fortress-db 1.0.0

🛡️ Fortress - Turnkey Simplicity + Enterprise Security. A highly customizable, secure database system with multi-layer encryption.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177

//! Plugin-Based Authentication Example
//!
//! This example demonstrates how to use the hot-swappable authentication system
//! with JWT, OAuth, and SAML plugins.

use fortress_core::auth_service::{AuthService, AuthServiceConfig, ServiceContext};
use fortress_core::auth_plugin::*;
use fortress_core::auth_plugin_manager::*;
use tokio;
use tracing::{info, warn};

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    // Initialize logging
    tracing_subscriber::fmt()
        .with_max_level(tracing::Level::INFO)
        .init();

    info!("Starting Plugin-Based Authentication Example");

    // Create auth service configuration
    let config = AuthServiceConfig {
        plugin_directory: "./plugins/auth".to_string(),
        default_method: AuthMethod::JWT,
        enable_hot_reload: true,
        health_check_interval: 30,
        max_plugins: 10,
        session_timeout: 3600, // 1 hour
        token_expiration: 1800, // 30 minutes
        enable_device_fingerprinting: true,
        security_policies: Default::default(),
    };

    // Create auth service
    let auth_service = Arc::new(AuthService::new(config).await?);

    // Example 1: JWT Authentication
    println!("\n=== JWT Authentication Example ===");
    let jwt_request = AuthRequestBuilder::new()
        .with_method(AuthMethod::JWT)
        .with_credentials("testuser", "testpass123")
        .with_context("127.0.0.1", "test-agent", "test-fingerprint")
        .build();

    let result = auth_service.authenticate(jwt_request, &ServiceContext {
        ip_address: Some("127.0.0.1".to_string()),
        user_agent: Some("test-agent".to_string()),
        timestamp: std::time::SystemTime::now()
            .duration_since(std::time::UNIX_EPOCH)
            .unwrap_or_default()
            .as_secs(),
        device_fingerprint: Some("test-fingerprint".to_string()),
        request_id: uuid::Uuid::new_v4().to_string(),
        metadata: HashMap::new(),
    }).await;

    match result {
        Ok(auth_result) => {
            println!("✅ JWT Authentication successful!");
            println!("User: {}", auth_result.user_info.as_ref().unwrap().username);
            if let Some(token) = &auth_result.token {
                println!("Token: {}", token);
            }
        }
        Err(e) => {
            println!("❌ JWT Authentication failed: {}", e);
        }
    }

    // Example 2: OAuth Authentication
    println!("\n=== OAuth Authentication Example ===");
    let oauth_request = AuthRequestBuilder::new()
        .with_method(AuthMethod::OAuth)
        .with_oauth_code("auth_code_123", "state_abc", "https://example.com/callback")
        .with_context("127.0.0.1", "test-agent", "test-fingerprint")
        .build();

    let result = auth_service.authenticate(oauth_request, &ServiceContext {
        ip_address: Some("127.0.0.1".to_string()),
        user_agent: Some("test-agent".to_string()),
        timestamp: std::time::SystemTime::now()
            .duration_since(std::time::UNIX_EPOCH)
            .unwrap_or_default()
            .as_secs(),
        device_fingerprint: Some("test-fingerprint".to_string()),
        request_id: uuid::Uuid::new_v4().to_string(),
        metadata: HashMap::new(),
    }).await;

    match result {
        Ok(auth_result) => {
            println!("✅ OAuth Authentication successful!");
            println!("User: {}", auth_result.user_info.as_ref().unwrap().username);
            if let Some(token) = &auth_result.token {
                println!("Token: {}", token);
            }
        }
        Err(e) => {
            println!("❌ OAuth Authentication failed: {}", e);
        }
    }

    // Example 3: SAML Authentication
    println!("\n=== SAML Authentication Example ===");
    let saml_request = AuthRequestBuilder::new()
        .with_method(AuthMethod::SAML)
        .with_saml_assertion("<saml_assertion>test_user</saml_assertion>")
        .with_context("127.0.0.1", "test-agent", "test-fingerprint")
        .build();

    let result = auth_service.authenticate(saml_request, &ServiceContext {
        ip_address: Some("127.0.0.1".to_string()),
        user_agent: Some("test-agent".to_string()),
        timestamp: std::time::SystemTime::now()
            .duration_since(std::time::UNIX_EPOCH)
            .unwrap_or_default()
            .as_secs(),
        device_fingerprint: Some("test-fingerprint".to_string()),
        request_id: uuid::Uuid::new_v4().to_string(),
        metadata: HashMap::new(),
    }).await;

    match result {
        Ok(auth_result) => {
            println!("✅ SAML Authentication successful!");
            println!("User: {}", auth_result.user_info.as_ref().username);
        }
        Err(e) => {
            println!("❌ SAML Authentication failed: {}", e);
        }
    }

    // Example 4: Token Validation
    println!("\n=== Token Validation Example ===");
    if let Some(token) = auth_result.token {
        let validation_result = auth_service.validate_token(&token, &ServiceContext {
            ip_address: Some("127.0.0.1".to_string()),
            user_agent: Some("test-agent".to_string()),
            timestamp: std::time::SystemTime::now()
                .duration_since(std::time::UNIX_EPOCH)
                .unwrap_or_default()
                .as_secs(),
            device_fingerprint: Some("test-fingerprint".to_string()),
            request_id: uuid::Uuid::new_v4().to_string(),
            metadata: HashMap::new(),
        }).await;

        match validation_result {
            Ok(user_info) => {
                println!("✅ Token validation successful!");
                println!("User: {}", user_info.username);
            }
            Err(e) => {
                println!("❌ Token validation failed: {}", e);
            }
        }
    }

    // Example 5: Get Available Methods
    println!("\n=== Available Authentication Methods ===");
    let methods = auth_service.get_available_methods().await;
    for method in methods {
        println!("Available: {:?}", method);
    }

    // Example 6: Get Statistics
    println!("\n=== Authentication Statistics ===");
    let stats = auth_service.get_stats().await;
    println!("Total requests: {}", stats.total_requests);
    println!("Successful auths: {}", stats.successful_auths);
    println!("Failed auths: {}", stats.failed_auths);
    println!("Average auth time: {:.2}ms", stats.avg_auth_time_ms);

    println!("\n🎉 Plugin-Based Authentication System Demo Complete! 🎉");

    Ok(())
}