16 Commits

Author	SHA1	Message	Date
hdbg	47108ed8ad	chore(supply-chain): update cargo-vet audits and trusted publishers	2026-02-16 20:52:31 +01:00
hdbg	359df73c2e	feat(server::key_holder): unique index on (root_key_id, nonce) to avoid nonce reuse	2026-02-16 20:45:15 +01:00
hdbg	ce03b7e15d	feat(server::key_holder): ability to remotely get current state	2026-02-16 20:40:36 +01:00
hdbg	e4038d9188	refactor(keyholder): rename KeyHolderActor to KeyHolder and optimize db connection lifetime	2026-02-16 20:36:47 +01:00
hdbg	c82339d764	security(server::key_holder): replaced nonce-caching with exclusive transaction fetching nonce from the database	2026-02-16 18:23:25 +01:00
hdbg	c5b51f4b70	feat(server): UserAgent seal/unseal	2026-02-16 14:00:23 +01:00
hdbg	6b8f8c9ff7	feat(unseal): add unseal protocol support for user agents	2026-02-15 13:04:55 +01:00
hdbg	d8d65da0b4	test(user-agent): add challenge-response auth flow test	2026-02-14 23:43:36 +01:00
hdbg	abdf4e3893	tests(server): UserAgent invalid bootstrap token	2026-02-14 19:48:37 +01:00
hdbg	81a55d28f0	test(db): add create_test_pool and use in tests	2026-02-14 18:33:33 +01:00
hdbg	69dd8f57ca	tests(server): UserAgent bootstrap token auth flow test	2026-02-14 18:16:19 +01:00
hdbg	345a967c13	refactor(server): separated UserAgentActor gRPC transport related things into separate module	2026-02-14 17:58:25 +01:00
hdbg	069a997691	feat(server): UserAgent auth flow implemented	2026-02-14 17:53:58 +01:00
hdbg	ffa60c90b1	feat(auth): simplify auth model and implement bootstrap flow ... Remove key_identity indirection table, storing public keys and nonces directly on client tables. Replace AuthResponse with AuthOk, add a BootstrapActor to manage token lifecycle, and move user agent stream handling into the actor module.	2026-02-14 12:03:14 +01:00
hdbg	832d884457	feat(auth): implement bootstrap token auth handling	2026-02-13 16:35:54 +01:00
hdbg	208bbbd540	feat: actors experiment	2026-02-13 13:37:58 +01:00