phase 2: messages, session handshake, capability negotiation (gate 2)

Author: nficano

lib/src/main/java/dev/arcp/auth/CredentialValidator.java

@@ -0,0 +1,23 @@
+package dev.arcp.auth;
+
+/**
+ * Pluggable validator for credentials presented during a session handshake (RFC
+ * §8). Returns an authenticated {@link Principal} or throws.
+ *
+ * <p>
+ * The SDK provides reference implementations: {@link StaticBearerValidator} and
+ * {@link JwtValidator}. Production users supply their own.
+ */
+@FunctionalInterface
+public interface CredentialValidator {
+
+	/**
+	 * @param credentials
+	 *            caller-presented credentials.
+	 * @return the authenticated principal on success.
+	 * @throws dev.arcp.error.ARCPException
+	 *             with {@code UNAUTHENTICATED} when the credentials are
+	 *             unacceptable.
+	 */
+	Principal validate(Credentials credentials);
+}

lib/src/main/java/dev/arcp/auth/Credentials.java

@@ -0,0 +1,52 @@
+package dev.arcp.auth;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonSubTypes;
+import com.fasterxml.jackson.annotation.JsonTypeInfo;
+import org.jspecify.annotations.Nullable;
+
+/**
+ * Sealed root of credential payloads carried in {@code session.open} and
+ * {@code session.authenticate} (RFC §8.2). v0.1 ships
+ * {@link BearerCredentials}, {@link JwtCredentials}, and
+ * {@link NoneCredentials}.
+ */
+@JsonTypeInfo(use = JsonTypeInfo.Id.NAME, include = JsonTypeInfo.As.PROPERTY, property = "scheme", visible = true)
+@JsonSubTypes({@JsonSubTypes.Type(value = Credentials.BearerCredentials.class, name = "bearer"),
+		@JsonSubTypes.Type(value = Credentials.JwtCredentials.class, name = "signed_jwt"),
+		@JsonSubTypes.Type(value = Credentials.NoneCredentials.class, name = "none")})
+public sealed interface Credentials {
+
+	/** @return the canonical scheme name (RFC §8.2). */
+	String scheme();
+
+	/** Cleartext bearer token (§8.2). */
+	@JsonInclude(JsonInclude.Include.NON_NULL)
+	record BearerCredentials(@JsonProperty("scheme") String scheme,
+			@JsonProperty("token") String token) implements Credentials {
+		public BearerCredentials(String token) {
+			this("bearer", token);
+		}
+	}
+
+	/** Signed JWT (§8.2). */
+	@JsonInclude(JsonInclude.Include.NON_NULL)
+	record JwtCredentials(@JsonProperty("scheme") String scheme,
+			@JsonProperty("jwt") String jwt) implements Credentials {
+		public JwtCredentials(String jwt) {
+			this("signed_jwt", jwt);
+		}
+	}
+
+	/**
+	 * Anonymous (§8.2). Only honored when the {@code anonymous} capability is true.
+	 */
+	@JsonInclude(JsonInclude.Include.NON_NULL)
+	record NoneCredentials(@JsonProperty("scheme") String scheme,
+			@JsonProperty("subject") @Nullable String subject) implements Credentials {
+		public NoneCredentials() {
+			this("none", null);
+		}
+	}
+}

lib/src/main/java/dev/arcp/auth/Identity.java

@@ -0,0 +1,15 @@
+package dev.arcp.auth;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import org.jspecify.annotations.Nullable;
+
+/**
+ * Identity advertised in {@code session.accepted} (RFC §8.3): the runtime's
+ * {@code kind}/{@code version}/{@code fingerprint} and the authenticated
+ * principal's {@code trust_level}.
+ */
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public record Identity(@JsonProperty("kind") String kind, @JsonProperty("version") String version,
+		@JsonProperty("fingerprint") @Nullable String fingerprint, @JsonProperty("trust_level") String trustLevel) {
+}

