feat: SPIFFE/SPIRE Integration Architecture for Agent Identity (#695)

* feat: add SPIFFE/SPIRE configuration for agent identity

Add environment variables to support SPIFFE workload identity integration
for AI agents and services. This enables cryptographic machine identity
with configurable migration phases:

- SPIFFE_ENABLED: Toggle SPIFFE integration
- SPIFFE_AUTH_MODE: Migration phases (disabled→optional→preferred→required)
- SPIFFE_ENDPOINT_SOCKET: SPIRE Agent Workload API socket
- SPIFFE_TRUST_DOMAIN: Trust domain for identity hierarchy
- SPIFFE_LEGACY_JWT_WARNING: Track legacy auth usage during migration
- SPIFFE_SVID_TTL_SECONDS: Certificate lifetime configuration
- SPIFFE_JWT_AUDIENCES: Allowed JWT-SVID audiences

Related to: MCP Context Forge integration (PR #684)

* docs: add SPIFFE/SPIRE integration architecture for agent identity

This architecture document outlines how to integrate SPIRE (SPIFFE Runtime
Environment) into RAG Modulo to provide cryptographic workload identities
for AI agents. This enables zero-trust agent authentication and secure
agent-to-agent (A2A) communication.

Key architectural decisions:
- JWT-SVIDs for stateless verification (vs X.509 for mTLS)
- Trust domain: spiffe://rag-modulo.example.com
- Integration with IBM MCP Context Forge (PR #684)
- Capability-based access control for agents
- 5-phase implementation plan

Agent types defined:
- search-enricher: MCP tool invocation
- cot-reasoning: Chain of Thought orchestration
- question-decomposer: Query decomposition
- source-attribution: Document source tracking
- entity-extraction: Named entity recognition
- answer-synthesis: Answer generation

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* feat(spiffe): implement SPIFFE/SPIRE agent authentication

This commit implements the SPIFFE/SPIRE integration for AI agent
authentication as designed in docs/architecture/spire-integration-architecture.md.

Key changes:
- Add py-spiffe dependency for SPIFFE JWT-SVID support
- Create core SPIFFE authentication module (spiffe_auth.py) with:
  - SPIFFEConfig for environment-based configuration
  - AgentPrincipal dataclass for authenticated agent identity
  - SPIFFEAuthenticator for JWT-SVID validation
  - AgentType and AgentCapability enums
  - Helper functions for SPIFFE ID parsing and building
- Create Agent data model with SQLAlchemy:
  - Agent model with SPIFFE ID, type, capabilities, status
  - Relationships to User (owner) and Team
  - Status management (active, suspended, revoked)
- Add Agent repository, service, and router layers:
  - Full CRUD operations for agents
  - Agent registration with SPIFFE ID generation
  - Status and capability management
  - JWT-SVID validation endpoint
- Extend AuthenticationMiddleware to detect and validate SPIFFE JWT-SVIDs
- Add SPIRE deployment configuration templates:
  - server.conf, agent.conf for SPIRE configuration
  - docker-compose.spire.yml for local development
  - README.md with deployment instructions
- Add comprehensive unit tests for all SPIFFE components

Reference: PR #695

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(spiffe): address PR review feedback for SPIFFE/SPIRE integration

Critical fixes:
- Add database migration for agents table (migrations/add_agents_table.sql)
- Fix signature verification security: failed validation now always rejects
  (prevents fallback bypass attack)
- Fix timezone handling: use UTC consistently for JWT timestamps

Improvements:
- Align env vars with .env.example (SPIFFE_JWT_AUDIENCES, SPIFFE_SVID_TTL_SECONDS)
- Add capability enforcement decorator (require_capabilities)
- Add OpenAPI tags metadata for agents endpoint
- Update and expand unit tests (47 tests passing)

Addresses review comments from PR #695.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(spiffe): rename metadata to agent_metadata to avoid SQLAlchemy reserved word

SQLAlchemy's Declarative API reserves the 'metadata' attribute name.
Renamed the field to 'agent_metadata' in the model while keeping the
database column name as 'metadata' via explicit column name mapping.

