Jean-Gabriel Gill-Couture
af67992b6e
nats-jwt: - Add NkeyPub newtype with prefix validation - Add ClaimType and Algorithm typed enums - Add impl_nats_claims! macro eliminating 4x duplicated impl blocks - Add AuthorizationRequestClaimsBuilder (completing all builder types) - Fix AuthorizationResponseBuilder: add issuer() builder method, stop mutating iss in sign() - Tighten trait bounds: encode<T: Serialize>, decode_unverified<T: DeserializeOwned> - Remove dead error variants Expired/NotYetValid - Add builder tests for all 4 claims types - Deduplicate is_zero helper harmony-nats-callout (rewritten): - AuthCalloutService: production service connecting to NATS, subscribing to .REQ.USER.AUTH, dispatching auth requests - AuthCalloutConfig with builder pattern - handler.rs: pure auth request handler (decode → validate → mint → respond) extracted from test - Fix ZitadelValidator: validate() is now async (was blocking_read deadlock in async contexts) - Remove dead fields kid_map, jwks_uri - Make danger_accept_invalid_certs configurable - permissions: InterpolatedPermissions named struct instead of 4-tuple integration-test-callout: - Converted to lib+test crate: src/lib.rs exports test utilities - Tests now exercise the REAL AuthCalloutService (not inline handler) - Extracted MockOidcServer, NatsServer, CalloutContext into library - Replace yasna with rsa crate for DER parsing - Add Drop to NatsServer for container cleanup - Add module constants for all magic values - README updated with new architecture diagram
35 lines
909 B
TOML
35 lines
909 B
TOML
[package]
|
|
name = "integration-test-callout"
|
|
edition = "2024"
|
|
version.workspace = true
|
|
license.workspace = true
|
|
description = "End-to-end integration test for NATS auth callout with Zitadel JWT validation"
|
|
rust-version = "1.85"
|
|
|
|
[lib]
|
|
name = "integration_test_callout"
|
|
path = "src/lib.rs"
|
|
|
|
[[test]]
|
|
name = "callout_e2e"
|
|
path = "tests/callout_e2e.rs"
|
|
|
|
[dependencies]
|
|
nats-jwt = { path = "../jwt" }
|
|
harmony-nats-callout = { path = "../callout" }
|
|
async-nats.workspace = true
|
|
nkeys = { version = "0.4", features = ["xkeys"] }
|
|
tokio = { workspace = true, features = ["full"] }
|
|
serde = { workspace = true, features = ["derive"] }
|
|
serde_json.workspace = true
|
|
jsonwebtoken = "9"
|
|
reqwest = { workspace = true }
|
|
anyhow.workspace = true
|
|
tracing.workspace = true
|
|
tracing-subscriber.workspace = true
|
|
tokio-test.workspace = true
|
|
tempfile.workspace = true
|
|
base64 = "0.22"
|
|
futures-util.workspace = true
|
|
hex = "0.4"
|
|
rsa = "0.9" |