refactor(gateway): consolidate admin auth/origin validation paths

[yacosta738]

This pull request refactors and reorganizes authentication and admin endpoint logic in the agent-runtime gateway. The main changes involve moving authentication helpers and admin endpoint guards to a new location, simplifying the code, and improving test coverage for edge cases. The changes also ensure stricter validation for bearer tokens and origin headers.

Authentication and Admin Endpoint Refactoring:

• Moved the extract_bearer_token function from mod.rs to utils.rs, and improved its implementation for stricter parsing and validation of bearer tokens. All usages in the codebase and tests have been updated to reference the new location. [1] [2] [3] [4]
• Removed the admin_requires_auth and admin_origin_guard functions from mod.rs, delegating admin authentication and origin checks to the admin module. The admin endpoints now call new async handler functions in the admin module, further modularizing the logic. [1] [2] [3]

Endpoint and Pairing Changes:

• Removed the /pair endpoint and related logic from auth.rs, as well as the persist_pairing_tokens function, indicating a shift in how pairing is managed.
• Updated imports to remove unused constants and functions related to pairing tokens.

Testing Improvements:

• Added new tests to verify that admin endpoints correctly reject requests with invalid bearer tokens and malformed origin headers, increasing coverage for security-related edge cases. [1] [2]
• Updated existing tests to use the new extract_bearer_token location and reference the correct constant for token length. [1] [2]

Miscellaneous:

• Minor fixes and improvements to test environment setup, including setting required environment variables for some tests and ensuring correct headers are present for admin endpoint tests. [1] [2] [3] [4]
• Fixed a minor formatting issue in the canonical_outcome_early_response function.

[linear]

DALLAY-145 fix(docs): resolve 404 issues by correcting relative links and moving diagram assets to public/

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 1c2372a7-1128-434b-9d6b-67241e8314f7

📥 Commits

Reviewing files that changed from the base of the PR and between 6a322d5 and 8223e50.

📒 Files selected for processing (2)

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: sonar
• GitHub Check: pr-checks
• GitHub Check: pr-checks
• GitHub Check: Cloudflare Pages

🧰 Additional context used

📓 Path-based instructions (6)

clients/agent-runtime/src/{security,gateway,tools}/**/*.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

Treat src/security/, src/gateway/, src/tools/ as high-risk surfaces and never broaden filesystem/network execution scope without explicit policy checks

Files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

clients/agent-runtime/src/**/*.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

clients/agent-runtime/src/**/*.rs: Never log secrets, tokens, raw credentials, or sensitive payloads in any logging statements
Avoid unnecessary allocations, clones, and blocking operations to maintain performance and efficiency

Files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

clients/agent-runtime/**/*.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

Run cargo fmt --all -- --check, cargo clippy --all-targets -- -D warnings, and cargo test for code validation, or document which checks were skipped and why

Files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

clients/agent-runtime/src/{security,gateway,tools,config}/**/*.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

Do not silently weaken security policy or access constraints; keep default behavior secure-by-default with deny-by-default where applicable

Files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

**/*.rs

⚙️ CodeRabbit configuration file

**/*.rs: Focus on Rust idioms, memory safety, and ownership/borrowing correctness.
Flag unnecessary clones, unchecked panics in production paths, and weak error context.
Prioritize unsafe blocks, FFI boundaries, concurrency races, and secret handling.

Files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

**/*

⚙️ CodeRabbit configuration file

**/*: Security first, performance second.
Validate input boundaries, auth/authz implications, and secret management.
Look for behavioral regressions, missing tests, and contract breaks across modules.

Files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

🧠 Learnings (8)

📓 Common learnings

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/{security,gateway,tools,config}/**/*.rs : Do not silently weaken security policy or access constraints; keep default behavior secure-by-default with deny-by-default where applicable

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/{security,gateway,tools}/**/*.rs : Treat `src/security/`, `src/gateway/`, `src/tools/` as high-risk surfaces and never broaden filesystem/network execution scope without explicit policy checks

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/{security,gateway,tools,config}/**/*.rs : Do not silently weaken security policy or access constraints; keep default behavior secure-by-default with deny-by-default where applicable

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/{security,gateway,tools}/**/*.rs : Treat `src/security/`, `src/gateway/`, `src/tools/` as high-risk surfaces and never broaden filesystem/network execution scope without explicit policy checks

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/main.rs : Preserve CLI contract unless change is intentional and documented; prefer explicit errors over silent fallback for unsupported critical paths

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/**/*.rs : Run `cargo fmt --all -- --check`, `cargo clippy --all-targets -- -D warnings`, and `cargo test` for code validation, or document which checks were skipped and why

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/channels/**/*.rs : Implement `Channel` trait in `src/channels/` with consistent `send`, `listen`, and `health_check` semantics and cover auth/allowlist/health behavior with tests

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/**/Cargo.toml : Do not add heavy dependencies for minor convenience; justify new crate additions

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/main.rs : Keep startup path lean and avoid heavy initialization in command parsing flow

Applied to files:

• clients/agent-runtime/src/gateway/utils.rs

🔇 Additional comments (10)

clients/agent-runtime/src/gateway/utils.rs (4)

10-27: Solid bearer token validation hardening.