This also updates the schema to use validation_alias for proper
model_validate() from ORM objects.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(test): add missing trust_domain to AgentPrincipal in test

The test_validate_jwt_svid_valid test was failing because AgentPrincipal
requires a trust_domain field which was not being provided.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

* fix(spiffe): Address comprehensive PR review feedback

Critical fixes:
- Fix timezone-naive datetime to use UTC throughout (agent.py, agent_repository.py)
- Change default agent status from ACTIVE to PENDING for approval workflow
- Add RuntimeError when SPIFFE enabled but py-spiffe library missing
- Restrict trust domain to configured value only (security fix)

High priority security fixes:
- Add capability validation per agent type (ALLOWED_CAPABILITIES_BY_TYPE)
- Add authentication requirement to SPIFFE validation endpoint
- Reject user-specified trust domains that don't match server config

Code quality improvements:
- Add OpenAPI tags metadata for agent router documentation
- Fix require_capabilities decorator type hints (ParamSpec, TypeVar)
- Add composite database indexes (owner+status, type+status, team+status)
- Update migration script with new composite indexes

Test updates:
- Update test_register_agent_with_custom_trust_domain to verify rejection
- Fix test_authenticator_creates_principal_with_fallback to mock spiffe module

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

---------

Co-authored-by: Claude <noreply@anthropic.com>

Author: manavgup

.env.example

@@ -180,3 +180,32 @@ RERANKER_BATCH_SIZE=10
 BACKEND_IMAGE=ghcr.io/manavgup/rag_modulo/backend:latest
 FRONTEND_IMAGE=ghcr.io/manavgup/rag_modulo/frontend:latest
 TEST_IMAGE=ghcr.io/manavgup/rag_modulo/backend:latest
+
+# ================================
+# SPIFFE/SPIRE IDENTITY (Agent/Machine Identity)
+# ================================
+# Enable SPIFFE workload identity for agents and services
+# See: https://spiffe.io/docs/latest/spire-about/spire-concepts/
+SPIFFE_ENABLED=false
+
+# Authentication mode for migration (disabled|optional|preferred|required)
+# - disabled: No SPIFFE support (current default)
+# - optional: Accept both user JWT and SPIFFE JWT-SVID
+# - preferred: Prefer SPIFFE, log warning on legacy JWT
+# - required: Only SPIFFE JWT-SVIDs accepted for workloads
+SPIFFE_AUTH_MODE=disabled
+
+# SPIRE Agent Workload API socket path
+SPIFFE_ENDPOINT_SOCKET=unix:///run/spire/agent/api.sock
+
+# SPIFFE trust domain for this environment
+SPIFFE_TRUST_DOMAIN=rag-modulo.local
+
+# Log warning when legacy JWT is used (for migration tracking)
+SPIFFE_LEGACY_JWT_WARNING=false
+
+# Default SVID TTL in seconds (default: 3600 = 1 hour)
+SPIFFE_SVID_TTL_SECONDS=3600
+
+# Allowed JWT-SVID audiences (comma-separated)
+SPIFFE_JWT_AUDIENCES=rag-modulo,mcp-gateway

backend/core/authentication_middleware.py

@@ -1,7 +1,15 @@
 """Authentication middleware for FastAPI application.
 
