Skip to content

Integrate authentication middleware into ResilientClient #1108

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 4 commits into
base: master
Choose a base branch
from
Draft

Integrate authentication middleware into ResilientClient #1108

wants to merge 4 commits into from

Conversation

sergio-correia
Copy link
Contributor

Here we integrated authentication middleware into ResilientClient with automatic token
management and refresh, establishing an authentication system that transparently handles
TPM-based challenge-response authentication for HTTP clients.

@sergio-correia sergio-correia marked this pull request as draft September 3, 2025 11:12
@codecov Codecov
Copy link

codecov bot commented Sep 3, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 41.26984% with 111 lines in your changes missing coverage. Please review.
✅ Project coverage is 57.84%. Comparing base (ce52222) to head (9dc6ee9).

Files with missing lines Patch % Lines
keylime/src/resilient_client.rs 41.08% 76 Missing ⚠️
keylime/src/auth.rs 41.66% 35 Missing ⚠️
Additional details and impacted files
Flag Coverage Δ
e2e-testsuite 57.84% <41.26%> (-0.26%) ⬇️
upstream-unit-tests 57.84% <41.26%> (-0.26%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
keylime-push-model-agent/src/main.rs 40.54% <ø> (-1.36%) ⬇️
keylime/src/auth.rs 41.84% <41.66%> (ø)
keylime/src/resilient_client.rs 49.82% <41.08%> (-8.18%) ⬇️

... and 4 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@sergio-correia
feat: add raw HTTP client support to AuthenticationClient
a48c046 
Add new constructor methods for creating AuthenticationClient instances
that use raw HTTP clients without middleware, preventing infinite loops
when used by authentication middleware.

Signed-off-by: Sergio Correia <[email protected]>
@sergio-correia
refactor: move auth types to core keylime library
31ce7e7 
Move authentication types (AuthConfig, SessionToken, TpmOperations)
from keylime-push-model-agent to the core keylime library to enable
sharing between different components.

This refactoring creates a clean foundation for the
authentication middleware integration.

Signed-off-by: Sergio Correia <[email protected]>
@sergio-correia
feat: implement authentication middleware with shared token state
1280bbf 
Add transparent authentication middleware to ResilientClient using
the challenge-response protocol with proper concurrency control.
This implementation uses the shared auth types from the core library.

Signed-off-by: Sergio Correia <[email protected]>
@sergio-correia
feat: integrate authentication middleware with core AuthenticationClient
9dc6ee9 
This commit integrates the authentication middleware implementation
with the AuthenticationClient that was moved to the core keylime library,
completing the authentication integration.

Signed-off-by: Sergio Correia <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@sergio-correia