aboutsummaryrefslogtreecommitdiffstats
path: root/vespa-athenz
Commit message (Collapse)AuthorAgeFilesLines
* Upgrade BouncyCastle to 1.72Bjørn Christian Seime2022-10-121-2/+2
| | | | Migrate to artifact names used by 1.71+
* SIA identity SSLContext with custom trust storeHåkon Hallingstad2022-10-111-0/+4
|
* ha parameter store client WIPAndreas Eriksen2022-10-031-1/+1
|
* Delete ZMS policyOla Aunrønning2022-08-122-0/+9
|
* Clean up roles of deleted tenantsOla Aunrønning2022-08-102-0/+9
|
* Read approved attributeMorten Tokle2022-08-052-11/+13
|
* Convert vespa-athenz to junit5Bjørn Christian Seime2022-07-2713-86/+115
|
* Use getSubjectCommonName()Bjørn Christian Seime2022-07-211-1/+1
|
* Simplify type definition for subject alternative namesBjørn Christian Seime2022-07-203-17/+15
|
* Move generic crypto helpers from 'c.y.s.tls' to 'c.y.s'Bjørn Christian Seime2022-07-202-2/+2
|
* Add proxy principal spiffe urisMorten Tokle2022-06-303-7/+27
|
* Merge pull request #23262 from ↵Håkon Hallingstad2022-06-284-30/+1
|\ | | | | | | | | vespa-engine/hakonhall/remove-trust-store-paths-from-siaidentityprovider Remove trust store paths from SiaIdentityProvider
| * Remove trust store paths from SiaIdentityProviderHåkon Hallingstad2022-06-284-30/+1
| |
* | Request tokens with max expiry timeMorten Tokle2022-06-281-5/+6
| |
* | Reduce role token expiry to 10 minutesMorten Tokle2022-06-282-5/+28
| |
* | Expose role certificateMorten Tokle2022-06-281-1/+14
|/
* Allow empty authz headerMorten Tokle2022-06-201-4/+4
|
* Refer to correct secret version from signed docHåkon Hallingstad2022-06-092-3/+2
|
* Set project version to 8-SNAPSHOTgjoranv2022-06-081-2/+2
|
* Don't provide Jetty bundles from 'container' artifactBjørn Christian Seime2022-06-081-3/+3
| | | | Add dependency on 'jetty-http' with scope test instead of adding false dependencies with 'container-test'.
* install_jar CMake functionHåkon Hallingstad2022-05-201-1/+1
|
* ZmsClient: Add method to update service public keyValerij Fredriksen2022-05-185-6/+55
|
* Use '@Inject' from 'annotations' in multiple bundlesBjørn Christian Seime2022-05-062-2/+2
|
* Add athenz zts serviceMorten Tokle2022-05-041-0/+1
|
* Make AwsCredentials Closeable, and close created clients in its close()jonmv2022-05-032-5/+17
|
* Monitor ZMS quotaOla Aunrønning2022-04-214-0/+120
|
* Add patterns for region and cloud namesjonmv2022-04-191-1/+1
|
* Membership decision includes 'approved' field. Only trigger athenz sync on ↵Ola Aunrønning2022-03-172-1/+16
| | | | approval
* Merge pull request #21714 from vespa-engine/hakonhall/add-ntokengeneratorValerij Fredriksen2022-03-163-5/+176
|\ | | | | Add NTokenGenerator
| * Use ClockHåkon Hallingstad2022-03-162-9/+8
| |
| * Add NTokenGeneratorHåkon Hallingstad2022-03-163-5/+177
| |
* | Include assertion effect in entityOla Aunrønning2022-03-153-5/+20
| |
* | Consider effect equalityOla Aunrønning2022-03-141-0/+1
| |
* | Infer managed access through assertion existenceOla Aunrønning2022-03-141-0/+6
|/
* Merge pull request #21626 from vespa-engine/olaa/return-preapprove-payloadOla Aunrønning2022-03-101-4/+5
|\ | | | | Payload contains pre-approval status
| * Use OptionalOla Aunrønning2022-03-101-4/+5
| |
| * RoleEntity parameters can be nullOla Aunrønning2022-03-101-3/+3
| |
* | Json property of role name is 'name'Ola Aunrønning2022-03-091-1/+1
|/
* Fetch audit log and pending membership requests for athenz roleOla Aunrønning2022-03-044-15/+198
| | | | | Athenz synchronizer accepts tenant name ZMSClient membership requests can be rejected
* Add API for toggling self-served access roleOla Aunrønning2022-03-033-1/+29
|
* Pass along auth0 credentials to ZMSValerij Fredriksen2022-02-212-2/+6
|
* Merge OktaAccessToken and OktaIdentityToken into OAuthCredentialsValerij Fredriksen2022-02-215-101/+68
|
* Adds parent and adminUsers to subdomain creation payloadOla Aunrønning2022-02-151-2/+5
|
* Post subdomainOla Aunrønning2022-02-151-1/+1
|
* Remove duplicate toJsonStringEntityOla Aunrønning2022-02-141-1/+1
|
* Creates tenant domain if not existsOla Aunrønning2022-02-102-0/+12
|
* Pending role approvals contains all athenz identity typesOla Aunrønning2022-02-102-4/+3
|
* Request, list, and approve ssh accessOla Aunrønning2022-02-092-4/+4
|
* Read policy from resource nameMorten Tokle2022-02-041-1/+11
|
* Revert "Allow developers to deploy application in manual zones"Morten Tokle2022-02-031-11/+1
|