summaryrefslogtreecommitdiffstats
path: root/vespa-athenz
Commit message (Collapse)AuthorAgeFilesLines
* Add checkAccessAllowed method that consumes access token + certificateBjørn Christian Seime2020-01-242-0/+13
|
* Return the matched role in checkAccessAllowed methodsBjørn Christian Seime2020-01-242-31/+92
| | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter.
* Add AthenzAccessTokenBjørn Christian Seime2020-01-241-0/+46
|
* Revert "Bjorncs/update zpe"Harald Musum2020-01-244-151/+31
|
* Add checkAccessAllowed method that consumes access token + certificateBjørn Christian Seime2020-01-242-0/+13
|
* Return the matched role in checkAccessAllowed methodsBjørn Christian Seime2020-01-242-31/+92
| | | | | | Rewrite AuthorizationResult to specify result type as a inner Type enum. Add matched role to AuthorizationResult. Propagate matched role to request object in AthenzAuthorizationFilter.
* Add AthenzAccessTokenBjørn Christian Seime2020-01-241-0/+46
|
* Upgrade Apache httpclient+httpcore to newest versionBjørn Christian Seime2020-01-101-1/+1
| | | | | Use deprecated setSslcontext() in code that may run outside JDisc.
* Revert "Bjorncs/java deps cleanup"Harald Musum2020-01-101-1/+1
|
* Upgrade Apache httpclient and httpcore to newest versionBjørn Christian Seime2020-01-091-1/+1
|
* Remove dead codeHarald Musum2019-12-105-251/+0
|
* Implement ZmsClient add/delete role member methodsValerij Fredriksen2019-12-022-0/+11
|
* Include changes from #11407Valerij Fredriksen2019-12-022-0/+7
|
* Use filesystem when resolving pathsMorten Tokle2019-11-221-4/+3
|
* Revert "Revert "Reapply #11146 Validate register and refresh""Morten Tokle2019-11-121-0/+39
|
* Revert "Reapply #11146 Validate register and refresh"Morten Tokle2019-11-121-39/+0
|
* Reapply #11146 Validate register and refreshMorten Tokle2019-11-111-0/+39
|
* Revert "Reapply "Validate register and refresh""Morten Tokle2019-10-311-23/+0
|
* Revert "Revert "Validate register and refresh""Morten Tokle2019-10-301-0/+23
|
* Revert "Validate register and refresh"Morten Tokle2019-10-301-23/+0
|
* Merge pull request #11146 from vespa-engine/mortent/validate-csrMorten Tokle2019-10-301-0/+23
|\ | | | | Validate register and refresh
| * Validate register and refreshMorten Tokle2019-10-291-0/+23
| |
* | Pass Okta identity token to Athenz tenancy operationsBjørn Christian Seime2019-10-293-16/+63
|/
* Make SiaIdentityProvider trust store type configurableMartin Polden2019-10-213-11/+53
|
* Use mockito-core 3.1.0Håkon Hallingstad2019-10-181-2/+2
|
* Depend on interface instead of subclassHåkon Hallingstad2019-10-091-6/+0
|
* Refresh certs using hostnameVerifierMorten Tokle2019-10-081-1/+5
|
* Propagate hostnameverifier correctlyMorten Tokle2019-10-041-1/+1
|
* Support internal ztsMorten Tokle2019-10-033-10/+15
|
* Read signature algorithm from keyMorten Tokle2019-10-031-8/+3
|
* Use trust store path that corresponds to data in RPM package ↵Harald Musum2019-10-011-6/+2
| | | | yahoo_certificate_bundle
* Expose path to CA certificates in SiaUtilsHåkon Hallingstad2019-09-271-0/+7
|
* Remove unused field in DefaultZtsClientMartin Polden2019-09-203-8/+6
|
* Fix equals in SignedIdentityDocumentEntityMartin Polden2019-09-201-1/+1
|
* Remove unused credentials providerMorten Tokle2019-09-093-116/+0
|
* Revert "Include instance hostname in Athenz node certificates"Bjørn Christian Seime2019-08-287-24/+4
| | | | This reverts commit aca45ba95c5fb0b7d9c1fe89ee3a866ff65c76ac.
* Revert "Reorder parameters to match parent interface"Bjørn Christian Seime2019-08-281-1/+1
| | | | This reverts commit 9c1f63369bac3012f78a45f90c46a3ad42f5cc54.
* Reorder parameters to match parent interfaceBjørn Christian Seime2019-08-281-1/+1
|
* Include instance hostname in Athenz node certificatesBjørn Christian Seime2019-08-267-4/+24
|
* Remove unused parameters from ZtsClient methodsBjørn Christian Seime2019-08-265-26/+5
|
* Use the jks keystoreBjørn Christian Seime2019-07-051-1/+1
|
* Allow applications to re-use SSLContext returned by providerBjørn Christian Seime2019-07-034-55/+108
| | | | | | - Use MutableX509KeyManager instead of re-creating SSLContext when credentials are updated. - Make AthenzIdentityProviderImpl responsible for creating initial SSLContext. - Use proper x509 certificates and keys in unit test instead of Mockito mocks.
* Use AutoReloadingX509KeyManager in SiaIdentityProviderBjørn Christian Seime2019-07-032-57/+16
| | | | | | The SSLContext instance provided by SiaIdentityProvider can now be reused as the underlying key manager will automatically update the key material every hour.
* Use AthenzIdentity instead of AthensServiceHåkon Hallingstad2019-04-1012-49/+55
|
* Add missing exportpackageMorten Tokle2019-02-251-0/+5
|
* Fix refresh logicMorten Tokle2019-02-222-7/+39
|
* Exclude jackson dependencies from aws sdkMorten Tokle2019-02-211-1/+15
|
* Add aws credential providerMorten Tokle2019-02-212-1/+83
|
* Add support for AWS temp credentialsMorten Tokle2019-02-126-3/+169
|
* Initialize AuthZpeClient in constructorBjørn Christian Seime2019-01-311-0/+5
|