Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Remove workaround for missing identity type | Bjørn Christian Seime | 2018-08-16 | 3 | -39/+7 |
| | |||||
* | Merge pull request #6542 from ↵ | Bjørn Christian Seime | 2018-08-16 | 7 | -349/+15 |
|\ | | | | | | | | | vespa-engine/bjorncs/remove-wrapped-identity-document Bjorncs/remove wrapped identity document | ||||
| * | Remove 'dnsSuffix' and 'ztsEndpoint' from identity document | Bjørn Christian Seime | 2018-08-15 | 4 | -36/+3 |
| | | |||||
| * | Remove wrapped document structure from SignedIdentityDocument | Bjørn Christian Seime | 2018-08-15 | 7 | -317/+16 |
| | | |||||
* | | Revert "Remove listener interface from ServiceIdentityProvider" | Bjørn Christian Seime | 2018-08-15 | 4 | -0/+76 |
| | | | | | | | | This reverts commit 90cdc3376e9a899674264d9ffa2edf3286b248a7. | ||||
* | | Remove listener interface from ServiceIdentityProvider | Bjørn Christian Seime | 2018-08-14 | 4 | -76/+0 |
| | | |||||
* | | Remove SiaBackedApacheHttpClient | Bjørn Christian Seime | 2018-08-14 | 1 | -189/+0 |
| | | |||||
* | | Use ServiceIdentitySslSocketFactory in DefaultZtsClient | Bjørn Christian Seime | 2018-08-14 | 1 | -4/+6 |
| | | |||||
* | | Add SSLSocketFactory backed by ServiceIdentityProvider | Bjørn Christian Seime | 2018-08-14 | 1 | -0/+100 |
|/ | |||||
* | Rename 'refer' -> 'acquire' | Bjørn Christian Seime | 2018-08-14 | 1 | -5/+5 |
| | |||||
* | Update DefaultZtsClient to use new http client interface | Bjørn Christian Seime | 2018-08-14 | 1 | -8/+21 |
| | |||||
* | Make SiaBackedApacheHttpClient a CloseableHttpClient | Bjørn Christian Seime | 2018-08-14 | 1 | -48/+116 |
| | |||||
* | Merge pull request #6564 from vespa-engine/bjorncs/sia-backed-http-client | Bjørn Christian Seime | 2018-08-14 | 2 | -94/+146 |
|\ | | | | | Bjorncs/sia backed http client | ||||
| * | Misc improvements to close() | Bjørn Christian Seime | 2018-08-14 | 1 | -0/+8 |
| | | | | | | | | | | | | - Make close() idempotent - Disallow execute() after close() - Add redundant guards to refer()/release() | ||||
| * | Fix race conditions by using the global lock | Bjørn Christian Seime | 2018-08-13 | 1 | -21/+17 |
| | | | | | | | | | | Replace AtomicInteger with int and use clientLock to synchronize all access to refer() and release(). Remove synchronized from constructor. | ||||
| * | Use SiaBackedApacheHttpClient in DefaultZtsClient | Bjørn Christian Seime | 2018-08-13 | 1 | -94/+25 |
| | | |||||
| * | Add http client backed by Apache httpclient + ServiceIdentityProvider | Bjørn Christian Seime | 2018-08-13 | 1 | -0/+117 |
| | | |||||
* | | Write identity document to temp file, then atomic move | Bjørn Christian Seime | 2018-08-09 | 1 | -1/+6 |
|/ | |||||
* | Add getter for role token domain | Bjørn Christian Seime | 2018-08-08 | 1 | -1/+4 |
| | |||||
* | Allow signed identity document without wrapped document | Bjørn Christian Seime | 2018-08-07 | 1 | -1/+1 |
| | |||||
* | Revert "Bjorncs/remove wrapped identity document" | Morten Tokle | 2018-08-07 | 7 | -15/+349 |
| | |||||
* | Merge pull request #6482 from ↵ | Bjørn Christian Seime | 2018-08-06 | 7 | -349/+15 |
|\ | | | | | | | | | vespa-engine/bjorncs/remove-wrapped-identity-document Bjorncs/remove wrapped identity document | ||||
| * | Remove 'dnsSuffix' and 'ztsEndpoint' from identity document | Bjørn Christian Seime | 2018-07-26 | 4 | -36/+3 |
| | | |||||
| * | Remove wrapped document structure from SignedIdentityDocument | Bjørn Christian Seime | 2018-07-26 | 7 | -317/+16 |
| | | |||||
* | | Add utility method to find all services from sia directory | Bjørn Christian Seime | 2018-07-26 | 2 | -0/+64 |
|/ | |||||
