Report vulnerabilities via project-level SECURITY.md.
Security in the auth module focuses on fail-closed identity validation, resilient credential/token handling, replay/revocation controls, and continuous trust verification boundaries.
| Threat | Current Mitigation Surface |
|---|---|
| forged or tampered tokens | signature/claim validation and revocation checks in token validators |
| credential brute-force and replay | rate-limiting, replay-cache, and blacklist/session controls |
| provider-integration abuse | explicit protocol adapters with structured validation and failure handling |
| cross-realm identity confusion | federated identity and principal validation boundaries |
| long-lived trust drift | zero-trust continuous verification and session enforcement paths |
- authentication adapters are explicit and method-specific.
- token/session flows include revocation/replay-aware support surfaces.
- audit and metrics paths provide security-relevant observability.
- policy/trust checks can gate downstream execution before business handlers.
- continue hardening distributed revocation and federation edge behavior.
- maintain strict handling for optional provider degradation scenarios.
- keep threat-specific diagnostics and enforcement behavior testable and observable.
- Verified files:
- src/auth/jwt_validator.cpp
- src/auth/token_blacklist.cpp
- src/auth/totp_replay_cache.cpp
- src/auth/session_manager.cpp
- src/auth/auth_rate_limiter.cpp
- src/auth/zero_trust_auth_verifier.cpp
- src/auth/auth_audit_logger.cpp
- Verified controls:
- fail-closed token and session validation surfaces
- replay/revocation and rate-limiting controls
- audit/trust verification paths