open-vault/vault
Jason O'Donnell 219df7087c
identity/token: fix duplicate keys in well-known (#14543)
* identity/token: fix duplicate kids in well-known

* Remove unused check

* changelog

* use map-based approach to dedup key IDs

* improve changelog description

* move jwks closer to usage; specify capacity

Co-authored-by: Austin Gebauer <agebauer@hashicorp.com>
2022-03-16 18:48:10 -07:00
..
activity s/path/mount_path (#14164) 2022-02-18 13:44:43 -05:00
cluster reformat using 'make fmt' (#13794) 2022-01-27 10:06:34 -08:00
diagnose reformat using 'make fmt' (#13794) 2022-01-27 10:06:34 -08:00
external_tests vault/external_tests/raft: fix dropped test error (#14519) 2022-03-16 09:32:57 -06:00
quotas Address slow CI causing failures in TestRateLimitQuota_Allow_WithBlock (#14042) 2022-02-25 16:05:44 -05:00
replication Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
seal Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
tokens SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
acl.go Add HTTP PATCH support to KV (#12687) 2021-10-13 15:24:31 -04:00
acl_test.go reformat using 'make fmt' (#13794) 2022-01-27 10:06:34 -08:00
acl_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
activity_log.go Handle the empty mount accessor case. (#14507) 2022-03-16 09:28:05 -04:00
activity_log_test.go Remove use of compressionutil from activitylog segments. We can leave it in for the precomputed queries since they're JSON, not protobuf. (#14239) 2022-02-23 17:33:24 -05:00
activity_log_testing_util.go s/path/mount_path (#14164) 2022-02-18 13:44:43 -05:00
activity_log_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
audit.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
audit_broker.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
audit_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
audited_headers.go vault: deprecate errwrap.Wrapf() (#11577) 2021-05-11 13:12:54 -04:00
audited_headers_test.go Fix some more error shadowing issues (#12990) 2021-11-01 11:43:00 -07:00
auth.go Vault 4632 auth remount oss (#14141) 2022-02-18 08:04:21 -08:00
auth_test.go Vault 4632 auth remount oss (#14141) 2022-02-18 08:04:21 -08:00
barrier.go Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
barrier_access.go Fix compile 2018-01-19 05:31:55 -05:00
barrier_aes_gcm.go validate cipher length before decrypting (#14098) 2022-02-18 07:37:22 -07:00
barrier_aes_gcm_test.go validate cipher length before decrypting (#14098) 2022-02-18 07:37:22 -07:00
barrier_test.go Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
barrier_view.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
barrier_view_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
barrier_view_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
capabilities.go Adds ability to define an inline policy and internal metadata on tokens (#12682) 2021-10-07 10:36:22 -07:00
capabilities_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
cluster.go vault: deprecate errwrap.Wrapf() (#11577) 2021-05-11 13:12:54 -04:00
cluster_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
core.go interactive CLI for mfa login (#14131) 2022-02-24 15:16:15 -05:00
core_metrics.go VAULT-1564 report in-flight requests (#13024) 2021-12-08 17:34:42 -05:00
core_metrics_test.go [VAULT-3252] Disallow alias creation if entity/accessor combination exists (#12747) 2021-10-14 09:52:07 -07:00
core_test.go Only create new batch tokens if we're on at least 1.10.0 (#14370) 2022-03-04 14:16:51 -08:00
core_util.go interactive CLI for mfa login (#14131) 2022-02-24 15:16:15 -05:00
core_util_common.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
cors.go Migrate to sdk/internalshared libs in go-secure-stdlib (#12090) 2021-07-15 20:17:31 -04:00
counters.go [VAULT-2852] deprecate req counters in oss (#12197) 2021-07-29 10:21:40 -07:00
counters_test.go [VAULT-2852] deprecate req counters in oss (#12197) 2021-07-29 10:21:40 -07:00
custom_response_headers.go reformat using 'make fmt' (#13794) 2022-01-27 10:06:34 -08:00
custom_response_headers_test.go vault: fix dropped test errors (#14402) 2022-03-08 12:32:27 -07:00
deadlock.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
dynamic_system_view.go feature: multiplexing support for database plugins (#14033) 2022-02-17 08:50:33 -06:00
dynamic_system_view_test.go core: set namespace within GeneratePasswordFromPolicy (#12635) 2021-09-27 09:08:07 -07:00
expiration.go Ensure that fewer goroutines survive after a test completes (#14197) 2022-02-23 10:33:52 -05:00
expiration_integ_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
expiration_test.go SSCT Optimizations (OSS) (#14323) 2022-03-01 12:24:45 -08:00
expiration_testing_util_common.go [VAULT-1981] Add OSS changes (#11999) 2021-07-06 17:12:24 -05:00
expiration_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
generate_root.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
generate_root_recovery.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
generate_root_test.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
ha.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
ha_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
identity_lookup.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
identity_lookup_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
