Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-15 18:12:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,322 Commits 39 Branches 223 Tags 44 MiB
1583e53cda
Commit Graph

611 Commits

Author SHA1 Message Date
Herman Slatman
364566bb01
Merge branch 'master' into wire-acme-extensions 2024-03-04 14:36:07 +01:00
Herman Slatman
d392c169fc
Improve functional coverage of request ID integration test 2024-03-04 12:00:08 +01:00
Herman Slatman
7e5f10927f
Decouple request ID middleware from logging middleware 2024-02-28 13:18:10 +01:00
Herman Slatman
c16a0b70ee
Remove smallstep/assert and pkg/errors from webhook tests 2024-02-27 13:44:44 +01:00
Herman Slatman
9689508709
Add tests for webhook request IDs 2024-02-27 13:39:21 +01:00
Herman Slatman
2a8b80a3e1
Merge branch 'master' into herman/webhook-request-id 2024-02-27 12:17:10 +01:00
Herman Slatman
0a97e1bd12
Merge branch 'master' into wire-acme-extensions 2024-02-15 10:35:34 +01:00
Remi Vichery
ee44ac104d
fixup! Add AWS ca-west-1 identity document certificate 2024-02-13 08:54:24 -08:00
Remi Vichery
283d46d9a7
Add AWS ca-west-1 identity document certificate 2024-02-12 11:27:41 -08:00
Herman Slatman
194341e520
Address review comments 2024-02-07 00:54:29 +01:00
Herman Slatman
745017cf9a
Add test for OIDC auto discovery configuration 2024-02-06 23:04:40 +01:00
Herman Slatman
ef657d7d2d
Fix OIDC target 2024-02-06 13:17:49 +01:00
Herman Slatman
e153be36d1
Replace smallstep/assert with stretchr/testify for ACME provisioner 2024-02-06 12:30:40 +01:00
Herman Slatman
c5792392a7
Add basic support for OIDC provider instantiation through discovery 2024-01-31 16:27:57 +01:00
Herman Slatman
cd21f8d51f
Refactor OIDC verifier instantation to happen only once 2024-01-31 15:49:45 +01:00
Herman Slatman
19feae520b
Add test for ACME initialization with Wire challenges 2024-01-31 14:24:06 +01:00
Herman Slatman
14e8d47118
Skip Wire option validation and initialization if not enabled 2024-01-29 16:59:55 +01:00
Herman Slatman
8a9b1b3f79
Move Wire option validation to provisioner initialization 2024-01-29 16:45:13 +01:00
Herman Slatman
79943d2e5e
Merge branch 'wire-acme-extensions' into herman/wire-acme-improvements 2024-01-29 15:09:43 +01:00
Herman Slatman
a38132aa58
Fix policy check for Wire user and device identifiers 2024-01-24 20:28:45 +01:00
Herman Slatman
93ba1654ea
Fix tests to work with Wire UserID and DeviceID 2024-01-24 13:45:20 +01:00
Herman Slatman
4d4719a48f
Change URLs used in DPoP template test 2024-01-24 12:42:00 +01:00
Herman Slatman
6ee0d70bec
Add check for empty deviceID in target URI template evaluation 2024-01-18 15:13:34 +01:00
Herman Slatman
2f3819aa4e
Use key authorization from ID token and handle -> preferred_username 2024-01-17 14:13:55 +01:00
Herman Slatman
f150a4f850
Remove sync.Once for Wire configuration validation 2024-01-17 12:35:16 +01:00
Herman Slatman
7520736f5b
Improve test coverage for wireDPOP01Validate 2024-01-16 14:01:48 +01:00
Herman Slatman
29202eff26
Add support for functions in OIDC token transformation template 2024-01-15 13:17:44 +01:00
Herman Slatman
0ad381b092
Add OIDC token template transformation 2024-01-12 16:48:21 +01:00
Herman Slatman
c8160caacd
Fix test; reworded error message 2024-01-12 10:22:25 +01:00
Herman Slatman
24795720e1
Perform initialization of DPoP and OIDC options once 2024-01-12 10:16:02 +01:00
Herman Slatman
79739e5073
Change signature algorithm property name 2024-01-12 09:48:49 +01:00
Herman Slatman
1bf807add3
Use base64 encoded signing key format 2024-01-11 17:04:08 +01:00
Herman Slatman
1f5f756fce
Make Wire options more robust 2024-01-11 16:14:53 +01:00
Herman Slatman
6ef64b6ed6
Refactor the Wire option configuration 2024-01-11 15:08:44 +01:00
Herman Slatman
b6fc0005d5
Add verification of maximum expiry time for Wire tokens 2024-01-11 14:24:34 +01:00
Herman Slatman
acad227b25
Put Wire options in lower level wire struct 2024-01-11 13:18:43 +01:00
Herman Slatman
897688a831
Merge branch 'wire-acme-extensions' into herman/remove-rusty-cli 2024-01-11 12:03:52 +01:00
Herman Slatman
70a2f431fa
Address review remarks 2024-01-11 11:06:39 +01:00
Herman Slatman
c7892e9cd3
Remove the rusty-jwt-cli configuration 2024-01-10 20:51:19 +01:00
Herman Slatman
8997ce1a1e
Disable wire-dpop-01 and wire-oidc-01 by default 2024-01-10 20:06:02 +01:00
Herman Slatman
bf8c17e3ec
Remove the Wire oidc and dpop from attestation formats 2024-01-10 19:12:22 +01:00
Herman Slatman
6a98fea1f3
Fix linter issues 2024-01-10 18:36:24 +01:00
Herman Slatman
e2a2e00526
Make template use DeviceId for now 2024-01-10 17:15:03 +01:00
Herman Slatman
776a839a42
Fix linter issues and improve error handling 2024-01-09 21:31:19 +01:00
beltram
39bf889925
feat: remove query parameters from OIDC issuerUrl so that it allows us to use it to carry the OAuth ClientId in the Challenge.target field without at the same time undermining the idToken verification which relies on a issuer (iss) claim without this query parameter 2024-01-08 22:10:49 +01:00
Stefan Berthold
5ceed08ae0
Reorganize parsing target 2024-01-08 21:19:54 +01:00
Stefan Berthold
83ba0bdc51
Replace field access by accessor functions 2024-01-08 21:17:57 +01:00
beltram
2b1223a080
simpler 2024-01-08 21:14:17 +01:00
beltram
036a144e09
add oidc target 2024-01-08 21:10:46 +01:00
beltram
d32a3e23f0
wip 2024-01-08 21:08:34 +01:00