Commit graph

724 commits

Author SHA1 Message Date
Mariano Cano
53f62f871c Set not extensions to host certificates. 2019-07-29 16:36:46 -07:00
Mariano Cano
48c98dea2a Make SanitizeSSHPrincipal a public function. 2019-07-29 16:21:22 -07:00
Mariano Cano
f01286bb48 Add support for SSH certificates to OIDC.
Update the interface for all the provisioners.
2019-07-29 15:54:07 -07:00
Mariano Cano
a44b0a1d52 Fix typo 2019-07-29 15:53:43 -07:00
Mariano Cano
7a64a84761 Pass the given context. 2019-07-29 15:53:09 -07:00
Mariano Cano
ba2ba54928 Adapt api package to new interfaces. 2019-07-29 12:52:13 -07:00
Mariano Cano
e1cd5ee8c3 Add context to the Authorize method.
Fix tests.
2019-07-29 12:34:27 -07:00
Mariano Cano
2127d09ef3 Rename context type to apiCtx.
It will conflict with the context package.
2019-07-29 11:56:14 -07:00
Mariano Cano
082ebda85b Merge branch 'master' of github.com:smallstep/certificates into ssh-ca 2019-07-26 15:38:46 -07:00
Mariano Cano
d008d2d4d1 Use default base64 encoding for public key 2019-07-25 18:42:32 -07:00
Mariano Cano
d7221e15ac Always marshal timeduration as a string 2019-07-25 18:41:46 -07:00
Mariano Cano
3ff410c695 fix ssh validity modifier 2019-07-25 18:41:32 -07:00
Mariano Cano
1c8f610ca9 Add initial implementation of an SSH CA using the JWK provisioner.
Fixes smallstep/ca-component#187
2019-07-23 18:46:43 -07:00
Mariano Cano
f5beed3b96
Merge pull request #83 from matteo-s/oidc-groups
Add option for checking group membership declared in JWT token
2019-07-23 10:05:18 -07:00
Mariano Cano
5356bce4d8
Merge pull request #84 from smallstep/iid-common-name
Allow custom common names in cloud identity provisioners
2019-07-16 11:15:55 -07:00
Mariano Cano
3e69194cc4 Fix lint error 2019-07-15 16:35:51 -07:00
Mariano Cano
900ab9cc12 Allow custom common names in cloud identity provisioners. 2019-07-15 15:52:36 -07:00
Mariano Cano
0c3e0088cf
Merge pull request #82 from smallstep/fix-max-age-0
Fix panic when max-age is set to zero.
2019-06-25 11:14:07 -07:00
Mariano Cano
5f4217ca4c Simplify abs, it performs even better. 2019-06-25 11:04:48 -07:00
Matteo Saloni
1919cfdff3 Add option for checking group membership declared in JWT token 2019-06-25 10:50:55 +02:00
Mariano Cano
e66272d6f0 Fix panic when max-age is set to zero.
Fixes #81
2019-06-24 13:40:14 -07:00
Mariano Cano
f12e2dedd5
Merge pull request #80 from smallstep/cert-manager
Improve ca.Provisioner
2019-06-24 10:59:00 -07:00
Mariano Cano
44e85b51f2 Add some extra coverage. 2019-06-21 15:12:36 -07:00
Mariano Cano
aa63f8f32c Add missing root certificate to test. 2019-06-21 14:52:06 -07:00
Mariano Cano
0acff1d318 Update cli dependency 2019-06-21 13:33:23 -07:00
Mariano Cano
5bc867a1aa
Merge pull request #79 from smallstep/autocert-move
Autocert move
2019-06-18 17:33:02 -07:00
Mariano Cano
8fafd987ca Use REAMDE.md suggested in code review. 2019-06-18 17:11:29 -07:00
Mariano Cano
f9e2ea9bd6 Revert "Do not depend on config package."
This reverts commit cc1c6f2cb4.
2019-06-18 14:44:19 -07:00
Mariano Cano
cc1c6f2cb4 Do not depend on config package.
Config package will panic if it cannot create the step path folder.
2019-06-18 13:16:23 -07:00
Mariano Cano
01b6aebbf7 Make provisioner more configurable.
The intention of this change is to make it usable from cert-manager.
2019-06-17 19:01:04 -07:00
Mariano Cano
e852b57870 Delete old autocert 2019-06-14 16:23:50 -07:00
Mariano Cano
5b84961f42 Point to the new autocert repo. 2019-06-14 16:02:00 -07:00
Mariano Cano
4075407d63 Add steps to update Helm packages. 2019-06-13 11:59:02 -07:00
Mariano Cano
a064540681 Commit icons. 2019-06-12 16:22:39 -07:00
Mariano Cano
fb4d114a82
Merge pull request #78 from smallstep/typo-fixes
Bunch of typos and misformatting
2019-06-11 10:55:14 -07:00
Samuel Wright
752302c318 Bunch of typos and misformatting 2019-06-11 17:28:43 +02:00
max furman
599fc1058c loadOrStore -> cmpAndSwap 2019-06-10 13:21:06 -07:00
Mariano Cano
578beec25d
Merge pull request #65 from smallstep/cloud-identities
Cloud identities
2019-06-07 11:36:31 -07:00
Mariano Cano
8f8c862c04 Fix spelling errors. 2019-06-07 11:24:56 -07:00
Mariano Cano
b88a2f1373 Fix provisioner id in LoadByCertificate 2019-06-06 15:24:15 -07:00
Mariano Cano
37dff5124b Fix audience tests.
Fixes smallstep/step#156
2019-06-06 13:09:00 -07:00
Mariano Cano
2491593cdd Add ca-url based audience for AWS tokens
Fixes smallstep/step#156
2019-06-06 12:49:51 -07:00
Mariano Cano
4fa9e9333d Add NewDuration constructor. 2019-06-05 17:53:28 -07:00
Mariano Cano
37f2096dff Add Stringer interface to provisioner.Type.
Add missing file.
2019-06-05 17:52:29 -07:00
Mariano Cano
6e4a09651a Add comments with links to cloud docs. 2019-06-05 11:04:00 -07:00
Mariano Cano
a36972d840 Add instanceAge and projectIds docs. 2019-06-05 10:50:08 -07:00
Mariano Cano
536ec36b9e Add support for instance age check in AWS.
Fixes smallstep/step#164
2019-06-04 16:31:33 -07:00
Mariano Cano
c431538ff2 Add support for instance age check in GCP.
Fixes smallstep/step#164
2019-06-04 15:57:15 -07:00
Mariano Cano
4cef086c00 Allow to use emails as service accounts on GCP
Fixes smallstep/step#163
2019-06-03 17:28:39 -07:00
Mariano Cano
0a756ce9d0 Use on GCP audiences with the format https://<ca-url>#<provisioner-type>/<provisioner-name>
Fixes smallstep/step#156
2019-06-03 17:19:44 -07:00