Tyooughtul opened a new pull request, #2656: URL: https://github.com/apache/iggy/pull/2656
## Which issue does this PR close? Closes #1762 ## Rationale A2A protocol requires JWKS support to enable secure agent authentication with multiple identity providers. This change allows agents from different tenants to authenticate using their own public keys, and supports key rotation without requiring server restarts. ## What changed? Added JWKS support for secure agent-to-agent authentication. The implementation includes a JwksClient that fetches and caches public keys from JWKS endpoints, integrated JWKS into JwtManager for multi-tenant agent authentication, and updated HTTP middleware to support asynchronous JWT decoding. Also added TrustedIssuerConfig to support configuring multiple trusted issuers. ## Local Execution - Passed - Pre-commit hooks ran ## AI Usage 1. Which tools? Grok fast 2. Scope of usage? - I use ai for write test case and running scripts. - Some config code to test code: ``` TOML # Trusted issuers for A2A (Application-to-Application) authentication [[http.jwt.trusted_issuers]] issuer = "test-issuer" jwks_url = "http://127.0.0.1:8081/.well-known/jwks.json"; audience = "iggy.apache.org" ``` - Some `debug!` to help me find bugs。 3. How did you verify the generated code works correctly? - Compile successfully with `cargo check --package server` and `cargo build --package server`. - Test case passed. 5. Can you explain every line of the code if asked? Yes -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
