refactor: extract pairing daemon from auths-cli and auths-pairing-protocol#55
Merged
refactor: extract pairing daemon from auths-cli and auths-pairing-protocol#55
Conversation
Add new Layer 5 crate for embeddable LAN pairing daemon. Includes: - DaemonError thiserror enum with source annotations - DaemonState struct extracted from LanServerState (sans rate_limits) - Workspace registration and publish script batch ordering - Feature flags: server (axum/ring/etc), mdns (mdns-sd) - cargo-deny allowlist for axum in daemon crate
- RateLimiter with std::sync::Mutex, check() returns bool not StatusCode - Decomposed into reset_if_window_expired and is_within_limit helpers - Axum middleware in rate_limiter::middleware behind server feature - validate_pairing_token in token.rs with ConstantTimeEq - 3 unit tests for burst limiting behavior
- NetworkInterfaces trait with IfAddrsNetworkInterfaces (server feature) - is_viable_address and is_virtual_interface predicate helpers - NetworkDiscovery trait with MdnsDiscovery (mdns feature) - extract_matching_addr helper for clean mDNS event matching - Mock implementations for both traits (testing without sockets) - mDNS protocol docs in docs/mdns_discovery.md - Unit tests for network predicates and mock interfaces
- Business logic methods on DaemonState (lookup_by_code, submit_response, etc.) - SessionError for domain-level state transition failures - 6 Axum handlers in handlers.rs delegating to DaemonState methods - build_pairing_router composing routes with rate limiting, CORS, tracing - generate_transport_token using ring::SystemRandom
- PairingDaemonBuilder with dependency injection for network, discovery, rate limiter - PairingDaemon::into_parts() splits into router + PairingDaemonHandle - PairingDaemonHandle owns response_rx, wait_for_response(), advertise() - Defaults: IfAddrsNetworkInterfaces, MdnsDiscovery (if feature), RateLimiter(5) - DRY defaults in build() only, new() fields all None
Replace direct axum/tower/mdns-sd dependencies with the extracted daemon crate. LanPairingServer is now a thin wrapper around PairingDaemonBuilder. Delete CLI's mdns.rs in favor of the daemon's MdnsDiscovery trait implementation.
Add opt-in lan-pairing feature to auths-sdk that re-exports PairingDaemon types and provides create_lan_pairing_daemon(). Convert pairing.rs to directory module. Document WASM isolation invariant.
Integration tests for router, rate limiter, token generation, and builder. Fix Extension/middleware layer ordering so rate limiter Extension is available when middleware extracts it. Use MockConnectInfo for oneshot-based router tests.
Covers health endpoint, session lookup by code, token auth enforcement, and pairing response submission flow.
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
FakeSecureSigner returned vec![0u8; 64] which Ed25519Signature::is_empty() treats as empty. Changed to vec![1u8; 64] so the signature assertion passes.
The daemon binds to a detected LAN IP which is unreachable in GitHub Actions runners. These tests will be rewritten to use auths-python SDK bindings with 127.0.0.1 binding. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.