feat: Add IAM authentication support

[currantw]

Overview

This PR implements IAM authentication support, enabling secure connections to AWS ElastiCache and MemoryDB clusters using IAM credentials instead of static passwords.

Key Features

• IAM Authentication Configuration: New IamAuthConfig ServerCredentials, and ServiceType classes for configuring IAM authentication. Matches other clients. Type-safe constructors prevent invalid states
• Manual Token Refresh: Added RefreshIamTokenAsync() method for manual IAM token refresh
• Builder Pattern Integration: Added WithAuthentication() methods supporting IAM parameters to configuration builders

Implementation Details

Core Components

• New Classes: IamAuthConfig, ServiceType, ServerCredentials.
• FFI Integration: Added RefreshIamTokenFfi method with comprehensive error handling.
• Rust Implementation: Implemented refresh_iam_token function calling glide-core.
• Configuration Builders: Enhanced with IAM authentication methods.

Testing

• Unit Tests: Tests for IAM configuration, mutual exclusivity, and last-wins behaviour.
• Manual Tests: Manual integration testing with AWS IAM authentication.

Usage Example

var config = new StandaloneClientConfigurationBuilder()
   .WithAddress("elasticache-cluster.region.cache.amazonaws.com", 6379)
   .WithAuthentication("username", "my-cluster", ServiceType.ElastiCache, "us-east-1")
   .WithTls()
   .Build();

using var client = await GlideClient.CreateClient(config);
await client.RefreshIamTokenAsync(); // Manual token refresh if needed

Compatibility

• Maintains full backward compatibility with existing password-based authentication
• Follows established patterns from other language clients (Java, Python, Go, Node)

[Copilot]

Pull Request Overview

This PR adds support for IAM (Identity and Access Management) authentication alongside existing password-based authentication for connecting to AWS ElastiCache and MemoryDB services.

• Introduces new authentication types including ServerCredentials, IamAuthConfig, and ServiceType enums
• Updates configuration builders to support both password-based and IAM authentication modes
• Adds a manual IAM token refresh capability via RefreshIamTokenAsync()

Reviewed Changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 14 comments.

Show a summary per file

File	Description
sources/Valkey.Glide/ServiceType.cs	Defines enum for AWS service types (ElastiCache and MemoryDB)
sources/Valkey.Glide/IamAuthConfig.cs	Configuration class for IAM authentication parameters
sources/Valkey.Glide/ServerCredentials.cs	Unified credentials class supporting both password and IAM auth modes
sources/Valkey.Glide/ConnectionConfiguration.cs	Updated builders with new authentication methods and credential handling
sources/Valkey.Glide/Internals/FFI.structs.cs	Extended FFI structures to include IAM credentials and service type enum
sources/Valkey.Glide/Internals/FFI.methods.cs	Added FFI method declaration for IAM token refresh
sources/Valkey.Glide/BaseClient.cs	Added public RefreshIamTokenAsync() method for manual token refresh
sources/Valkey.Glide/Abstract/ConnectionMultiplexer.cs	Updated to use new WithAuthentication method
rust/src/lib.rs	Implemented Rust FFI function for IAM token refresh
tests/Valkey.Glide.UnitTests/ServerCredentialsTests.cs	Unit tests for ServerCredentials class
tests/Valkey.Glide.UnitTests/ConnectionConfigurationTests.cs	Unit tests for authentication configuration
README.md	Updated examples to demonstrate IAM authentication usage

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[jbrinkman]

LGTM with minor change.