lib/src/main/java/dev/arcp/auth/JwtValidator.java

@@ -0,0 +1,87 @@
+package dev.arcp.auth;
+
+import com.nimbusds.jose.JOSEException;
+import com.nimbusds.jose.JWSAlgorithm;
+import com.nimbusds.jose.JWSVerifier;
+import com.nimbusds.jose.crypto.MACVerifier;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.SignedJWT;
+import dev.arcp.error.ARCPException;
+import dev.arcp.error.ErrorCode;
+import java.text.ParseException;
+import java.time.Clock;
+import java.time.Instant;
+import java.util.Objects;
+
+/**
+ * HMAC-SHA256 JWT validator (RFC §8.2 {@code signed_jwt}). Verifies signature,
+ * expiry, and issuer; returns a {@link Principal} keyed on the {@code sub}
+ * claim.
+ *
+ * <p>
+ * Production deployments substitute a richer validator for RSA/EC keys and
+ * JWKS-backed key rotation; this implementation covers the v0.1 reference
+ * surface.
+ */
+public final class JwtValidator implements CredentialValidator {
+
+	private final JWSVerifier verifier;
+	private final String expectedIssuer;
+	private final Clock clock;
+
+	public JwtValidator(byte[] hmacKey, String expectedIssuer) {
+		this(hmacKey, expectedIssuer, Clock.systemUTC());
+	}
+
+	public JwtValidator(byte[] hmacKey, String expectedIssuer, Clock clock) {
+		Objects.requireNonNull(hmacKey, "hmacKey");
+		this.expectedIssuer = Objects.requireNonNull(expectedIssuer, "expectedIssuer");
+		this.clock = Objects.requireNonNull(clock, "clock");
+		try {
+			this.verifier = new MACVerifier(hmacKey);
+		} catch (JOSEException e) {
+			throw new ARCPException(ErrorCode.INTERNAL, "could not build JWT verifier", e);
+		}
+	}
+
+	@Override
+	public Principal validate(Credentials credentials) {
+		if (!(credentials instanceof Credentials.JwtCredentials jwt)) {
+			throw new ARCPException(ErrorCode.UNAUTHENTICATED, "signed_jwt scheme required");
+		}
+		SignedJWT parsed;
+		try {
+			parsed = SignedJWT.parse(jwt.jwt());
+		} catch (ParseException e) {
+			throw new ARCPException(ErrorCode.UNAUTHENTICATED, "malformed JWT", e);
+		}
+		if (!JWSAlgorithm.HS256.equals(parsed.getHeader().getAlgorithm())) {
+			throw new ARCPException(ErrorCode.UNAUTHENTICATED, "expected HS256 JWT");
+		}
+		try {
+			if (!parsed.verify(verifier)) {
+				throw new ARCPException(ErrorCode.UNAUTHENTICATED, "bad signature");
+			}
+		} catch (JOSEException e) {
+			throw new ARCPException(ErrorCode.UNAUTHENTICATED, "verifier error", e);
+		}
+		JWTClaimsSet claims;
+		try {
+			claims = parsed.getJWTClaimsSet();
+		} catch (ParseException e) {
+			throw new ARCPException(ErrorCode.UNAUTHENTICATED, "malformed claims", e);
+		}
+		if (!expectedIssuer.equals(claims.getIssuer())) {
+			throw new ARCPException(ErrorCode.UNAUTHENTICATED, "bad issuer");
+		}
+		if (claims.getExpirationTime() == null || claims.getExpirationTime().toInstant().isBefore(Instant.now(clock))) {
+			throw new ARCPException(ErrorCode.UNAUTHENTICATED, "expired or missing exp");
+		}
+		String subject = claims.getSubject();
+		if (subject == null || subject.isBlank()) {
+			throw new ARCPException(ErrorCode.UNAUTHENTICATED, "missing subject");
+		}
+		String trust = claims.getClaim("trust_level") instanceof String s ? s : "trusted";
+		return new Principal(subject, trust);
+	}
+}

lib/src/main/java/dev/arcp/auth/Principal.java

@@ -0,0 +1,16 @@
+package dev.arcp.auth;
+
+/**
+ * An authenticated session principal. {@link #subject} is the logical identity
+ * (e.g. user id, service account); {@link #trustLevel} maps to one of
+ * {@code untrusted | constrained | trusted | privileged} (RFC §15.3).
+ */
+public record Principal(String subject, String trustLevel) {
+
+	/**
+	 * Anonymous principal used when the {@code anonymous} capability is in force.
+	 */
+	public static Principal anonymous() {
+		return new Principal("anonymous", "untrusted");
+	}
+}

lib/src/main/java/dev/arcp/auth/StaticBearerValidator.java

@@ -0,0 +1,33 @@
+package dev.arcp.auth;
+
+import dev.arcp.error.ARCPException;
+import dev.arcp.error.ErrorCode;
+import java.util.Map;
+import java.util.Objects;
+
+/**
+ * In-memory bearer-token validator. Maps each accepted token to a
+ * {@link Principal}; rejects everything else with
+ * {@link ErrorCode#UNAUTHENTICATED}. Suitable for tests and reference runtimes;
+ * not a substitute for a real identity provider.
+ */
+public final class StaticBearerValidator implements CredentialValidator {
+
+	private final Map<String, Principal> tokens;
+
+	public StaticBearerValidator(Map<String, Principal> tokens) {
+		this.tokens = Map.copyOf(Objects.requireNonNull(tokens, "tokens"));
+	}
+
+	@Override
+	public Principal validate(Credentials credentials) {
+		if (!(credentials instanceof Credentials.BearerCredentials bearer)) {
+			throw new ARCPException(ErrorCode.UNAUTHENTICATED, "bearer scheme required");
+		}
+		Principal p = tokens.get(bearer.token());
+		if (p == null) {
+			throw new ARCPException(ErrorCode.UNAUTHENTICATED, "unknown bearer token");
+		}
+		return p;
+	}
+}

