sgard

sc/sgard

Fork 0

Commit Graph

Author	SHA1	Message	Date
Kyle Isom	2ff9fe2f50	Step 31: Proto + sync update for targeting. Added only/never repeated string fields to ManifestEntry proto. Updated convert.go for round-trip. Targeting test in convert_test.go. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-24 22:55:02 -07:00
Kyle Isom	edef642025	Implement JWT token auth with transparent auto-renewal. Replace per-call SSH signing with a two-layer auth system: Server: AuthInterceptor verifies JWT tokens (HMAC-SHA256 signed with repo-local jwt.key). Authenticate RPC accepts SSH-signed challenges and issues 30-day JWTs. Expired-but-valid tokens return a ReauthChallenge in error details (server-provided nonce for fast re-auth). Authenticate RPC is exempt from token requirement. Client: TokenCredentials replaces SSHCredentials as the primary PerRPCCredentials. NewWithAuth creates clients with auto-renewal — EnsureAuth obtains initial token, retryOnAuth catches Unauthenticated errors and re-authenticates transparently. Token cached at $XDG_STATE_HOME/sgard/token (0600). CLI: dialRemote() helper handles token loading, connection setup, and initial auth. Push/pull/prune commands simplified to use it. Proto: Added Authenticate RPC, AuthenticateRequest/Response, ReauthChallenge messages. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-24 00:52:16 -07:00
Kyle Isom	0113703908	Step 9: Proto definitions and gRPC code generation. Define GardenSync service with 5 RPCs: PushManifest, PushBlobs, PullManifest, PullBlobs, Prune. Messages for manifest, entries, blob chunks (64 KiB streaming), and push/pull protocol flow. Generated Go code in sgardpb/. Added Makefile proto target, gRPC + protobuf + x/crypto deps, protoc tools to flake devShell. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-23 23:12:10 -07:00

Author

SHA1

Message

Date

Kyle Isom

2ff9fe2f50

Step 31: Proto + sync update for targeting.

Added only/never repeated string fields to ManifestEntry proto.
Updated convert.go for round-trip. Targeting test in convert_test.go.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-24 22:55:02 -07:00

Kyle Isom

edef642025

Implement JWT token auth with transparent auto-renewal.

Replace per-call SSH signing with a two-layer auth system:

Server: AuthInterceptor verifies JWT tokens (HMAC-SHA256 signed with
repo-local jwt.key). Authenticate RPC accepts SSH-signed challenges
and issues 30-day JWTs. Expired-but-valid tokens return a
ReauthChallenge in error details (server-provided nonce for fast
re-auth). Authenticate RPC is exempt from token requirement.

Client: TokenCredentials replaces SSHCredentials as the primary
PerRPCCredentials. NewWithAuth creates clients with auto-renewal —
EnsureAuth obtains initial token, retryOnAuth catches Unauthenticated
errors and re-authenticates transparently. Token cached at
$XDG_STATE_HOME/sgard/token (0600).

CLI: dialRemote() helper handles token loading, connection setup,
and initial auth. Push/pull/prune commands simplified to use it.

Proto: Added Authenticate RPC, AuthenticateRequest/Response,
ReauthChallenge messages.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-24 00:52:16 -07:00

Kyle Isom

0113703908

Step 9: Proto definitions and gRPC code generation.

Define GardenSync service with 5 RPCs: PushManifest, PushBlobs,
PullManifest, PullBlobs, Prune. Messages for manifest, entries,
blob chunks (64 KiB streaming), and push/pull protocol flow.

Generated Go code in sgardpb/. Added Makefile proto target, gRPC +
protobuf + x/crypto deps, protoc tools to flake devShell.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-23 23:12:10 -07:00

3 Commits