summaryrefslogtreecommitdiffstats
path: root/athenz-identity-provider-service/src/main
Commit message (Collapse)AuthorAgeFilesLines
* Add debug logging of the instance confirmation objectBjørn Christian Seime2018-07-102-0/+2
|
* Split registration and refreshBjørn Christian Seime2018-07-103-1/+55
| | | | | | | Validation for instance register cannot be reused as the identity document is not part of the refresh request. Refresh is split into a separate validation step that is currently a no-op. This is neccessary to allow certificates to be refreshed correctly.
* Remove CA certificate from keystoreBjørn Christian Seime2018-06-211-38/+13
|
* Store CA certificates to diskBjørn Christian Seime2018-06-151-14/+35
|
* Add temporary workaround for missing path in zts uriBjørn Christian Seime2018-06-151-1/+1
|
* Replace use of AthenzCertificateClient with DefaultZtsClientBjørn Christian Seime2018-06-152-51/+28
|
* Set password when creating key entryBjørn Christian Seime2018-06-141-2/+3
|
* Store configserver certificate to VESPA_HOME/var/vespa/siaBjørn Christian Seime2018-06-131-58/+39
|
* Separate generating and validating signature to separate classBjørn Christian Seime2018-06-122-37/+13
| | | | | - Move signature logic to IdentityDocumentSigner - Stop using fields from deprecated IdentityDocument to generate signature
* Remove temporary access control from '/athenz/v1/identity-document'Bjørn Christian Seime2018-06-122-47/+3
|
* Use UUID to generate random, crypto secure secretBjørn Christian Seime2018-06-071-8/+2
|
* Use identity type to generate identity documentBjørn Christian Seime2018-06-073-18/+15
|
* Add identity type to unique instance id and signed identity documentBjørn Christian Seime2018-06-071-1/+2
|
* Prepare for inlining of 'IdentityDocument' into 'SignedIdentityDocument'Bjørn Christian Seime2018-06-071-1/+6
|
* Remove parent hostname from identity documentBjørn Christian Seime2018-06-071-8/+0
|
* Stop using a fixed keystore passwordBjørn Christian Seime2018-06-051-31/+67
|
* Revert "Remove parent hostname from identity document"Jon Marius Venstad2018-06-031-0/+8
| | | | This reverts commit 0150ceec2523c02853a14d0ddf483a73b1640dd5.
* Revert "Prepare for inlining of 'IdentityDocument' into ↵Jon Marius Venstad2018-06-031-6/+1
| | | | | | 'SignedIdentityDocument'" This reverts commit 48ea96e26f4cc037f0cf81a303b4617ea8e2441d.
* Revert "Add identity type to unique instance id and signed identity document"Jon Marius Venstad2018-06-031-2/+1
| | | | This reverts commit cfa6d7bb63402b83c84a16411a207e946de33246.
* Revert "Use identity type to generate identity document"Jon Marius Venstad2018-06-033-15/+18
| | | | This reverts commit 78da30192dad43d338b9e3f04263dd7c83094b90.
* Merge pull request #6037 from vespa-engine/bjorncs/new-unique-instance-idMorten Tokle2018-06-013-26/+21
|\ | | | | Bjorncs/new unique instance
| * Use identity type to generate identity documentBjørn Christian Seime2018-05-313-18/+15
| |
| * Add identity type to unique instance id and signed identity documentBjørn Christian Seime2018-05-311-1/+2
| |
| * Prepare for inlining of 'IdentityDocument' into 'SignedIdentityDocument'Bjørn Christian Seime2018-05-311-1/+6
| |
| * Remove parent hostname from identity documentBjørn Christian Seime2018-05-311-8/+0
| |
* | Move athenz-provider-service.def to configdefinitionsHåkon Hallingstad2018-05-311-26/+0
|/
* Accept identity documents for tenant Docker containersBjørn Christian Seime2018-05-281-0/+7
|
* Remove use of deprecated entity typesBjørn Christian Seime2018-05-164-32/+37
|
* Append parent ips to identity documentMorten Tokle2018-05-151-1/+12
|
* Revert "Skip sending ipaddresses in CSR"Morten Tokle2018-04-301-1/+1
|
* Skip sending ipaddresses in CSRMorten Tokle2018-04-271-1/+1
|
* Use separate types for tenant and vespa identity providersBjørn Christian Seime2018-04-262-5/+5
| | | | | | | | - Add ServiceIdentityProvider - Remove AthenzSslContextProvider - Change SiaIdentityProvider to implement ServiceIdentityProvider - Change AthenzIdentityProviderImpl to implement both ServiceIdentityProvider and AthenzIdentityProvider - Stop using AthenzIdentityProvider for internal use
* Include ipaddress SAN in CSRMorten Tokle2018-04-261-1/+2
|
* Deprecate legacy SecretStore interfaceMorten Tokle2018-04-241-1/+1
|
* Rename Ckms -> SecretStoreMorten Tokle2018-04-231-5/+5
|
* Change type of 'zts-endpoint' to URIBjørn Christian Seime2018-04-191-1/+2
|
* Move identity document api types to vespa-athenzBjørn Christian Seime2018-04-197-243/+22
|
* Add configserver hostname in identity documentBjørn Christian Seime2018-04-191-1/+2
|
* Retrieve host identity through client certificateBjørn Christian Seime2018-04-192-6/+17
|
* Add separate method for generating identity document for tenant and nodeBjørn Christian Seime2018-04-191-1/+26
|
* Add type for provider unique instance idBjørn Christian Seime2018-04-182-3/+4
|
* Change format of provider unique instance idBjørn Christian Seime2018-04-181-1/+1
|
* add access control to identity document resourceMorten Tokle2018-04-132-2/+35
|
* Use Pkcs10Csr and related types in CertificateSignerBjørn Christian Seime2018-03-224-95/+41
|
* Remove direct use of CryptoBjørn Christian Seime2018-03-221-4/+3
|
* Use X509CertificateUtilsBjørn Christian Seime2018-03-221-2/+2
|
* Use certificate builder in AthenzSslTrustStoreConfiguratorBjørn Christian Seime2018-03-221-40/+16
|
* Revert "Bjorncs/certificate builder"Harald Musum2018-03-217-62/+141
|
* Use Pkcs10Csr and related types in CertificateSignerBjørn Christian Seime2018-03-204-95/+41
|
* Remove direct use of CryptoBjørn Christian Seime2018-03-191-4/+3
|