Joseph Doherty
543b185f7e
fix: address code quality issues from review
...
- Make ConnectReceived thread-safe with Volatile.Read/Write (accessed from auth timeout task and command pipeline)
- Include authTimeoutTask in Task.WhenAny to propagate exceptions
- Clear nonce after authentication with CryptographicOperations.ZeroMemory
- Avoid closure allocation on publish permission cache hot path (method group)
- Update AuthTimeout default to 2s to match Go server
2026-02-22 23:07:31 -05:00
Joseph Doherty
2a2cc6f0a2
feat: add AuthService orchestrator with priority-ordered authentication
2026-02-22 22:44:58 -05:00
Joseph Doherty
6ebe791c6d
feat: add authenticators, Account, and ClientPermissions (Tasks 3-7, 9)
...
- Account: per-account SubList and client tracking
- IAuthenticator interface, AuthResult, ClientAuthContext
- TokenAuthenticator: constant-time token comparison
- UserPasswordAuthenticator: multi-user with bcrypt/plain support
- SimpleUserPasswordAuthenticator: single user/pass config
- NKeyAuthenticator: Ed25519 nonce signature verification
- ClientPermissions: SubList-based publish/subscribe authorization
2026-02-22 22:41:45 -05:00
Joseph Doherty
562f89744d
feat: add IAuthenticator interface and TokenAuthenticator with constant-time comparison
2026-02-22 22:24:53 -05:00
Joseph Doherty
0cce771907
feat: add Account type with per-account SubList and client tracking
2026-02-22 22:22:51 -05:00
Joseph Doherty
5305069dd8
feat: add auth model types (User, NKeyUser, Permissions) and auth config to NatsOptions
2026-02-22 22:21:00 -05:00
