diff --git a/src/NATS.Server/Auth/NKeyUser.cs b/src/NATS.Server/Auth/NKeyUser.cs new file mode 100644 index 0000000..ee9eca8 --- /dev/null +++ b/src/NATS.Server/Auth/NKeyUser.cs @@ -0,0 +1,9 @@ +namespace NATS.Server.Auth; + +public sealed class NKeyUser +{ + public required string Nkey { get; init; } + public Permissions? Permissions { get; init; } + public string? Account { get; init; } + public string? SigningKey { get; init; } +} diff --git a/src/NATS.Server/Auth/Permissions.cs b/src/NATS.Server/Auth/Permissions.cs new file mode 100644 index 0000000..18ab229 --- /dev/null +++ b/src/NATS.Server/Auth/Permissions.cs @@ -0,0 +1,20 @@ +namespace NATS.Server.Auth; + +public sealed class Permissions +{ + public SubjectPermission? Publish { get; init; } + public SubjectPermission? Subscribe { get; init; } + public ResponsePermission? Response { get; init; } +} + +public sealed class SubjectPermission +{ + public IReadOnlyList? Allow { get; init; } + public IReadOnlyList? Deny { get; init; } +} + +public sealed class ResponsePermission +{ + public int MaxMsgs { get; init; } + public TimeSpan Expires { get; init; } +} diff --git a/src/NATS.Server/Auth/User.cs b/src/NATS.Server/Auth/User.cs new file mode 100644 index 0000000..0f7d315 --- /dev/null +++ b/src/NATS.Server/Auth/User.cs @@ -0,0 +1,10 @@ +namespace NATS.Server.Auth; + +public sealed class User +{ + public required string Username { get; init; } + public required string Password { get; init; } + public Permissions? Permissions { get; init; } + public string? Account { get; init; } + public DateTimeOffset? ConnectionDeadline { get; init; } +} diff --git a/src/NATS.Server/NatsOptions.cs b/src/NATS.Server/NatsOptions.cs index 60238c0..d37c7a1 100644 --- a/src/NATS.Server/NatsOptions.cs +++ b/src/NATS.Server/NatsOptions.cs @@ -1,3 +1,5 @@ +using NATS.Server.Auth; + namespace NATS.Server; public sealed class NatsOptions @@ -10,4 +12,19 @@ public sealed class NatsOptions public int MaxConnections { get; set; } = 65536; public TimeSpan PingInterval { get; set; } = TimeSpan.FromMinutes(2); public int MaxPingsOut { get; set; } = 2; + + // Simple auth (single user) + public string? Username { get; set; } + public string? Password { get; set; } + public string? Authorization { get; set; } + + // Multiple users/nkeys + public IReadOnlyList? Users { get; set; } + public IReadOnlyList? NKeys { get; set; } + + // Default/fallback + public string? NoAuthUser { get; set; } + + // Auth timing + public TimeSpan AuthTimeout { get; set; } = TimeSpan.FromSeconds(1); } diff --git a/tests/NATS.Server.Tests/AuthConfigTests.cs b/tests/NATS.Server.Tests/AuthConfigTests.cs new file mode 100644 index 0000000..b1798cd --- /dev/null +++ b/tests/NATS.Server.Tests/AuthConfigTests.cs @@ -0,0 +1,21 @@ +using NATS.Server; +using NATS.Server.Auth; + +namespace NATS.Server.Tests; + +public class AuthConfigTests +{ + [Fact] + public void NatsOptions_has_auth_fields_with_defaults() + { + var opts = new NatsOptions(); + + opts.Username.ShouldBeNull(); + opts.Password.ShouldBeNull(); + opts.Authorization.ShouldBeNull(); + opts.Users.ShouldBeNull(); + opts.NKeys.ShouldBeNull(); + opts.NoAuthUser.ShouldBeNull(); + opts.AuthTimeout.ShouldBe(TimeSpan.FromSeconds(1)); + } +}