Implement AuthProtocol irpc service behind feature flag

Add AuthProtocol enum (VerifyPubkey, VerifyToken, ReloadKeys, CheckAccess),
AuthResult enum (Ok(Identity), Denied(String)), and AuthServiceImpl
wrapping ConfigIdentityProvider via ArcSwap<DynamicConfig>. All gated
behind the irpc feature flag per ADR-028.
This commit is contained in:
2026-06-07 14:42:12 +00:00
parent 92a307fd03
commit 85f798f611
3 changed files with 269 additions and 0 deletions

View File

@@ -3,11 +3,15 @@
//! Supports file-path and in-memory key sources. No password authentication.
//! See ADR-012 for the design rationale.
#[cfg(feature = "irpc")]
pub mod auth_protocol;
pub mod client_auth;
pub mod identity;
pub mod keys;
pub mod server_auth;
#[cfg(feature = "irpc")]
pub use auth_protocol::{AuthProtocol, AuthResult, AuthServiceImpl};
pub use client_auth::{ClientAuthConfig, ClientHandler};
pub use identity::{AuthToken, ConfigIdentityProvider, Identity, IdentityProvider};
pub use keys::{load_private_key, load_public_keys, CertAuthorityEntry, KeySource};