feat: initial APL Rust implementation.#60
Merged
Merged
Conversation
…on, cedarling PDP. Signed-off-by: Teryl Taylor <terylt@ibm.com>
…ate() function, and identity sections.
Signed-off-by: Teryl Taylor <terylt@ibm.com>
Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com>
Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com>
Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com>
Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com>
Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com>
Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com>
Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com>
Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com>
araujof
approved these changes
Jun 5, 2026
araujof
left a comment
araujof
left a comment
Contributor
There was a problem hiding this comment.
LGTM
Tested with Praxis and AuthBridge integrations.
araujof
added a commit
that referenced
this pull request
Jun 10, 2026
* fix: initial revision APL. * feat: apl-cpex bridge crate + plugin-registry-driven hook dispatch * feat: add support for plugin calling in APL routes. * feat: add more APL plugin support, unified config * feat: added cedar direct PDP. * feat: add identity hook and extensions. * feat: added token delegation hooks and tests. * feat: added plugin for jwt token identity, oauth and biscuit delegation, cedarling PDP. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: updated identity and delegation to support keycloak. added delegate() function, and identity sections. * fix: added some sample plugins, added updates to support cedar. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added session support, serialize and parallel and full effects capabilities. * feat: add ffi pre-built .a library Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * chore: add workflow_dispatch target Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * fix: critical and high issues from review. * feat: add APL FFI and go bindings Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * chore: add musl tools to musl runners Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * fix: potential double free after use bug. * chore: update Go module paths after repo rename to cpex * feat: map identity extension into cpex ffi Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * feat: add cpex_invoke_resolved abi Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * fix: has_hook_for handling Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * chore: update headers Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> --------- Signed-off-by: Teryl Taylor <terylt@ibm.com> Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> Co-authored-by: Frederico Araujo <frederico.araujo@ibm.com>
araujof
added a commit
that referenced
this pull request
Jun 10, 2026
* feat: initial Rust Core (cpex-core and cpex-sdk) (#13) * feat: initial revision rust core. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: addressed comments in PR. Updated PluginContext to match spec. Signed-off-by: Teryl Taylor <terylt@ibm.com> --------- Signed-off-by: Teryl Taylor <terylt@ibm.com> Co-authored-by: Teryl Taylor <terylt@ibm.com> * feat: CPEX Rust config (#38) * feat: added yaml and routing rule support. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added example code to show how to load manager and plugins. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fixes: updated plugin errors, configs to more match python. Signed-off-by: Teryl Taylor <terylt@ibm.com> --------- Signed-off-by: Teryl Taylor <terylt@ibm.com> Co-authored-by: Teryl Taylor <terylt@ibm.com> * feat: RUST with CMF and extensions. (#44) * feat: initial revision rust core. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: addressed comments in PR. Updated PluginContext to match spec. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added yaml and routing rule support. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added example code to show how to load manager and plugins. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fixes: updated plugin errors, configs to more match python. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: RUST CMF initial revision. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added invoke named support, added constants, fixed reviewed code. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added owned extensions and did some refactoring. Signed-off-by: Teryl Taylor <terylt@ibm.com> --------- Signed-off-by: Teryl Taylor <terylt@ibm.com> Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> Co-authored-by: Teryl Taylor <terylt@ibm.com> Co-authored-by: Frederico Araujo <frederico.araujo@ibm.com> * feat: cgo Go bindings (#45) * feat: initial revision rust core. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: addressed comments in PR. Updated PluginContext to match spec. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added yaml and routing rule support. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added example code to show how to load manager and plugins. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fixes: updated plugin errors, configs to more match python. