6c1d2ffea9
Allow wrapping to be specified by backends, and take the lesser of the request/response times ( #2088 )
2016-11-11 15:12:11 -05:00
4a505bfa3e
Update text around cubbyhole/response
2016-09-29 17:44:15 -04:00
5657789627
Audit unwrapped response ( #1950 )
2016-09-29 12:03:47 -07:00
b45a481365
Wrapping enhancements ( #1927 )
2016-09-28 21:01:28 -07:00
1c6f2fd82b
Add response wrapping to list operations ( #1814 )
2016-09-02 01:13:14 -04:00
58b32e5432
Convert to logxi
2016-08-21 18:13:37 -04:00
d2124486ef
Merge pull request #1702 from hashicorp/renew-post-body
...
Add ability to specify renew lease ID in POST body.
2016-08-08 20:01:25 -04:00
ab71b981ad
Add ability to specify renew lease ID in POST body.
2016-08-08 18:00:44 -04:00
13b7d37a0b
Remove change to naming return values
2016-08-08 17:56:14 -04:00
a583f8a3f8
Use policyutil sanitizing
2016-08-08 17:42:25 -04:00
4f0310ed96
Don't allow root from authentication backends either.
...
We've disabled this in the token store, but it makes no sense to have
that disabled but have it enabled elsewhere. It's the same issue across
all, so simply remove the ability altogether.
2016-08-08 17:32:37 -04:00
ad66bd7502
fixes based proper interpretation of comments
2016-07-26 12:20:27 -04:00
ae8a90be30
adding ids
2016-07-25 16:54:43 -04:00
8d52a96df5
moving id to http/logical
2016-07-25 15:24:10 -04:00
c63cdc23a1
Merge branch 'master' of https://github.com/hashicorp/vault into request-uuid
2016-07-23 21:47:08 -04:00
e5737b6789
initial local commit
2016-07-23 21:46:28 -04:00
4ab60f36a3
Rename err var to be more clear
2016-07-22 16:57:47 -04:00
b6ca7e9423
Add response wrapping support to login endpoints.
...
Fixes #1587
2016-07-05 11:46:21 -04:00
368a17e978
Add some commenting
2016-06-14 05:54:09 +00:00
e925987cb6
Add token accessor to wrap information if one exists
2016-06-13 23:58:17 +00:00
9f6c5bc02a
cubbyhole-response-wrapping -> response-wrapping
2016-06-10 13:48:46 -04:00
10b218d292
Use time.Time which does RFC3339 across the wire to handle time zones. Arguably we should change the API to always do this...
2016-06-07 16:01:09 -04:00
401456ea50
Add creation time to returned wrapped token info
...
This makes it easier to understand the expected lifetime without a
lookup call that uses the single use left on the token.
This also adds a couple of safety checks and for JSON uses int, rather
than int64, for the TTL for the wrapped token.
2016-06-07 15:00:35 -04:00
0da8762bd5
Add unwrap command, and change how the response is embedded (as a string, not an object)
2016-05-19 11:25:15 -04:00
2e6ac4c37a
Remove wrap specs from backend response
2016-05-19 03:06:09 +00:00
c4431a7e30
Address most review feedback. Change responses to multierror to better return more useful values when there are multiple errors
2016-05-16 16:11:33 -04:00
2295cadbf4
Make WrapInfo a pointer to match secret/auth in response
2016-05-07 19:17:51 -04:00
c5085bc79f
Merge response fix over from mfatw
2016-05-07 16:41:24 -04:00
09f06554cb
Address some review feedback
2016-05-04 16:03:53 -04:00
2ebe49d3a1
Change UseToken mechanics.
...
Add locking around UseToken and Lookup. Have UseToken flag an entry that
needs to be revoked so that it can be done at the appropriate time, but
so that Lookup in the interm doesn't return a value.
The locking is a map of 4096 locks keyed off of the first three
characters of the token ID which should provide good distribution.
2016-05-02 03:44:24 -04:00
1ffd5653c6
Add wrap support to API/CLI
2016-05-02 02:03:23 -04:00
aba689a877
Add wrapping through core and change to use TTL instead of Duration.
2016-05-02 00:47:35 -04:00
Jeff Mitchell