Commit graph

121 commits

Author SHA1 Message Date
Jeff Mitchell 77e7379ab5 Implement the cubbyhole backend
In order to implement this efficiently, I have introduced the concept of
"singleton" backends -- currently, 'sys' and 'cubbyhole'. There isn't
much reason to allow sys to be mounted at multiple places, and there
isn't much reason you'd need multiple per-token storage areas. By
restricting it to just one, I can store that particular mount instead of
iterating through them in order to call the appropriate revoke function.

Additionally, because revocation on the backend needs to be triggered by
the token store, the token store's salt is kept in the router and
client tokens going to the cubbyhole backend are double-salted by the
router. This allows the token store to drive when revocation happens
using its salted tokens.
2015-09-15 13:50:37 -04:00
Jeff Mitchell 104b29ab04 Rename View to StorageView to make it more distinct from SystemView 2015-09-15 13:50:37 -04:00
Jeff Mitchell 5de736e69c Implement shallow cloning to allow MountEntry pointers to stay consistent when spread across router/core/system views 2015-09-10 15:09:54 -04:00
Jeff Mitchell c460ff10ca Push a lot of logic into Router to make a bunch of it nicer and enable a
lot of cleanup. Plumb config and calls to framework.Backend.Setup() into
logical_system and elsewhere, including tests.
2015-09-10 15:09:54 -04:00
Caleb Tennis 688df0be6d See if this clears build error 2015-08-13 13:17:09 -04:00
Caleb Tennis 323b49f03d Fix #392 by giving a more specific error 2015-08-11 20:18:52 -04:00
Armon Dadgar 41b72a4d39 vault: provide view to backend initializer for setup 2015-06-30 17:30:43 -07:00
Armon Dadgar 8bc99f8c23 helper/uuid: single generateUUID definition 2015-06-30 12:38:32 -07:00
Armon Dadgar 82eda2b169 vault: Do early check for missing backend 2015-04-03 16:09:06 -07:00
Armon Dadgar 0dee7d29ec vault: disable credential backend revokes tokens 2015-04-03 16:07:45 -07:00
Armon Dadgar 002b2ad589 vault: Provide salted client token to logical backends 2015-04-03 14:42:39 -07:00
Armon Dadgar 2f3e511507 vault: Allow deep paths for auth mounting 2015-04-03 14:24:00 -07:00
Mitchell Hashimoto 69593cde56 remove credential/ lots of tests faililng 2015-03-30 18:07:05 -07:00
Armon Dadgar 879a0501f8 vault: Track the token store in core 2015-03-23 13:41:05 -07:00
Armon Dadgar ca44529c9d vault: Change constant name 2015-03-19 09:56:39 -07:00
Armon Dadgar d88a41944e vault: Switch AuthTable to using MountTable 2015-03-19 09:54:57 -07:00
Armon Dadgar bb8a014b6a vault: first pass at enable/disable auth backends 2015-03-18 19:36:17 -07:00
Armon Dadgar 8cc88981d6 vault: token store is a credential implementation 2015-03-18 19:11:52 -07:00
Armon Dadgar 421f73d332 vault: Removing mtype from router 2015-03-18 15:48:14 -07:00
Armon Dadgar b8da9c2ee2 vault: first pass at initializing credential backends 2015-03-18 15:46:07 -07:00
Armon Dadgar d2d1822931 vault: Adding hooks for auth loading 2015-03-18 15:30:31 -07:00