Mariano Cano
10e7b81b9f
Merge branch 'master' into ssh-ca
2019-09-05 23:06:01 +02:00
max furman
2b41faa9cf
Enforce >= 2048 bit rsa keys at the provisioner layer
...
* Fixes #94
* In the future this should be configurable by provisioner
2019-08-27 14:44:59 -07:00
max furman
635c59ed24
Accept emails SANs
2019-08-23 15:59:30 -07:00
Mariano Cano
e1cd5ee8c3
Add context to the Authorize method.
...
Fix tests.
2019-07-29 12:34:27 -07:00
max furman
81db527f12
NoopDB -> SimpleDB
2019-05-07 12:26:30 -07:00
max furman
b73fe8c157
Add used OTT to DB during authToken step
2019-05-06 15:52:02 -07:00
max furman
ab4d569f36
Add /revoke API with interface db backend
2019-04-10 13:50:35 -07:00
Mariano Cano
1f5ff5c899
Fix sign and renew tests.
2019-03-11 18:15:24 -07:00
Mariano Cano
b77621675c
Fix and simplify authorize tests.
2019-03-11 16:38:48 -07:00
Mariano Cano
ef4d809ee6
Move matchesAudience and stripPort tests to provisioner package.
2019-03-11 15:47:57 -07:00
Mariano Cano
af9688c419
Fix some testing errors.
2019-03-08 18:05:11 -08:00
Mariano Cano
54d86ca1c1
testing work in progress.
2019-03-07 19:30:17 -08:00
Mariano Cano
7e95fc0e45
Strip ports on audience check.
...
Services might have proxies behind them so we cannot rely on them.
Fixes #17
2018-12-21 15:27:22 -08:00
max furman
0d9dd2d14b
provisioner issuer -> name
2018-10-29 18:00:30 -07:00
Mariano Cano
d574545d94
Format code with gofmt -s
2018-10-26 15:01:02 -07:00
max furman
ca6087145f
fix unit test
2018-10-25 23:55:31 -07:00
max furman
283dc42904
add unit tests for MatchOne (token audience) and Authority.New
2018-10-25 15:17:22 -07:00
max furman
ee7db4006a
change sign + authorize authority api | add provisioners
...
* authorize returns []interface{}
- operators in this list can conform to any interface the user decides
- our implementation has a combination of certificate claim validators
and certificate template modifiers.
* provisioners can set and enforce tls cert options
2018-10-18 22:26:39 -07:00
max furman
c284a2c0ab
first commit
2018-10-05 21:48:36 +00:00