feat: session B — auth implementation + signals (26 stubs complete)

Implement ConfigureAuthorization, CheckAuthentication, and full auth dispatch in NatsServer.Auth.cs; add HandleSignals in NatsServer.Signals.cs; extend AuthHandler with GetAuthErrClosedState, ValidateProxies, GetTlsAuthDcs, CheckClientTlsCertSubject, ProcessUserPermissionsTemplate; add ReadOperatorJwt/ValidateTrustedOperators to JwtProcessor; add AuthCallout stub; add auth accessor helpers to ClientConnection; add NATS.NKeys package for NKey signature verification; 12 new tests pass.
2026-02-26 17:38:46 -05:00
parent aa1fb5ac4e
commit 8c380e7ca6
13 changed files with 854 additions and 28 deletions
--- a/dotnet/src/ZB.MOM.NatsNet.Server/NatsServer.Init.cs
+++ b/dotnet/src/ZB.MOM.NatsNet.Server/NatsServer.Init.cs
@@ -904,30 +904,8 @@ public sealed partial class NatsServer
        return null;
    }

-    /// <summary>
-    /// Stub: configure authorization (session 06 auth).
-    /// Called from NewServer.
-    /// </summary>
-    internal void ConfigureAuthorization()
-    {
-        // Full implementation in session 09 (auth handlers are in session 06).
-        // Users/NKeys maps are populated from opts here.
-        var opts = GetOpts();
-        _users = opts.Users?.ToDictionary(u => u.Username, StringComparer.Ordinal)
-                 ?? [];
-        _nkeys = opts.Nkeys?.ToDictionary(nk => nk.Nkey, StringComparer.Ordinal)
-                 ?? [];
-    }
-
-    /// <summary>
-    /// Stub: start signal handler (session 04 already has signal handling).
-    /// </summary>
-    internal void HandleSignals() { }
-
-    /// <summary>
-    /// Stub: process proxies trusted keys (session 08/09).
-    /// </summary>
-    internal void ProcessProxiesTrustedKeys() { }
+    // ConfigureAuthorization, HandleSignals, ProcessProxiesTrustedKeys
+    // are implemented in NatsServer.Auth.cs and NatsServer.Signals.cs.

    /// <summary>
    /// Computes a stable short hash from a string (used for JetStream node names).