Mariano Cano
|
59526d3225
|
Merge pull request #105 from smallstep/okta-support
Address support on OIDC provisioners
|
2019-09-20 15:33:11 -07:00 |
|
Mariano Cano
|
39b41b5e83
|
Merge pull request #107 from smallstep/ssh-valid-after
Truncate to seconds ValidAfter
|
2019-09-19 15:27:28 -07:00 |
|
Mariano Cano
|
d59a5b222f
|
Truncate to seconds to avoid rounding up times.
It can cause that certs are not valid yet, if they are used right away.
|
2019-09-19 13:42:24 -07:00 |
|
max furman
|
fe7973c060
|
wip
|
2019-09-19 13:17:45 -07:00 |
|
Mariano Cano
|
adc1d54b0d
|
Define valid after as 1m before now.
It avoids errors with immediate use of cert.
|
2019-09-19 12:37:41 -07:00 |
|
Mariano Cano
|
72f1a61f06
|
Increase coverage.
|
2019-09-18 18:08:26 -07:00 |
|
Mariano Cano
|
b7045f27a9
|
Increase coverage.
|
2019-09-18 17:13:58 -07:00 |
|
Mariano Cano
|
a16b2125bc
|
Fix tests.
|
2019-09-18 16:04:43 -07:00 |
|
Mariano Cano
|
6c4abfabbb
|
Make /.well-known/openid-configuration optional
|
2019-09-18 15:54:10 -07:00 |
|
Mariano Cano
|
3527ee6940
|
Add support for listenAddress parameter if OIDC provisioners.
Fixes smallstep/cli#150
|
2019-09-18 15:25:28 -07:00 |
|
max furman
|
44e864030d
|
Remove debug logging
|
2019-09-16 10:45:33 -07:00 |
|
max furman
|
e3826dd1c3
|
Add ACME CA capabilities
|
2019-09-13 15:48:33 -07:00 |
|
max furman
|
d204469280
|
Add a few more validity checks to default ssh cert validator
|
2019-09-12 19:27:59 -07:00 |
|
Mariano Cano
|
396b4222aa
|
Implement validator for ssh keys.
Fixes #100
|
2019-09-10 17:04:13 -07:00 |
|
max furman
|
61d52a8510
|
Small fixes associated with PR review
* additions and grammar edits to documentation
* clarification of error msgs
|
2019-09-08 21:05:36 -07:00 |
|
Mariano Cano
|
10e7b81b9f
|
Merge branch 'master' into ssh-ca
|
2019-09-05 23:06:01 +02:00 |
|
max furman
|
ac234771c7
|
Remove unknown provisioner WARNning and leave TODO
|
2019-08-29 10:49:52 -07:00 |
|
max furman
|
ca8daf5f12
|
Update comment and warn
|
2019-08-28 17:28:03 -07:00 |
|
Mariano Cano
|
9200f11ed8
|
Skip unsupported provisioners.
|
2019-08-28 17:25:39 -07:00 |
|
Max
|
5dac2459c3
|
Merge pull request #96 from smallstep/max/2084
Enforce >= 2048 bit rsa keys in CSRs
|
2019-08-28 09:41:58 -07:00 |
|
max furman
|
d3e74a0d2e
|
switch from metalinter to golangci-lint
|
2019-08-27 16:39:48 -07:00 |
|
max furman
|
2b41faa9cf
|
Enforce >= 2048 bit rsa keys at the provisioner layer
* Fixes #94
* In the future this should be configurable by provisioner
|
2019-08-27 14:44:59 -07:00 |
|
max furman
|
635c59ed24
|
Accept emails SANs
|
2019-08-23 15:59:30 -07:00 |
|
Mariano Cano
|
db4baa0487
|
Add tests for authority sign ssh methods.
|
2019-08-05 18:35:00 -07:00 |
|
Mariano Cano
|
34e1e3380a
|
Fix lint errors.
|
2019-08-05 16:14:25 -07:00 |
|
Mariano Cano
|
57a529cc1a
|
Allow to enable the SSH CA per provisioner
|
2019-08-05 11:40:27 -07:00 |
|
Mariano Cano
|
e71072d389
|
Add experimental support for provisioning users.
|
2019-08-02 17:48:34 -07:00 |
|
Mariano Cano
|
390aecca0b
|
Check for error creating signers.
|
2019-08-01 18:15:04 -07:00 |
|
Mariano Cano
|
004ea12212
|
Allow to use custom SSH user/host key files.
|
2019-08-01 15:04:56 -07:00 |
|
Mariano Cano
|
dc657565a7
|
Add SSH test for GCP.
|
2019-07-31 18:22:21 -07:00 |
|
Mariano Cano
|
7983aa8661
|
Add azure ssh tests.
|
2019-07-31 18:16:17 -07:00 |
|
Mariano Cano
|
2cac85a8c8
|
Add aws tests.
|
2019-07-31 18:11:46 -07:00 |
|
Mariano Cano
|
f8a71899fd
|
Add missing file.
|
2019-07-31 17:46:28 -07:00 |
|
Mariano Cano
|
d231bfb764
|
Update jwk and oidc tests.
|
2019-07-31 17:04:17 -07:00 |
|
Mariano Cano
|
a8f4ad1b8e
|
Set default SSH options if no user options are given.
|
2019-07-31 17:03:33 -07:00 |
|
Mariano Cano
|
c17375a10a
|
Create convenient method to mock the timeduration.
|
2019-07-31 12:53:03 -07:00 |
|
Mariano Cano
|
4c1a11c1bc
|
Add Unix method to TimeDuration.
|
2019-07-31 12:36:31 -07:00 |
|
Mariano Cano
|
b0240772da
|
Add tests for SSH certs with JWK provisioners.
|
2019-07-30 18:23:54 -07:00 |
|
Mariano Cano
|
780eeb5487
|
Remove debug print.
|
2019-07-30 16:56:30 -07:00 |
|
Mariano Cano
|
ad91842d06
|
Add test for SanitizeSSHUserPrincipal
|
2019-07-30 15:28:04 -07:00 |
|
Mariano Cano
|
f8cacc11b1
|
Fix tests.
|
2019-07-29 18:24:34 -07:00 |
|
Mariano Cano
|
b827a59e96
|
Add SSH host certificate support for GCP provisioner.
|
2019-07-29 18:17:20 -07:00 |
|
Mariano Cano
|
221d323b68
|
Fix containsAllMembers
|
2019-07-29 18:16:52 -07:00 |
|
Mariano Cano
|
18a285e847
|
Change azure ssh key id.
|
2019-07-29 18:04:01 -07:00 |
|
Mariano Cano
|
aef52e4334
|
Add support for SSH host certificates in azure.
|
2019-07-29 18:01:20 -07:00 |
|
Mariano Cano
|
7d670b20ea
|
Add support of ssh host certinficates in AWS provisioner.
|
2019-07-29 17:54:38 -07:00 |
|
Mariano Cano
|
7583f1c739
|
Do not require all principals, allow subgroups.
|
2019-07-29 17:54:13 -07:00 |
|
Mariano Cano
|
41b97372e6
|
Rename function to SanitizeSSHUserPrincipal
|
2019-07-29 16:38:57 -07:00 |
|
Mariano Cano
|
53f62f871c
|
Set not extensions to host certificates.
|
2019-07-29 16:36:46 -07:00 |
|
Mariano Cano
|
48c98dea2a
|
Make SanitizeSSHPrincipal a public function.
|
2019-07-29 16:21:22 -07:00 |
|