Herman Slatman
|
c04f556dc2
|
Merge branch 'master' into hs/scep
|
2021-05-06 22:00:29 +02:00 |
|
Cristian Le
|
1d2445e1d8
|
Removed the variadic username
Could be useful later on, but for the current PR changes should be minimized
|
2021-05-05 10:12:38 +09:00 |
|
Cristian Le
|
9e00b82bdf
|
Revert oidc_test.go
Moving the `preferred_username` to a separate PR
|
2021-05-05 08:49:03 +09:00 |
|
Cristian Le
|
21732f213b
|
Fix shadow issue in CI
|
2021-05-05 08:15:26 +09:00 |
|
Mariano Cano
|
46c1dc80fb
|
Use map[string]struct{} instead of map[string]bool
|
2021-05-05 08:15:26 +09:00 |
|
Mariano Cano
|
aafac179a5
|
Add test for oidc with preferred usernames.
|
2021-05-05 08:15:26 +09:00 |
|
Cristian Le
|
f730c0bec4
|
Sanitize usernames
|
2021-05-05 08:15:26 +09:00 |
|
Cristian Le
|
48666792c7
|
Draft: adding usernames to GetIdentityFunc
|
2021-05-05 08:15:26 +09:00 |
|
Herman Slatman
|
713b571d7a
|
Refactor SCEP authority initialization and clean some code
|
2021-02-12 17:02:39 +01:00 |
|
Herman Slatman
|
ffdd58ea3c
|
Add rudimentary (and incomplete) support for SCEP
|
2021-02-12 12:03:08 +01:00 |
|
Mariano Cano
|
02379d494b
|
Add support for extensions and critical options on the identity
function.
|
2020-07-30 17:45:03 -07:00 |
|
Mariano Cano
|
ca2fb42d68
|
Move options to the provisioner.
|
2020-07-21 14:18:05 -07:00 |
|
Mariano Cano
|
ef0ed0ff95
|
Integrate simple templates in the JWK provisioner.
|
2020-07-21 14:18:04 -07:00 |
|
Mariano Cano
|
0b5fd156e8
|
Add a third principal on OIDC tokens with the raw local part of the email.
For the email first.last@example.com it will create the principals
["firstlast", "first.last", "first.last@example.com"]
Fixes #253, #254
|
2020-05-21 12:09:11 -07:00 |
|
Mariano Cano
|
c49a9d5e33
|
Add context parameter to all SSH methods.
|
2020-03-10 19:01:45 -07:00 |
|
Mariano Cano
|
59fc8cdd2d
|
Fix typo in comments.
|
2020-02-27 10:48:16 -08:00 |
|
max furman
|
1cb8bb3ae1
|
Simplify statuscoder error generators.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
dccbdf3a90
|
Introduce generalized statusCoder errors and loads of ssh unit tests.
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
414a94b210
|
Instrument getIdentity func for OIDC ssh provisioner
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
f74cd04a6a
|
Add WithGetIdentityFunc option and attr to authority
* Add Identity type to provisioner
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
29853ae016
|
sshpop provisioner + ssh renew | revoke | rekey first pass
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
c04f1e1bd4
|
sshpop first pass
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
8f07ff6a39
|
Add kubernetes service account provisioner
|
2019-10-29 17:42:50 -07:00 |
|
max furman
|
d368791606
|
Add x5c provisioner capabilities
|
2019-10-14 14:51:37 -07:00 |
|
max furman
|
e3826dd1c3
|
Add ACME CA capabilities
|
2019-09-13 15:48:33 -07:00 |
|
Mariano Cano
|
10e7b81b9f
|
Merge branch 'master' into ssh-ca
|
2019-09-05 23:06:01 +02:00 |
|
max furman
|
ac234771c7
|
Remove unknown provisioner WARNning and leave TODO
|
2019-08-29 10:49:52 -07:00 |
|
max furman
|
ca8daf5f12
|
Update comment and warn
|
2019-08-28 17:28:03 -07:00 |
|
Mariano Cano
|
9200f11ed8
|
Skip unsupported provisioners.
|
2019-08-28 17:25:39 -07:00 |
|
Mariano Cano
|
41b97372e6
|
Rename function to SanitizeSSHUserPrincipal
|
2019-07-29 16:38:57 -07:00 |
|
Mariano Cano
|
48c98dea2a
|
Make SanitizeSSHPrincipal a public function.
|
2019-07-29 16:21:22 -07:00 |
|
Mariano Cano
|
f01286bb48
|
Add support for SSH certificates to OIDC.
Update the interface for all the provisioners.
|
2019-07-29 15:54:07 -07:00 |
|
Mariano Cano
|
8f8c862c04
|
Fix spelling errors.
|
2019-06-07 11:24:56 -07:00 |
|
Mariano Cano
|
37f2096dff
|
Add Stringer interface to provisioner.Type.
Add missing file.
|
2019-06-05 17:52:29 -07:00 |
|
Mariano Cano
|
0a756ce9d0
|
Use on GCP audiences with the format https://<ca-url>#<provisioner-type>/<provisioner-name>
Fixes smallstep/step#156
|
2019-06-03 17:19:44 -07:00 |
|
Mariano Cano
|
70196b2331
|
Add skeleton for the Azure provisioner.
Related to #69
|
2019-05-03 17:30:54 -07:00 |
|
Mariano Cano
|
da93e40f90
|
Add constant for Azure type.
|
2019-04-24 14:26:37 -07:00 |
|
Mariano Cano
|
75ef5a2275
|
Add AWS provisioner.
Fixes #68
|
2019-04-24 12:12:36 -07:00 |
|
Mariano Cano
|
f794dbeb93
|
Add support for GCP identity tokens.
|
2019-04-17 17:28:21 -07:00 |
|
max furman
|
ab4d569f36
|
Add /revoke API with interface db backend
|
2019-04-10 13:50:35 -07:00 |
|
Mariano Cano
|
cc8764c343
|
Initialize the list for backward compatibility.
|
2019-03-07 16:04:29 -08:00 |
|
Mariano Cano
|
507fd01062
|
Remove provisioner intermediate type.
|
2019-03-07 13:07:39 -08:00 |
|
Mariano Cano
|
d92a7f2948
|
Rename provisioner to jwk.
|
2019-03-06 18:36:35 -08:00 |
|
Mariano Cano
|
2d00cd0933
|
Validate audiences in the default provisioner.
|
2019-03-06 18:32:56 -08:00 |
|
Mariano Cano
|
0dee841a4f
|
Complete first version of provisioner implementations.
|
2019-03-06 14:54:56 -08:00 |
|
Mariano Cano
|
62dab7b6b8
|
Rename interface method.
|
2019-03-05 14:52:26 -08:00 |
|
Mariano Cano
|
5a8f78d9d0
|
Add support to collection to load the encrypted keys.
|
2019-03-05 14:45:57 -08:00 |
|
Mariano Cano
|
dd0376657c
|
Move collection to a new file.
|
2019-03-05 14:28:32 -08:00 |
|
Mariano Cano
|
4b2b6ffe32
|
Create the provisioner type used to englobe all different provisioners.
|
2019-03-05 12:42:49 -08:00 |
|
Mariano Cano
|
fc0b2ca5a6
|
Revert "Move provisioners to authority/provisioner package."
This reverts commit f88d622a67 .
|
2019-03-04 18:17:35 -08:00 |
|