reason codes
  • GET /{dlid}/status — authenticated full license detail
  • GET /download/{product}/{version}.zip — ed25519 signed downloads (5-min TTL)
  • POST/GET/PATCH/DELETE /licenses — admin license CRUD
  • GET/DELETE /my/licenses — user self-service + domain management
  • GET/POST/PATCH/DELETE /tiers — product tier CRUD

Services

  • services/licensing/signer.go — ed25519 keypair management, sign/verify download tokens

Admin UI

  • /-/admin/license-tiers — tier list with CRUD, repo mapping, license counts

Changelog

  • Updated CHANGELOG.md with all additions

Test plan

  • Validate endpoint returns valid/invalid with reason codes
  • Signed download verifies token + expiry + entitlement
  • Admin can create/modify/revoke licenses via API
  • User can view own licenses and deactivate domains
  • Tier admin page renders with seed data
  • Delete tier blocked when active licenses exist
## Summary Closes #622, #623, #624, #627 Phase 2-3 of the DLID licensing system: ### API Endpoints (routers/api/v1/licensing/) - `GET /validate` — public DLID validation with reason codes - `GET /{dlid}/status` — authenticated full license detail - `GET /download/{product}/{version}.zip` — ed25519 signed downloads (5-min TTL) - `POST/GET/PATCH/DELETE /licenses` — admin license CRUD - `GET/DELETE /my/licenses` — user self-service + domain management - `GET/POST/PATCH/DELETE /tiers` — product tier CRUD ### Services - `services/licensing/signer.go` — ed25519 keypair management, sign/verify download tokens ### Admin UI - `/-/admin/license-tiers` — tier list with CRUD, repo mapping, license counts ### Changelog - Updated CHANGELOG.md with all additions ## Test plan - [ ] Validate endpoint returns valid/invalid with reason codes - [ ] Signed download verifies token + expiry + entitlement - [ ] Admin can create/modify/revoke licenses via API - [ ] User can view own licenses and deactivate domains - [ ] Tier admin page renders with seed data - [ ] Delete tier blocked when active licenses exist
jmiller added 9 commits 2026-06-21 02:35:00 +00:00
chore(version): pre-release bump to 06.18.08-dev [skip ci] 30bb5e33e2
feat: add license validation API — public validate + authenticated status (#623)
Universal: Auto Version Bump / Version Bump (push) Successful in 6s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m16s
Details
3e909df6d4 
GET /api/v1/licensing/validate?dlid=XXX&product=YYY&domain=ZZZ (public)
GET /api/v1/licensing/{dlid}/status (authenticated, reqToken)

Public endpoint returns valid/invalid with reason codes for Joomla plugin
and external integration use. Authenticated endpoint returns full license
detail with entitlement list and domain usage for admin dashboards.
chore(version): pre-release bump to 06.18.09-dev [skip ci] fe3de3fbff
feat: add signed download endpoint with ed25519 tokens (#622)
Universal: Auto Version Bump / Version Bump (push) Successful in 6s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m20s
Details
5bd449017c 
GET /api/v1/licensing/download/{product}/{version}.zip?token=XXX&expires=YYY&dlid=ZZZ

ed25519 keypair auto-generated on first use, stored in Gitea data dir.
Update XML endpoint now generates signed URLs with 5-minute TTL.
Download verifies signature + expiry + DLID + entitlement before serving
the release ZIP attachment. Downloads logged to audit trail.
chore(version): pre-release bump to 06.18.10-dev [skip ci] 63b599f62c
feat: add license management API — admin CRUD, user self-service, tier management (#624)
Universal: Auto Version Bump / Version Bump (push) Successful in 5s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m22s
Details
1d1b867df5 
Admin: POST/GET/PATCH/DELETE /api/v1/licensing/licenses (reqSiteAdmin)
User: GET /api/v1/licensing/my/licenses, manage domains (reqToken)
Tiers: GET/POST/PATCH/DELETE /api/v1/licensing/tiers (reqSiteAdmin)

Includes pagination, entitlement/activation detail in GET, tier change
triggers entitlement rebuild, delete-tier blocked if active licenses exist.
chore(version): pre-release bump to 06.18.11-dev [skip ci] 034795951f
feat: add product tier admin UI with CRUD and license counts (#627)
Universal: Auto Version Bump / Version Bump (push) Successful in 5s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 1m35s
Details
3a405033ae 
Admin page at /-/admin/license-tiers for managing product tiers:
- Tier list with key, name, repos, max domains, license count, sort order
- Create new tier form with repo input
- Delete tier (blocked if active licenses exist)
- Nav item added to admin sidebar
chore(version): pre-release bump to 06.18.12-dev [skip ci] 03f881c746
jmiller added 1 commit 2026-06-21 02:36:01 +00:00
Merge remote-tracking branch 'origin/main' into dev
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 8s
Details
Universal: Auto Version Bump / Version Bump (push) Successful in 14s
Details
Universal: PR Check / Secret Scan (pull_request) Successful in 43s
Details
PR RC Release / Build RC Release (pull_request) Failing after 41s
Details
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 42s
Details
Branch Cleanup / Delete merged branch (pull_request) Has been skipped
Details
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Failing after 44s
Details
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 1m35s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Details
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Details
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Details
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Details
e3949077b0 
# Conflicts:
#	.mokogitea/manifest.xml
#	.mokogitea/workflows/issue-branch.yml
#	CHANGELOG.md
jmiller merged commit 78ad2c999b into main 2026-06-21 02:37:32 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
breaking-change
Breaking API or behavior change
 ci-cd
CI/CD pipeline changes
 config
Configuration changes
 dependencies
Dependency updates
 deploy-failure
Deployment failed
 docker
Docker/container changes
 documentation
Documentation changes
 feature: wiki
Wiki system enhancements
 good first issue
Good for newcomers
 health-check
Repo health check result
 help wanted
Extra attention needed
 mokostandards
Related to MokoStandards framework
 push-failure
Git push operation failed
 security
Security vulnerability or hardening
 size/l
200-500 lines changed
 size/m
50-200 lines changed
 size/s
10-50 lines changed
 size/xl
500+ lines changed
 size/xs
< 10 lines changed
 standards-drift
Deviates from MokoStandards
 standards-update
MokoStandards compliance update
 sync-failure
Sync or mirror failed
 tech-debt
Technical debt and TODO/FIXME items
 upstream
upstream
Inherited from upstream Gitea
 work-in-progress
Draft or incomplete work
No labels
Priority -
Type -
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller) moko-deploy (Moko Deploy Bot)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoGitea-Fork#660
Delete Branch "dev"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?