SMQ-1672 - Add asymmetric key authentication

[felixgateru]

What type of PR is this?

This is a refactor as it replaces symmetric key auth centered authentication with asymmetric per service based authentication.

What does this do?

New Features:

• Introduce KeyManager implementation providing SignJWT, ParseJWT, Rotate, and PublicJWKS methods
• Add HTTP endpoint at /.well-known/jwks.json to serve JSON Web Key Sets
• Add pkg/authn/jwks module for local token validation using fetched JWKS

Enhancements:

• Refactor JWT Tokenizer and Auth service to integrate with KeyManager instead of static secret
• Extend Auth service, middleware, and CLI clients to support JWKS-based authentication
• Update service interface and tests to include RetrieveJWKS and mock KeyManager/Tokenizer interactions

Which issue(s) does this PR fix/relate to?

• Related Issue Verification of JWT Token by service itself (possible with present symmetric encryption) & Consideration of asymmetric encryption for a JWT token #1672

Have you included tests for your changes?

Yes, tests have been updated

Did you document any new/modified feature?

Yes, in code documentation is included

Notes

sequenceDiagram
    participant Client
    participant JWKSAuthn as "JWKS AuthN Module"
    participant AuthService
    participant JWKS_EP as "JWKS HTTP Endpoint"
    Client->>JWKSAuthn: Send JWT for authentication
    JWKSAuthn->>JWKS_EP: GET /.well-known/jwks.json
    JWKS_EP->>AuthService: RetrieveJWKS()
    AuthService->>JWKS_EP: JWKS response
    JWKS_EP->>JWKSAuthn: JWKS keys
    JWKSAuthn->>Client: Validate JWT and respond

Loading

[codecov]

Codecov Report

❌ Patch coverage is 13.77049% with 263 lines in your changes missing coverage. Please review.
✅ Project coverage is 50.75%. Comparing base (0df8e84) to head (8ebb173).

Files with missing lines	Patch %	Lines
auth/keymanager/keymanager.go	0.00%	176 Missing ⚠️
auth/postgres/publickeys.go	0.00%	85 Missing ⚠️
auth/service.go	0.00%	2 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##             main    #3228       +/-   ##
===========================================
+ Coverage   39.59%   50.75%   +11.15%     
===========================================
  Files         318      165      -153     
  Lines       40152    25684    -14468     
===========================================
- Hits        15898    13035     -2863     
+ Misses      23336    11931    -11405     
+ Partials      918      718      -200     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dborovcanin]

@arvindh123 Please review.