summaryrefslogtreecommitdiffstats
path: root/athenz-identity-provider-service
Commit message (Collapse)AuthorAgeFilesLines
* Add debug logging of the instance confirmation objectBjørn Christian Seime2018-07-102-0/+2
|
* Split registration and refreshBjørn Christian Seime2018-07-103-1/+55
| | | | | | | Validation for instance register cannot be reused as the identity document is not part of the refresh request. Refresh is split into a separate validation step that is currently a no-op. This is neccessary to allow certificates to be refreshed correctly.
* Remove CA certificate from keystoreBjørn Christian Seime2018-06-211-38/+13
|
* Store CA certificates to diskBjørn Christian Seime2018-06-151-14/+35
|
* Add temporary workaround for missing path in zts uriBjørn Christian Seime2018-06-151-1/+1
|
* Replace use of AthenzCertificateClient with DefaultZtsClientBjørn Christian Seime2018-06-153-83/+28
|
* Set password when creating key entryBjørn Christian Seime2018-06-141-2/+3
|
* Store configserver certificate to VESPA_HOME/var/vespa/siaBjørn Christian Seime2018-06-131-58/+39
|
* Separate generating and validating signature to separate classBjørn Christian Seime2018-06-124-69/+17
| | | | | - Move signature logic to IdentityDocumentSigner - Stop using fields from deprecated IdentityDocument to generate signature
* Deprecate identityDocument fieldBjørn Christian Seime2018-06-121-2/+2
|
* Remove temporary access control from '/athenz/v1/identity-document'Bjørn Christian Seime2018-06-122-47/+3
|
* Use UUID to generate random, crypto secure secretBjørn Christian Seime2018-06-071-8/+2
|
* Use identity type to generate identity documentBjørn Christian Seime2018-06-074-20/+18
|
* Add identity type to unique instance id and signed identity documentBjørn Christian Seime2018-06-072-2/+4
|
* Prepare for inlining of 'IdentityDocument' into 'SignedIdentityDocument'Bjørn Christian Seime2018-06-073-2/+19
|
* Remove parent hostname from identity documentBjørn Christian Seime2018-06-072-10/+2
|
* Stop using a fixed keystore passwordBjørn Christian Seime2018-06-051-31/+67
|
* Revert "Remove parent hostname from identity document"Jon Marius Venstad2018-06-032-2/+10
| | | | This reverts commit 0150ceec2523c02853a14d0ddf483a73b1640dd5.
* Revert "Prepare for inlining of 'IdentityDocument' into ↵Jon Marius Venstad2018-06-033-19/+2
| | | | | | 'SignedIdentityDocument'" This reverts commit 48ea96e26f4cc037f0cf81a303b4617ea8e2441d.
* Revert "Add identity type to unique instance id and signed identity document"Jon Marius Venstad2018-06-032-4/+2
| | | | This reverts commit cfa6d7bb63402b83c84a16411a207e946de33246.
* Revert "Use identity type to generate identity document"Jon Marius Venstad2018-06-034-18/+20
| | | | This reverts commit 78da30192dad43d338b9e3f04263dd7c83094b90.
* Merge pull request #6037 from vespa-engine/bjorncs/new-unique-instance-idMorten Tokle2018-06-016-31/+40
|\ | | | | Bjorncs/new unique instance
| * Use identity type to generate identity documentBjørn Christian Seime2018-05-314-20/+18
| |
| * Add identity type to unique instance id and signed identity documentBjørn Christian Seime2018-05-312-2/+4
| |
| * Prepare for inlining of 'IdentityDocument' into 'SignedIdentityDocument'Bjørn Christian Seime2018-05-313-2/+19
| |
| * Remove parent hostname from identity documentBjørn Christian Seime2018-05-312-10/+2
| |
* | Move athenz-provider-service.def to configdefinitionsHåkon Hallingstad2018-05-311-26/+0
|/
* Accept identity documents for tenant Docker containersBjørn Christian Seime2018-05-281-0/+7
|
* Remove use of deprecated entity typesBjørn Christian Seime2018-05-167-62/+66
|
* Append parent ips to identity documentMorten Tokle2018-05-152-16/+41
|
* Add new binding types which name does not conflict with model typesBjørn Christian Seime2018-05-111-0/+6
| | | | | | - Deprecate old types - Add utility class to map between the types - Temporarily allow deprecation warnings in vespa-athenz + athenz-identity-provider-service.
* Revert "Skip sending ipaddresses in CSR"Morten Tokle2018-04-302-26/+1
|
* Skip sending ipaddresses in CSRMorten Tokle2018-04-272-1/+26
|
* Use separate types for tenant and vespa identity providersBjørn Christian Seime2018-04-262-5/+5
| | | | | | | | - Add ServiceIdentityProvider - Remove AthenzSslContextProvider - Change SiaIdentityProvider to implement ServiceIdentityProvider - Change AthenzIdentityProviderImpl to implement both ServiceIdentityProvider and AthenzIdentityProvider - Stop using AthenzIdentityProvider for internal use
* Include ipaddress SAN in CSRMorten Tokle2018-04-262-5/+8
|
* Deprecate legacy SecretStore interfaceMorten Tokle2018-04-241-1/+1
|
* Rename Ckms -> SecretStoreMorten Tokle2018-04-231-5/+5
|
* Change type of 'zts-endpoint' to URIBjørn Christian Seime2018-04-192-2/+4
|
* Move identity document api types to vespa-athenzBjørn Christian Seime2018-04-199-246/+27
|
* Add configserver hostname in identity documentBjørn Christian Seime2018-04-191-1/+2
|
* Retrieve host identity through client certificateBjørn Christian Seime2018-04-192-6/+17
|
* Add separate method for generating identity document for tenant and nodeBjørn Christian Seime2018-04-191-1/+26
|
* Add type for provider unique instance idBjørn Christian Seime2018-04-183-4/+5
|
* Change format of provider unique instance idBjørn Christian Seime2018-04-181-1/+1
|
* add access control to identity document resourceMorten Tokle2018-04-132-2/+35
|
* Use Pkcs10Csr and related types in CertificateSignerBjørn Christian Seime2018-03-225-148/+64
|
* Remove direct use of CryptoBjørn Christian Seime2018-03-221-4/+3
|
* Use X509CertificateUtilsBjørn Christian Seime2018-03-221-2/+2
|
* Use certificate builder in AthenzSslTrustStoreConfiguratorBjørn Christian Seime2018-03-221-40/+16
|
* Revert "Bjorncs/certificate builder"Harald Musum2018-03-218-85/+194
|