dohertj2/natsdotnet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add JwtAuthenticator with account resolution, revocation, and template expansion

Browse Source
This commit is contained in:
Joseph Doherty
2026-02-23 04:41:01 -05:00
parent 39a1383de2
commit afbbccab82
7 changed files with 790 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/NATS.Server/Auth/AuthService.cs
View File

@@ -41,6 +41,14 @@ public sealed class AuthService
authRequired = true;
}
// JWT / Operator mode (highest priority after TLS)
if (options.TrustedKeys is { Length: > 0 } && options.AccountResolver is not null)
{
authenticators.Add(new JwtAuthenticator(options.TrustedKeys, options.AccountResolver));
authRequired = true;
nonceRequired = true;
}
// Priority order (matching Go): NKeys > Users > Token > SimpleUserPassword
if (options.NKeys is { Count: > 0 })
@@ -99,7 +107,8 @@ public sealed class AuthService
&& string.IsNullOrEmpty(opts.Password)
&& string.IsNullOrEmpty(opts.Token)
&& string.IsNullOrEmpty(opts.Nkey)
&& string.IsNullOrEmpty(opts.Sig);
&& string.IsNullOrEmpty(opts.Sig)
&& string.IsNullOrEmpty(opts.JWT);
}
private AuthResult? ResolveNoAuthUser()