auth-framework 0.4.0

[package]
name = "auth-framework"
version = "0.4.0"
edition = "2024"
authors = ["Eric Evans <ciresnave@gmail.com>"]
description = "A comprehensive, production-ready authentication and authorization framework for Rust applications"
license = "MIT OR Apache-2.0"
repository = "https://github.com/ciresnave/auth-framework"
keywords = ["auth", "authentication", "authorization", "oauth", "jwt"]
categories = ["authentication", "web-programming"]
readme = "README.md"
documentation = "https://docs.rs/auth-framework"

[[bin]]
name = "auth-framework"
path = "src/bin/admin.rs"
required-features = ["admin-binary"]

[dependencies]
# Async runtime
tokio = { version = "1.0", features = ["full"] }

# JWT handling
jsonwebtoken = "9.2"

# HTTP client for OAuth flows
reqwest = { version = "0.12", features = ["json"] }

# Serialization
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"

# Configuration management
config = { version = "0.14", default-features = false, features = [
  "toml",
  "yaml",
  "json",
  "ron",
  "ini",
] }

# Error handling
thiserror = "1.0"
anyhow = "1.0"

# Async trait support
async-trait = "0.1"

# Cryptography
ring = "0.17"
rand = "0.8"

# Time handling
time = { version = "0.3", features = ["serde", "parsing", "formatting"] }
chrono = { version = "0.4", features = ["serde"] }

# Unique identifiers
uuid = { version = "1.0", features = ["v4", "serde"] }

# Logging and tracing
log = "0.4"
tracing = "0.1"
tracing-subscriber = { version = "0.3", features = ["env-filter"] }

# URL handling
url = "2.4"

# Base64 encoding
base64 = "0.21"

# MaxMind GeoIP2 for IP geolocation
maxminddb = "0.24"

# Threat intelligence integration
ipnetwork = "0.20"            # For CIDR network parsing
csv = "1.3"                   # For parsing threat feeds
tokio-cron-scheduler = "0.10" # For automated feed updates
serde_yaml = "0.9"            # For feed configuration files
toml = "0.8"                  # For TOML configuration files
dirs = "5.0"                  # For finding config directories

# Hex encoding
hex = "0.4"

# SHA-2 hashing (for OAuth 2.0 PKCE and other server features)
sha2 = "0.10"

# SHA-1 hashing (for WS-Security password digest)
sha1 = "0.10"

# HMAC for TOTP and other authentication schemes
hmac = "0.12"

# Password hashing
argon2 = "0.5"
bcrypt = "0.15"

# Optional Redis support
redis = { version = "0.32", optional = true, features = ["aio", "tokio-comp"] }

# Rate limiting
governor = "0.10"
nonzero_ext = "0.3"

# TOTP authentication
totp-lite = "2.0"

# Base32 encoding for TOTP
base32 = "0.4"

# URL encoding utilities
urlencoding = "2.1"

# X.509 certificate parsing for OAuth 2.0 Mutual TLS (RFC 8705)
x509-parser = "0.16"

# X.509 certificate chain validation (production-grade)
rustls-webpki = "0.102"

# Fast CRC32 calculation
crc32fast = "1.3"

# Memory protection and zeroization
zeroize = { version = "1.8", features = ["zeroize_derive"] }

# Constant-time comparisons
subtle = "2.5"

# High-performance concurrent data structures
dashmap = "6.1"

# Secret management
secrecy = { version = "0.8", features = ["serde"] }

# OAuth device flows (optional enhanced device flow support)
oauth-device-flows = { version = "0.1", optional = true }

# OpenID Connect support (optional) - Updated to fix RSA dependency
openidconnect = { version = "4.0", optional = true }

# Missing dependencies for 100% completion
ldap3 = { version = "0.11", optional = true }
otpauth = { version = "0.5", optional = true }               # Updated to latest available
unicode-normalization = { version = "0.1", optional = true }

# CLI dependencies
clap = { version = "4.0", features = ["derive"], optional = true }
rpassword = { version = "7.0", optional = true }

# TUI dependencies
ratatui = { version = "0.28", optional = true }   # Keep current stable version
crossterm = { version = "0.28", optional = true }
tui-input = { version = "0.10", optional = true }

# Additional utility dependencies
indicatif = { version = "0.17", optional = true }
console = { version = "0.15", optional = true }
dialoguer = { version = "0.11", optional = true }
colored = { version = "2.0", optional = true }

