Skip to content

v0.1.18

Choose a tag to compare

View all tags
@rustyconover rustyconover released this 05 Mar 21:41
· 108 commits to main since this release
v0.1.18
b634dce

What's Changed

  • Bearer token authenticationbearer_authenticate, bearer_authenticate_static, and chain_authenticate factories for composing HTTP auth callbacks
  • Mutual TLS (mTLS) authentication — client certificate auth via proxy-forwarded headers:
    • mtls_authenticate — generic factory with custom certificate validation
    • mtls_authenticate_fingerprint — certificate fingerprint lookup
    • mtls_authenticate_subject — Subject CN extraction with optional allowlist
    • mtls_authenticate_xfcc — Envoy x-forwarded-client-cert header parsing (no extra deps)
  • New vgi-rpc[mtls] optional dependency (cryptography) for PEM-based factories
  • Documentation for mTLS authentication with proxy configuration examples (nginx, AWS ALB, Envoy)
Assets 2
Loading