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: RUST CMF initial revision. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added invoke named support, added constants, fixed reviewed code. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added owned extensions and did some refactoring. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added cgo and golang bindings, examples and readme. Signed-off-by: Teryl Taylor <terylt@ibm.com> * address P0/P1/P2 review findings (except #17) Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: address remaining P2/P3 review findings + testing gaps Signed-off-by: Teryl Taylor <terylt@ibm.com> * docs: add CPEX Go public API spec Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * docs: renamed document Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * feat(cpex-rust): CGO review passes 1-11 + lint cleanup + Makefile targets Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: address linting issues, updated makefile to support building examples. Signed-off-by: Teryl Taylor <terylt@ibm.com> * docs: updated the go spec to reflect recent changes. Signed-off-by: Teryl Taylor <terylt@ibm.com> --------- Signed-off-by: Teryl Taylor <terylt@ibm.com> Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> Co-authored-by: Teryl Taylor <terylt@ibm.com> Co-authored-by: Frederico Araujo <frederico.araujo@ibm.com> * docs: intial rust specification (#50) Co-authored-by: Teryl Taylor <terylt@ibm.com> * feat: change Plugin handler to async for performance (#49) Co-authored-by: Teryl Taylor <terylt@ibm.com> * fix: missing cmf-demo main.go file and gitignore fix that missed it (#52) Co-authored-by: Teryl Taylor <terylt@ibm.com> * feat: initial APL Rust implementation (#60) * fix: initial revision APL. * feat: apl-cpex bridge crate + plugin-registry-driven hook dispatch * feat: add support for plugin calling in APL routes. * feat: add more APL plugin support, unified config * feat: added cedar direct PDP. * feat: add identity hook and extensions. * feat: added token delegation hooks and tests. * feat: added plugin for jwt token identity, oauth and biscuit delegation, cedarling PDP. Signed-off-by: Teryl Taylor <terylt@ibm.com> * fix: updated identity and delegation to support keycloak. added delegate() function, and identity sections. * fix: added some sample plugins, added updates to support cedar. Signed-off-by: Teryl Taylor <terylt@ibm.com> * feat: added session support, serialize and parallel and full effects capabilities. * feat: add ffi pre-built .a library Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * chore: add workflow_dispatch target Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * fix: critical and high issues from review. * feat: add APL FFI and go bindings Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * chore: add musl tools to musl runners Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * fix: potential double free after use bug. * chore: update Go module paths after repo rename to cpex * feat: map identity extension into cpex ffi Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * feat: add cpex_invoke_resolved abi Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * fix: has_hook_for handling Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * chore: update headers Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> --------- Signed-off-by: Teryl Taylor <terylt@ibm.com> Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> Co-authored-by: Frederico Araujo <frederico.araujo@ibm.com> * fix: session binding Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * chore: updated comments Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> * tests: added more session tests for Tier 1 ids. --------- Signed-off-by: Teryl Taylor <terylt@ibm.com> Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com> Co-authored-by: terylt <30874627+terylt@users.noreply.github.com> Co-authored-by: Teryl Taylor <terylt@ibm.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
feat/apl_rust — APL policy engine, identity stack, and pluggable IAM for CPEX Rust
This branch turns the Phase-1a CPEX Rust core into a full policy-driven, identity-aware plugin runtime — a Rust port of the Python
apl-pluginsdesign, with the conditional-effects work (when/do/parallel/taint) and the typed-hook plumbing the original lacked.Closes: #23
Scope: 24 commits, 240+ files, ~70k LOC. Tests: 746 across the workspace, 0 fail.
What's new — at a glance
apl-coremask,redact,omit,hash), conditional effects (when:/do:),sequential:/parallel:, content effects, PDP calls, taints, delegation.apl-cmfcpex-core::Extensions→ APL's flatAttributeBag(role.*,perm.*,delegation.*,args.*,result.*,session.*) so predicates can read typed identity without knowing the shape of the underlying extension.apl-cpexPluginInvoker/DelegationInvokertrait implementations that bridge APL's evaluator into typed CPEX hook dispatch (invoke_named::<CmfHook>,::<TokenDelegateHook>). Owns the request-scopedCmfPluginInvoker, the route dispatch plan cache, the session store, and the syntheticAplRouteHandlerplugin that wraps APL eval into a normal cpex-core plugin.cpex-orchestrationrun_brancheshelper —JoinSet + abort_on_deny + per-branch timeout. Used by bothcpex-core::executor::run_concurrent_phaseandapl-core::dispatch_parallel.Identity & delegation
