Implement Bearer token validation using jsonwebtoken with JWKS caching
and automatic key rotation handling. AuthState fetches keys from the
configured OIDC provider's jwks_uri at startup and refreshes on unknown
kid. Axum middleware (require_auth) protects write routes, injecting
AuthenticatedUser into request extensions. The auth_check admin endpoint
now performs real JWT validation when oauth2 is configured.
Includes architecture plan for the full publish API with RBAC at
docs/ai/plans/2026-04-09-publish-api-oidc.md.
Manifest text is now carried through the solver's ResolvedPkg and written
directly to disk during install, eliminating the redundant re-fetch from
the repository that could silently fail. save_manifest() is now mandatory
(fatal on error) since the .p5m file on disk is the authoritative record
for pkg verify and pkg fix.
Add ADRs for libips API layer (GUI sharing), OpenID Connect auth, and
SQLite catalog as query engine (including normalized installed_actions
table). Add phase plans for code hygiene, client completion, catalog
expansion, and OIDC authentication.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Introduced a series of planning documents detailing the Redb-based IPS index design, schema specification, and encoding strategies.
- Added a high-level overview of the core search index schema and the use of Redb MVCC transactions for consistency and performance improvements.
- Documented simplified schema definitions avoiding optional elements, focusing on compact encodings.
- Defined transitions to postcard-encoded binary formats, aligning with Rust’s serde for standardized serialization.
- Outlined migration strategies, invariants, error handling, and testing plans for index adoption.
- Enhanced documentation with structured explanations for developers to implement, extend, and migrate seamlessly to the new index model.
