Herman Slatman
613c99f00f
Fix linting issues
2022-03-24 13:10:49 +01:00
Herman Slatman
dc23fd23bf
Merge branch 'master' into herman/allow-deny-next
2022-03-24 12:36:12 +01:00
Herman Slatman
6b620c8e9c
Improve protobuf unmarshaling error handling
2022-03-24 10:54:45 +01:00
Herman Slatman
101ca6a2d3
Check admin subjects before changing policy
2022-03-21 15:53:59 +01:00
Panagiotis Siatras
4fb38afc57
authority/admin/api: refactored to use the read package
2022-03-18 20:21:00 +02:00
Herman Slatman
81b0c6c37c
Add API implementation for authority and provisioner policy
2022-03-15 15:56:04 +01:00
Herman Slatman
5b713a564c
Change CM link
2022-02-10 12:55:47 +01:00
Herman Slatman
d00729df0b
Refactor ACME Admin API
2022-02-08 13:26:30 +01:00
Herman Slatman
fd9845e9c7
Add cursor and limit to ACME EAB DB interface
2022-01-24 14:03:56 +01:00
Herman Slatman
868cc4ad7f
Increase test coverage for additional indexes
2022-01-20 17:06:23 +01:00
Herman Slatman
8838961b68
Merge branch 'master' into hs/acme-eab
2022-01-20 11:05:28 +01:00
Herman Slatman
ef16febf40
Refactor ACME EAB queries
...
The ACME EAB keys are now also indexed by the provisioner. This
solves part of the issue in which too many EAB keys may be in
memory at a given time.
2022-01-07 16:59:55 +01:00
Herman Slatman
30859d3c83
Remove server-side paging logic for ExternalAccountKeys
2022-01-06 14:09:35 +01:00
Mariano Cano
6a1d0cb9f8
Add linkedca conversions.
2022-01-04 18:42:57 -08:00
Herman Slatman
5fe9909174
Refactor AdminAuthority interface
2021-12-22 15:30:40 +01:00
Herman Slatman
f9ae875f9d
Use short if-style statements
2021-12-20 14:30:01 +01:00
Herman Slatman
5f224b729e
Add tests for Provisioner Admin API
2021-12-09 23:15:38 +01:00
Herman Slatman
43a78f495f
Add tests for Admin API
2021-12-09 17:29:23 +01:00
Herman Slatman
bd169f505f
Add Admin API Middleware tests
2021-12-09 15:26:18 +01:00
Herman Slatman
63371a8fb6
Add additional tests for ACME EAB Admin
2021-12-09 13:46:47 +01:00
Herman Slatman
2215a05c28
Add tests for ACME EAB Admin
...
Refactored some of the existing bits for testing the Authority
API by creation of a new LinkedAuthority interface and changing
visibility of the MockAuthority to be usable by other packages.
At this time, not all of the functions of MockAuthority it usable
yet. Will refactor when needed or requested.
2021-12-08 15:19:38 +01:00
Herman Slatman
4d726d6b4c
Add pagination to ACME EAB credentials endpoint
2021-10-17 22:42:36 +02:00
Herman Slatman
bc5f0e429b
Fix gocritic remark
2021-10-17 12:53:02 +02:00
Herman Slatman
d354d55e7f
Improve handling duplicate ACME EAB references
2021-10-16 14:44:56 +02:00
Herman Slatman
dd4b4b0435
Fix remaining gocritic remarks
2021-10-11 23:34:23 +02:00
Herman Slatman
e0b495e4c8
Merge branch 'master' into hs/acme-eab
2021-10-09 01:06:49 +02:00
Herman Slatman
c26041f835
Add ACME EAB nosql tests
2021-10-09 01:02:00 +02:00
max furman
933b40a02a
Introduce gocritic linter and address warnings
2021-10-08 14:59:57 -04:00
Herman Slatman
f34d68897a
Refactor retrieval of provisioner into middleware
2021-10-08 14:29:44 +02:00
max furman
2d5bfd3485
fix comment
2021-09-22 11:56:52 -07:00
Herman Slatman
c2bc1351c6
Add provisioner to remove endpoint and clear reference index on delete
2021-09-17 17:48:09 +02:00
Herman Slatman
746c5c9fd9
Disallow creation of EAB keys with non-unique references
2021-09-17 17:25:19 +02:00
Herman Slatman
9c0020352b
Add lookup by reference and make reference optional
2021-09-17 17:08:02 +02:00
Herman Slatman
02cd3b6b3b
Fix PR comments
2021-09-16 23:09:24 +02:00
Herman Slatman
f11c0cdc0c
Add endpoint for listing ACME EAB keys
2021-08-27 16:58:04 +02:00
Herman Slatman
9d09f5e575
Add support for deleting ACME EAB keys
2021-08-27 14:10:00 +02:00
Herman Slatman
1dba8698e3
Use LinkedCA.EABKey type in ACME EAB API
2021-08-27 12:39:37 +02:00
Herman Slatman
492256f2d7
Add first test cases for EAB and make provisioner unique per EAB
...
Before this commit, EAB keys could be used CA-wide, meaning that
an EAB credential could be used at any ACME provisioner. This
commit changes that behavior, so that EAB credentials are now
intended to be used with a specific ACME provisioner. I think
that makes sense, because from the perspective of an ACME client
the provisioner is like a distinct CA.
Besides that this commit also includes the first tests for EAB.
The logic for creating the EAB JWS as a client has been taken
from github.com/mholt/acmez. This logic may be moved or otherwise
sourced (i.e. from a vendor) as soon as the step client also
(needs to) support(s) EAB with ACME.
2021-08-09 10:37:32 +02:00
Herman Slatman
7dad7038c3
Fix missing ACME EAB API endpoints
2021-07-23 15:41:24 +02:00
Herman Slatman
c6a4c4ecba
Change ACME EAB endpoint
2021-07-23 15:16:11 +02:00
Herman Slatman
c6bfc6eac2
Fix PR comments
2021-07-22 23:48:41 +02:00
Herman Slatman
b65a588d5b
Make authentication work for /admin/eak
2021-07-22 22:43:21 +02:00
Herman Slatman
f81d49d963
Add first working version of External Account Binding
2021-07-17 17:35:44 +02:00
max furman
1df21b9b6a
Addressing comments in PR review
...
- added a bit of validation to admin create and update
- using protojson where possible in admin api
- fixing a few instances of admin -> acme in errors
2021-07-06 17:14:13 -07:00
max furman
5679c9933d
Fixes from PR review
2021-07-03 12:08:30 -07:00
max furman
9fdef64709
Admin level API for provisioner mgmt v1
2021-07-02 19:05:17 -07:00
max furman
1726076ea2
wip
2021-05-25 16:52:06 -07:00
max furman
423942da44
wip
2021-05-24 13:38:24 -07:00
max furman
9bfb1c2e7b
wip
2021-05-21 13:31:41 -07:00
max furman
4f3e5ef64d
wip
2021-05-19 15:20:16 -07:00
max furman
5d09d04d14
wip
2021-05-19 15:20:16 -07:00