AAuth: HTTP Message Signature verification (RFC 9421 + draft-hardt-httpbis-signature-key)

Cargo.toml

@@ -6,11 +6,13 @@ wiremock = { git = "https://github.com/howardjohn/wiremock-rs", rev = "e55f5b960
 [workspace]
 resolver = "2"
 members = [
+    "crates/aauth",
     "crates/agentgateway",
     "crates/agentgateway-app",
     "crates/cel-fork/cel",
     "crates/cel-fork/cel-derive",
     "crates/celx",
+    "crates/http-message-sig",
     "crates/pool",
     "crates/core",
     "crates/hbone",
@@ -19,11 +21,13 @@ members = [
     "crates/xtask",
 ]
 default-members = [
+    "crates/aauth",
     "crates/agentgateway",
     "crates/agentgateway-app",
     "crates/cel-fork/cel",
     "crates/cel-fork/cel-derive",
     "crates/celx",
+    "crates/http-message-sig",
     "crates/pool",
     "crates/core",
     "crates/hbone",
@@ -39,6 +43,7 @@ license = "Apache-2.0"
 publish = false
 
 [workspace.dependencies]
+aauth = { path = "crates/aauth" }
 agent-core = { path = "crates/core" }
 agent-celx = { path = "crates/celx" }
 agent-hbone = { path = "crates/hbone" }
@@ -47,6 +52,7 @@ agent-xds = { path = "crates/xds" }
 agentgateway = { path = "crates/agentgateway" }
 cel = { path = "crates/cel-fork/cel" }
 cel-derive = { path = "crates/cel-fork/cel-derive" }
+http-message-sig = { path = "crates/http-message-sig" }
 protos = { path = "crates/protos" }
 atomic_float = { version = "1.1.0", features = ["serde"] }
 anyhow = "1.0"

crates/aauth/Cargo.toml

@@ -0,0 +1,15 @@
+[package]
+name = "aauth"
+version.workspace = true
+edition.workspace = true
+license.workspace = true
+publish.workspace = true
+
+[dependencies]
+base64.workspace = true
+http-message-sig.workspace = true
+jsonwebtoken.workspace = true
+serde.workspace = true
+serde_json.workspace = true
+thiserror.workspace = true
+url.workspace = true

crates/aauth/src/errors.rs

@@ -0,0 +1,30 @@
+use thiserror::Error;
+
+/// Errors from AAuth token validation.
+///
+/// Errors from the underlying HTTP signing layer are forwarded transparently via `#[from]` on
+/// [`http_message_sig::Error`]. Callers wanting to react to a specific signing error should match
+/// on the embedded variant rather than parsing the display string.
+#[derive(Debug, Error)]
+pub enum AAuthError {
+	#[error("HTTP signing error: {0}")]
+	Signing(#[from] http_message_sig::Error),
+
+	#[error("failed to fetch JWKS: {0}")]
+	JwksFetch(String),
+
+	#[error("JWT validation failed: {0}")]
+	JwtValidation(String),
+
+	#[error("audience mismatch")]
+	AudienceMismatch,
+
+	#[error("missing required claim: {0}")]
+	MissingClaim(String),
+
+	#[error("invalid issuer URL: must be HTTPS with host only (no port, path, query, or fragment)")]
+	InvalidIssuerUrl,
+
+	#[error("act.sub claim does not match agent identifier")]
+	ActClaimMismatch,
+}

crates/aauth/src/lib.rs

@@ -0,0 +1,9 @@
+//! AAuth protocol token validation (draft-hardt-oauth-aauth-protocol).
+//!
+//! This crate implements AAuth agent and auth token validation. The underlying HTTP signing layer
+//! (RFC 9421 plus the HTTP Signature Keys draft) lives in [`http_message_sig`].
+
+pub mod errors;
+pub mod tokens;
+
+pub use errors::AAuthError;