zhi/HarborForge.Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
207 Commits 11 Branches 0 Tags
f64e2a24f8af627fd49fbae1bde628d950cbe2d6
Commit Graph

5 Commits

Author SHA1 Message Date
hzhang
54b6103880 feat(auth): OIDC login + identity binding + HARBORFORGE_OIDC_ONLY 
- Generic OIDC (Authlib discovery) Authorization Code flow; backend
  issues the existing HS256 JWT on success. Unbound identities are
  rejected (no auto-provisioning).
- User.oidc_issuer/oidc_subject (unique together) + startup migration.
- PUT/DELETE /users/{id}/oidc-binding (admin or account-manager;
  JWT or API key; 409 on conflict). Self-link /auth/oidc/link
  (non-OIDC_ONLY only). Public GET /auth/config.
- HARBORFORGE_OIDC_ONLY: /auth/token rejected, create/update ignore
  password (passwordless users; API keys + OIDC still work).
- Dockerfile ARG/ENV HARBORFORGE_OIDC_ONLY; authlib+itsdangerous deps;
  SessionMiddleware for OIDC state. Fixed _user_response to expose
  the new binding fields.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-17 20:22:04 +01:00
zhi
5f47a17794 fix: add requests dependency for provider usage adapters 2026-03-11 17:29:17 +00:00
Zhi
1a76de7c50 feat: webhook event firing on issue creation (background task) 2026-02-22 02:43:34 +00:00
Zhi
81e1a2fc58 feat: add JWT auth (login/me), fix bcrypt version, add .gitignore 2026-02-21 12:11:06 +00:00
root
fd980c0344 refactor: move all files to root (no nested backend/) 2026-02-21 08:25:37 +00:00