118d12a3db
Abstractions for the Altcha-based proof-of-work module: - AltchaAttribute (AllowMobileAttestationBypass param) - IHasAltchaSolution — marker interface for request POCOs carrying the widget's solution payload over HTTP/gRPC transports - IAltchaVerifier / IAltchaChallengeProvider — transport-agnostic interfaces; default gRPC implementations ship in Svrnty.CQRS.Altcha.Grpc - IMobileAttestationProvider — Phase 3 placeholder; concrete impls stamp ctx.Items["mobile_attested"] for the Altcha check to read as a bypass when AllowMobileAttestationBypass is true - AltchaChallenge / AltchaVerifyResult DTOs Lean dependencies — only references Svrnty.CQRS.Abstractions for the auth-check pipeline types. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
22 lines
1.0 KiB
C#
22 lines
1.0 KiB
C#
namespace Svrnty.CQRS.Altcha.Abstractions;
|
|
|
|
/// <summary>
|
|
/// Phase 3 placeholder — when a future module implements Apple App Attest /
|
|
/// Google Play Integrity verification, it stamps
|
|
/// <see cref="Svrnty.CQRS.Abstractions.Security.AuthorizationCheckContext.Items"/>[<c>"mobile_attested"</c>]
|
|
/// based on the verification result, and the Altcha check reads that flag
|
|
/// to short-circuit when <see cref="AltchaAttribute.AllowMobileAttestationBypass"/>
|
|
/// is true.
|
|
/// </summary>
|
|
/// <remarks>
|
|
/// Intentionally left abstract and unwired in this phase. The interface
|
|
/// exists so Phase 3 can drop in an implementation without touching command
|
|
/// definitions or the Altcha check.
|
|
/// </remarks>
|
|
public interface IMobileAttestationProvider
|
|
{
|
|
/// <param name="attestationToken">Platform-specific attestation token from the request.</param>
|
|
/// <returns><c>true</c> if attestation passes; <c>false</c> otherwise.</returns>
|
|
Task<bool> VerifyAsync(string attestationToken, CancellationToken cancellationToken = default);
|
|
}
|