Mariano Cano
|
57a529cc1a
|
Allow to enable the SSH CA per provisioner
|
2019-08-05 11:40:27 -07:00 |
|
Mariano Cano
|
e71072d389
|
Add experimental support for provisioning users.
|
2019-08-02 17:48:34 -07:00 |
|
Mariano Cano
|
390aecca0b
|
Check for error creating signers.
|
2019-08-01 18:15:04 -07:00 |
|
Mariano Cano
|
004ea12212
|
Allow to use custom SSH user/host key files.
|
2019-08-01 15:04:56 -07:00 |
|
Mariano Cano
|
dc657565a7
|
Add SSH test for GCP.
|
2019-07-31 18:22:21 -07:00 |
|
Mariano Cano
|
7983aa8661
|
Add azure ssh tests.
|
2019-07-31 18:16:17 -07:00 |
|
Mariano Cano
|
2cac85a8c8
|
Add aws tests.
|
2019-07-31 18:11:46 -07:00 |
|
Mariano Cano
|
f8a71899fd
|
Add missing file.
|
2019-07-31 17:46:28 -07:00 |
|
Mariano Cano
|
d231bfb764
|
Update jwk and oidc tests.
|
2019-07-31 17:04:17 -07:00 |
|
Mariano Cano
|
a8f4ad1b8e
|
Set default SSH options if no user options are given.
|
2019-07-31 17:03:33 -07:00 |
|
Mariano Cano
|
c17375a10a
|
Create convenient method to mock the timeduration.
|
2019-07-31 12:53:03 -07:00 |
|
Mariano Cano
|
4c1a11c1bc
|
Add Unix method to TimeDuration.
|
2019-07-31 12:36:31 -07:00 |
|
Mariano Cano
|
b0240772da
|
Add tests for SSH certs with JWK provisioners.
|
2019-07-30 18:23:54 -07:00 |
|
Mariano Cano
|
780eeb5487
|
Remove debug print.
|
2019-07-30 16:56:30 -07:00 |
|
Mariano Cano
|
ad91842d06
|
Add test for SanitizeSSHUserPrincipal
|
2019-07-30 15:28:04 -07:00 |
|
Mariano Cano
|
f8cacc11b1
|
Fix tests.
|
2019-07-29 18:24:34 -07:00 |
|
Mariano Cano
|
b827a59e96
|
Add SSH host certificate support for GCP provisioner.
|
2019-07-29 18:17:20 -07:00 |
|
Mariano Cano
|
221d323b68
|
Fix containsAllMembers
|
2019-07-29 18:16:52 -07:00 |
|
Mariano Cano
|
18a285e847
|
Change azure ssh key id.
|
2019-07-29 18:04:01 -07:00 |
|
Mariano Cano
|
aef52e4334
|
Add support for SSH host certificates in azure.
|
2019-07-29 18:01:20 -07:00 |
|
Mariano Cano
|
7d670b20ea
|
Add support of ssh host certinficates in AWS provisioner.
|
2019-07-29 17:54:38 -07:00 |
|
Mariano Cano
|
7583f1c739
|
Do not require all principals, allow subgroups.
|
2019-07-29 17:54:13 -07:00 |
|
Mariano Cano
|
41b97372e6
|
Rename function to SanitizeSSHUserPrincipal
|
2019-07-29 16:38:57 -07:00 |
|
Mariano Cano
|
53f62f871c
|
Set not extensions to host certificates.
|
2019-07-29 16:36:46 -07:00 |
|
Mariano Cano
|
48c98dea2a
|
Make SanitizeSSHPrincipal a public function.
|
2019-07-29 16:21:22 -07:00 |
|
Mariano Cano
|
f01286bb48
|
Add support for SSH certificates to OIDC.
