Mariano Cano
f919535475
Add an extra way to distinguish Azure and Azure OIDC tokens.
...
We used to distinguish these tokens using the azp claim, but this
claim does not appear on new azure oidc tokens, at least on some
configurations.
This change will try to load by audience (client id) if the token
contains an email, required for OIDC.
2021-08-30 16:37:29 -07:00
max furman
9fdef64709
Admin level API for provisioner mgmt v1
2021-07-02 19:05:17 -07:00
Herman Slatman
339039768c
Refactor SCEP authority initialization and clean some code
2021-05-26 16:00:08 -07:00
max furman
638766c615
wip
2021-05-19 18:23:20 -07:00
max furman
4f3e5ef64d
wip
2021-05-19 15:20:16 -07:00
max furman
5d09d04d14
wip
2021-05-19 15:20:16 -07:00
max furman
ce9af5c20f
Standardize k8ssa check on issuer name
2020-08-31 20:56:00 -07:00
Mariano Cano
ba918100d0
Use go.step.sm/crypto/jose
...
Replace use of github.com/smallstep/cli/crypto with the new package
go.step.sm/crypto/jose.
2020-08-24 14:44:11 -07:00
max furman
dccbdf3a90
Introduce generalized statusCoder errors and loads of ssh unit tests.
...
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
2020-01-28 13:29:40 -08:00
max furman
8f07ff6a39
Add kubernetes service account provisioner
2019-10-29 17:42:50 -07:00
max furman
d368791606
Add x5c provisioner capabilities
2019-10-14 14:51:37 -07:00
max furman
44e864030d
Remove debug logging
2019-09-16 10:45:33 -07:00
max furman
e3826dd1c3
Add ACME CA capabilities
2019-09-13 15:48:33 -07:00
Mariano Cano
8f8c862c04
Fix spelling errors.
2019-06-07 11:24:56 -07:00
Mariano Cano
b88a2f1373
Fix provisioner id in LoadByCertificate
2019-06-06 15:24:15 -07:00
Mariano Cano
0a756ce9d0
Use on GCP audiences with the format https://<ca-url>#<provisioner-type>/<provisioner-name>
...
Fixes smallstep/step#156
2019-06-03 17:19:44 -07:00
Mariano Cano
89eeada2a2
Add support for loading azure tokens by tenant id.
2019-05-08 15:39:50 -07:00
Mariano Cano
b6a5ebcfc9
Move code to switch default.
2019-04-24 14:50:22 -07:00
Mariano Cano
a7f06c765d
Fix load of gcp and aws provisioner by certificate.
2019-04-24 14:49:28 -07:00
Mariano Cano
f794dbeb93
Add support for GCP identity tokens.
2019-04-17 17:28:21 -07:00
max furman
ab4d569f36
Add /revoke API with interface db backend
2019-04-10 13:50:35 -07:00
Mariano Cano
23e6de57a2
Address comments in code review.
2019-03-13 11:26:18 -07:00
Mariano Cano
2a5430fee1
Complete tests for collection.
2019-03-08 12:19:44 -08:00
Mariano Cano
9f7f871f25
Add noop provisioner and use it if a provisioner cannot been found from a cert.
2019-03-07 16:05:13 -08:00
Mariano Cano
507fd01062
Remove provisioner intermediate type.
2019-03-07 13:07:39 -08:00
Mariano Cano
fb77397fc7
Add new options to locate or list provisioners.
2019-03-06 14:50:13 -08:00
Mariano Cano
62dab7b6b8
Rename interface method.
2019-03-05 14:52:26 -08:00
Mariano Cano
5a8f78d9d0
Add support to collection to load the encrypted keys.
2019-03-05 14:45:57 -08:00
Mariano Cano
dd0376657c
Move collection to a new file.
2019-03-05 14:28:32 -08:00