Commit graph

12 commits

Author SHA1 Message Date
Jeff Mitchell 51cd67115c Run appid/cert auth tests always 2016-07-01 14:06:33 -04:00
vishalnayak 95abdebb06 Added AcceptanceTest boolean to logical.TestCase 2016-04-05 15:10:44 -04:00
Jeff Mitchell d648306d52 Add the ability to specify the app-id in the login path.
This makes it easier to use prefix revocation for tokens.

Ping #424
2016-03-14 16:24:01 -04:00
vishalnayak 978075a1b4 Added renewal capability to app-id backend 2016-02-24 10:40:15 -05:00
Jeff Mitchell f3ce90164f WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Jeff Mitchell 77e7379ab5 Implement the cubbyhole backend
In order to implement this efficiently, I have introduced the concept of
"singleton" backends -- currently, 'sys' and 'cubbyhole'. There isn't
much reason to allow sys to be mounted at multiple places, and there
isn't much reason you'd need multiple per-token storage areas. By
restricting it to just one, I can store that particular mount instead of
iterating through them in order to call the appropriate revoke function.

Additionally, because revocation on the backend needs to be triggered by
the token store, the token store's salt is kept in the router and
client tokens going to the cubbyhole backend are double-salted by the
router. This allows the token store to drive when revocation happens
using its salted tokens.
2015-09-15 13:50:37 -04:00
Armon Dadgar b52d3e6506 cred/app-id: testing upgrade to salted keys 2015-06-30 18:37:10 -07:00
Armon Dadgar eeb717c901 cred/app-id: first pass at automatic upgrading to salting 2015-06-30 18:09:08 -07:00
Jonathan Sokolowski 6746a24c78 credential/app-id: Test DeleteOperation 2015-05-14 22:30:02 +10:00
Mitchell Hashimoto f7a1b2ced9 credential/app-id: allow restriction by CIDR block [GH-10] 2015-04-17 10:14:39 -07:00
Mitchell Hashimoto e643b48235 credential/app-id: support associating a name with app ID [GH-9] 2015-04-17 10:01:03 -07:00
Mitchell Hashimoto 569991fcc5 credential/app-id 2015-04-04 18:41:49 -07:00