Mariano Cano
|
6b3a8f22f3
|
Add provisioner to SSH renewals
This commit allows to report the provisioner to the linkedca when
a SSH certificate is renewed.
|
2022-05-20 14:41:44 -07:00 |
|
Herman Slatman
|
c40a4d2694
|
Contain policy engines inside provisioner Controller
|
2022-04-22 01:20:38 +02:00 |
|
Herman Slatman
|
571b21abbc
|
Fix (most) PR comments
|
2022-03-31 16:12:29 +02:00 |
|
Herman Slatman
|
dc23fd23bf
|
Merge branch 'master' into herman/allow-deny-next
|
2022-03-24 12:36:12 +01:00 |
|
Mariano Cano
|
6d532045dc
|
Fix validity check for sshpop provisioner.
|
2022-03-14 17:31:21 -07:00 |
|
Mariano Cano
|
259e95947c
|
Add support for the provisioner controller
The claimer, audiences and custom callback methods are now managed
by the provisioner controller in an uniform way.
|
2022-03-09 18:43:45 -08:00 |
|
Herman Slatman
|
512b8d6730
|
Refactor instantiation of policy engines
Instead of using the `base` struct, the x509 and SSH policy
engines are now added to each provisioner directly.
|
2022-01-25 16:45:25 +01:00 |
|
Herman Slatman
|
9539729bd9
|
Add initial implementation of x509 and SSH allow/deny policy engine
|
2022-01-03 12:25:24 +01:00 |
|
Mariano Cano
|
8ce807a6cb
|
Modify errs.BadRequest() calls to always send an error to the client.
|
2021-11-18 15:12:44 -08:00 |
|
Mariano Cano
|
f7542a5bd9
|
Move check of ssh revocation from provisioner to the authority.
|
2021-07-21 15:22:57 -07:00 |
|
max furman
|
9fdef64709
|
Admin level API for provisioner mgmt v1
|
2021-07-02 19:05:17 -07:00 |
|
max furman
|
638766c615
|
wip
|
2021-05-19 18:23:20 -07:00 |
|
Mariano Cano
|
ba918100d0
|
Use go.step.sm/crypto/jose
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
|
2020-08-24 14:44:11 -07:00 |
|
max furman
|
1cb8bb3ae1
|
Simplify statuscoder error generators.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
dccbdf3a90
|
Introduce generalized statusCoder errors and loads of ssh unit tests.
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
|
2020-01-28 13:29:40 -08:00 |
|
max furman
|
3d970b45c8
|
remove printfs
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
5788ac3f4f
|
sshpop token should not allow renew/rekey of user ssh certs
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
29853ae016
|
sshpop provisioner + ssh renew | revoke | rekey first pass
|
2020-01-28 13:28:16 -08:00 |
|
max furman
|
c04f1e1bd4
|
sshpop first pass
|
2020-01-28 13:28:16 -08:00 |
|