Andrew Reed
7101fbb0ee
Provisioner webhooks ( #1001 )
2 years ago
max furman
ffff9af323
linting and fixing review feedback
2 years ago
max furman
7c5e5b2b87
Even more linter fixes
2 years ago
max furman
1e0ea6f958
more linting fixes
2 years ago
Mariano Cano
567d96c771
Revert "Run on plaintext HTTP to support Cloud Run"
...
This reverts commit 09b9673a60
.
2 years ago
Brandon Weeks
f3d2bd7a19
Run on plaintext HTTP to support Cloud Run
2 years ago
max furman
ab0d2503ae
Standardize linting file and fix or ignore lots of linting errors
2 years ago
Mariano Cano
ebce40e9b6
Add new method ACMEClient.ValidateWithPayload
...
This new method will be used to validate to validate the device
attestation payload.
2 years ago
Mariano Cano
23b8f45b37
Address gosec warnings
...
Most if not all false positives
2 years ago
Mariano Cano
6cab4d328e
Add a middleware to automatically route HEAD requests to GET
...
Fixes #992
2 years ago
Mariano Cano
f1aabaa99c
Use functions from os instead of io/ioutil
2 years ago
Mariano Cano
a8819376d3
Remove empty lines on debug information
...
At the start of step-ca some information about the CA is displayed,
this change remove extra lines when displaying the ssh public keys.
2 years ago
Shulhan
fe04f93d7f
all: reformat all go files with the next gofmt (Go 1.19)
...
There are some changes that manually edited, for example using '-' as
default list and grouping imports.
2 years ago
Herman Slatman
a564b4f32e
Merge pull request #944 from smallstep/herman/tls-wasm-client
...
Set nil dial context for js/wasm runtime
2 years ago
Herman Slatman
a7dd3a986f
Set nil dial context for js/wasm runtime
2 years ago
Mariano Cano
26dd97e718
Merge branch 'master' into context-authority
2 years ago
Mariano Cano
3c4d0412ef
Merge pull request #941 from smallstep/ssh-provisioner
...
Report SSH provisioner
2 years ago
Mariano Cano
eebbd65dd5
Fix linter error
2 years ago
Max
f8148071fb
Merge pull request #915 from smallstep/max/removing-beta
...
exposing authority configuration for provisioner cli commands
2 years ago
Mariano Cano
1ad75a3bdb
Skip failing test for now
...
This test fails randomly on VMs, there's an issue to fix this so
skipping it for now
2 years ago
max furman
bfb406bf70
Fixes for PR review
2 years ago
Mariano Cano
f639bfc53b
Use contexts on the new PolicyAdminResponder
2 years ago
Mariano Cano
d461918eb0
Merge branch 'master' into context-authority
2 years ago
Mariano Cano
62d93a644e
Apply base context to test of the ca package
2 years ago
Mariano Cano
9147356d8a
Fix linter errors
2 years ago
Mariano Cano
d1f75f1720
Refactor ACME api.
3 years ago
Mariano Cano
688f9ceb56
Add scep authority to context.
3 years ago
Mariano Cano
216d8f0efb
Handle acme requests with the new api
3 years ago
Mariano Cano
439cb81b13
Use admin Route function
3 years ago
Mariano Cano
8bd4e1d73e
Inject the acme database in the context
3 years ago
Mariano Cano
0446e82320
Add context methods for the authority database
3 years ago
Mariano Cano
623c296555
Create context methods from admin database
3 years ago
Mariano Cano
d5070ecf31
Use server BaseContext
...
Instead of using the authority middleware this change adds the
authority in the base context of the server.
3 years ago
Mariano Cano
a93653ea8e
Use api.Route instead of the caHandler.
3 years ago
Mariano Cano
900a640f01
Enable the authority middleware in the server
3 years ago
Herman Slatman
2a7620641f
Fix more PR comments
3 years ago
Herman Slatman
76112c2da1
Improve error creation and testing for core policy engine
3 years ago
max furman
b91affdd34
exposing authority configuration for provisioner cli commands
3 years ago
Herman Slatman
a3c51881c7
Merge branch 'master' into herman/allow-deny
3 years ago
Herman Slatman
b72430f4ea
Block all APIs when using linked deployment mode
3 years ago
Carl Tashian
97b64aa851
Cosmetic fix for consistency in the startup messages
3 years ago
Herman Slatman
ad2de16299
Merge branch 'master' into herman/allow-deny
3 years ago
Mariano Cano
4770b405ba
Drop any query string from the admin tokens
...
This commit makes sure the admin token audience is passed without
a query string (or any fragment).
3 years ago
Herman Slatman
ff8cb19b78
Fix usage of URL in generateAdminToken
3 years ago
Herman Slatman
abcad679ff
Merge branch 'master' into herman/allow-deny
3 years ago
Mariano Cano
2fbff47acf
Add missing return in test.
3 years ago
Mariano Cano
304bb5b97a
Remove unused code.
3 years ago
Mariano Cano
8abd568f03
Merge branch 'master' into fix/adminra
3 years ago
Mariano Cano
c55b27a2fc
Refactor admin token to use with RAs.
3 years ago
Herman Slatman
034b7943fe
Merge branch 'master' into herman/allow-deny
3 years ago
Herman Slatman
7df52dbb76
Add ACME EAB policy
3 years ago
Carl Tashian
150eee70df
Updates based on Herman's feedback
3 years ago
Carl Tashian
acc75bc679
Add context name to startup info
3 years ago
Carl Tashian
4b9f44982d
Merge branch 'master' into startup-info
3 years ago
Carl Tashian
43f2c655b9
More info on startup
3 years ago
Carl Tashian
7ebb2e4c74
Update ca/ca.go
...
