Herman Slatman
1f5f756fce
Make Wire options more robust
2024-01-11 16:14:53 +01:00
Herman Slatman
6ef64b6ed6
Refactor the Wire option configuration
2024-01-11 15:08:44 +01:00
Herman Slatman
acad227b25
Put Wire options in lower level wire struct
2024-01-11 13:18:43 +01:00
Herman Slatman
897688a831
Merge branch 'wire-acme-extensions' into herman/remove-rusty-cli
2024-01-11 12:03:52 +01:00
Herman Slatman
70a2f431fa
Address review remarks
2024-01-11 11:06:39 +01:00
Herman Slatman
776a839a42
Fix linter issues and improve error handling
2024-01-09 21:31:19 +01:00
Herman Slatman
40668ae09e
Refactor WireID target processing a bit
2024-01-09 16:52:09 +01:00
Herman Slatman
fdea5e7db3
Fix tests for new ACME orders with Wire IDs
2024-01-08 23:16:31 +01:00
beltram
90b5347887
feat: try using the new ClientId & Handle format (i.e. plain URIs)
2024-01-08 22:11:37 +01:00
Stefan Berthold
5ceed08ae0
Reorganize parsing target
2024-01-08 21:19:54 +01:00
Stefan Berthold
83ba0bdc51
Replace field access by accessor functions
2024-01-08 21:17:57 +01:00
beltram
2b1223a080
simpler
2024-01-08 21:14:17 +01:00
beltram
036a144e09
add oidc target
2024-01-08 21:10:46 +01:00
beltram
97002040a5
fix: challenge target field was not mapped to db entity
2024-01-08 21:09:07 +01:00
beltram
d32a3e23f0
wip
2024-01-08 21:08:34 +01:00
beltram
3f474f77d4
feat: change from impp prefix to just im
2024-01-08 20:55:32 +01:00
beltram
01ef526d08
change uri prefix to impp:wireapp=
2024-01-08 20:53:10 +01:00
Stefan Berthold
8e0e35532c
Add Wire authz and challenges (OIDC+DPOP)
2024-01-08 20:27:16 +01:00
Dominic Evans
231b5d8406
chore(deps): upgrade github.com/go-chi/chi to v5
...
Upgrade chi to the v5 module path to avoid deprecation warning about v4
and earlier on the old module path.
See https://github.com/go-chi/chi/blob/v4.1.3/go.mod#L1-L4
Signed-off-by: Dominic Evans <dominic.evans@uk.ibm.com>
2023-09-20 11:26:32 +01:00
Mariano Cano
fd4e96d1f4
Rename method to IsChallengeEnabled
2022-09-08 13:22:35 -07:00
Mariano Cano
59c5219a07
Use a type for acme challenges
2022-09-08 12:34:06 -07:00
Mariano Cano
bca311b05e
Add acme property to enable challenges
...
Fixes #1027
2022-08-23 17:11:40 -07:00
Mariano Cano
693dc39481
Merge branch 'master' into device-attestation
2022-08-22 17:59:17 -07:00
max furman
b7c2f6c482
Check for DNS name validity
2022-08-16 00:12:31 -07:00
Mariano Cano
66356cff43
Add attestation certificate validation for Apple devices
2022-07-14 17:10:03 -07:00
Brandon Weeks
7e1b0bebd9
iOS 16 beta 1 support
2022-06-23 05:19:36 +10:00
Brandon Weeks
2ac8b69da2
Add ACME permanent-identifier identifier type
2022-06-23 05:19:36 +10:00
Herman Slatman
abfbbc8d49
Merge pull request #946 from smallstep/herman/acme-csr-padding
...
Strip base64-url padding from ACME CSR
2022-05-25 23:25:34 +02:00
Herman Slatman
fd546287ac
Strip base64-url padding from ACME CSR
...
This commit strips the padding from a base64-url encoded CSR
submitted by a client that doesn't use raw base64-url encoding.
2022-05-25 22:46:26 +02:00
Mariano Cano
d461918eb0
Merge branch 'master' into context-authority
2022-05-06 13:21:41 -07:00
Mariano Cano
6f9d847bc6
Fix panic in acme/api tests.
2022-05-02 17:35:35 -07:00
Mariano Cano
d1f75f1720
Refactor ACME api.
2022-04-28 19:15:18 -07:00
Mariano Cano
d13537d426
Use context in the acme handlers.
2022-04-27 15:42:26 -07:00
Herman Slatman
6e1f8dd7ab
Refactor policy engines into container
2022-04-26 13:12:16 +02:00
Herman Slatman
fb81407d6f
Fix ACME policy comments
2022-04-21 13:21:06 +02:00
Herman Slatman
a9f033ece5
Fix JSON property name for ACME policy
2022-04-15 10:58:40 +02:00
Herman Slatman
256fe113f7
Improve tests for ACME account policy
2022-04-11 15:25:55 +02:00
Herman Slatman
7df52dbb76
Add ACME EAB policy
2022-04-07 14:11:53 +02:00
Herman Slatman
2fbdf7d5b0
Merge branch 'master' into herman/allow-deny
2022-03-30 14:50:14 +02:00
Panagiotis Siatras
00634fb648
api/render, api/log: initial implementation of the packages ( #860 )
...
* api/render: initial implementation of the package
* acme/api: refactored to support api/render
* authority/admin: refactored to support api/render
* ca: refactored to support api/render
* api: refactored to support api/render
* api/render: implemented Error
* api: refactored to support api/render.Error
* acme/api: refactored to support api/render.Error
* authority/admin: refactored to support api/render.Error
* ca: refactored to support api/render.Error
* ca: fixed broken tests
* api/render, api/log: moved error logging to this package
* acme: refactored Error so that it implements render.RenderableError
* authority/admin: refactored Error so that it implements render.RenderableError
* api/render: implemented RenderableError
* api/render: added test coverage for Error
* api/render: implemented statusCodeFromError
* api: refactored RootsPEM to work with render.Error
* acme, authority/admin: fixed pointer receiver name for consistency
* api/render, errs: moved StatusCoder & StackTracer to the render package
2022-03-30 11:22:22 +03:00
Herman Slatman
9e0edc7b50
Add early authority policy evaluation to ACME order API
2022-03-24 14:55:40 +01:00
Herman Slatman
101ca6a2d3
Check admin subjects before changing policy
2022-03-21 15:53:59 +01:00
Herman Slatman
3ec9a7310c
Fix ACME order identifier allow/deny check
2022-03-08 14:17:59 +01:00
Herman Slatman
6440870a80
Clean up, improve test cases and coverage
2022-01-18 14:39:21 +01:00
Herman Slatman
9539729bd9
Add initial implementation of x509 and SSH allow/deny policy engine
2022-01-03 12:25:24 +01:00
Herman Slatman
523ae96749
Change identifier and challenge types to consts
2021-06-18 12:39:36 +02:00
Herman Slatman
76dcf542d4
Fix mixed DNS and IP SANs in Order
2021-06-03 22:45:24 +02:00
Herman Slatman
a0e92f8e99
Verify IP identifier contains valid IP
2021-06-03 22:02:13 +02:00
Herman Slatman
6486e6016b
Make logic for which challenge types to use clearer
2021-05-29 00:37:22 +02:00
Herman Slatman
3e36522329
Add preliminary support for TLS-ALPN-01 challenge for IP identifiers
2021-05-29 00:19:14 +02:00
