e670447947
Use an atomic store in expiration loading test to fix race detector
2017-11-01 15:52:59 -04:00
47dae8ffc7
Sync
2017-10-23 14:59:37 -04:00
f7ed6732a5
Porting identity store ( #3419 )
...
* porting identity to OSS
* changes that glue things together
* add testing bits
* wrapped entity id
* fix mount error
* some more changes to core
* fix storagepacker tests
* fix some more tests
* fix mount tests
* fix http mount tests
* audit changes for identity
* remove upgrade structs on the oss side
* added go-memdb to vendor
2017-10-11 10:21:20 -07:00
375587fbf2
Removing reset of quit channel ( #3376 )
2017-09-26 20:29:42 -04:00
71952b7738
ExpirationManager restoration to load in the background ( #3260 )
2017-09-05 11:09:00 -04:00
b04e0a7a2a
Dynamically load and invalidate the token store salt ( #3021 )
...
* Dynaically load and invalidate the token store salt
* Pass salt function into the router
2017-07-18 09:02:03 -07:00
79b5d2f5bb
fix token store tests
2017-07-01 16:06:15 -04:00
e0404d17e9
fix router tests
2017-06-30 22:06:17 -04:00
a71cb52f1b
Don't allow overriding token ID with the same token ID ( #2917 )
...
Fixes #2916
2017-06-24 01:52:48 +01:00
f7df60b131
Allow accessing Warnings directly in Response. ( #2806 )
...
A change in copystructure has caused some panics due to the custom copy
function. I'm more nervous about production panics than I am about
keeping some bad code wiping out some existing warnings, so remove the
custom copy function and just allow direct setting of Warnings.
2017-06-05 10:52:43 -04:00
1a02f9be11
Fix up the tests
2017-05-04 12:41:15 -04:00
3d9cf89ad6
Add the ability to view and list of leases metadata ( #2650 )
2017-05-03 22:03:42 -04:00
50c0d520e1
Fix revoke tree test
2017-04-26 16:26:48 -07:00
f37b6492d1
More rep porting ( #2391 )
...
* More rep porting
* Add a bit more porting
2017-02-16 23:09:39 -05:00
20c65b8300
Fix regression in 0.6.4 where token store roles could not properly wo… ( #2286 )
2017-01-18 16:11:25 -05:00
c9bd2a37f8
Don't sanitize disallowed_policies on token role
2017-01-17 21:34:14 -05:00
fa7d61baa3
Merge pull request #2202 from fcantournet/fix_govet_fatalf
...
all: test: Fix govet warnings
2017-01-17 16:45:35 -05:00
c37d17ed47
Adding interface methods to logical.Backend for parity ( #2242 )
2017-01-07 18:18:22 -05:00
103b7ceab2
all: test: Fix govet warnings
...
Fix calls to t.Fatal() with formatting.
Fixed some calls to Fatalf() with wrong formatting
2016-12-21 19:44:07 +01:00
9f60e9f88d
Add tidy expiration test
2016-12-16 17:04:28 -05:00
bae84e3864
TokenStore: Make the testcase dangle 100 accessors and let it tidy up
2016-12-16 15:41:41 -05:00
ba026aeaa1
TokenStore: Added tidy endpoint ( #2192 )
2016-12-16 15:29:27 -05:00
f6044764c0
Fix revocation of leases when num_uses goes to 0 ( #2190 )
2016-12-16 13:11:55 -05:00
8400b87473
Don't add default policy to child token if parent does not have it ( #2164 )
2016-12-16 00:36:39 -05:00
b45a481365
Wrapping enhancements ( #1927 )
2016-09-28 21:01:28 -07:00
f0203741ff
Change default TTL from 30 to 32 to accommodate monthly operations ( #1942 )
2016-09-28 18:32:49 -04:00
57b21acabb
Added unit tests for token entry upgrade
2016-09-26 18:17:50 -04:00
9fee9ce8ff
Don't allow tokens in paths. ( #1783 )
2016-08-24 15:59:43 -04:00
01702415c2
Ensure we don't use a token entry period of 0 in role comparisons.
...
When we added support for generating periodic tokens for root/sudo in
auth/token/create we used the token entry's period value to store the
shortest period found to eventually populate the TTL. The problem was
that we then assumed later that this value would be populated for
periodic tokens, when it wouldn't have been in the upgrade case.
Instead, use a temp var to store the proper value to use; populate
te.Period only if actually given; and check that it's not zero before
comparing against role value during renew.
2016-08-16 16:47:46 -04:00
40ece8fd7c
Add another test and fix some output
2016-08-14 07:17:14 -04:00
b6ef112382
Minor wording change
2016-08-13 15:45:13 -04:00
cdea4b3445
Add some tests and fix some bugs
2016-08-13 14:03:22 -04:00
bcb4ab5422
Add periodic support for root/sudo tokens to auth/token/create
2016-08-12 21:14:12 -04:00
0f40fba40d
Don't allow a root token that expires to create one that doesn't
2016-08-09 20:32:40 -04:00
e783bfe7e1
Minor changes to test cases
2016-08-05 20:22:07 -04:00
5ddd1c7223
Fix broken test case
2016-08-05 20:07:18 -04:00
02911c0e01
full updates based on feedback
2016-08-05 18:57:35 -04:00
52623a2395
test updates based on feedback
2016-08-05 18:56:22 -04:00
405eb0075a
fix an error, tests still broken
2016-08-05 17:58:48 -04:00
68d351c70c
addresses feedback, but tests broken
2016-08-05 10:04:02 -04:00
c626277632
initial commit for minor update to token-store
2016-08-03 14:32:17 -04:00
e7cb3fd990
Addressed review feedback
2016-08-02 16:53:06 -04:00
9947b33498
Added tests for disallowed_policies
2016-08-02 15:21:15 -04:00
a936914101
Address review feedback and fix existing tests
2016-08-02 14:10:20 -04:00
357f2d972f
Add some extra safety checking in accessor listing and update website
...
docs.
2016-08-01 13:12:06 -04:00
23ab63c78e
Add accessor list function to token store
2016-07-29 18:20:38 -04:00
e26487ced5
Add test for non-assignable policies
2016-07-25 16:00:18 -04:00
8269f323d3
Revert 'risky' changes
2016-07-12 16:38:07 -04:00
e09b40e155
Remove Unix() invocations on 'time.Time' objects and removed conversion of time to UTC
2016-07-08 18:30:18 -04:00
90c2f5bb55
Fix some more too-tight timing in the token store tests
2016-07-01 11:59:39 -04:00
Jeff Mitchell