Armon Dadgar
|
a6d974c74e
|
vault: revoking a token should revoke all secrets it has generated
|
2015-04-10 15:12:04 -07:00 |
|
|
Armon Dadgar
|
c22d18a5be
|
vault: re-use revokeSalted to share logic
|
2015-04-10 15:06:54 -07:00 |
|
|
Armon Dadgar
|
1e2863e2b8
|
vault: remove unused RevokeAll method
|
2015-04-10 14:59:49 -07:00 |
|
|
Armon Dadgar
|
b10fbc4d83
|
vault: Adding token based revocation
|
2015-04-10 14:48:08 -07:00 |
|
|
Armon Dadgar
|
98679ee7b8
|
vault: Split expiration manager views to index by token
|
2015-04-10 14:21:23 -07:00 |
|
|
Armon Dadgar
|
39c51ede2e
|
vault: testing renewAuthEntry
|
2015-04-10 14:07:06 -07:00 |
|
|
Armon Dadgar
|
13836e8612
|
vault: groundwork to allow auth renew
|
2015-04-10 13:59:49 -07:00 |
|
|
Armon Dadgar
|
e7fe48c33f
|
vault: refactor expiration timer management
|
2015-04-09 12:39:12 -07:00 |
|
|
Armon Dadgar
|
5a3ab973e6
|
vault: Simplify common lease logic
|
2015-04-09 12:29:13 -07:00 |
|
|
Armon Dadgar
|
4679febdf3
|
logical: Refactor LeaseOptions to share between Secret and Auth
|
2015-04-09 12:14:04 -07:00 |
|
|
Armon Dadgar
|
7df486482b
|
vault: Adding LeaseIssue for renew to allow limiting maximum lease length
|
2015-04-09 11:54:32 -07:00 |
|
|
Mitchell Hashimoto
|
9a034c4ab8
|
vault: lookup-self should allow unauthenticated requests
|
2015-04-08 22:09:47 -07:00 |
|
|
Armon Dadgar
|
8ebc29d1b9
|
vault: audit broker profiles each backend
|
2015-04-08 17:09:36 -07:00 |
|
|
Armon Dadgar
|
e25886859e
|
vault: router generates metrics per operation
|
2015-04-08 17:09:10 -07:00 |
|
|
Armon Dadgar
|
82c5d9c478
|
vault: Enforce non-renewability
|
2015-04-08 17:03:46 -07:00 |
|
|
Armon Dadgar
|
512b3d7afd
|
vault: Adding metrics profiling
|
2015-04-08 16:43:17 -07:00 |
|
|
Armon Dadgar
|
429ad7e5cb
|
vault: Handle auth entry without lease
|
2015-04-08 15:43:26 -07:00 |
|
|
Armon Dadgar
|
466c7575d3
|
Replace VaultID with LeaseID for terminology simplification
|
2015-04-08 13:35:32 -07:00 |
|
|
Mitchell Hashimoto
|
7e4f47a9e6
|
vault: proper meta parameter for vaultstorage (tests pass now)
|
2015-04-07 14:37:50 -07:00 |
|
|
Mitchell Hashimoto
|
9378d0388a
|
vault: token store inehrits policies by default
|
2015-04-07 14:19:52 -07:00 |
|
|
Mitchell Hashimoto
|
8dce065972
|
vault: use mapstructure to decode token args
JSON sends as interface{}, so we can't decode directly into types.