* | Handle zms keys in addition to zts keys | Bjørn Christian Seime | 2018-07-25 | 4 | -23/+42 |
| | |||||
* | Move NTokenValidator to vespa-athenz + load pub keys from file | Bjørn Christian Seime | 2018-07-25 | 6 | -49/+232 |
| | | | | | | | - Move NTokenValidator from controller-server to vespa-athenz - Remodel ZmsKeystore as AthenzTruststore - Use file-backed truststore on controller (replaces download of public keys) - Remove ZmsClient.getPublicKey/getPublicKeys | ||||
* | Write private keys in PKCS#1 | Morten Tokle | 2018-07-25 | 2 | -3/+15 |
| | |||||
* | Parse errors from ZTS | Bjørn Christian Seime | 2018-07-10 | 3 | -11/+45 |
| | |||||
* | Revert "Move NTokenValidator to vespa-athenz + load pub keys from file" | Harald Musum | 2018-07-09 | 6 | -232/+49 |
| | |||||
* | Move NTokenValidator to vespa-athenz + load pub keys from file | Bjørn Christian Seime | 2018-07-09 | 6 | -49/+232 |
| | | | | | | | - Move NTokenValidator from controller-server to vespa-athenz - Remodel ZmsKeystore as AthenzTruststore - Use file-backed truststore on controller (replaces download of public keys) - Remove ZmsClient.getPublicKey/getPublicKeys | ||||
* | Add getTenantDomains to vespa-athenz ZtsClient | Bjørn Christian Seime | 2018-07-05 | 3 | -0/+54 |
| | |||||
* | Rename 'AccessCheckResult' -> 'AuthorizationResult' | Bjørn Christian Seime | 2018-06-21 | 3 | -9/+9 |
| | |||||
* | Add new Athenz security filter based on ZPE | Bjørn Christian Seime | 2018-06-20 | 1 | -0/+58 |
| | | | | | - Allow flexible configuration of filter using a resource mapper - Add helper class to extract role and identity from role certificates | ||||
* | Add roles to AthenzPrincipal | Bjørn Christian Seime | 2018-06-20 | 1 | -3/+19 |
| | |||||
* | Remove unused class | Bjørn Christian Seime | 2018-06-20 | 1 | -27/+0 |
| | |||||
* | Add wrapper for ZPE | Bjørn Christian Seime | 2018-06-20 | 5 | -0/+128 |
| | |||||
* | Add data type for resource name | Bjørn Christian Seime | 2018-06-20 | 2 | -0/+95 |
| | |||||
* | Parse role token and add getter for identity | Bjørn Christian Seime | 2018-06-20 | 1 | -6/+24 |
| | |||||
* | Add method to ZtsClient to retrieve identity certificate | Bjørn Christian Seime | 2018-06-15 | 18 | -57/+323 |
| | |||||
* | Specify scheme and port for configserver endpoint | Bjørn Christian Seime | 2018-06-14 | 1 | -1/+1 |
| | |||||
* | Cache tenant certificate and private key to disk | Bjørn Christian Seime | 2018-06-13 | 2 | -25/+71 |
| | |||||
* | Add utility methods for reading/writing SIA credentials | Bjørn Christian Seime | 2018-06-13 | 1 | -0/+73 |
| | |||||
* | Remove support for ntokens | Bjørn Christian Seime | 2018-06-13 | 3 | -16/+9 |
| | |||||
* | Remove deprecated ZtsClient | Bjørn Christian Seime | 2018-06-13 | 5 | -106/+71 |
| | | | | | | | - Replace use of old ZtsClient with DefaultZtsClient - Add caching of role tokens - Add constructor to AthenzRole taking only strings - Change new ZtsClient interface to use AthenzRole for getRoleToken | ||||
* | Use pascal case for constants | Bjørn Christian Seime | 2018-06-13 | 1 | -3/+3 |
| | |||||
* | Separate generating and validating signature to separate class | Bjørn Christian Seime | 2018-06-12 | 3 | -1/+137 |
| | | | | | - Move signature logic to IdentityDocumentSigner - Stop using fields from deprecated IdentityDocument to generate signature | ||||
* | Deprecate identityDocument field | Bjørn Christian Seime | 2018-06-12 | 4 | -7/+7 |
| | |||||
* | Merge pull request #5991 from vespa-engine/bjorncs/aws-ready-identity-provider | Morten Tokle | 2018-06-12 | 10 | -400/+101 |
|\ | | | | | Bjorncs/aws ready identity provider | ||||
| * | Use dns suffix and zts uri from config | Bjørn Christian Seime | 2018-06-11 | 3 | -7/+13 |
| | |