mirror of
https://github.com/CloudNebulaProject/barycenter.git
synced 2026-04-10 13:10:42 +00:00
a1056bb237
Major Features: - Admin GraphQL API with dual endpoints (Seaography + custom) - Background job scheduler with execution tracking - Idempotent user sync CLI for Kubernetes deployments - Secure PUT /properties endpoint with Bearer token auth Admin GraphQL API: - Entity CRUD via Seaography at /admin/graphql - Custom job management API at /admin/jobs - Mutations: triggerJob - Queries: jobLogs, availableJobs - GraphiQL playgrounds for both endpoints Background Jobs: - tokio-cron-scheduler integration - Automated cleanup of expired sessions (hourly) - Automated cleanup of expired refresh tokens (hourly) - Job execution tracking in database - Manual job triggering via GraphQL User Sync CLI: - Command: barycenter sync-users --file users.json - Idempotent user synchronization from JSON - Creates new users with hashed passwords - Updates existing users (enabled, email_verified, email) - Syncs custom properties per user - Perfect for Kubernetes init containers Security Enhancements: - PUT /properties endpoint requires Bearer token - Users can only modify their own properties - Public registration disabled by default - Admin API on separate port for network isolation Database: - New job_executions table for job tracking - User update functions (update_user, update_user_email) - PostgreSQL + SQLite support maintained Configuration: - allow_public_registration setting (default: false) - admin_port setting (default: main port + 1) Documentation: - Comprehensive Kubernetes deployment guide - User sync JSON schema and examples - Init container and CronJob examples - Production deployment patterns Files Added: - src/admin_graphql.rs - GraphQL schema builders - src/admin_mutations.rs - Custom mutations and queries - src/jobs.rs - Job scheduler and tracking - src/user_sync.rs - User sync logic - src/entities/ - SeaORM entities (8 entities) - docs/kubernetes-deployment.md - K8s deployment guide - users.json.example - User sync example Dependencies: - tokio-cron-scheduler 0.13 - seaography 1.1.4 - async-graphql 7.0 - async-graphql-axum 7.0 🤖 Generated with Claude Code (https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
86 lines
2.7 KiB
TOML
86 lines
2.7 KiB
TOML
[package]
|
|
name = "barycenter"
|
|
version = "0.2.0-alpha.12"
|
|
edition = "2021"
|
|
license = "MIT OR Apache-2.0"
|
|
description = "OpenID Connect IdP with federation, property storage, and auto-registration the center of gravity between multiple objects."
|
|
repository = "https://github.com/CloudNebulaProject/barycenter"
|
|
homepage = "https://github.com/CloudNebulaProject/barycenter"
|
|
documentation = "https://github.com/CloudNebulaProject/barycenter/blob/main/README.md"
|
|
keywords = ["openid", "oauth2", "identity", "authentication", "oidc"]
|
|
categories = ["authentication", "web-programming"]
|
|
|
|
[dependencies]
|
|
axum = { version = "0.8", features = ["json", "form"] }
|
|
tokio = { version = "1", features = ["full"] }
|
|
tracing = "0.1"
|
|
tracing-subscriber = { version = "0.3", features = ["env-filter", "fmt"] }
|
|
clap = { version = "4", features = ["derive"] }
|
|
miette = { version = "7", features = ["fancy"] }
|
|
thiserror = "1"
|
|
config = "0.14"
|
|
serde = { version = "1", features = ["derive"] }
|
|
serde_json = "1"
|
|
serde_with = "3"
|
|
|
|
# SeaORM for SQLite and PostgreSQL
|
|
sea-orm = { version = "1", default-features = false, features = ["sqlx-sqlite", "sqlx-postgres", "runtime-tokio-rustls", "macros"] }
|
|
|
|
# JOSE / JWKS & JWT
|
|
josekit = "0.10"
|
|
|
|
chrono = { version = "0.4", features = ["serde", "clock"] }
|
|
time = "0.3"
|
|
rand = "0.8"
|
|
base64ct = { version = "1", features = ["alloc"] }
|
|
anyhow = "1"
|
|
sha2 = "0.10"
|
|
serde_urlencoded = "0.7"
|
|
|
|
# Password hashing
|
|
argon2 = "0.5"
|
|
|
|
# Rate limiting
|
|
tower = "0.5"
|
|
tower_governor = "0.4"
|
|
|
|
# Validation
|
|
regex = "1"
|
|
url = "2"
|
|
|
|
# GraphQL Admin API
|
|
seaography = { version = "1", features = ["with-decimal", "with-chrono", "with-uuid"] }
|
|
async-graphql = "7"
|
|
async-graphql-axum = "7"
|
|
|
|
# Background job scheduler
|
|
tokio-cron-scheduler = "0.13"
|
|
|
|
[dev-dependencies]
|
|
openidconnect = { version = "4", features = ["reqwest-blocking"] }
|
|
oauth2 = "5"
|
|
reqwest = { version = "0.12", features = ["blocking", "json", "cookies"] }
|
|
urlencoding = "2"
|
|
|
|
[profile.release]
|
|
debug = 1
|
|
|
|
# cargo-release configuration
|
|
[package.metadata.release]
|
|
# Skip publishing to crates.io
|
|
publish = false
|
|
# Ensure version is updated in Cargo.toml
|
|
pre-release-commit-message = "chore: release {{version}}"
|
|
# Create a git tag
|
|
tag-message = "chore: release {{version}}"
|
|
tag-name = "v{{version}}"
|
|
# Push changes and tags
|
|
push = true
|
|
# Require branch to be main
|
|
allow-branch = ["main"]
|
|
# Run tests before releasing
|
|
pre-release-replacements = [
|
|
{ file = "CHANGELOG.md", search = "## \\[Unreleased\\]", replace = "## [Unreleased]\n\n## [{{version}}] - {{date}}", exactly = 1 },
|
|
{ file = "deploy/helm/barycenter/Chart.yaml", search = "version: .*", replace = "version: {{version}}" },
|
|
{ file = "deploy/helm/barycenter/Chart.yaml", search = "appVersion: .*", replace = "appVersion: \"{{version}}\"" },
|
|
]
|