smallstep-certificates

mirror of https://github.com/smallstep/certificates.git synced 2024-11-19 09:25:37 +00:00

Author	SHA1	Message	Date
Herman Slatman	7520736f5b	Improve test coverage for `wireDPOP01Validate`	2024-01-16 14:01:48 +01:00
Herman Slatman	1f5f756fce	Make Wire options more robust	2024-01-11 16:14:53 +01:00
Herman Slatman	acad227b25	Put Wire options in lower level `wire` struct	2024-01-11 13:18:43 +01:00
Stefan Berthold	8e0e35532c	Add Wire authz and challenges (OIDC+DPOP)	2024-01-08 20:27:16 +01:00
Mariano Cano	7061147885	Use step.Abs to load the certificate templates step.Abs has been removed from crypto and they need to be set when those methods are used	2023-07-26 15:44:02 -07:00
Andrew Reed	7101fbb0ee	Provisioner webhooks (#1001 )	2022-09-29 19:16:26 -05:00
Herman Slatman	d82e51b748	Update AllowWildcardNames configuration name	2022-04-29 15:08:19 +02:00
Herman Slatman	2b7f6931f3	Change Subject Common Name verification Subject Common Names can now also be configured to be allowed or denied, similar to SANs. When a Subject Common Name is not explicitly allowed or denied, its type will be determined and its value will be validated according to the constraints for that type of name (i.e. URI).	2022-04-28 14:49:23 +02:00
Herman Slatman	2a7620641f	Fix more PR comments	2022-04-26 10:15:17 +02:00
Herman Slatman	7f9034d22a	Add additional policy options	2022-04-19 10:24:52 +02:00
Herman Slatman	628d7448de	Don't return policy in provisioner JSON	2022-03-30 15:20:38 +02:00
Herman Slatman	7c541888ad	Refactor configuration of allow/deny on authority level	2022-03-08 13:26:07 +01:00
Herman Slatman	066bf32086	Fix part of PR comments	2022-01-25 15:00:07 +01:00
Herman Slatman	6440870a80	Clean up, improve test cases and coverage	2022-01-18 14:39:21 +01:00
Herman Slatman	9539729bd9	Add initial implementation of x509 and SSH allow/deny policy engine	2022-01-03 12:25:24 +01:00
max furman	933b40a02a	Introduce gocritic linter and address warnings	2021-10-08 14:59:57 -04:00
max furman	da9f0b09af	Ignore `null` string for x509 and ssh templateData.	2020-09-08 13:59:22 -07:00
Mariano Cano	ba918100d0	Use go.step.sm/crypto/jose Replace use of github.com/smallstep/cli/crypto with the new package go.step.sm/crypto/jose.	2020-08-24 14:44:11 -07:00
Mariano Cano	f437b86a7b	Merge branch 'cert-templates' into ssh-cert-templates	2020-08-05 18:43:07 -07:00
Mariano Cano	c8d225a763	Use x509util from go.step.sm/crypto/x509util	2020-08-05 16:02:46 -07:00
Mariano Cano	aa657cdb4b	Use SSHOptions inside provisioner options.	2020-07-30 18:44:52 -07:00
Mariano Cano	f75a12e10a	Add omitempty tag option.	2020-07-30 17:45:03 -07:00
Mariano Cano	3e80f41c19	Change provisioner options to have X509 as a field.	2020-07-30 17:44:22 -07:00
Mariano Cano	6c64fb3ed2	Rename provisioner options structs: * provisioner.ProvisionerOptions => provisioner.Options * provisioner.Options => provisioner.SignOptions * provisioner.SSHOptions => provisioner.SingSSHOptions	2020-07-22 18:24:45 -07:00
Mariano Cano	02c4f9817d	Set full token payload instead of only the known properties.	2020-07-21 14:21:54 -07:00
Mariano Cano	0c8376a7f6	Fix existing unit tests.	2020-07-21 14:21:54 -07:00
Mariano Cano	71be83b25e	Add iss#sub uri in OIDC certificates. Admin will use the CR template if none is provided.	2020-07-21 14:18:06 -07:00
Mariano Cano	c58117b30d	Allow to use base64 when defining a template in the ca.json.	2020-07-21 14:18:06 -07:00
Mariano Cano	b2ca3176f5	Prepend insecure to user and CR variables names.	2020-07-21 14:18:06 -07:00
Mariano Cano	b11486f41f	Fix option method for template variable.	2020-07-21 14:18:06 -07:00
Mariano Cano	13b704aeed	Add template support for AWS provisioner.	2020-07-21 14:18:05 -07:00
Mariano Cano	e6fed5e0aa	Minor fixes and comments.	2020-07-21 14:18:05 -07:00
Mariano Cano	95c3a41bf0	Rename UserData to TemplateData and fix unmarshaling.	2020-07-21 14:18:04 -07:00
Mariano Cano	ef0ed0ff95	Integrate simple templates in the JWK provisioner.	2020-07-21 14:18:04 -07:00

34 Commits