Update the interface for all the provisioners.
|
2019-07-29 15:54:07 -07:00 |
|
Mariano Cano
|
7a64a84761
|
Pass the given context.
|
2019-07-29 15:53:09 -07:00 |
|
Mariano Cano
|
e1cd5ee8c3
|
Add context to the Authorize method.
Fix tests.
|
2019-07-29 12:34:27 -07:00 |
|
Mariano Cano
|
2127d09ef3
|
Rename context type to apiCtx.
It will conflict with the context package.
|
2019-07-29 11:56:14 -07:00 |
|
Mariano Cano
|
082ebda85b
|
Merge branch 'master' of github.com:smallstep/certificates into ssh-ca
|
2019-07-26 15:38:46 -07:00 |
|
Mariano Cano
|
d7221e15ac
|
Always marshal timeduration as a string
|
2019-07-25 18:41:46 -07:00 |
|
Mariano Cano
|
3ff410c695
|
fix ssh validity modifier
|
2019-07-25 18:41:32 -07:00 |
|
Mariano Cano
|
1c8f610ca9
|
Add initial implementation of an SSH CA using the JWK provisioner.
Fixes smallstep/ca-component#187
|
2019-07-23 18:46:43 -07:00 |
|
Mariano Cano
|
f5beed3b96
|
Merge pull request #83 from matteo-s/oidc-groups
Add option for checking group membership declared in JWT token
|
2019-07-23 10:05:18 -07:00 |
|
Mariano Cano
|
3e69194cc4
|
Fix lint error
|
2019-07-15 16:35:51 -07:00 |
|
Mariano Cano
|
900ab9cc12
|
Allow custom common names in cloud identity provisioners.
|
2019-07-15 15:52:36 -07:00 |
|
Mariano Cano
|
5f4217ca4c
|
Simplify abs, it performs even better.
|
2019-06-25 11:04:48 -07:00 |
|
Matteo Saloni
|
1919cfdff3
|
Add option for checking group membership declared in JWT token
|
2019-06-25 10:50:55 +02:00 |
|
Mariano Cano
|
e66272d6f0
|
Fix panic when max-age is set to zero.
Fixes #81
|
2019-06-24 13:40:14 -07:00 |
|
Mariano Cano
|
578beec25d
|
Merge pull request #65 from smallstep/cloud-identities
Cloud identities
|
2019-06-07 11:36:31 -07:00 |
|
Mariano Cano
|
8f8c862c04
|
Fix spelling errors.
|
2019-06-07 11:24:56 -07:00 |
|
Mariano Cano
|
b88a2f1373
|
Fix provisioner id in LoadByCertificate
|
2019-06-06 15:24:15 -07:00 |
|
Mariano Cano
|
37dff5124b
|
Fix audience tests.
Fixes smallstep/step#156
|
2019-06-06 13:09:00 -07:00 |
|
Mariano Cano
|
2491593cdd
|
Add ca-url based audience for AWS tokens
Fixes smallstep/step#156
|
2019-06-06 12:49:51 -07:00 |
|
Mariano Cano
|
4fa9e9333d
|
Add NewDuration constructor.
|
2019-06-05 17:53:28 -07:00 |
|
Mariano Cano
|
37f2096dff
|
Add Stringer interface to provisioner.Type.
Add missing file.
|
2019-06-05 17:52:29 -07:00 |
|
Mariano Cano
|
6e4a09651a
|
Add comments with links to cloud docs.
|
2019-06-05 11:04:00 -07:00 |
|
Mariano Cano
|
536ec36b9e
|
Add support for instance age check in AWS.
Fixes smallstep/step#164
|
2019-06-04 16:31:33 -07:00 |
|
Mariano Cano
|
c431538ff2
|
Add support for instance age check in GCP.
Fixes smallstep/step#164
|
2019-06-04 15:57:15 -07:00 |
|
Mariano Cano
|
4cef086c00
|
Allow to use emails as service accounts on GCP
Fixes smallstep/step#163
|
2019-06-03 17:28:39 -07:00 |
|