Co-authored-by: Herman Slatman <hslatman@users.noreply.github.com>
3 years ago
Carl Tashian
1ba1584c7a
Formatted.
3 years ago
Carl Tashian
a13e58e340
Update GetAuthorityInfo -> GetInfo
3 years ago
Carl Tashian
90cb6315b1
Progress.
3 years ago
Carl Tashian
055e75f394
Progress?
3 years ago
Herman Slatman
2fbdf7d5b0
Merge branch 'master' into herman/allow-deny
3 years ago
Herman Slatman
0e052fe299
Add authority policy API
3 years ago
Panagiotis Siatras
00634fb648
api/render, api/log: initial implementation of the packages ( #860 )
...
* api/render: initial implementation of the package
* acme/api: refactored to support api/render
* authority/admin: refactored to support api/render
* ca: refactored to support api/render
* api: refactored to support api/render
* api/render: implemented Error
* api: refactored to support api/render.Error
* acme/api: refactored to support api/render.Error
* authority/admin: refactored to support api/render.Error
* ca: refactored to support api/render.Error
* ca: fixed broken tests
* api/render, api/log: moved error logging to this package
* acme: refactored Error so that it implements render.RenderableError
* authority/admin: refactored Error so that it implements render.RenderableError
* api/render: implemented RenderableError
* api/render: added test coverage for Error
* api/render: implemented statusCodeFromError
* api: refactored RootsPEM to work with render.Error
* acme, authority/admin: fixed pointer receiver name for consistency
* api/render, errs: moved StatusCoder & StackTracer to the render package
3 years ago
Mariano Cano
750e9ee2f8
Attempt to fix TestBootstrapClientServerRotation
...
This change attempts to fix the test TestBootstrapClientServerRotation.
Due to the backdate, the renew options get too large, causing
continuous renewals, and random errors. After experimenting with
different options, truncating durations to seconds have shown better
results than rounding or just use the plain time.
3 years ago
Mariano Cano
5ab79f53be
Fix linter errors
3 years ago
Herman Slatman
dc23fd23bf
Merge branch 'master' into herman/allow-deny-next
3 years ago
Mariano Cano
ba0b170818
Attempt to fix TestBootstrapClientServerRotation
...
This change attempts to fix the test TestBootstrapClientServerRotation.
Due to the backdate, the renew options get too large, causing
continuous renewals, and random errors. After experimenting with
different options, truncating durations to seconds have shown better
results than rounding or just use the plain time.
3 years ago
Carl Tashian
f20784be56
format
3 years ago
Carl Tashian
91be50cf70
Add --quiet flag
3 years ago
Carl Tashian
91a25b52bd
Print discord
3 years ago
Carl Tashian
baf3c40fef
Print some basic configuration info on startup
3 years ago
Mariano Cano
ad8a813abe
Fix linter errors
3 years ago
Panagiotis Siatras
e6b2359273
ca: fixed import statement order
3 years ago
Panagiotis Siatras
9ba33bab4e
ca: refactored to use the read package
3 years ago
Mariano Cano
915911efb6
Disable http loggers in test.
...
They hide the test that fail on tests in the CI.
3 years ago
Mariano Cano
ead742ca0f
Fix unit test
3 years ago
Herman Slatman
81b0c6c37c
Add API implementation for authority and provisioner policy
3 years ago
Mariano Cano
6dcde8a743
Fix typo
3 years ago
Mariano Cano
a4dd586a81
Add method to get the CA url from the client.
3 years ago
Mariano Cano
616490a9c6
Refactor renew after expiry token authorization
...
This changes adds a new authority method that authorizes the
renew after expiry tokens.
3 years ago
Mariano Cano
41ea67ce10
Attempt to fix a bootstrap tests
3 years ago
Herman Slatman
4ebf43c011
Merge pull request #820 from smallstep/herman/acme-api
...
Refactor ACME Admin API
3 years ago
Herman Slatman
5cb23c6029
Merge pull request #804 from smallstep/herman/normalize-ipv6-dns-names
...
Normalize IPv6 hostname addresses
3 years ago
Herman Slatman
d00729df0b
Refactor ACME Admin API
3 years ago
Chris Crook
11637b5793
Add descriptive provisioner JWK decryption error messages
...
Wrap other errors in decryption process with more helpful messaging. This should help users troubleshoot misconfiguration more easily.
Fixes #816
3 years ago
Herman Slatman
bfa2245abb
Merge branch 'master' into herman/normalize-ipv6-dns-names
3 years ago
Herman Slatman
c7c5c3c94e
Merge branch 'master' into herman/scep-macos-renewal-fixes
3 years ago
Herman Slatman
fd9845e9c7
Add cursor and limit to ACME EAB DB interface
3 years ago
Herman Slatman
716b946e7a
Normalize IPv6 hostname addresses
3 years ago
Herman Slatman
64680bb16d
Fix PR comments
3 years ago
Herman Slatman
3612eefc31
Cleanup
3 years ago
Herman Slatman
9c6580ccd2
Fix macOS SCEP client issues
...
Fixes #746
3 years ago
Herman Slatman
30859d3c83
Remove server-side paging logic for ExternalAccountKeys
3 years ago
Herman Slatman
6929e31fe0
Merge branch 'master' into hs/acme-eab
3 years ago
Herman Slatman
22ff90f655
Merge branch 'master' into hs/acme-eab
3 years ago
Herman Slatman
07addd0cac
Fix linting issue
3 years ago
Herman Slatman
a68208a3ba
Set Step CLI User-Agent when performing ACME requests
3 years ago
Mariano Cano
2c63abcf52
fix grammar
3 years ago
Mariano Cano
7c4e6dcc96
Remove duplicated code in bootstrap methods
3 years ago
Mariano Cano
64c19d4264
Fix subject in test, use ip
3 years ago