Draft: feat: implement base client and AWS token verification (!204502) · Merge requests · GitLab.org / GitLab

Relates to issue #567725 (closed)

This MR was created by Duo in Session 1112234

Changes

Implement foundational BaseClient class with common HTTP operations and security controls
Create AWS token verification client using STS GetCallerIdentity API
Add response size validation (10KB limit) and timeout handling (5 seconds)
Implement standardized error handling with NetworkError and ResponseError exceptions
Add TokenStatus struct for consistent response format
Support AWS SigV4 request signing for authentication
Handle both AKIA* and ASIA* access key formats
Extract AWS account, user ID, and ARN from API responses
Implement comprehensive security measures (no sensitive data logging, proper error handling)
Add metrics tracking for all requests (success, failure, duration)