lib/src/main/java/dev/arcp/auth/package-info.java

@@ -0,0 +1,6 @@
+/**
+ * Authentication schemes (RFC §8.2). v0.1 implements {@code bearer},
+ * {@code signed_jwt}, and {@code none} (only when capability is negotiated).
+ */
+@org.jspecify.annotations.NullMarked
+package dev.arcp.auth;

lib/src/main/java/dev/arcp/capability/Capabilities.java

@@ -0,0 +1,32 @@
+package dev.arcp.capability;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import java.util.List;
+import java.util.Set;
+import org.jspecify.annotations.Nullable;
+
+/**
+ * Negotiated capability set (RFC §7). Absent boolean capabilities are treated
+ * as {@code false}; the explicit-{@code false} encoding here matches that
+ * default. Extension namespaces are listed in {@link #extensions}.
+ */
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public record Capabilities(@JsonProperty("anonymous") boolean anonymous, @JsonProperty("streaming") boolean streaming,
+		@JsonProperty("human_input") boolean humanInput, @JsonProperty("permissions") boolean permissions,
+		@JsonProperty("artifacts") boolean artifacts, @JsonProperty("subscriptions") boolean subscriptions,
+		@JsonProperty("interrupt") boolean interrupt,
+		@JsonProperty("heartbeat_recovery") @Nullable String heartbeatRecovery,
+		@JsonProperty("heartbeat_interval_seconds") int heartbeatIntervalSeconds,
+		@JsonProperty("binary_encoding") @Nullable List<String> binaryEncoding,
+		@JsonProperty("extensions") @Nullable Set<String> extensions) {
+
+	/** Default empty capability set; every flag is false. */
+	public static final Capabilities NONE = new Capabilities(false, false, false, false, false, false, false, null, 0,
+			null, null);
+
+	/** Capability set advertised by the v0.1 reference runtime. */
+	public static Capabilities reference() {
+		return new Capabilities(true, true, true, true, true, true, true, "block", 30, List.of("base64"), Set.of());
+	}
+}

lib/src/main/java/dev/arcp/capability/CapabilityNegotiator.java

@@ -0,0 +1,52 @@
+package dev.arcp.capability;
+
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import org.jspecify.annotations.Nullable;
+
+/**
+ * Computes the negotiated intersection of two {@link Capabilities} sets (RFC
+ * §7). Required-but-unsupported features yield a {@code session.rejected}
+ * higher up; this class only computes the intersection — call sites enforce the
+ * {@code required} contract.
+ */
+public final class CapabilityNegotiator {
+
+	private CapabilityNegotiator() {
+	}
+
+	/** AND-intersection of the two sets, used during session.accepted. */
+	public static Capabilities intersect(Capabilities a, Capabilities b) {
+		Set<String> exts = new HashSet<>();
+		if (a.extensions() != null) {
+			exts.addAll(a.extensions());
+		}
+		if (b.extensions() != null) {
+			exts.retainAll(b.extensions());
+		} else {
+			exts.clear();
+		}
+		List<String> encoding = intersectList(a.binaryEncoding(), b.binaryEncoding());
+		String hbRecovery = a.heartbeatRecovery() != null && a.heartbeatRecovery().equals(b.heartbeatRecovery())
+				? a.heartbeatRecovery()
+				: null;
+		int hbInterval = Math.min(positive(a.heartbeatIntervalSeconds(), 30),
+				positive(b.heartbeatIntervalSeconds(), 30));
+		return new Capabilities(a.anonymous() && b.anonymous(), a.streaming() && b.streaming(),
+				a.humanInput() && b.humanInput(), a.permissions() && b.permissions(), a.artifacts() && b.artifacts(),
+				a.subscriptions() && b.subscriptions(), a.interrupt() && b.interrupt(), hbRecovery, hbInterval,
+				encoding, exts);
+	}
+
+	private static int positive(int v, int fallback) {
+		return v <= 0 ? fallback : v;
+	}
+
+	private static List<String> intersectList(@Nullable List<String> a, @Nullable List<String> b) {
+		if (a == null || b == null) {
+			return List.of();
+		}
+		return a.stream().filter(b::contains).toList();
+	}
+}

lib/src/main/java/dev/arcp/capability/package-info.java

@@ -0,0 +1,7 @@
+/**
+ * Capability negotiation primitives (RFC §7). Absent boolean capabilities are
+ * treated as {@code false}; required-but-unsupported features yield
+ * {@code session.rejected/UNIMPLEMENTED}.
+ */
+@org.jspecify.annotations.NullMarked
+package dev.arcp.capability;