neuron_auth_k8s/
lib.rs

1#![deny(missing_docs)]
2//! Stub Kubernetes ServiceAccount projected token auth provider.
3//!
4//! This crate provides the correct trait impl shape for a K8s auth provider.
5//! The actual K8s integration is not implemented — all provide calls return
6//! `AuthError::BackendError`.
7
8use async_trait::async_trait;
9use neuron_auth::{AuthError, AuthProvider, AuthRequest, AuthToken};
10
11/// Stub for K8s ServiceAccount projected token.
12pub struct K8sAuthProvider {
13    _namespace: String,
14}
15
16impl K8sAuthProvider {
17    /// Create a new K8s auth provider (stub).
18    pub fn new(namespace: impl Into<String>) -> Self {
19        Self {
20            _namespace: namespace.into(),
21        }
22    }
23}
24
25#[async_trait]
26impl AuthProvider for K8sAuthProvider {
27    async fn provide(&self, _request: &AuthRequest) -> Result<AuthToken, AuthError> {
28        Err(AuthError::BackendError("K8sAuthProvider is a stub".into()))
29    }
30}
31
32#[cfg(test)]
33mod tests {
34    use super::*;
35    use std::sync::Arc;
36
37    fn _assert_send_sync<T: Send + Sync>() {}
38
39    #[test]
40    fn object_safety() {
41        _assert_send_sync::<Box<dyn AuthProvider>>();
42        _assert_send_sync::<Arc<dyn AuthProvider>>();
43        let _: Arc<dyn AuthProvider> = Arc::new(K8sAuthProvider::new("default"));
44    }
45
46    #[tokio::test]
47    async fn returns_stub_error() {
48        let provider = K8sAuthProvider::new("default");
49        let err = provider.provide(&AuthRequest::new()).await.unwrap_err();
50        assert!(matches!(err, AuthError::BackendError(_)));
51        assert!(err.to_string().contains("stub"));
52    }
53}
neuron_auth_k8s/lib.rs

neuron_auth_k8s/
lib.rs