The refactored extract_bearer_token correctly:

• Validates scheme case-insensitively
• Trims whitespace
• Enforces TOKEN_MAX_LEN (512 bytes) to match PairingGuard::is_authenticated

This alignment prevents edge cases where a token passes extraction but fails authentication due to length.

---

57-109: Origin validation now properly rejects empty headers and validates loopback hosts.

The guard correctly:

• Returns None when Origin is absent (allows non-browser API clients)
• Returns BAD_REQUEST for present-but-invalid/empty Origin
• Returns FORBIDDEN for non-loopback origins
• Validates scheme is http/https

This addresses the previous concern about empty Origin headers falling through silently. As per coding guidelines, clients/agent-runtime/src/{security,gateway,tools,config}/**/*.rs: Do not silently weaken security policy.

---

111-121: IPv6 loopback detection is correct.

The helper properly handles:

• localhost (case-insensitive)
• 127.0.0.1
• [::1] (brackets trimmed before parsing)
• ::1 (direct IPv6)

Using IpAddr::is_loopback() is the right approach rather than string-matching specific addresses.

---

123-147: Auth guard maintains secure defaults.

Returns UNAUTHORIZED for both missing tokens and invalid tokens with identical error messages, preventing enumeration attacks. The message correctly guides users to the pairing flow.

clients/agent-runtime/src/gateway/mod.rs (6)

1339-1347: Token extraction fallback is safe but subtle.

The unwrap_or_default() yields an empty string when extraction fails. This is safe because PairingGuard::is_authenticated("") returns false (per pairing.rs:139 which checks normalized.is_empty()).

Consider a brief inline comment if this subtlety matters for future readers, but the current behavior is correct.

---

1291-1304: Clean delegation to admin module.

Routing handle_admin_get_config and handle_admin_options through the admin module consolidates auth/origin checks in one place. This reduces duplication and centralizes the security-critical code path.

---

2415-2448: Good coverage for invalid bearer token rejection.

This test ensures the admin endpoint correctly returns UNAUTHORIZED when a syntactically valid but unregistered token is provided. Combined with the existing test for missing auth, this covers the key auth failure paths.

---

2838-2895: Malformed and empty Origin tests strengthen security guarantees.

These tests verify:

• http://[ (malformed URL) → BAD_REQUEST
• " " (whitespace-only) → BAD_REQUEST

This confirms the hardened validation from utils::admin_origin_guard works as intended.

---

2897-2933: IPv6 loopback acceptance test ensures portability.

Testing http://[::1]:3000 as an allowed origin confirms the is_loopback_origin_host helper correctly handles bracketed IPv6 addresses. This prevents regressions when developers run the gateway on IPv6-only or dual-stack systems.

---

2571-2574: Test environment setup hardened.

Adding environment variable guards ensures test isolation. The explicit resets prevent cross-test pollution that could mask failures.

---

📝 Walkthrough

Summary by CodeRabbit

Release Notes

• Refactor
  • Consolidated authentication validation into centralized modules for simplified auth flow.
  • Stricter token parsing with Bearer scheme enforcement and maximum length limits.
  • Enhanced origin validation with improved URL parsing and loopback detection.
  • Removed pairing endpoint and webhook handler.

Walkthrough

Removes gateway-level pairing and webhook handlers, relocates authentication checks into the admin module, and tightens bearer-token and Origin header validation in gateway utilities. ~312 lines of gateway auth/webhook logic were deleted and tests updated to the centralized auth flow.

