mbiryukova/certificates

Author	SHA1	Message	Date
Mariano Cano	7d670b20ea	Add support of ssh host certinficates in AWS provisioner.	2019-07-29 17:54:38 -07:00
Mariano Cano	7583f1c739	Do not require all principals, allow subgroups.	2019-07-29 17:54:13 -07:00
Mariano Cano	41b97372e6	Rename function to SanitizeSSHUserPrincipal	2019-07-29 16:38:57 -07:00
Mariano Cano	53f62f871c	Set not extensions to host certificates.	2019-07-29 16:36:46 -07:00
Mariano Cano	48c98dea2a	Make SanitizeSSHPrincipal a public function.	2019-07-29 16:21:22 -07:00
Mariano Cano	f01286bb48	Add support for SSH certificates to OIDC. Update the interface for all the provisioners.	2019-07-29 15:54:07 -07:00
Mariano Cano	7a64a84761	Pass the given context.	2019-07-29 15:53:09 -07:00
Mariano Cano	e1cd5ee8c3	Add context to the Authorize method. Fix tests.	2019-07-29 12:34:27 -07:00
Mariano Cano	2127d09ef3	Rename context type to apiCtx. It will conflict with the context package.	2019-07-29 11:56:14 -07:00
Mariano Cano	082ebda85b	Merge branch 'master' of github.com:smallstep/certificates into ssh-ca	2019-07-26 15:38:46 -07:00
Mariano Cano	d7221e15ac	Always marshal timeduration as a string	2019-07-25 18:41:46 -07:00
Mariano Cano	3ff410c695	fix ssh validity modifier	2019-07-25 18:41:32 -07:00
Mariano Cano	1c8f610ca9	Add initial implementation of an SSH CA using the JWK provisioner. Fixes smallstep/ca-component#187	2019-07-23 18:46:43 -07:00
Mariano Cano	f5beed3b96	Merge pull request #83 from matteo-s/oidc-groups Add option for checking group membership declared in JWT token	2019-07-23 10:05:18 -07:00
Mariano Cano	3e69194cc4	Fix lint error	2019-07-15 16:35:51 -07:00
Mariano Cano	900ab9cc12	Allow custom common names in cloud identity provisioners.	2019-07-15 15:52:36 -07:00
Mariano Cano	5f4217ca4c	Simplify abs, it performs even better.	2019-06-25 11:04:48 -07:00
Matteo Saloni	1919cfdff3	Add option for checking group membership declared in JWT token	2019-06-25 10:50:55 +02:00
Mariano Cano	e66272d6f0	Fix panic when max-age is set to zero. Fixes #81	2019-06-24 13:40:14 -07:00
Mariano Cano	578beec25d	Merge pull request #65 from smallstep/cloud-identities Cloud identities	2019-06-07 11:36:31 -07:00
Mariano Cano	8f8c862c04	Fix spelling errors.	2019-06-07 11:24:56 -07:00
Mariano Cano	b88a2f1373	Fix provisioner id in LoadByCertificate	2019-06-06 15:24:15 -07:00
Mariano Cano	37dff5124b	Fix audience tests. Fixes smallstep/step#156	2019-06-06 13:09:00 -07:00
Mariano Cano	2491593cdd	Add ca-url based audience for AWS tokens Fixes smallstep/step#156	2019-06-06 12:49:51 -07:00
Mariano Cano	4fa9e9333d	Add NewDuration constructor.	2019-06-05 17:53:28 -07:00
Mariano Cano	37f2096dff	Add Stringer interface to provisioner.Type. Add missing file.	2019-06-05 17:52:29 -07:00
Mariano Cano	6e4a09651a	Add comments with links to cloud docs.	2019-06-05 11:04:00 -07:00
Mariano Cano	536ec36b9e	Add support for instance age check in AWS. Fixes smallstep/step#164	2019-06-04 16:31:33 -07:00
Mariano Cano	c431538ff2	Add support for instance age check in GCP. Fixes smallstep/step#164	2019-06-04 15:57:15 -07:00
Mariano Cano	4cef086c00	Allow to use emails as service accounts on GCP Fixes smallstep/step#163	2019-06-03 17:28:39 -07:00
Mariano Cano	0a756ce9d0	Use on GCP audiences with the format https://<ca-url>#<provisioner-type>/<provisioner-name> Fixes smallstep/step#156	2019-06-03 17:19:44 -07:00
Mariano Cano	a54bf925eb	Add filtering by GCP Project ID. Fixes smallstep/step#155	2019-06-03 11:56:42 -07:00
Mariano Cano	54d0186d1f	Change condition to fail if the length is not the expected.	2019-05-13 11:50:22 -07:00
Mariano Cano	dbd3131068	Fix comments.	2019-05-10 17:54:18 -07:00
Mariano Cano	9f39cb5f2a	Add test.	2019-05-10 16:53:35 -07:00
Mariano Cano	fb6a1afd89	Fix typo.	2019-05-10 16:04:30 -07:00
Mariano Cano	3a1a4c5ea9	Do not allow reload with database configuration changes. Fixes #smallstep/ca-component#170	2019-05-10 15:58:37 -07:00
Mariano Cano	cf07c8f4c0	Fix typos.	2019-05-09 18:56:24 -07:00
Mariano Cano	54570095d4	Merge branch 'master' into cloud-identities	2019-05-08 17:19:03 -07:00
Mariano Cano	423d505d04	Replace subscriptions with resource groups.	2019-05-08 17:11:55 -07:00
Mariano Cano	32d2d6b75a	Remove debug code.	2019-05-08 17:11:33 -07:00
Mariano Cano	e0aaa1a577	Use tenant id in azures's provisioner x509 extension.	2019-05-08 15:58:15 -07:00
Mariano Cano	89eeada2a2	Add support for loading azure tokens by tenant id.	2019-05-08 15:39:50 -07:00
Mariano Cano	803d81d332	Improve azure unit tests.	2019-05-08 12:47:45 -07:00
Mariano Cano	4c5fec06bf	Require TenantID in azure, add some tests.	2019-05-07 19:07:49 -07:00
Mariano Cano	12937c6b75	Remove pkcs7 related variables and structs.	2019-05-07 17:12:12 -07:00
Mariano Cano	6412b1a79b	Add first version of Asure support. Fixes #69	2019-05-07 17:07:04 -07:00
max furman	81db527f12	NoopDB -> SimpleDB	2019-05-07 12:26:30 -07:00
max furman	b73fe8c157	Add used OTT to DB during authToken step	2019-05-06 15:52:02 -07:00
Mariano Cano	70196b2331	Add skeleton for the Azure provisioner. Related to #69	2019-05-03 17:30:54 -07:00

1 2 3 4

192 commits