Archives/smallstep-certificates
2
0
Fork 0
mirror of https://github.com/smallstep/certificates.git synced 2024-11-19 09:25:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,209 Commits 40 Branches 223 Tags 44 MiB
cd21f8d51f
Commit Graph

1239 Commits

Author SHA1 Message Date
Herman Slatman
cd21f8d51f
Refactor OIDC verifier instantation to happen only once 2024-01-31 15:49:45 +01:00
Herman Slatman
19feae520b
Add test for ACME initialization with Wire challenges 2024-01-31 14:24:06 +01:00
Herman Slatman
14e8d47118
Skip Wire option validation and initialization if not enabled 2024-01-29 16:59:55 +01:00
Herman Slatman
8a9b1b3f79
Move Wire option validation to provisioner initialization 2024-01-29 16:45:13 +01:00
Herman Slatman
79943d2e5e
Merge branch 'wire-acme-extensions' into herman/wire-acme-improvements 2024-01-29 15:09:43 +01:00
Herman Slatman
a0e4cba024
Merge branch 'master' into wire-acme-extensions 2024-01-29 15:08:41 +01:00
Panagiotis Siatras
dd1ff9c15b
Implementation of the Prometheus endpoint (#1669) 
Implementation of the http://{metricsAddress}/metrics Prometheus endpoint.
 2024-01-25 23:47:27 -08:00
Herman Slatman
a38132aa58
Fix policy check for Wire user and device identifiers 2024-01-24 20:28:45 +01:00
Herman Slatman
93ba1654ea
Fix tests to work with Wire UserID and DeviceID 2024-01-24 13:45:20 +01:00
Herman Slatman
4d4719a48f
Change URLs used in DPoP template test 2024-01-24 12:42:00 +01:00
Herman Slatman
6ee0d70bec
Add check for empty deviceID in target URI template evaluation 2024-01-18 15:13:34 +01:00
Herman Slatman
2f3819aa4e
Use key authorization from ID token and handle -> preferred_username 2024-01-17 14:13:55 +01:00
Herman Slatman
f150a4f850
Remove sync.Once for Wire configuration validation 2024-01-17 12:35:16 +01:00
Herman Slatman
17578b57f2
Merge pull request #1673 from smallstep/herman/wire-template-transform 
Add OIDC token template transformation
 2024-01-16 21:17:38 +01:00
Herman Slatman
31bba6fbd8
Merge branch 'wire-acme-extensions' into herman/remove-rusty-cli 2024-01-16 21:08:52 +01:00
Herman Slatman
33be5523da
Merge branch 'master' into wire-acme-extensions 2024-01-16 21:08:33 +01:00
Herman Slatman
7520736f5b
Improve test coverage for wireDPOP01Validate 2024-01-16 14:01:48 +01:00
Herman Slatman
29202eff26
Add support for functions in OIDC token transformation template 2024-01-15 13:17:44 +01:00
Herman Slatman
0ad381b092
Add OIDC token template transformation 2024-01-12 16:48:21 +01:00
Herman Slatman
c8160caacd
Fix test; reworded error message 2024-01-12 10:22:25 +01:00
Herman Slatman
24795720e1
Perform initialization of DPoP and OIDC options once 2024-01-12 10:16:02 +01:00
Herman Slatman
79739e5073
Change signature algorithm property name 2024-01-12 09:48:49 +01:00
Herman Slatman
1bf807add3
Use base64 encoded signing key format 2024-01-11 17:04:08 +01:00
Herman Slatman
1f5f756fce
Make Wire options more robust 2024-01-11 16:14:53 +01:00
Herman Slatman
6ef64b6ed6
Refactor the Wire option configuration 2024-01-11 15:08:44 +01:00
Herman Slatman
b6fc0005d5
Add verification of maximum expiry time for Wire tokens 2024-01-11 14:24:34 +01:00
Herman Slatman
acad227b25
Put Wire options in lower level wire struct 2024-01-11 13:18:43 +01:00
Herman Slatman
897688a831
Merge branch 'wire-acme-extensions' into herman/remove-rusty-cli 2024-01-11 12:03:52 +01:00
Herman Slatman
70a2f431fa
Address review remarks 2024-01-11 11:06:39 +01:00
Herman Slatman
c7892e9cd3
Remove the rusty-jwt-cli configuration 2024-01-10 20:51:19 +01:00
Herman Slatman
8997ce1a1e
Disable wire-dpop-01 and wire-oidc-01 by default 2024-01-10 20:06:02 +01:00
Herman Slatman
bf8c17e3ec
Remove the Wire oidc and dpop from attestation formats 2024-01-10 19:12:22 +01:00
Herman Slatman
6a98fea1f3
Fix linter issues 2024-01-10 18:36:24 +01:00
Herman Slatman
e2a2e00526
Make template use DeviceId for now 2024-01-10 17:15:03 +01:00
Herman Slatman
776a839a42
Fix linter issues and improve error handling 2024-01-09 21:31:19 +01:00
beltram
39bf889925
feat: remove query parameters from OIDC issuerUrl so that it allows us to use it to carry the OAuth ClientId in the Challenge.target field without at the same time undermining the idToken verification which relies on a issuer (iss) claim without this query parameter 2024-01-08 22:10:49 +01:00
Stefan Berthold
5ceed08ae0
Reorganize parsing target 2024-01-08 21:19:54 +01:00
Stefan Berthold
83ba0bdc51
Replace field access by accessor functions 2024-01-08 21:17:57 +01:00
beltram
2b1223a080
simpler 2024-01-08 21:14:17 +01:00
beltram
036a144e09
add oidc target 2024-01-08 21:10:46 +01:00
beltram
d32a3e23f0
wip 2024-01-08 21:08:34 +01:00
Stefan Berthold
2208b03744
avoid panic when OIDC config is not provided 2024-01-08 20:37:37 +01:00
Stefan Berthold
e6dd211637
acquire DPoP signing key from provisioner 2024-01-08 20:34:58 +01:00
Stefan Berthold
8e0e35532c
Add Wire authz and challenges (OIDC+DPOP) 2024-01-08 20:27:16 +01:00
Herman Slatman
25c109e75d
Change error message for CSR validation 2024-01-08 20:05:16 +01:00
Mariano Cano
b20af51f32
Upgrade go.step.sm/crypto to use go-jose/v3 2023-12-12 16:36:48 -08:00
Max
d34f0f6a97
Fix linter warnings (#1634) 2023-11-28 20:58:58 -08:00
Herman Slatman
f082cbc421
Denormalize provisioner name in SCEP webhook 2023-11-08 20:09:52 +01:00
Herman Slatman
9ebc8779f5
Normalize SCEP provisioner name in webhook body 2023-11-08 19:52:20 +01:00
Herman Slatman
e815864ed8
Add verification of provisionerName in test 2023-11-08 19:46:29 +01:00