Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Do not implement unexported interface | Martin Polden | 2020-10-29 | 1 | -5/+7 |
| | |||||
* | Move AwsCredentialsProvider to vespa-athenz | Martin Polden | 2020-10-28 | 1 | -0/+36 |
| | |||||
* | Minor unification of tests. | Henning Baldersheim | 2020-08-12 | 2 | -12/+7 |
| | |||||
* | Revert "Revert "Expose underlying certificate and private key from ↵ | Bjørn Christian Seime | 2020-06-02 | 1 | -18/+11 |
| | | | | SiaIdentityProvider "" | ||||
* | Revert "Expose underlying certificate and private key from SiaIdentityProvider " | Harald Musum | 2020-05-28 | 1 | -11/+18 |
| | |||||
* | Provide path to trust stores from ServiceIdentityProvider | Bjørn Christian Seime | 2020-05-18 | 1 | -12/+5 |
| | | | | | Model distinction between the Athenz and client trust store. Cleanup constructors and config for SiaIdentityProvider. | ||||
* | Expose underlying certificate and private key from SiaIdentityProvider | Bjørn Christian Seime | 2020-05-18 | 1 | -6/+6 |
| | | | | | | Extend ServiceIdentityProvider interface with new methods. Add class that bundles certificate with private key. Use Path instead of File for better compatibility with mocked file system in unit tests. | ||||
* | Remove dead code | Harald Musum | 2019-12-10 | 1 | -99/+0 |
| | |||||
* | Make SiaIdentityProvider trust store type configurable | Martin Polden | 2019-10-21 | 1 | -1/+32 |
| | |||||
* | Use mockito-core 3.1.0 | Håkon Hallingstad | 2019-10-18 | 1 | -2/+2 |
| | |||||
* | Remove unused credentials provider | Morten Tokle | 2019-09-09 | 1 | -35/+0 |
| | |||||
* | Revert "Include instance hostname in Athenz node certificates" | Bjørn Christian Seime | 2019-08-28 | 1 | -1/+1 |
| | | | | This reverts commit aca45ba95c5fb0b7d9c1fe89ee3a866ff65c76ac. | ||||
* | Include instance hostname in Athenz node certificates | Bjørn Christian Seime | 2019-08-26 | 1 | -1/+1 |
| | |||||
* | Allow applications to re-use SSLContext returned by provider | Bjørn Christian Seime | 2019-07-03 | 1 | -9/+57 |
| | | | | | | - Use MutableX509KeyManager instead of re-creating SSLContext when credentials are updated. - Make AthenzIdentityProviderImpl responsible for creating initial SSLContext. - Use proper x509 certificates and keys in unit test instead of Mockito mocks. | ||||
* | Use AutoReloadingX509KeyManager in SiaIdentityProvider | Bjørn Christian Seime | 2019-07-03 | 1 | -4/+1 |
| | | | | | | The SSLContext instance provided by SiaIdentityProvider can now be reused as the underlying key manager will automatically update the key material every hour. | ||||
* | Use AthenzIdentity instead of AthensService | Håkon Hallingstad | 2019-04-10 | 1 | -1/+2 |
| | |||||
* | Fix refresh logic | Morten Tokle | 2019-02-22 | 1 | -0/+35 |
| | |||||
* | Test | Jon Marius Venstad | 2019-01-11 | 1 | -0/+3 |
| | |||||
* | Remove deprecated types from vespa-athenz | Bjørn Christian Seime | 2018-10-17 | 5 | -166/+1 |
| | |||||
* | Rename InstanceCsrGenerator -> CsrGenerator | Morten Tokle | 2018-10-05 | 1 | -2/+2 |
| | |||||
* | Add OU field to csr | Morten Tokle | 2018-10-04 | 1 | -0/+37 |
| | |||||
* | Add copyright header | Jon Bratseth | 2018-10-01 | 7 | -7/+14 |
| | |||||
* | Revert "Replace RSA with EC in unit test" | Bjørn Christian Seime | 2018-09-12 | 1 | -2/+2 |
| | | | | This reverts commit bdb057ecfac68acaaeecc2fe54ae989e0fba2c75. | ||||
* | Remove most deprecated types from com.yahoo.vespa.athenz.tls | Bjørn Christian Seime | 2018-09-11 | 9 | -303/+17 |
| | | | | Pkcs10Csr and related classes are not removed as they are currently in use. | ||||
* | Replace RSA with EC in unit test | Bjørn Christian Seime | 2018-09-11 | 1 | -2/+2 |
| | |||||
* | Replace use of com.yahoo.vespa.athenz.tls with com.yahoo.security | Bjørn Christian Seime | 2018-09-07 | 1 | -2/+2 |
| | |||||
* | Replace use of com.yahoo.vespa.athenz.tls with com.yahoo.security | Bjørn Christian Seime | 2018-09-05 | 3 | -28/+23 |
| | | | | - Use replace RSA with EC in unit tests where possible | ||||
* | Remove workaround for missing identity type | Bjørn Christian Seime | 2018-08-16 | 1 | -12/+0 |
| | |||||
* | Remove 'dnsSuffix' and 'ztsEndpoint' from identity document | Bjørn Christian Seime | 2018-08-15 | 1 | -3/+2 |
| | |||||
* | Remove wrapped document structure from SignedIdentityDocument | Bjørn Christian Seime | 2018-08-15 | 1 | -1/+1 |
| | |||||
* | Revert "Bjorncs/remove wrapped identity document" | Morten Tokle | 2018-08-07 | 1 | -2/+3 |
| | |||||
* | Merge pull request #6482 from ↵ | Bjørn Christian Seime | 2018-08-06 | 1 | -3/+2 |
|\ | | | | | | | | | vespa-engine/bjorncs/remove-wrapped-identity-document Bjorncs/remove wrapped identity document | ||||
| * | Remove 'dnsSuffix' and 'ztsEndpoint' from identity document | Bjørn Christian Seime | 2018-07-26 | 1 | -3/+2 |
| | | |||||
| * | Remove wrapped document structure from SignedIdentityDocument | Bjørn Christian Seime | 2018-07-26 | 1 | -1/+1 |
| | | |||||
* | | Add utility method to find all services from sia directory | Bjørn Christian Seime | 2018-07-26 | 1 | -0/+40 |
|/ | |||||
* | Handle zms keys in addition to zts keys | Bjørn Christian Seime | 2018-07-25 | 1 | -1/+13 |
| | |||||
* | Move NTokenValidator to vespa-athenz + load pub keys from file | Bjørn Christian Seime | 2018-07-25 | 1 | -0/+87 |
| | | | | | | | - Move NTokenValidator from controller-server to vespa-athenz - Remodel ZmsKeystore as AthenzTruststore - Use file-backed truststore on controller (replaces download of public keys) - Remove ZmsClient.getPublicKey/getPublicKeys | ||||
* | Write private keys in PKCS#1 | Morten Tokle | 2018-07-25 | 1 | -2/+2 |
| | |||||
* | Revert "Move NTokenValidator to vespa-athenz + load pub keys from file" | Harald Musum | 2018-07-09 | 1 | -87/+0 |
| | |||||
* | Move NTokenValidator to vespa-athenz + load pub keys from file | Bjørn Christian Seime | 2018-07-09 | 1 | -0/+87 |
| | | | | | | | - Move NTokenValidator from controller-server to vespa-athenz - Remodel ZmsKeystore as AthenzTruststore - Use file-backed truststore on controller (replaces download of public keys) - Remove ZmsClient.getPublicKey/getPublicKeys | ||||
* | Add data type for resource name | Bjørn Christian Seime | 2018-06-20 | 1 | -0/+21 |
| | |||||
* | Add method to ZtsClient to retrieve identity certificate | Bjørn Christian Seime | 2018-06-15 | 2 | -10/+20 |
| | |||||
* | Remove support for ntokens | Bjørn Christian Seime | 2018-06-13 | 1 | -2/+2 |
| | |||||
* | Separate generating and validating signature to separate class | Bjørn Christian Seime | 2018-06-12 | 1 | -0/+50 |
| | | | | | - Move signature logic to IdentityDocumentSigner - Stop using fields from deprecated IdentityDocument to generate signature | ||||
* | Use mutual TLS auth when communicating with ZTS | Bjørn Christian Seime | 2018-06-11 | 1 | -57/+10 |
| | | | | | - Remove instance register/refresh from ad-hoc ZtsClient implementation - Deprecate ad-hoc ZtsClient | ||||
* | Use mutual TLS auth when retrieving identity document | Bjørn Christian Seime | 2018-06-11 | 1 | -12/+12 |
| | |||||
* | Add identity type to unique instance id and signed identity document | Bjørn Christian Seime | 2018-06-07 | 2 | -2/+17 |
| | |||||
* | Prepare for inlining of 'IdentityDocument' into 'SignedIdentityDocument' | Bjørn Christian Seime | 2018-06-07 | 1 | -1/+5 |
| | |||||
* | Revert "Prepare for inlining of 'IdentityDocument' into ↵ | Jon Marius Venstad | 2018-06-03 | 1 | -5/+1 |
| | | | | | | 'SignedIdentityDocument'" This reverts commit 48ea96e26f4cc037f0cf81a303b4617ea8e2441d. | ||||
* | Revert "Add identity type to unique instance id and signed identity document" | Jon Marius Venstad | 2018-06-03 | 2 | -17/+2 |
| | | | | This reverts commit cfa6d7bb63402b83c84a16411a207e946de33246. |