Expand description
Phase 26 — pairing protocol.
Two coexisting protocols:
- DM challenge — opt-in inbound allowlist. A plugin (whatsapp,
telegram, …) calls
PairingGate::should_admitbefore publishing to the broker. Unknown senders get a one-time human-friendly code and the operator approves them via CLI / admin-ui. - Setup-code — operator-initiated.
agent pair startissues a short-lived HMAC-signed bearer token + a gateway URL, packs them into a base64url payload, and renders a QR. A companion app scans, opens the WS, presents the token, and gets a session token in return.
This crate is a leaf: it does not depend on nexo-core or any
plugin crate. The bin (src/main.rs) wires the store + the gate
into the plugins, and registers the CLI subcommand.
Re-exports§
pub use adapter::PairingChannelAdapter;pub use gate::PairingGate;pub use registry::PairingAdapterRegistry;pub use session_store::PairingSessionStore;pub use session_store::SessionRow;pub use setup_code::SetupCodeIssuer;pub use store::PairingStore;pub use types::AllowedSender;pub use types::ApprovedRequest;pub use types::Decision;pub use types::PairingError;pub use types::PairingPolicy;pub use types::PendingRequest;pub use types::SetupCode;pub use types::TokenClaims;pub use types::UpsertOutcome;
Modules§
- adapter
- Per-channel adapter the plugins implement.
- code
- Human-friendly pairing code generator.
- gate
- Hot-path inbound gate.
- qr
- QR rendering for the setup-code payload.
- registry
- Lookup table mapping
channel_id→ adapter implementation. - session_
store - Companion session tokens — issued after a successful WS handshake.
- setup_
code - HMAC-SHA256 bearer-token issuer.
- store
- SQLite-backed pairing storage.
- telemetry
- Phase 26.y — Prometheus telemetry for the pairing flow.
- types
- Public types shared by store / gate / setup-code.
- url_
resolver - Resolve the gateway URL for
agent pair start.