Summary
Add defense-in-depth verification for OAuth2 Proxy headers on the :8080 listener.
Context
The auth middleware derives identity and groups from X-Forwarded-* headers. The trust assumption is documented but not enforced at runtime.
Acceptance Criteria
- Runtime mechanism verifies headers originate from the expected proxy
- Documented trust boundary between proxy and application
Summary
Add defense-in-depth verification for OAuth2 Proxy headers on the :8080 listener.
Context
The auth middleware derives identity and groups from
X-Forwarded-*headers. The trust assumption is documented but not enforced at runtime.Acceptance Criteria