|
2015-04-07 14:16:35 -07:00 |
|
|
Armon Dadgar
|
a8d4319ad5
|
vault: Update LRU on GetPolicy
|
2015-04-06 16:43:05 -07:00 |
|
|
Armon Dadgar
|
f022ec97c4
|
vault: Adding policy LRU cache
|
2015-04-06 16:41:48 -07:00 |
|
|
Armon Dadgar
|
493ee49e4d
|
vault: unify the token renew response
|
2015-04-06 16:35:39 -07:00 |
|
|
Mitchell Hashimoto
|
7aee6269f7
|
vault: pass a logger around to logical backends
|
2015-04-04 11:39:58 -07:00 |
|
|
Mitchell Hashimoto
|
246c2839b0
|
logical/framework: make help look nicer
|
2015-04-03 21:00:23 -07:00 |
|
|
Mitchell Hashimoto
|
8ff435ba1a
|
vault: fix issue with wrong path getting passed through
|
2015-04-03 20:48:04 -07:00 |
|
|
Mitchell Hashimoto
|
df8dbe9677
|
vault: allow mount point queries without trailing /
|
2015-04-03 20:45:00 -07:00 |
|
|
Armon Dadgar
|
148fe3d864
|
vault: Adding Hash function to MountTable
|
2015-04-03 17:46:57 -07:00 |
|
|
Armon Dadgar
|
d74c4c1c33
|
vault: Remove log about rollback
|
2015-04-03 17:11:24 -07:00 |
|
|
Armon Dadgar
|
3250bfad0a
|
vault: test credential unmount does cleanup
|
2015-04-03 16:15:34 -07:00 |
|
|
Armon Dadgar
|
82eda2b169
|
vault: Do early check for missing backend
|
2015-04-03 16:09:06 -07:00 |
|
|
Armon Dadgar
|
0dee7d29ec
|
vault: disable credential backend revokes tokens
|
2015-04-03 16:07:45 -07:00 |
|
|
Armon Dadgar
|
56d0b51be0
|
vault: Reuse mount table methods
|
2015-04-03 16:00:46 -07:00 |
|
|
Armon Dadgar
|
683d01e984
|
vault: Refactor common methods
|
2015-04-03 15:59:30 -07:00 |
|
|
Armon Dadgar
|
eaa483ff87
|
vault: Enforce default and max length leasing
|
2015-04-03 15:42:34 -07:00 |
|
|
Armon Dadgar
|
0ba7c64c0f
|
vault: Verify client token is not passed through in the plain
|
2015-04-03 15:39:56 -07:00 |
|
|
Armon Dadgar
|
002b2ad589
|
vault: Provide salted client token to logical backends
|
2015-04-03 14:42:39 -07:00 |
|
|
Armon Dadgar
|
e4854ca59b
|
vault: Allow deep paths for audit backends
|
2015-04-03 14:27:33 -07:00 |
|
|
Armon Dadgar
|
2f3e511507
|
vault: Allow deep paths for auth mounting
|
2015-04-03 14:24:00 -07:00 |
|
|
Armon Dadgar
|
b8d69a357c
|
vault: Use Auth for lease and renewable
|
2015-04-03 14:04:50 -07:00 |
|
|
Armon Dadgar
|
2feba52f40
|
vault: Adding auth/token/renew endpoint
|
2015-04-03 12:11:49 -07:00 |
|
|
Armon Dadgar
|
adaa83b48c
|
vault: Adding RenewToken to expiration manager
|
2015-04-03 11:58:10 -07:00 |
|
|
Armon Dadgar
|
c82fbbb8c3
|
vault: Support prefix based token revocation
|
2015-04-03 11:40:08 -07:00 |
|
|
Armon Dadgar
|
eec6c27fae
|
vault: Special case auth/token/create
|
2015-04-02 18:05:23 -07:00 |
|
|
Armon Dadgar
|
c6479642e9
|
vault: integrate login with expiration manager
|
2015-04-02 17:52:11 -07:00 |
|
|
Armon Dadgar
|
1b19a8ee1b
|
vault: Rename RegisterLogin to RegisterAuth
|
2015-04-02 17:45:42 -07:00 |
|
|
Armon Dadgar
|
d0ac9e5711
|
vault: Expose SaltID from token store
|
2015-04-02 17:39:38 -07:00 |
|
|
Armon Dadgar
|
c54534875a
|
vault: testing remount cleanup
|
2015-04-02 12:04:37 -07:00 |
|
|
Armon Dadgar
|
f397cd3fb1
|
vault: remount does appropriate cleanup
|
2015-04-02 12:03:00 -07:00 |
|