Changes

Cohort / File(s)	Summary
Removed Authentication Gateway clients/agent-runtime/src/gateway/auth.rs	Deleted POST /pair endpoint, PairingGuard integration, token issuance/persistence helpers, and related logs/error branches.
Removed Webhook Handler clients/agent-runtime/src/gateway/webhook.rs	Deleted entire webhook processing module including rate limiting, pairing checks, secret validation, idempotency handling, persistence, observability events, and handle_webhook.
Gateway Modifications & Tests clients/agent-runtime/src/gateway/mod.rs	Removed local auth helpers (admin_requires_auth, admin_origin_guard, extract_bearer_token); refactored admin routes to delegate auth to admin module; updated tests to exercise centralized auth and malformed token/origin cases.
Validation Utilities clients/agent-runtime/src/gateway/utils.rs	Hardened extract_bearer_token (strict Bearer scheme, trimming, max length); reworked admin_origin_guard to parse/validate Origin URL and allow only loopback hosts; adjusted admin_requires_auth to rely on new extraction/validation.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• fix(agent-runtime): harden gateway auth and http tool header validation #66: Overlapping changes to gateway bearer-token handling and pairing/auth logic.
• fix(agent-runtime): align token limits and tighten HTTP header validation #67: Related hardening of token parsing (TOKEN_MAX_LEN) and extract_bearer_token enforcement.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 66.67% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	Title follows Conventional Commit style with 'refactor' prefix, clear imperative description, under 72 characters, and directly relates to the main refactoring work of consolidating auth/origin validation paths.
Description check	✅ Passed	Description provides comprehensive context covering authentication refactoring, endpoint removals, testing improvements, and miscellaneous fixes with specific references. All required template sections are addressed with substantive content.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/dallay-145-consolidate-gateway-auth-validation

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

✅ Contributor Report

User: @yacosta738
Status: Passed (12/13 metrics passed)

Metric	Description	Value	Threshold	Status
PR Merge Rate	PRs merged vs closed	88%	>= 30%	✅
Repo Quality	Repos with ≥100 stars	0	>= 0	✅
Positive Reactions	Positive reactions received	9	>= 1	✅
Negative Reactions	Negative reactions received	0	<= 5	✅
Account Age	GitHub account age	3054 days	>= 30 days	✅
Activity Consistency	Regular activity over time	108%	>= 0%	✅
Issue Engagement	Issues with community engagement	0	>= 0	✅
Code Reviews	Code reviews given to others	395	>= 0	✅
Merger Diversity	Unique maintainers who merged PRs	2	>= 0	✅
Repo History Merge Rate	Merge rate in this repo	90%	>= 0%	✅
Repo History Min PRs	Previous PRs in this repo	126	>= 0	✅
Profile Completeness	Profile richness (bio, followers)	90	>= 0	✅
Suspicious Patterns	Spam-like activity detection	1	N/A	❌

---

_{Contributor Report evaluates based on public GitHub activity. Analysis period: 2025-03-08 to 2026-03-08}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@clients/agent-runtime/src/gateway/utils.rs`:
- Around line 59-65: The current Origin handling silently treats a
present-but-empty Origin like it was absent and only string-matches literal
hosts; instead, parse and strictly validate the header value: read
header::ORIGIN into origin_raw, trim it, reject empty by treating it as an
invalid origin (do not fall through as absent), then Url::parse(origin_raw) (or
equivalent) and require a valid scheme ("http"/"https") and a host that matches
localhost loopback variants ("localhost", "127.0.0.1", and IPv6 loopback like
"::1" / "[::1]" — check via url.host_str() or IpAddr parsing) before allowing
it; on parse failure or non-matching host return the invalid/deny path (do not
accept), and apply the same change to the similar logic at the other block
(lines ~84-91) so loopback IPv6 is accepted and empty values are rejected.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: c1f7b458-a53f-4ff6-97be-1b1d4de207a5

📥 Commits

Reviewing files that changed from the base of the PR and between 09cad72 and 6a322d5.

📒 Files selected for processing (4)

• clients/agent-runtime/src/gateway/auth.rs
• clients/agent-runtime/src/gateway/mod.rs
• clients/agent-runtime/src/gateway/utils.rs
• clients/agent-runtime/src/gateway/webhook.rs

💤 Files with no reviewable changes (2)

• clients/agent-runtime/src/gateway/auth.rs
• clients/agent-runtime/src/gateway/webhook.rs

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: sonar
• GitHub Check: pr-checks
• GitHub Check: Cloudflare Pages

🧰 Additional context used

📓 Path-based instructions (6)

clients/agent-runtime/src/{security,gateway,tools}/**/*.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

Treat src/security/, src/gateway/, src/tools/ as high-risk surfaces and never broaden filesystem/network execution scope without explicit policy checks

Files:

• clients/agent-runtime/src/gateway/utils.rs
• clients/agent-runtime/src/gateway/mod.rs

clients/agent-runtime/src/**/*.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

clients/agent-runtime/src/**/*.rs: Never log secrets, tokens, raw credentials, or sensitive payloads in any logging statements
Avoid unnecessary allocations, clones, and blocking operations to maintain performance and efficiency

Files:

• clients/agent-runtime/src/gateway/utils.rs
• clients/agent-runtime/src/gateway/mod.rs

clients/agent-runtime/**/*.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

Run cargo fmt --all -- --check, cargo clippy --all-targets -- -D warnings, and cargo test for code validation, or document which checks were skipped and why

Files:

• clients/agent-runtime/src/gateway/utils.rs
• clients/agent-runtime/src/gateway/mod.rs

clients/agent-runtime/src/{security,gateway,tools,config}/**/*.rs

📄 CodeRabbit inference engine (clients/agent-runtime/AGENTS.md)

Do not silently weaken security policy or access constraints; keep default behavior secure-by-default with deny-by-default where applicable

Files:

• clients/agent-runtime/src/gateway/utils.rs
• clients/agent-runtime/src/gateway/mod.rs

**/*.rs

⚙️ CodeRabbit configuration file

**/*.rs: Focus on Rust idioms, memory safety, and ownership/borrowing correctness.
Flag unnecessary clones, unchecked panics in production paths, and weak error context.
Prioritize unsafe blocks, FFI boundaries, concurrency races, and secret handling.

Files:

• clients/agent-runtime/src/gateway/utils.rs
• clients/agent-runtime/src/gateway/mod.rs

**/*

⚙️ CodeRabbit configuration file

**/*: Security first, performance second.
Validate input boundaries, auth/authz implications, and secret management.
Look for behavioral regressions, missing tests, and contract breaks across modules.

Files:

• clients/agent-runtime/src/gateway/utils.rs
• clients/agent-runtime/src/gateway/mod.rs

🧠 Learnings (9)

📓 Common learnings

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/{security,gateway,tools,config}/**/*.rs : Do not silently weaken security policy or access constraints; keep default behavior secure-by-default with deny-by-default where applicable

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/{security,gateway,tools}/**/*.rs : Treat `src/security/`, `src/gateway/`, `src/tools/` as high-risk surfaces and never broaden filesystem/network execution scope without explicit policy checks

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/{security,gateway,tools,config}/**/*.rs : Do not silently weaken security policy or access constraints; keep default behavior secure-by-default with deny-by-default where applicable

Applied to files:

• clients/agent-runtime/src/gateway/utils.rs
• clients/agent-runtime/src/gateway/mod.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/main.rs : Preserve CLI contract unless change is intentional and documented; prefer explicit errors over silent fallback for unsupported critical paths

Applied to files:

• clients/agent-runtime/src/gateway/utils.rs
• clients/agent-runtime/src/gateway/mod.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/{security,gateway,tools}/**/*.rs : Treat `src/security/`, `src/gateway/`, `src/tools/` as high-risk surfaces and never broaden filesystem/network execution scope without explicit policy checks

Applied to files:

• clients/agent-runtime/src/gateway/utils.rs
• clients/agent-runtime/src/gateway/mod.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/**/*.rs : Run `cargo fmt --all -- --check`, `cargo clippy --all-targets -- -D warnings`, and `cargo test` for code validation, or document which checks were skipped and why

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/channels/**/*.rs : Implement `Channel` trait in `src/channels/` with consistent `send`, `listen`, and `health_check` semantics and cover auth/allowlist/health behavior with tests

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/main.rs : Keep startup path lean and avoid heavy initialization in command parsing flow

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/src/**/*.rs : Never log secrets, tokens, raw credentials, or sensitive payloads in any logging statements

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs

📚 Learning: 2026-02-17T12:31:17.076Z

Learnt from: CR
Repo: dallay/corvus PR: 0
File: clients/agent-runtime/AGENTS.md:0-0
Timestamp: 2026-02-17T12:31:17.076Z
Learning: Applies to clients/agent-runtime/**/Cargo.toml : Do not add heavy dependencies for minor convenience; justify new crate additions

Applied to files:

• clients/agent-runtime/src/gateway/mod.rs

🔇 Additional comments (1)

clients/agent-runtime/src/gateway/mod.rs (1)

1298-1303: No action needed — admin::handle_admin_options guards verified.

handle_admin_options in admin.rs:1547–1559 applies both admin_origin_guard() and admin_requires_auth() before returning data, matching the guard stack in handle_admin_get_config. Origin and auth validation are preserved; no security policy weakening.

[cloudflare-workers-and-pages]

Deploying corvus with    Cloudflare Pages

Latest commit:	8223e50
Status:	✅  Deploy successful!
Preview URL:	https://c5fee2b4.corvus-42x.pages.dev
Branch Preview URL:	https://feature-dallay-145-consolida.corvus-42x.pages.dev

View logs

[sentry]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
93.2% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud