luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
7959 commits 1 branch 0 tags 214 MiB
Commit graph

81 commits

Author SHA1 Message Date
Jeff 9b9be9622a Typo (#4505) 2018-05-03 13:37:44 -07:00
Laura Uva cef1b3b75c Payload key should be dr_operation_token (#4498) 2018-05-02 18:35:51 -07:00
Calvin Leung Huang 7ba953b969
Add docs for internal UI mounts endpoint (#4369) 
* Add docs for internal UI mounts endpoint

* Update description section
 2018-04-16 12:13:58 -04:00
Chris Hoffman f6a3a76f25
Docs for configuration UI headers (#4313) 
* adding /sys/config/ui headers

* adding /sys/config/ui headers
 2018-04-09 12:21:02 -04:00
Jeff Mitchell 2f90e0c2e1 Merge branch 'master-oss' into 0.10-beta 2018-03-27 12:40:30 -04:00
Seth Vargo 0b827774ae Drop vault.rocks (#4186) 2018-03-23 11:41:51 -04:00
Calvin Leung Huang 25792df5a9
Passthrough request headers (#4172) 
* Add passthrough request headers for secret/auth mounts

* Update comments

* Fix SyncCache deletion of passthrough_request_headers

* Remove debug line

* Case-insensitive header comparison

* Remove unnecessary allocation

* Short-circuit filteredPassthroughHeaders if there's nothing to filter

* Add whitelistedHeaders list

* Update router logic after merge

* Add whitelist test

* Add lowercase x-vault-kv-client to whitelist

* Add back const

* Refactor whitelist logic
 2018-03-21 19:56:47 -04:00
Brian Shumate 1fcf0c6a38 Docs: update formatting / heading (#4175) 
- Correct Generate Disaster Recovery Operation Token heading level
- Tighten up formatting/trailing spaces
 2018-03-21 10:14:52 -04:00
Josh Soref 73b1fde82f Spelling (#4119) 2018-03-20 14:54:10 -04:00
Jason Martin b3e5ec865d README Spelling error (#4165) 2018-03-20 11:45:56 -04:00
Calvin Leung Huang 3108860d4b
Audit HMAC values on AuthConfig (#4077) 
* Add audit hmac values to AuthConfigInput and AuthConfigOutput, fix docs

* docs: Add ttl params to auth enable endpoint

* Rewording of go string to simply string

* Add audit hmac keys as CLI flags on auth/secrets enable

* Fix copypasta mistake

* Add audit hmac keys to auth and secrets list

* Only set config values if they exist

* Fix http sys/auth tests

* More auth plugin_name test fixes

* Pass API values into MountEntry's config when creating auth/secrets mount

* Update usage wording
 2018-03-09 14:32:28 -05:00
Calvin Leung Huang e2fb199ce5
Non-HMAC audit values (#4033) 
* Add non-hmac request keys

* Update comment

* Initial audit request keys implementation

* Add audit_non_hmac_response_keys

* Move where req.NonHMACKeys gets set

* Minor refactor

* Add params to auth tune endpoints

* Sync cache on loadCredentials

* Explicitly unset req.NonHMACKeys

* Do not error if entry is nil

* Add tests

* docs: Add params to api sections

* Refactor audit.Backend and Formatter interfaces, update audit broker methods

* Add audit_broker.go

* Fix method call params in audit backends

* Remove fields from logical.Request and logical.Response, pass keys via LogInput

* Use data.GetOk to allow unsetting existing values

* Remove debug lines

* Add test for unsetting values

* Address review feedback

* Initialize values in FormatRequest and FormatResponse using input values

* Update docs

* Use strutil.StrListContains

* Use strutil.StrListContains
 2018-03-02 12:18:39 -05:00
Jeff Mitchell 49068a42be Document primary_email in Okta mfa path 2018-03-02 11:54:21 -05:00
Jeff Mitchell 8fe24dec0a Actually add PingID to the index of API pages 2018-03-02 11:49:48 -05:00
Vishal Nayak 2646ed5e2a
update sys/capabilities docs (#4059) 2018-03-01 11:42:39 -05:00
Jeff Mitchell 5034ae2dcb Add the ability to use multiple paths for capability checking (#3663) 
* Add the ability to use multiple paths for capability checking. WIP
(tests, docs).

