feat: execute full-repo remaining parity closure plan

2026-02-23 13:08:52 -05:00
parent cbe1fa6121
commit 2b64d762f6
75 changed files with 2325 additions and 121 deletions
--- a/src/NATS.Server/Auth/ExternalAuthCalloutAuthenticator.cs
+++ b/src/NATS.Server/Auth/ExternalAuthCalloutAuthenticator.cs
@@ -0,0 +1,42 @@
+namespace NATS.Server.Auth;
+
+public sealed class ExternalAuthCalloutAuthenticator : IAuthenticator
+{
+    private readonly IExternalAuthClient _client;
+    private readonly TimeSpan _timeout;
+
+    public ExternalAuthCalloutAuthenticator(IExternalAuthClient client, TimeSpan timeout)
+    {
+        _client = client;
+        _timeout = timeout;
+    }
+
+    public AuthResult? Authenticate(ClientAuthContext context)
+    {
+        using var cts = new CancellationTokenSource(_timeout);
+        ExternalAuthDecision decision;
+        try
+        {
+            decision = _client.AuthorizeAsync(
+                new ExternalAuthRequest(
+                    context.Opts.Username,
+                    context.Opts.Password,
+                    context.Opts.Token,
+                    context.Opts.JWT),
+                cts.Token).GetAwaiter().GetResult();
+        }
+        catch (OperationCanceledException)
+        {
+            return null;
+        }
+
+        if (!decision.Allowed)
+            return null;
+
+        return new AuthResult
+        {
+            Identity = decision.Identity ?? context.Opts.Username ?? "external",
+            AccountName = decision.Account,
+        };
+    }
+}