aboutsummaryrefslogtreecommitdiffstats
path: root/vespa-athenz
Commit message (Collapse)AuthorAgeFilesLines
* Parse errors from ZTSBjørn Christian Seime2018-07-103-11/+45
|
* Revert "Move NTokenValidator to vespa-athenz + load pub keys from file"Harald Musum2018-07-096-232/+49
|
* Move NTokenValidator to vespa-athenz + load pub keys from fileBjørn Christian Seime2018-07-096-49/+232
| | | | | | | - Move NTokenValidator from controller-server to vespa-athenz - Remodel ZmsKeystore as AthenzTruststore - Use file-backed truststore on controller (replaces download of public keys) - Remove ZmsClient.getPublicKey/getPublicKeys
* Add getTenantDomains to vespa-athenz ZtsClientBjørn Christian Seime2018-07-053-0/+54
|
* Rename 'AccessCheckResult' -> 'AuthorizationResult'Bjørn Christian Seime2018-06-213-9/+9
|
* Add new Athenz security filter based on ZPEBjørn Christian Seime2018-06-201-0/+58
| | | | | - Allow flexible configuration of filter using a resource mapper - Add helper class to extract role and identity from role certificates
* Add roles to AthenzPrincipalBjørn Christian Seime2018-06-201-3/+19
|
* Remove unused classBjørn Christian Seime2018-06-201-27/+0
|
* Add wrapper for ZPEBjørn Christian Seime2018-06-205-0/+128
|
* Add data type for resource nameBjørn Christian Seime2018-06-202-0/+95
|
* Parse role token and add getter for identityBjørn Christian Seime2018-06-201-6/+24
|
* Add method to ZtsClient to retrieve identity certificateBjørn Christian Seime2018-06-1518-57/+323
|
* Specify scheme and port for configserver endpointBjørn Christian Seime2018-06-141-1/+1
|
* Cache tenant certificate and private key to diskBjørn Christian Seime2018-06-132-25/+71
|
* Add utility methods for reading/writing SIA credentialsBjørn Christian Seime2018-06-131-0/+73
|
* Remove support for ntokensBjørn Christian Seime2018-06-133-16/+9
|
* Remove deprecated ZtsClientBjørn Christian Seime2018-06-135-106/+71
| | | | | | | - Replace use of old ZtsClient with DefaultZtsClient - Add caching of role tokens - Add constructor to AthenzRole taking only strings - Change new ZtsClient interface to use AthenzRole for getRoleToken
* Use pascal case for constantsBjørn Christian Seime2018-06-131-3/+3
|
* Separate generating and validating signature to separate classBjørn Christian Seime2018-06-123-1/+137
| | | | | - Move signature logic to IdentityDocumentSigner - Stop using fields from deprecated IdentityDocument to generate signature
* Deprecate identityDocument fieldBjørn Christian Seime2018-06-124-7/+7
|
* Merge pull request #5991 from vespa-engine/bjorncs/aws-ready-identity-providerMorten Tokle2018-06-1210-400/+101
|\ | | | | Bjorncs/aws ready identity provider
| * Use dns suffix and zts uri from configBjørn Christian Seime2018-06-113-7/+13
| |
| * Use mutual TLS auth when communicating with ZTSBjørn Christian Seime2018-06-118-295/+67
| | | | | | | | | | - Remove instance register/refresh from ad-hoc ZtsClient implementation - Deprecate ad-hoc ZtsClient
| * Use mutual TLS auth when retrieving identity documentBjørn Christian Seime2018-06-114-116/+39
| |
* | Override default timeout for DefaultZtsClient + DefaultIdentityDocumentClientBjørn Christian Seime2018-06-122-0/+13
|/
* Cache role ssl tokenMorten Tokle2018-06-115-20/+86
|
* Add utility methods to (de)serialize signed identity document from/to fileBjørn Christian Seime2018-06-071-1/+22
|
* Allow deserialization of java.time.InstantBjørn Christian Seime2018-06-071-1/+2
|
* Use identity type to generate identity documentBjørn Christian Seime2018-06-071-6/+0
|
* Add identity type to unique instance id and signed identity documentBjørn Christian Seime2018-06-078-25/+128
|
* Prepare for inlining of 'IdentityDocument' into 'SignedIdentityDocument'Bjørn Christian Seime2018-06-078-20/+89
|
* Add missing '@JsonIgnoreProperties' property to VespaUniqueInstanceIdEntityBjørn Christian Seime2018-06-041-0/+2
|
* Revert "Prepare for inlining of 'IdentityDocument' into ↵Jon Marius Venstad2018-06-038-89/+20
| | | | | | 'SignedIdentityDocument'" This reverts commit 48ea96e26f4cc037f0cf81a303b4617ea8e2441d.
* Revert "Add identity type to unique instance id and signed identity document"Jon Marius Venstad2018-06-038-128/+25
| | | | This reverts commit cfa6d7bb63402b83c84a16411a207e946de33246.
* Revert "Use identity type to generate identity document"Jon Marius Venstad2018-06-031-0/+6
| | | | This reverts commit 78da30192dad43d338b9e3f04263dd7c83094b90.
* Revert "Allow deserialization of java.time.Instant"Jon Marius Venstad2018-06-031-2/+1
| | | | This reverts commit 70050a13fb977db2f9013bfaee9339c662c01320.
* Allow deserialization of java.time.InstantBjørn Christian Seime2018-06-011-1/+2
|
* Use identity type to generate identity documentBjørn Christian Seime2018-05-311-6/+0
|
* Add identity type to unique instance id and signed identity documentBjørn Christian Seime2018-05-318-25/+128
|
* Prepare for inlining of 'IdentityDocument' into 'SignedIdentityDocument'Bjørn Christian Seime2018-05-318-20/+89
|
* Remove unused constantsBjørn Christian Seime2018-05-281-3/+0
|
* Remove deprecated identity-document entity typesBjørn Christian Seime2018-05-2810-380/+57
|
* Use SiaUtils in SiaIdentityProviderBjørn Christian Seime2018-05-241-11/+6
|
* Add SIA utility classBjørn Christian Seime2018-05-241-0/+39
|
* Add AthenzService constructor taking full name as inputBjørn Christian Seime2018-05-241-0/+11
|
* Merge pull request #5878 from ↵Bjørn Christian Seime2018-05-221-1/+1
|\ | | | | | | | | vespa-engine/bjorncs/proper-athenz-identity-provider-config Bjorncs/proper athenz identity provider config
| * Add athenzDnsSuffix and ztsUrl to identity configBjørn Christian Seime2018-05-151-1/+1
| |
* | Remove use of deprecated entity typesBjørn Christian Seime2018-05-161-3/+3
| |
* | Add missing base64 encoding of identity documentBjørn Christian Seime2018-05-161-1/+3
| |
* | Add mapping from SignedIdentityDocumentEntity to SignedIdentityDocumentBjørn Christian Seime2018-05-161-0/+24
| |