# Web framework dependencies
futures-util = { version = "0.3", optional = true }

# Template engine for web GUI
askama = { version = "0.12", optional = true }
askama_axum = { version = "0.4", optional = true }

# XML processing for SAML
quick-xml = { version = "0.36", features = ["serialize"], optional = true }

# Passkey/WebAuthn dependencies
passkey = { version = "0.4", optional = true }        # Updated to fix idna dependency
coset = { version = "0.3", optional = true }
passkey-client = { version = "0.4", optional = true } # Updated to fix idna dependency

# Web framework integrations (optional)
warp = { version = "0.3", optional = true }
actix-web = { version = "4.0", optional = true }
axum = { version = "0.8", features = ["macros"], optional = true }
tower = { version = "0.5", features = ["util"], optional = true }
tower-http = { version = "0.6", features = [
  "cors",
  "trace",
  "fs",
], optional = true }
serde_urlencoded = { version = "0.7", optional = true }

# Database integrations (optional) - Updated sqlx to fix RSA vulnerability
sqlx = { version = "0.8", features = [
  "runtime-tokio-rustls",
  "postgres",
  "mysql",
  "chrono",
  "uuid",
], optional = true }
tokio-postgres = { version = "0.7", optional = true }

# Testing infrastructure (optional)
testcontainers = { version = "0.25", optional = true }
html-escape = "0.2.13"

# SMSKit dependencies for next-gen SMS support
sms-core = { version = "0.2", optional = true }
sms-plivo = { version = "0.2", optional = true }
sms-twilio = { version = "0.2", optional = true }
sms-aws-sns = { version = "0.2", optional = true }
sms-web-generic = { version = "0.2", optional = true }
sms-web-axum = { version = "0.2", optional = true }

[dev-dependencies]
tokio-test = "0.4"
mockito = "1.2"
test-log = "0.2"
criterion = { version = "0.5", features = ["html_reports"] }

[features]
default = ["postgres-storage"]                # PostgreSQL recommended for optimal security
redis-storage = ["redis"]
postgres-storage = ["sqlx", "tokio-postgres"]
mysql-storage = ["sqlx"]
testing = []
enhanced-device-flow = ["oauth-device-flows"]
openid-connect = ["openidconnect"]
# Enhanced cryptography features
enhanced-crypto = ["chacha20poly1305", "x25519-dalek", "ed25519-dalek"]
fips-compliance = ["aws-lc-rs"]
distributed-rate-limiting = ["redis"]

# Additional features referenced in code
passkeys = ["passkey", "coset", "passkey-client"]
saml = ["quick-xml"]
cli = [
  "clap",
  "rpassword",
  "tokio-postgres",
  "indicatif",
  "console",
  "dialoguer",
  "colored",
]
tui = ["ratatui", "crossterm", "tui-input", "indicatif", "console", "colored"]
web-gui = [
  "axum",
  "tower",
  "tower-http",
  "askama",
  "askama_axum",
  "serde_urlencoded",
]
admin-binary = ["cli", "tui", "web-gui"]
docker-tests = ["testcontainers"]
axum-integration = ["axum", "tower", "tower-http", "serde_urlencoded"]
actix-integration = ["actix-web", "futures-util"]
warp-integration = ["warp"]
ldap-auth = ["ldap3"]
otp-auth = ["otpauth"]
unicode-support = ["unicode-normalization"]

# SMSKit integration (next-generation SMS support)
smskit = [
  "sms-core",
  "sms-plivo",
  "sms-twilio",
  "sms-aws-sns",
  "sms-web-generic",
]
smskit-web-axum = ["smskit", "sms-web-axum", "axum-integration"]

# Enhanced cryptography dependencies
[dependencies.aes-gcm]
version = "0.10"
optional = false # Enable by default for encryption support

[dependencies.chacha20poly1305]
version = "0.10"
optional = true

[dependencies.x25519-dalek]
version = "2.0"
optional = true

[dependencies.ed25519-dalek]
version = "2.1"
features = ["rand_core"]
optional = true

[dependencies.aws-lc-rs]
version = "1.8"
features = ["aws-lc-sys"]
optional = true

[dependencies.parking_lot]
version = "0.12"

[dependencies.getrandom]
version = "0.2"
features = ["std"]