dohertj2/natsdotnet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
461 Commits 2 Branches 0 Tags
42e072ad713fbb6a8947fb1a3f107cd1f6fcc0fa
Commit Graph

9 Commits

Author SHA1 Message Date
Joseph Doherty
42e072ad71 feat: add auth change propagation to existing connections (Gap 14.2) 
Add PropagateAuthChanges to ConfigReloader that compares Users, Accounts,
and Authorization token between old and new NatsOptions, returning an
AuthChangeResult describing which auth fields changed for connection re-evaluation.
 2026-02-25 11:46:28 -05:00
Joseph Doherty
1429c30fcd test(parity): port config reload & monitoring tests (Tasks 23-24, 50 tests) 
T23: 27 tests — TLS reload, cluster auth, route pool, compression, limits
T24: 23 tests — connz sort/closed, varz metadata, healthz, gatewayz, leafz
Go refs: reload_test.go, monitor_test.go
 2026-02-24 22:05:37 -05:00
Joseph Doherty
1a3fe91611 feat: enhance ConfigProcessor & add 110 Go-parity opts tests (Task 22) 
Port configuration parsing for NKey users, gateway remotes, leaf node
remotes, auth timeout, write_deadline, websocket ping_interval, and
token+users conflict validation. Add RemoteGatewayOptions, enhanced
LeafNodeOptions with remotes support.

110 new tests ported from opts_test.go.
 2026-02-24 20:17:48 -05:00
Joseph Doherty
02531dda58 feat(config+ws): add TLS cert reload, WS compression negotiation, WS JWT auth (E9+E10+E11) 
E9: TLS Certificate Reload
- Add TlsCertificateProvider with Interlocked-swappable cert field
- New connections get current cert, existing connections keep theirs
- ConfigReloader.ReloadTlsCertificate rebuilds SslServerAuthenticationOptions
- NatsServer.ApplyConfigChanges triggers TLS reload on TLS config changes
- 11 tests covering cert swap, versioning, thread safety, config diff

E10: WebSocket Compression Negotiation (RFC 7692)
- Add WsDeflateNegotiator to parse Sec-WebSocket-Extensions parameters
- Parse server_no_context_takeover, client_no_context_takeover,
  server_max_window_bits, client_max_window_bits
- WsDeflateParams record struct with ToResponseHeaderValue()
- NATS always enforces no_context_takeover (matching Go server)
- WsUpgrade returns negotiated WsDeflateParams in upgrade result
- 22 tests covering parameter parsing, clamping, response headers

E11: WebSocket JWT Authentication
- Extract JWT from Authorization header (Bearer token), cookie, or ?jwt= query param
- Priority: Authorization header > cookie > query parameter
- WsUpgrade.TryUpgradeAsync now parses query string from request URI
- Add FailUnauthorizedAsync for 401 responses
- 24 tests covering all JWT extraction sources and priority ordering
 2026-02-24 16:03:46 -05:00
Joseph Doherty
c6ecbbfbcc feat(config): add system account, SIGHUP reload, and auth change propagation (E6+E7+E8) 
E6: Add IsSystemAccount property to Account, mark $SYS account as system,
add IsSystemSubject/IsSubscriptionAllowed/GetSubListForSubject helpers to
route $SYS.> subjects to the system account's SubList and block non-system
accounts from subscribing.

E7: Add ConfigReloader.ReloadAsync and ApplyDiff for structured async reload,
add ConfigReloadResult/ConfigApplyResult types. SIGHUP handler already wired
via PosixSignalRegistration in HandleSignals.

E8: Add PropagateAuthChanges to re-evaluate connected clients after auth
config reload, disconnecting clients whose credentials no longer pass
authentication with -ERR 'Authorization Violation'.
 2026-02-24 15:48:48 -05:00
Joseph Doherty
a201e8019a test(config): port Go opts_test.go config parsing tests 
Adds OptsGoParityTests.cs with 49 tests porting 15 unmapped Go test
functions from server/opts_test.go: random port semantics, listen port
config variants, multiple users, authorization block parsing, options
defaults (TestDefaultSentinel), write_deadline parsing, path handling,
variable/env-var substitution chains, and unknown field tolerance.
 2026-02-24 14:54:00 -05:00
Joseph Doherty
ec1a9295f9 feat: add advanced config/reload tests (Go parity) 
Ports 40 tests from Go's opts_test.go and reload_test.go covering:
NatsOptions defaults, ConfigProcessor parsing round-trips,
ConfigReloader diff/validate semantics, CLI override precedence,
and runtime reload rejection of host/cluster/JetStream changes.
 2026-02-24 08:58:24 -05:00
Joseph Doherty
9554d53bf5 feat: Wave 6 batch 1 — monitoring, config reload, client protocol, MQTT, leaf node tests 
Port 405 new test methods across 5 subsystems for Go parity:
- Monitoring: 102 tests (varz, connz, routez, subsz, stacksz)
- Leaf Nodes: 85 tests (connection, forwarding, loop detection, subject filter, JetStream)
- MQTT Bridge: 86 tests (advanced, auth, retained messages, topic mapping, will messages)
- Client Protocol: 73 tests (connection handling, protocol violations, limits)
- Config Reload: 59 tests (hot reload, option changes, permission updates)

Total: 1,678 tests passing, 0 failures, 3 skipped
 2026-02-23 21:40:29 -05:00
Joseph Doherty
28d379e6b7 feat: phase B distributed substrate test parity — 39 new tests across 5 subsystems 
FileStore basics (4), MemStore/retention (10), RAFT election/append (16),
config reload parity (3), monitoring endpoints varz/connz/healthz (6).
972 total tests passing, 0 failures.
 2026-02-23 19:41:30 -05:00