Commit Graph

29 Commits

Author SHA1 Message Date
Mariano Cano
f919535475 Add an extra way to distinguish Azure and Azure OIDC tokens.
We used to distinguish these tokens using the azp claim, but this
claim does not appear on new azure oidc tokens, at least on some
configurations.

This change will try to load by audience (client id) if the token
contains an email, required for OIDC.
2021-08-30 16:37:29 -07:00
max furman
9fdef64709 Admin level API for provisioner mgmt v1 2021-07-02 19:05:17 -07:00
Herman Slatman
339039768c Refactor SCEP authority initialization and clean some code 2021-05-26 16:00:08 -07:00
max furman
638766c615 wip 2021-05-19 18:23:20 -07:00
max furman
4f3e5ef64d wip 2021-05-19 15:20:16 -07:00
max furman
5d09d04d14 wip 2021-05-19 15:20:16 -07:00
max furman
ce9af5c20f Standardize k8ssa check on issuer name 2020-08-31 20:56:00 -07:00
Mariano Cano
ba918100d0 Use go.step.sm/crypto/jose
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
2020-08-24 14:44:11 -07:00
max furman
dccbdf3a90 Introduce generalized statusCoder errors and loads of ssh unit tests.
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
2020-01-28 13:29:40 -08:00
max furman
8f07ff6a39 Add kubernetes service account provisioner 2019-10-29 17:42:50 -07:00
max furman
d368791606 Add x5c provisioner capabilities 2019-10-14 14:51:37 -07:00
max furman
44e864030d Remove debug logging 2019-09-16 10:45:33 -07:00
max furman
e3826dd1c3 Add ACME CA capabilities 2019-09-13 15:48:33 -07:00
Mariano Cano
8f8c862c04 Fix spelling errors. 2019-06-07 11:24:56 -07:00
Mariano Cano
b88a2f1373 Fix provisioner id in LoadByCertificate 2019-06-06 15:24:15 -07:00
Mariano Cano
0a756ce9d0 Use on GCP audiences with the format https://<ca-url>#<provisioner-type>/<provisioner-name>
Fixes smallstep/step#156
2019-06-03 17:19:44 -07:00
Mariano Cano
89eeada2a2 Add support for loading azure tokens by tenant id. 2019-05-08 15:39:50 -07:00
Mariano Cano
b6a5ebcfc9 Move code to switch default. 2019-04-24 14:50:22 -07:00
Mariano Cano
a7f06c765d Fix load of gcp and aws provisioner by certificate. 2019-04-24 14:49:28 -07:00
Mariano Cano
f794dbeb93 Add support for GCP identity tokens. 2019-04-17 17:28:21 -07:00
max furman
ab4d569f36 Add /revoke API with interface db backend 2019-04-10 13:50:35 -07:00
Mariano Cano
23e6de57a2 Address comments in code review. 2019-03-13 11:26:18 -07:00
Mariano Cano
2a5430fee1 Complete tests for collection. 2019-03-08 12:19:44 -08:00
Mariano Cano
9f7f871f25 Add noop provisioner and use it if a provisioner cannot been found from a cert. 2019-03-07 16:05:13 -08:00
Mariano Cano
507fd01062 Remove provisioner intermediate type. 2019-03-07 13:07:39 -08:00
Mariano Cano
fb77397fc7 Add new options to locate or list provisioners. 2019-03-06 14:50:13 -08:00
Mariano Cano
62dab7b6b8 Rename interface method. 2019-03-05 14:52:26 -08:00
Mariano Cano
5a8f78d9d0 Add support to collection to load the encrypted keys. 2019-03-05 14:45:57 -08:00
Mariano Cano
dd0376657c Move collection to a new file. 2019-03-05 14:28:32 -08:00