cameleer/cameleer-server
1
0
Fork 0
Code Issues 43 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(04-01): implement security service foundation

Browse Source 
- JwtServiceImpl: HMAC-SHA256 via Nimbus JOSE+JWT with ephemeral 256-bit secret
- Ed25519SigningServiceImpl: JDK 17 KeyPairGenerator with ephemeral keypair
- BootstrapTokenValidator: constant-time comparison with dual-token rotation
- SecurityBeanConfig: bean wiring with fail-fast validation for CAMELEER_AUTH_TOKEN
- SecurityProperties: config binding for token expiry and bootstrap tokens
- TestSecurityConfig: permit-all filter chain to keep existing tests green
- application.yml: security config with env var mapping
- All 18 security unit tests pass, all 71 tests pass in full verify

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-03-11 20:08:30 +01:00
parent 51a02700dd
commit ac9e8ae4dd
7 changed files with 231 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cameleer3-server-app/src/test/resources/application-test.yml
View File

@@ -12,3 +12,7 @@ ingestion:
agent-registry:
ping-interval-ms: 1000
security:
bootstrap-token: test-bootstrap-token
bootstrap-token-previous: old-bootstrap-token