feat(auth): allow consuming access tokens directly

[alvarowolfx]

Fixes #2929 and #3362

[alvarowolfx]

This is a WIP and is missing all documentation for the new interface.

Pros:

• AccessTokenCredentials is compatible with Credentials type (via automatic conversion to CredentialProvider -> Credentials)
• Reuse all current Builders and can selective pick which Credentials types would support that (we don't want API Key creds to support this)
  Cons:
• I don't like the build_access_token_credentials() method name. Too long and not sure if is a good pattern to add another final branch to a Builder.
• Introduces new AccessTokenCredentials which is almost the same as Credentials. Perhaps it can be simplified ?
• AccessTokenCredentialsProvider looks really similar to TokenProvider, can this be reused ?
  • Probably not, Token is private and we need a new AccessToken type to expose that.

[codecov]

Codecov Report

❌ Patch coverage is 98.18182% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 95.03%. Comparing base (3388d78) to head (67e9d89).
⚠️ Report is 2 commits behind head on main.

Files with missing lines	Patch %	Lines
src/auth/src/credentials.rs	95.45%	1 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3642   +/-   ##
=======================================
  Coverage   95.02%   95.03%           
=======================================
  Files         161      161           
  Lines        6049     6097   +48     
=======================================
+ Hits         5748     5794   +46     
- Misses        301      303    +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coryan]

I don't know what is the exact level of test coverage we want, but 46% is too low.

[alvarowolfx]

I don't know what is the exact level of test coverage we want, but 46% is too low.

this is also missing tests, is just a draft for the public API.

[dbolduc]

FWIW, this approach makes a lot of sense to me. It is lamentable that we are already making backwards compatibility sacrifices in version 1.1.0 of a library, but that is where we are.

I think I messed up by making Credentials an opaque object instead of a trait. I think at the time I was afraid of all the generics that entailed... but now I realize that is just what flexible Rust looks like.

[coryan]

Marking as draft. If / when it is ready for review please let us know.

[alvarowolfx]

Marking as draft. If / when it is ready for review please let us know.

@coryan it was ready to review, but I think I'll split into smaller PRs to make it easier to review. Unless you think this is in a reasonable size.

[coryan]

@dbolduc can you take another look?

[dbolduc]

The code looks really good, and I would symbolically approve the PR. I think my comments are mostly grammar nits.

I need an explicit answer on why we are abandoning Extensions / CacheableResource for the AccessToken before I can approve though.

[dbolduc]

nit: s/Credentials/AccessTokenCredentials/

[dbolduc]

nit: s/a unsupported/an unsupported/

[dbolduc]

nit: s/json/the JSON for a credential/ ?

[dbolduc]

nit: s/Returns a/Returns an/

[dbolduc]

nit: reflow?

we do not have any sort of tool. I just manully cut lines off at or before 80 characters. 🤷

Also consider a paragraph break before "For more information..."

[dbolduc]

optional nit: paragraph break before "For more information..."

[alvarowolfx]

The code looks really good, and I would symbolically approve the PR. I think my comments are mostly grammar nits.

I need an explicit answer on why we are abandoning Extensions / CacheableResource for the AccessToken before I can approve though.

pushed some updates addressing the nits in the docs and also made some improvements so customers can mock the new trait