Herman Slatman
647538e9e8
Merge branch 'herman/allow-deny' into herman/allow-deny-options
2022-04-19 10:32:16 +02:00
Herman Slatman
ad2de16299
Merge branch 'master' into herman/allow-deny
2022-04-19 10:26:31 +02:00
Herman Slatman
7f9034d22a
Add additional policy options
2022-04-19 10:24:52 +02:00
Mariano Cano
d61cd98a3e
Merge pull request #894 from smallstep/ahmet2mir-feat/vault
...
Vault CAS
2022-04-18 17:55:03 -07:00
Mariano Cano
fe9c3cf753
Merge branch 'master' into ahmet2mir-feat/vault
2022-04-18 15:35:26 -07:00
Mariano Cano
b99692fdaa
Merge pull request #901 from smallstep/fix/admin-token
...
Drop any query string from the admin tokens
2022-04-18 15:30:42 -07:00
Mariano Cano
4770b405ba
Drop any query string from the admin tokens
...
This commit makes sure the admin token audience is passed without
a query string (or any fragment).
2022-04-18 15:18:23 -07:00
Herman Slatman
def9438ad6
Improve handling of bad JSON protobuf bodies
2022-04-18 23:38:13 +02:00
Herman Slatman
2ca5c0170f
Fix flaky test behavior for protobuf messages
2022-04-18 22:39:47 +02:00
Herman Slatman
ff8cb19b78
Fix usage of URL in generateAdminToken
2022-04-18 21:59:06 +02:00
Herman Slatman
abcad679ff
Merge branch 'master' into herman/allow-deny
2022-04-18 21:54:55 +02:00
Herman Slatman
82e0033428
Remove Adder options
2022-04-18 21:47:39 +02:00
Herman Slatman
8d15a027a7
Fix if-else linting issue
2022-04-18 21:47:13 +02:00
Mariano Cano
50a271edca
Merge pull request #888 from smallstep/fix/adminra
...
Fix/adminra
2022-04-18 12:46:41 -07:00
Mariano Cano
c066694c0c
Allow renew token issuer to be the provisioner name.
...
For consistency with AuthorizeAdminToken, AuthorizeRenewToken will
allow the issuer to be either the fixed string 'step-ca-client/1.0'
or the provisioner name.
2022-04-18 12:38:09 -07:00
Herman Slatman
99702d3648
Fix case of no authority policy existing
2022-04-18 21:14:30 +02:00
Mariano Cano
3aebe8d019
Add missing comma in comment.
2022-04-15 12:19:32 -07:00
Herman Slatman
d6be9450be
Merge branch 'master' into herman/allow-deny
2022-04-15 11:57:05 +02:00
Herman Slatman
a9f033ece5
Fix JSON property name for ACME policy
2022-04-15 10:58:40 +02:00
Herman Slatman
30d5d89a13
Improve test coverage for Policy Admin API
2022-04-15 10:43:25 +02:00
Mariano Cano
d3b6bc3c75
Merge branch 'master' into fix/adminra
2022-04-13 17:44:23 -07:00
Mariano Cano
ad5aedfa60
Fix backward compatibility in AuthorizeAdminToken
...
This commit validates both new and old issuers.
2022-04-13 16:00:15 -07:00
Mariano Cano
5f714f2485
Fix tests for AuthorizeRenewToken
2022-04-13 15:59:37 -07:00
Mariano Cano
6331041b2b
Merge pull request #898 from smallstep/fix/claim-name
...
Rename unreleased claim to allowRenewalAfterExpiry for consistency.
2022-04-13 15:19:49 -07:00
Mariano Cano
674dc3c844
Rename unreleased claim to allowRenewalAfterExpiry for consistency.
2022-04-13 15:11:54 -07:00
Mariano Cano
4e4d4e882f
Use a fixed string for renewal token issuer.
2022-04-13 14:50:06 -07:00
Mariano Cano
3694ba30dc
Store certificate and provisioner in one transaction.
2022-04-12 18:42:27 -07:00
Mariano Cano
0a5dc237df
Fix typo in comment.
2022-04-12 17:56:39 -07:00
Max
0dc5646e31
add Postgres to available databases in README
2022-04-12 15:21:18 -07:00
Mariano Cano
00cd0f5f21
Apply suggestions from code review
...
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
2022-04-12 14:44:55 -07:00
Mariano Cano
1c24863d2f
Update changelog.
2022-04-12 14:41:25 -07:00
Mariano Cano
e29c85bbd4
Use errors and fmt instead of pkg/errors.
2022-04-12 14:04:46 -07:00
Mariano Cano
ea5f7f2acc
Fix SANs for step-ca certificate
...
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
2022-04-12 13:57:55 -07:00
Mariano Cano
c4ff0f1cc3
Add codecov token.
...
It shouldn't be necessary for public repos, but GitHub actions
error suggests to add it.
2022-04-12 11:19:43 -07:00
Mariano Cano
25d0ca258d
Upgrade codecov to v2
2022-04-12 11:19:43 -07:00
Mariano Cano
76c483c36f
Add missing comments.
2022-04-12 11:15:28 -07:00
Mariano Cano
48bc20c9f3
Unify json parameters.
2022-04-12 11:11:36 -07:00
Mariano Cano
790a19c6f6
make json names uniform
...
Co-authored-by: Ahmet Demir <ahmet2mir+github@gmail.com>
2022-04-12 10:01:22 -07:00
Mariano Cano
26e40068c8
Remove unnecessary dependencies.
2022-04-11 18:49:14 -07:00
Mariano Cano
967d9136ca
Cleanup Vault CAS integration
2022-04-11 18:44:13 -07:00
Mariano Cano
9134bad22c
Run go mod tidy.
2022-04-11 14:59:22 -07:00
Mariano Cano
37b521ec6c
Merge branch 'master' into feat/vault
2022-04-11 14:57:45 -07:00
Mariano Cano
1880b4b2d0
Add codecov token.
...
It shouldn't be necessary for public repos, but GitHub actions
error suggests to add it.
2022-04-11 14:21:14 -07:00
Mariano Cano
435bb8123b
Upgrade codecov to v2
2022-04-11 14:14:02 -07:00
Mariano Cano
c8c59d68f5
Allow mTLS renewals if the provisioner extension does not exists.
...
This fixes a backward compatibility issue with with the new
LoadProvisionerByCertificate.
2022-04-11 12:19:42 -07:00
Mariano Cano
2fbff47acf
Add missing return in test.
2022-04-11 12:18:44 -07:00
Herman Slatman
256fe113f7
Improve tests for ACME account policy
2022-04-11 15:25:55 +02:00
Panagiotis Siatras
f2cf9cf828
authority/status: removed the package ( #892 )
2022-04-11 11:56:16 +03:00
Mariano Cano
2ace3097b7
Update changelog.
2022-04-08 14:29:20 -07:00
Mariano Cano
af8fcf5b01
Use always LoadProvisionerByCertificate on authority package
2022-04-08 14:18:24 -07:00