Function bridge_auth_middleware 

pub async fn bridge_auth_middleware<L: BridgeLookup>(
    __arg0: State<Arc<L>>,
    req: Request<Body>,
    next: Next,
) -> impl IntoResponse

Axum middleware that validates DID-signed bearer tokens for bridge endpoints.

Extracts the Authorization: Bearer <JWT> header, verifies the JWT signature against the operator’s DID document, validates temporal claims, and checks that the bridge is registered and active.

On success, inserts a BridgeAuthContext into the request extensions so downstream handlers can access the authenticated bridge identity.

Error Responses

• 401 BRIDGE_NOT_AUTHORIZED — Missing, invalid, or expired token; signature verification failure; bridge not found.
• 403 BRIDGE_SUSPENDED — The bridge exists but is suspended by context governance.

See spec sections 12.10.2 and 12.10.3.