Namespace JD.AI.Core.Security

Classes

ApiKeyAuthProvider

Simple API key authentication provider.

ApiKeyRecord

Metadata for an API key.

ApiKeyRotation

Manages API key lifecycle: generation, rotation, and expiry tracking.

CompositeAuthProvider

Chains multiple IAuthProvider implementations, trying each in order until one succeeds. Enables API key + JWT + future auth methods to coexist.

GatewayIdentity

Represents an authenticated identity (API key, OAuth token, etc.).

JwtAuthProvider

JWT bearer token authentication provider. Validates HMAC-SHA256 signed JWT tokens and extracts identity claims.

OutboundSecretScanningHandler

An HttpMessageHandler that scans outbound request bodies and headers for secrets before allowing the request to be sent. Uses a DataRedactor to detect matches.

PromptSafetyChecker

Detects common prompt injection patterns and attempts to override system instructions.

PromptSafetyResult

Result of a prompt injection safety check.

RateLimitResult

Result of a rate limit check with quota metadata.

RedisRateLimiter

Redis-backed distributed sliding window rate limiter using sorted sets. Falls back to local SlidingWindowRateLimiter if Redis is unavailable.

SecretPatternLibrary

A curated library of regex patterns for detecting common secret types. These patterns complement custom patterns loaded from policy YAML files.

SecurityException

Thrown when a security policy violation is detected — for example, when an outbound request is found to contain secrets or when a prompt injection is identified.

SlidingWindowRateLimiter

Simple sliding window rate limiter.

Interfaces

IAuthProvider

Authenticates requests to the gateway.

IRateLimiter

Rate limiter for gateway operations.

Enums

GatewayRole

Role hierarchy for access control.