Fixes #3336

* Added tests

* added 'paths' field

* Update docs

* return error if paths is not supplied
 2018-03-01 11:14:56 -05:00
Jeff Mitchell 9c2ad5c4ec Fix formatting on sys/health docs 2018-02-22 10:52:12 -05:00
Calvin Leung Huang a06243bf8d
Add description param on tune endpoints (#4017) 2018-02-21 17:18:05 -05:00
Jeff Mitchell 8e8675053b Sync some bits over 2018-01-22 21:44:49 -05:00
Jeff Mitchell d8009bced1 Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-10 11:15:49 -05:00
Laura Uva b242800958 Fixed the link to the section on generating DR operation token for promoting secondary. (#3766) 2018-01-09 10:02:09 -06:00
Brian Shumate fd424c74ba Docs: add DR secondary/active HTTP 472 code (#3748) 2018-01-03 15:07:36 -05:00
Jeff Mitchell d1803098ae Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-03 14:02:31 -05:00
Jeff Mitchell e6d60ee551 Clarify control group APIs are enterprise only. 
Fixes #3702
 2017-12-19 11:00:02 -05:00
Raja Nadar 446b87ee0e added the missing nonce and type fields (#3694) 2017-12-17 16:26:07 -05:00
Brian Shumate 5a9d8c60ac Docs: Update /sys/policies/ re: beta refs to address #3624 (#3629) 2017-12-04 12:10:26 -05:00
Jeff Mitchell f762d0615e
Remove beta notice 2017-12-04 08:25:16 -08:00
Chris Hoffman b3a7d8ecf3
adding licensing docs (#3585) 2017-11-14 16:15:09 -05:00
Paul Pieralde 8fedef3d99 Docs change for Policy API (#3584) 
vault 0.9.0 deprecated the term `rules` in favor of the
term `policy` in several of the /sys/policy APIs.

The expected return state of 200 SUCCESS_NO_DATA only happens
if the `policy` term is used. A response including the
deprecation notice and a 204 SUCCESS_WITH_DATA status code
is returned when `rules` is applied.
 2017-11-14 14:26:26 -05:00
Jeff Mitchell 7ac167f8a4 Sync docs 2017-11-14 06:13:11 -05:00
Calvin Leung Huang b7deec2bec Add docs for /sys/rekey-recovery-key (#3520) 2017-11-08 14:22:30 -05:00
Calvin Leung Huang d7305a4681
Add note on support for using rec keys on /sys/rekey (#3517) 2017-11-06 12:18:15 -05:00
Vishal Nayak e4e4a7ba67
Capabilities responds considering policies on entities and groups (#3522) 
* Capabilities endpoint will now return considering policies on entities and groups

* refactor the policy derivation into a separate function

* Docs: Update docs to reflect the change in capabilities endpoint
 2017-11-03 11:20:10 -04:00
Vishal Nayak 06923430cc
docs: s/persona/alias (#3529) 2017-11-03 11:17:59 -04:00
Christophe Tafani-Dereeper 5ff1485a3e Correct typos in the sys/raw documentation (#3484) 2017-10-24 10:33:57 -04:00
Seth Vargo 83b1eb900a
More naming cleanup 2017-10-24 09:35:03 -04:00
Seth Vargo 51a27b758b
Resolve the most painful merge conflict known on earth 2017-10-24 09:34:12 -04:00
Seth Vargo 2982fdf7ca
Remove ?list examples 
They are documented in the overall API section, but people should get used to seeing LIST as a verb
 2017-10-24 09:32:15 -04:00
Seth Vargo c5665920f6
Standardize on "auth method" 
This removes all references I could find to:

- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend

in favor of the unified:

- auth method
 2017-10-24 09:32:15 -04:00
Seth Vargo 0afff80b5e
Document mount types/values 2017-10-24 09:28:05 -04:00
Chris Hoffman e4065e33d2 copying general purpose tools from transit backend to /sys/tools (#3391) 2017-10-20 10:59:17 -04:00
Alex Dadgar f56e191020 Fix spelling errors (#3390) 2017-09-28 07:54:40 -04:00
Calvin Leung Huang d4a5362835 Clarify backup data that is being stored (#3345) 2017-09-19 07:44:34 -05:00
Laura Uva 8529972bfb Updated https://www.vaultproject.io/api/system/replication-dr.html#generate-dr-secondary-token to be a POST rather than GET. This was reported by a customer and I confirmed that this should be a logical.UpdateOperation rather than ReadOperation (24f2b961fd/vault/replication_api.go (L121)). (#3342) 2017-09-15 16:19:16 -04:00
Chris Hoffman a2d2f1a543 Adding support for base_url for Okta api (#3316) 
* Adding support for base_url for Okta api

* addressing feedback suggestions, bringing back optional group query

* updating docs

* cleaning up the login method

* clear out production flag if base_url is set

* docs updates

* docs updates
 2017-09-15 00:27:45 -04:00
Chris Hoffman 9d73c81f38 Disable the sys/raw endpoint by default (#3329) 
* disable raw endpoint by default

* adding docs

* config option raw -> raw_storage_endpoint

* docs updates

* adding listing on raw endpoint

* reworking tests for enabled raw endpoints

* root protecting base raw endpoint
 2017-09-15 00:21:35 -04:00
Paul Pieralde 2c640950e0 Fixed docs to reflect correct HTTP method for /sys/config/auditing endpoing (#3331) 
Updated documentation to reflect "Read Single Audit Request Header" endpoint is GET-based.
 2017-09-13 11:59:27 -07:00
Eugene Bekker e85e22b00e Fixing the response sample for reading a plugin (#3278) 
The plugin config data properties are returned immediately within the response's `data` object.
 2017-09-01 08:34:54 -04:00
Calvin Leung Huang 6f417d39da Normalize plugin_name option for mount and enable-auth (#3202) 2017-08-31 12:16:59 -04:00
Jon Benson d88aefc64f Fix typo (#3237) 2017-08-25 09:51:33 -04:00