🚀 Features

Authentication Flow

• Google OAuth: @turing.com domain validation with JWKs verification

• Custom API Keys: SHA-256 hashed keys with Firestore persistence

• JWT Support: Both Google ID tokens and custom JWT tokens

• Token Revocation: Production-ready revocation with TTL auto-cleanup

Performance & Caching

• LRU Caching: 200k items with intelligent TTL strategy

• Negative Caching: Reduces database load for non-existent keys

• JWKs Auto-refresh: 12h TTL with key rotation handling

• Sub-100ms Response: Memory cache <1ms, Firestore fallback <50ms

Security

• Domain Restrictions: @turing.com only for user authentication

• Service Authorization: Policy-based S2S with deny-by-default

• SHA-256 Hashing: Never stores plaintext tokens/keys

• Comprehensive Logging: Full observability with structured logs

API Gateway Integration

• X-Atlas-API-Key: Custom header (avoids Google API key conflicts)

• Quota Management: Per-service limits with metrics tracking

• Fallback Support: JWT Bearer tokens as fallback authentication