A first-class identity story, distinct from "auth happens upstream":
SubjectExtension/WorkloadIdentityincpex-core::extensions::securitymodel end-user, calling agent, and our gateway as separate typed identities — the basis for predicates likerequire(role.hr),perm.view_ssn, and the new identity-derived session id.DelegationExtension+ theTokenDelegateHookhook type carry an arbitrary chain of acting subjects with attenuated grants. Surfaces in APL asdelegation.depth,delegation.chain[*],delegation.granted_permissions.apl-identity-jwt— JWT identity resolver with configurable claim mapping. Readssub/act.sub/aud/ roles / permissions into the structured extensions; raw claims preserved insubject.claimsfor tier-1 session resolution.apl-delegator-oauth— RFC 8693 token exchange. The mint-on-demand path: APL writesdelegate(workday-oauth, audience: workday-api, permissions: [...]), the delegator hits the IdP, and the outbound request carries a freshly-minted audience-scoped token — never the user's original IdP JWT.apl-delegator-biscuit— Biscuit-based delegation as an alternative to OAuth token-exchange. Reference implementation for IETF draft-prakash-aip-00 (Agent Identity Protocol) "Chained Mode."SessionResolver(apl-cpex/src/session_resolver.rs) —agent.session_id→ JWTsession_idclaim →X-CPEX-Session-Idheader →sha256(sub:caller:gateway)[:16]→ none. Ported from Python apl-plugins, with the agent-tier added so plugins can inject pre-resolved session ids without inventing a new API.PDP integration
APL can defer decisions to an external policy engine via a
pdp(...)step. Two backends ship:apl-pdp-cedar-direct— In-process Cedar evaluation against an embedded policy store. Fast (no network) for tightly-coupled use cases.apl-cedarling— Cedarling-mediated (Janssen) Cedar evaluation. Adds signed policy stores, multi-issuer JWT validation, and (with Lock Server) centralized policy management. Pluggable via thePdpDialectenum so both can coexist on the same route.Plugin ecosystem (proof the framework actually composes)
apl-pii-scanner—cmf.tool_pre_invokeplugin that catches SSN/credit-card/etc. patterns in args. ReturnsPluginViolationwith codepii.detected.apl-audit-logger—cmf.tool_pre_invokeaudit plugin that logs every dispatch including denied ones. Demonstrates the audit/non-blocking plugin pattern.PluginError+PluginViolationtypes, follow thePluginConfig-only constructor convention, and live as their own crates with their ownPluginFactoryimpls.CPEX core changes
The runtime needed several enhancements to support the APL stack. These landed as standalone, generally-useful improvements:
Stepenum collapsed intoEffect.policy:is nowVec<Effect>directly. One IR vocabulary, one dispatch path (dispatch_effect), one static validator walk.Effect::Sequential/Effect::Parallelorchestration (E3): Side-effect lists run in-order-with-halt or concurrently-with-abort-on-deny. Built on the newcpex-orchestration::run_branches. Static parallel-purity validator rejects mutation effects inside parallel blocks at config-load.parallel:blocks are registered with safe modes (Audit / Concurrent / FireAndForget). Sequential / Transform plugins are rejected — their writes would silently vanish in a discarded branch.cpex-core::executor::run_concurrent_phasemigrated from its custom JoinSet machinery to the sharedrun_branches. Fixed a latent panic-index attribution bug in the process.Effect::Taint { scopes: [Session] }now actually labels the session. NewCmfPluginInvoker::apply_session_taintsdrainsRouteDecision.taintsintosecurity.labels; the existingpersist_sessiondiff catches them and writes to theSessionStore. Closes the "policy with side-effects" pitch — writingtaint(audit, session)in YAML actually causes the session to be permanently labelled and observable in subsequent requests.Testing
apl-coreunit + IR + parser + evaluatorapl-cmfend-to-end + bridgeapl-cpexinvokers + visitor + plan + resolvercpex-coreruntime + executor + hookscpex-orchestrationapl-pdp-cedar-direct,apl-cedarling,apl-pii-scanner,apl-audit-logger,apl-delegator-*,apl-identity-jwtMigration notes / breaking changes
apl-corepublic API switched fromevaluate_steps(&[Step], ...)toevaluate_effects(&[Effect], ...).Stepis now a parser-internalpub(crate)type. Callers buildingVec<Step>should switch toVec<Effect>(Effect::When { condition, body, source }replacesStep::Rule(Rule)).&dyn PluginInvokerto&Arc<dyn PluginInvoker>(same forDelegationInvokerandPdpResolver) soEffect::Parallelcan spawn branches across OS threads. Consumers holding concrete types (e.g.Arc::new(CmfPluginInvoker::for_request(...))) need a one-line upcast:let invoker_dyn: Arc<dyn PluginInvoker> = invoker.clone();.CmfPluginInvokerno longer pulls only fromextensions.agent.session_id. The 5-tier resolver kicks in. Existing callers that only setagent.session_idstill work — it's tier 0, highest priority.