 This module provides middleware for handling JWT-based authentication,
-including support for development/testing modes and mock user creation.
+including support for development/testing modes, mock user creation,
+and SPIFFE JWT-SVID authentication for AI agents.
+
+SPIFFE Integration:
+    This middleware supports SPIFFE JWT-SVIDs for agent authentication.
+    When a Bearer token with a SPIFFE ID in the 'sub' claim is detected,
+    it validates the token and creates an agent principal instead of a user.
+
+Reference: docs/architecture/spire-integration-architecture.md
 """
 
 import logging
@@ -19,6 +27,10 @@
 from core.config import get_settings
 from core.mock_auth import create_mock_user_data, ensure_mock_user_exists, is_bypass_mode_active, is_mock_token
 from core.request_context import RequestContext
+from core.spiffe_auth import (
+    get_spiffe_authenticator,
+    is_spiffe_jwt_svid,
+)
 
 # Get settings safely for middleware
 settings = get_settings()
@@ -206,9 +218,64 @@ def _handle_mock_token(self, request: Request, token: str) -> bool:  # pylint: d
         logger.info("AuthMiddleware: Using mock test token")
         return True
 
+    def _handle_spiffe_jwt_svid(self, request: Request, token: str) -> bool:
+        """Handle SPIFFE JWT-SVID authentication for agents.
+
+        This method validates a SPIFFE JWT-SVID and sets up the agent
+        principal in the request state.
+
+        Args:
+            request: The FastAPI request object.
+            token: The SPIFFE JWT-SVID token.
+
+        Returns:
+            True if SPIFFE JWT-SVID was handled successfully.
+        """
+        try:
+            authenticator = get_spiffe_authenticator()
+            principal = authenticator.validate_jwt_svid(token)
+
+            if principal is None:
+                logger.warning("AuthMiddleware: Invalid SPIFFE JWT-SVID")
+                return False
+
+            # Check if the agent is expired
+            if principal.is_expired():
+                logger.warning("AuthMiddleware: Expired SPIFFE JWT-SVID for %s", principal.spiffe_id)
+                return False
+
+            # Set agent principal in request state
+            request.state.agent = principal
+            request.state.identity_type = "agent"
+
+            # Also set a unified principal representation for compatibility
+            agent_data = {
+                "identity_type": "agent",
+                "spiffe_id": principal.spiffe_id,
+                "agent_type": principal.agent_type.value,
+                "agent_id": principal.agent_id,
+                "capabilities": [cap.value for cap in principal.capabilities],
+                "audiences": principal.audiences,
+            }
+            request.state.user = agent_data  # For backward compatibility
+            RequestContext.set_user(agent_data)
+
+            logger.info(
+                "AuthMiddleware: SPIFFE JWT-SVID validated successfully. Agent: %s (type: %s)",
+                principal.spiffe_id,
+                principal.agent_type.value,
+            )
+            return True
+        except Exception as e:
+            logger.warning("AuthMiddleware: Error validating SPIFFE JWT-SVID - %s", e)
+            return False
+
     def _handle_jwt_token(self, request: Request, token: str) -> bool:
         """Handle JWT token authentication and cache user data.
 
+        This method handles both traditional user JWTs and SPIFFE JWT-SVIDs.
+        It detects the token type and delegates to the appropriate handler.
+
         Args:
             request: The FastAPI request object.
             token: The JWT token.
@@ -221,16 +288,22 @@ def _handle_jwt_token(self, request: Request, token: str) -> bool:
             if is_mock_token(token):
                 return self._handle_mock_token(request, token)
 
-            # Verify JWT using the verify_jwt_token function
+            # Check if this is a SPIFFE JWT-SVID (agent authentication)
+            if is_spiffe_jwt_svid(token):
+                return self._handle_spiffe_jwt_svid(request, token)
+
+            # Verify JWT using the verify_jwt_token function (user authentication)
             payload = verify_jwt_token(token)
             user_data = {
+                "identity_type": "user",
                 "id": payload.get("sub"),
                 "email": payload.get("email"),
                 "name": payload.get("name"),
                 "uuid": payload.get("uuid"),
                 "role": payload.get("role"),
             }
             request.state.user = user_data
+            request.state.identity_type = "user"
             # Cache user data in request context to eliminate N+1 queries
             RequestContext.set_user(user_data)
             logger.info("AuthMiddleware: JWT token validated successfully. User: %s", request.state.user)