luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
17219 commits 1 branch 0 tags 214 MiB
Commit graph

5 commits

Author SHA1 Message Date
Alexander Scheel 005d989230
Add acme challenge validation engine (#20221) 
* Allow creating storageContext with timeout

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add challenge validation engine to ACME

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Initialize the ACME challenge validation engine

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Trigger challenge validation on endpoint submission

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix GetKeyThumbprint to use raw base64

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Point at localhost for testing

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add cleanup of validation engine

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2023-04-19 12:31:19 -04:00
Steven Clark 7361ce1e57
Add tests for fetching ACME authorizations and challenges (#20205) 
- Add tests to validate that we can load authorizations and
   challenges from the server
 2023-04-17 17:52:54 +00:00
Steven Clark 6211595bef
Add a helper function to build ACME API patterns (#20180) 
- Add a helper function that can accept the final API path along with
   the pattern function for an ACME api definition and generate the
   various flavors for the given API
 2023-04-14 18:48:33 +00:00
Steven Clark 138f36eafe
Move all ACME wrappers into a dedicated go file (#20174) 
* Move all ACME wrappers into a dedicated go file

 - Make it easier to figure out where the various wrappers for
   ACME exist by locating them inside a dedicated go file instead
   of spread out across the various path_acme_xxx files.

* Add missing copyright headers to PKI files
 2023-04-14 14:12:31 -04:00
Alexander Scheel b4edc81cd5
Add ACME authorizations & challenges (#20113) 
* Distinguish POST-as-GET from POST-with-empty-body

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add ACME authorization, identifier, and challenge types

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add ability to load and save authorizations

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add ACME authorizations path handling

This supports two methods: a fetch handler over the authorization, to
expose the underlying challenges, and a deactivate handler to revoke
the authorization and mark its challenges invalid.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add ACME challenge path handling

These paths kick off processing and validation of the challenge by the
ACME client.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2023-04-12 16:55:25 +00:00