feat(core): implement AuthContext, Identity, AuthToken, IdentityProvider, ConfigIdentityProvider (task: core/auth)

- auth.rs: Identity, AuthContext, AuthToken, IdentityProvider trait, ConfigIdentityProvider
- ConfigIdentityProvider reads from ArcSwap<DynamicConfig> on every call (hot-reloadable)
- Fingerprint resolution via authorized_fingerprints; token resolution via alk_ prefix + SHA-256 hash + expiry check
- config.rs: minimal DynamicConfig, AuthPolicy (with resolve methods), ApiKeyEntry, RateLimitConfig, ConfigReloadHandle required by auth
- Unit tests: fingerprint resolution (known/unknown/empty), token resolution (valid/expired/unknown/wrong-hash/non-alk), config reload changes results immediately
- Add sha2, hex deps to alknet-core
This commit is contained in:
2026-06-23 14:08:33 +00:00
parent 669feab741
commit 8dc842b1f4
4 changed files with 396 additions and 4 deletions

2
Cargo.lock generated
View File

@@ -71,12 +71,14 @@ dependencies = [
"async-trait",
"bytes",
"futures",
"hex",
"iroh",
"quinn",
"rustls",
"rustls-pki-types",
"serde",
"serde_json",
"sha2",
"thiserror 2.0.18",
"tokio",
"toml",