Treat a missing aud claim as an empty list (#3542)

# Description of Changes

The `aud` claim is required in the OIDC spec, but the server currently
allows it to be missing, and the spacetime auth tokens we use for the
website don't have an audience.

Previously the module bindings would throw an error if there were no
`aud` claim in a jwt payload (if someone used the `audience` within a
reducer), but this change makes us treat a missing audience as an empty
list.

This also renames the `authCtx` fields to `senderAuth` in the typescript
and csharp module APIs, so they match rust.

# API and ABI breaking changes

This doesn't break any ABIs.

This changes the ReducerContext APIs in typescript and rust, but only by
renaming a field that hasn't been released yet.

# Expected complexity level and risk

1.

# Testing

I've tested accessing the `audience` within a reducer for a token
missing an `aud` claim in Typescript and Rust.

Author: jsdt

crates/bindings-csharp/Codegen.Tests/fixtures/diag/snapshots/Module#FFI.verified.cs

@@ -14,7 +14,7 @@ public sealed record ReducerContext : DbContext<Local>, Internal.IReducerContext
         public readonly ConnectionId? ConnectionId;
         public readonly Random Rng;
         public readonly Timestamp Timestamp;
-        public readonly AuthCtx AuthCtx;
+        public readonly AuthCtx SenderAuth;
 
         // We need this property to be non-static for parity with client SDK.
         public Identity Identity => Internal.IReducerContext.GetIdentity();
@@ -30,7 +30,7 @@ Timestamp time
             ConnectionId = connectionId;
             Rng = random;
             Timestamp = time;
-            AuthCtx = AuthCtx.BuildFromSystemTables(connectionId, identity);
+            SenderAuth = AuthCtx.BuildFromSystemTables(connectionId, identity);
         }
     }
 

crates/bindings-csharp/Codegen.Tests/fixtures/server/snapshots/Module#FFI.verified.cs

@@ -1111,7 +1111,7 @@ public sealed record ReducerContext : DbContext<Local>, Internal.IReducerContext
                             public readonly ConnectionId? ConnectionId;
                             public readonly Random Rng;
                             public readonly Timestamp Timestamp;
-                            public readonly AuthCtx AuthCtx;
+                            public readonly AuthCtx SenderAuth;
 
                             // We need this property to be non-static for parity with client SDK.
                             public Identity Identity => Internal.IReducerContext.GetIdentity();
@@ -1121,7 +1121,7 @@ internal ReducerContext(Identity identity, ConnectionId? connectionId, Random ra
                                 ConnectionId = connectionId;
                                 Rng = random;
                                 Timestamp = time;
-                                AuthCtx = AuthCtx.BuildFromSystemTables(connectionId, identity);
+                                SenderAuth = AuthCtx.BuildFromSystemTables(connectionId, identity);
                             }
                         }
 

crates/bindings-csharp/Codegen/Module.cs

@@ -67,7 +67,7 @@ private List<string> ExtractAudience()
     {
         if (!RootElement.TryGetProperty("aud", out var aud))
         {
-            throw new InvalidOperationException("JWT missing 'aud' claim");
+            return [];
         }
 
         return aud.ValueKind switch

crates/bindings-csharp/Runtime/JwtClaims.cs

@@ -116,7 +116,7 @@ export type ReducerCtx<SchemaDef extends UntypedSchemaDef> = Readonly<{
   timestamp: Timestamp;
   connectionId: ConnectionId | null;
   db: DbView<SchemaDef>;
-  authCtx: AuthCtx;
+  senderAuth: AuthCtx;
 }>;
 
 /**

crates/bindings-typescript/src/server/reducers.ts

@@ -85,6 +85,9 @@ class JwtClaimsImpl implements JwtClaims {
   }
   get audience() {
     const aud = this.fullPayload['aud'];
+    if (aud == null) {
+      return [];
+    }
     return typeof aud === 'string' ? [aud] : (aud as string[]);
   }
 }
@@ -193,7 +196,7 @@ export const hooks: ModuleHooks = {
       timestamp: new Timestamp(timestamp),
       connectionId: ConnectionId.nullIfZero(new ConnectionId(connId)),
       db: getDbView(),
-      authCtx: AuthCtxImpl.fromSystemTables(
+      senderAuth: AuthCtxImpl.fromSystemTables(
         ConnectionId.nullIfZero(new ConnectionId(connId)),
         senderIdentity
       ),

crates/bindings-typescript/src/server/runtime.ts

@@ -1219,7 +1219,9 @@ impl JwtClaims {
     }
 
     fn extract_audience(&self) -> Vec<String> {
-        let aud = self.get_parsed().get("aud").unwrap();
+        let Some(aud) = self.get_parsed().get("aud") else {
+            return Vec::new();
+        };
         match aud {
             serde_json::Value::String(s) => vec![s.clone()],
             serde_json::Value::Array(arr) => arr.iter().filter_map(|v| v.as_str().map(String::from)).collect(),