summaryrefslogtreecommitdiffstats
path: root/athenz-identity-provider-service
Commit message (Collapse)AuthorAgeFilesLines
* Fix method name typoValerij Fredriksen2019-01-301-1/+1
|
* Make node builderHåkon Hallingstad2019-01-281-1/+1
| | | | | | | | | While trying to add another field to Node I came upon the multitude of places the constructor is called. This is simplified by using a builder. The builder is internal to Node for now. If wanted/needed, it can be made public (especially tests may be interested - I have touched as few as possible).
* Do not provide apache httpclient and httpcore.gjoranv2019-01-211-0/+2
|
* 6-SNAPSHOT -> 7-SNAPSHOTArnstein Ressem2019-01-211-1/+1
|
* Disable TLS RSA ciphers that do not support forward secrecyBjørn Christian Seime2019-01-211-7/+0
| | | | | | This will essentially remove the temporary workaround introduced with the Jetty 9.4.12 upgrade that was done recently. JDisc will with this change only enable certificates marked as grade A by ssllabs.com
* Rename field openStackId -> idMartin Polden2019-01-022-3/+2
|
* CleanupHarald Musum2018-11-201-2/+1
|
* Log existing application infos if one is not foundHarald Musum2018-11-081-3/+5
|
* Use simpler map for modelsHarald Musum2018-11-051-7/+6
| | | | | Need to keep old constructor and make a temporary one with an ignored argument to make this work (since arguments will be equal due to type erasure)
* Fix Jetty NPEBjørn Christian Seime2018-09-131-0/+1
|
* Merge pull request #6908 from vespa-engine/bjorncs/ec-pem-supportBjørn Christian Seime2018-09-121-7/+4
|\ | | | | Bjorncs/ec pem support
| * Use KeyUtilsBjørn Christian Seime2018-09-111-7/+4
| |
* | Configure https connector using SslContextFactoryProviderBjørn Christian Seime2018-09-114-279/+206
|/
* Replace use of com.yahoo.vespa.athenz.tls with com.yahoo.securityBjørn Christian Seime2018-09-053-8/+8
| | | | - Use replace RSA with EC in unit tests where possible
* Merge pull request #6600 from vespa-engine/bjorncs/remove-self-signed-certBjørn Christian Seime2018-08-288-483/+7
|\ | | | | Bjorncs/remove self signed cert
| * Remove old uri workaroundBjørn Christian Seime2018-08-161-1/+1
| |
| * Remove self-signed certificate from configserver truststoreBjørn Christian Seime2018-08-161-46/+6
| |
| * Remove api for issuing self-signed certificatesBjørn Christian Seime2018-08-166-436/+0
| |
* | Validate provider unique id in registerMorten Tokle2018-08-212-26/+87
| |
* | Validate refresh requestsMorten Tokle2018-08-173-19/+182
|/
* Remove 'dnsSuffix' and 'ztsEndpoint' from identity documentBjørn Christian Seime2018-08-152-5/+0
|
* Remove wrapped document structure from SignedIdentityDocumentBjørn Christian Seime2018-08-152-82/+23
|
* Revert "Bjorncs/remove wrapped identity document"Morten Tokle2018-08-073-23/+87
|
* Remove 'dnsSuffix' and 'ztsEndpoint' from identity documentBjørn Christian Seime2018-07-262-5/+0
|
* Remove wrapped document structure from SignedIdentityDocumentBjørn Christian Seime2018-07-262-82/+23
|
* Add debug logging of the instance confirmation objectBjørn Christian Seime2018-07-102-0/+2
|
* Split registration and refreshBjørn Christian Seime2018-07-103-1/+55
| | | | | | | Validation for instance register cannot be reused as the identity document is not part of the refresh request. Refresh is split into a separate validation step that is currently a no-op. This is neccessary to allow certificates to be refreshed correctly.
* Remove CA certificate from keystoreBjørn Christian Seime2018-06-211-38/+13
|
* Store CA certificates to diskBjørn Christian Seime2018-06-151-14/+35
|
* Add temporary workaround for missing path in zts uriBjørn Christian Seime2018-06-151-1/+1
|
* Replace use of AthenzCertificateClient with DefaultZtsClientBjørn Christian Seime2018-06-153-83/+28
|
* Set password when creating key entryBjørn Christian Seime2018-06-141-2/+3
|
* Store configserver certificate to VESPA_HOME/var/vespa/siaBjørn Christian Seime2018-06-131-58/+39
|
* Separate generating and validating signature to separate classBjørn Christian Seime2018-06-124-69/+17
| | | | | - Move signature logic to IdentityDocumentSigner - Stop using fields from deprecated IdentityDocument to generate signature
* Deprecate identityDocument fieldBjørn Christian Seime2018-06-121-2/+2
|
* Remove temporary access control from '/athenz/v1/identity-document'Bjørn Christian Seime2018-06-122-47/+3
|
* Use UUID to generate random, crypto secure secretBjørn Christian Seime2018-06-071-8/+2
|
* Use identity type to generate identity documentBjørn Christian Seime2018-06-074-20/+18
|
* Add identity type to unique instance id and signed identity documentBjørn Christian Seime2018-06-072-2/+4
|
* Prepare for inlining of 'IdentityDocument' into 'SignedIdentityDocument'Bjørn Christian Seime2018-06-073-2/+19
|
* Remove parent hostname from identity documentBjørn Christian Seime2018-06-072-10/+2
|
* Stop using a fixed keystore passwordBjørn Christian Seime2018-06-051-31/+67
|
* Revert "Remove parent hostname from identity document"Jon Marius Venstad2018-06-032-2/+10
| | | | This reverts commit 0150ceec2523c02853a14d0ddf483a73b1640dd5.
* Revert "Prepare for inlining of 'IdentityDocument' into ↵Jon Marius Venstad2018-06-033-19/+2
| | | | | | 'SignedIdentityDocument'" This reverts commit 48ea96e26f4cc037f0cf81a303b4617ea8e2441d.
* Revert "Add identity type to unique instance id and signed identity document"Jon Marius Venstad2018-06-032-4/+2
| | | | This reverts commit cfa6d7bb63402b83c84a16411a207e946de33246.
* Revert "Use identity type to generate identity document"Jon Marius Venstad2018-06-034-18/+20
| | | | This reverts commit 78da30192dad43d338b9e3f04263dd7c83094b90.
* Merge pull request #6037 from vespa-engine/bjorncs/new-unique-instance-idMorten Tokle2018-06-016-31/+40
|\ | | | | Bjorncs/new unique instance
| * Use identity type to generate identity documentBjørn Christian Seime2018-05-314-20/+18
| |
| * Add identity type to unique instance id and signed identity documentBjørn Christian Seime2018-05-312-2/+4
| |
| * Prepare for inlining of 'IdentityDocument' into 'SignedIdentityDocument'Bjørn Christian Seime2018-05-313-2/+19
| |