feat: Add mTLS to SecuritySchemes, add oauth2 metadata url field, allow Skills to specify Security for gRPC as per v0.3.0

Author: fjuma

spec-grpc/src/main/java/io/a2a/grpc/utils/ProtoUtils.java

@@ -40,6 +40,7 @@
 import io.a2a.spec.Message;
 import io.a2a.spec.MessageSendConfiguration;
 import io.a2a.spec.MessageSendParams;
+import io.a2a.spec.MutualTLSSecurityScheme;
 import io.a2a.spec.OAuth2SecurityScheme;
 import io.a2a.spec.OAuthFlows;
 import io.a2a.spec.OpenIdConnectSecurityScheme;
@@ -399,6 +400,17 @@ private static io.a2a.grpc.AgentSkill agentSkill(AgentSkill agentSkill) {
             if (agentSkill.outputModes() != null) {
                 builder.addAllOutputModes(agentSkill.outputModes());
             }
+            if (agentSkill.security() != null) {
+                builder.addAllSecurity(agentSkill.security().stream().map(s -> {
+                    io.a2a.grpc.Security.Builder securityBuilder = io.a2a.grpc.Security.newBuilder();
+                    s.forEach((key, value) -> {
+                        io.a2a.grpc.StringList.Builder stringListBuilder = io.a2a.grpc.StringList.newBuilder();
+                        stringListBuilder.addAllList(value);
+                        securityBuilder.putSchemes(key, stringListBuilder.build());
+                    });
+                    return securityBuilder.build();
+                }).collect(Collectors.toList()));
+            }
             return builder.build();
         }
 
@@ -422,6 +434,8 @@ private static io.a2a.grpc.SecurityScheme securityScheme(SecurityScheme security
                 builder.setOauth2SecurityScheme(oauthSecurityScheme((OAuth2SecurityScheme) securityScheme));
             } else if (securityScheme instanceof OpenIdConnectSecurityScheme) {
                 builder.setOpenIdConnectSecurityScheme(openIdConnectSecurityScheme((OpenIdConnectSecurityScheme) securityScheme));
+            } else if (securityScheme instanceof MutualTLSSecurityScheme) {
+                builder.setMtlsSecurityScheme(mutualTlsSecurityScheme((MutualTLSSecurityScheme) securityScheme));
             }
             return builder.build();
         }
@@ -462,6 +476,9 @@ private static io.a2a.grpc.OAuth2SecurityScheme oauthSecurityScheme(OAuth2Securi
             if (oauth2SecurityScheme.getFlows() != null) {
                 builder.setFlows(oauthFlows(oauth2SecurityScheme.getFlows()));
             }
+            if (oauth2SecurityScheme.getOauth2MetadataUrl() != null) {
+                builder.setOauth2MetadataUrl(oauth2SecurityScheme.getOauth2MetadataUrl());
+            }
             return builder.build();
         }
 
@@ -552,6 +569,14 @@ private static io.a2a.grpc.OpenIdConnectSecurityScheme openIdConnectSecuritySche
             return builder.build();
         }
 
+        private static io.a2a.grpc.MutualTlsSecurityScheme mutualTlsSecurityScheme(MutualTLSSecurityScheme mutualTlsSecurityScheme) {
+            io.a2a.grpc.MutualTlsSecurityScheme.Builder builder = io.a2a.grpc.MutualTlsSecurityScheme.newBuilder();
+            if (mutualTlsSecurityScheme.getDescription() != null) {
+                builder.setDescription(mutualTlsSecurityScheme.getDescription());
+            }
+            return builder.build();
+        }
+
         private static io.a2a.grpc.AgentInterface agentInterface(AgentInterface agentInterface) {
             io.a2a.grpc.AgentInterface.Builder builder = io.a2a.grpc.AgentInterface.newBuilder();
             if (agentInterface.transport() != null) {