identity_store.go remove mount accessor from MFA config (#14406) 2022-03-09 09:14:30 -08:00
identity_store_aliases.go Support clearing an identity alias' custom_metadata (#13395) 2021-12-10 18:07:47 -05:00
identity_store_aliases_test.go Support clearing an identity alias' custom_metadata (#13395) 2021-12-10 18:07:47 -05:00
identity_store_entities.go Entities may have duplicate policies (#12812) 2021-10-22 19:28:31 -04:00
identity_store_entities_test.go reformat using 'make fmt' (#13794) 2022-01-27 10:06:34 -08:00
identity_store_group_aliases.go Refactor usages of Core in IdentityStore so they can be decoupled. (#12461) 2021-08-30 15:31:11 -04:00
identity_store_group_aliases_test.go Update group alias handling to better protect against namespace differences 2019-06-18 16:43:30 -04:00
identity_store_groups.go Refactor usages of Core in IdentityStore so they can be decoupled. (#12461) 2021-08-30 15:31:11 -04:00
identity_store_groups_test.go Fix use of identity/group endpoint to edit group by name (#10812) 2021-01-29 16:50:08 -06:00
identity_store_oidc.go identity/token: fix duplicate keys in well-known (#14543) 2022-03-16 18:48:10 -07:00
identity_store_oidc_provider.go identity/oidc: Adds default provider, key, and allow_all assignment (#14119) 2022-02-22 08:33:19 -08:00
identity_store_oidc_provider_test.go identity/oidc: Adds default provider, key, and allow_all assignment (#14119) 2022-02-22 08:33:19 -08:00
identity_store_oidc_provider_util.go identity/oidc: Adds proof key for code exchange (PKCE) support (#13917) 2022-02-15 12:02:22 -08:00
identity_store_oidc_test.go identity/token: fix duplicate keys in well-known (#14543) 2022-03-16 18:48:10 -07:00
identity_store_oidc_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
identity_store_oss.go Login MFA (#14025) 2022-02-17 13:08:51 -08:00
identity_store_schema.go Fix startup failures when aliases from a pre-1.9 vault version exist (#13169) 2021-11-16 14:56:34 -05:00
identity_store_structs.go Login MFA (#14025) 2022-02-17 13:08:51 -08:00
identity_store_test.go reformat using 'make fmt' (#13794) 2022-01-27 10:06:34 -08:00
identity_store_upgrade.go Prevent entity alias creation when entity is in different NS than mount (#943) (#6886) 2019-06-14 12:53:00 -04:00
identity_store_util.go Ensure that fewer goroutines survive after a test completes (#14197) 2022-02-23 10:33:52 -05:00
init.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
init_test.go Shutdown Test Cores when Tests Complete (#10912) 2021-02-12 13:04:48 -07:00
keyring.go reformat using 'make fmt' (#13794) 2022-01-27 10:06:34 -08:00
keyring_test.go Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
lock.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
logical_cubbyhole.go vault: deprecate errwrap.Wrapf() (#11577) 2021-05-11 13:12:54 -04:00
logical_cubbyhole_test.go Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
logical_passthrough.go Migrate to sdk/internalshared libs in go-secure-stdlib (#12090) 2021-07-15 20:17:31 -04:00
logical_passthrough_test.go Migrate to sdk/internalshared libs in go-secure-stdlib (#12090) 2021-07-15 20:17:31 -04:00
logical_raw.go Enhance sys/raw to read and write values that cannot be encoded in json (#13537) 2022-01-20 07:52:53 -05:00
logical_system.go Fixes from mount move testing (#14492) 2022-03-15 11:11:23 -07:00
logical_system_activity.go OSS Port: Activity log breakdowns (#14160) 2022-02-18 13:01:28 -05:00
logical_system_helpers.go Login MFA (#14025) 2022-02-17 13:08:51 -08:00
logical_system_integ_test.go fix fmt (#14062) 2022-02-14 18:06:02 -05:00
logical_system_paths.go Revert "MFA (#14049)" (#14135) 2022-02-17 13:17:59 -07:00
logical_system_pprof.go Add support for unauthenticated pprof access on a per-listener basis,… (#11324) 2021-04-19 14:30:59 -04:00
logical_system_quotas.go Revert "MFA (#14049)" (#14135) 2022-02-17 13:17:59 -07:00
logical_system_raft.go OSS parts of Autopilot in DR secondaries (#12014) 2021-07-08 12:30:01 -04:00
logical_system_test.go Fixes from mount move testing (#14492) 2022-03-15 11:11:23 -07:00
logical_system_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
login_mfa.go add MFA validation support to vault login command (#14425) 2022-03-14 15:54:41 -04:00
managed_key_registry.go Invalidate the ManagedKeyRegistry cache when Vault config is updated. (#14179) 2022-02-21 09:55:44 -05:00
mfa_auth_resp_priority_queue.go Login MFA (#14025) 2022-02-17 13:08:51 -08:00
mfa_auth_resp_priority_queue_test.go Login MFA (#14025) 2022-02-17 13:08:51 -08:00
mount.go Vault 4632 auth remount oss (#14141) 2022-02-18 08:04:21 -08:00
mount_test.go Vault 4632 auth remount oss (#14141) 2022-02-18 08:04:21 -08:00
mount_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
namespaces.go Refactor usages of Core in IdentityStore so they can be decoupled. (#12461) 2021-08-30 15:31:11 -04:00
namespaces_oss.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
password_policy_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
plugin_catalog.go plugin/catalog: support plugin registration when type is explicitly provided (#14142) 2022-02-17 18:40:33 -08:00
plugin_catalog_test.go plugin multiplexing: add catalog test coverage (#14398) 2022-03-08 10:33:24 -06:00
plugin_reload.go Add support to parameterize unauthenticated paths (#12668) 2021-10-13 11:51:20 -05:00
policy.go Add HTTP PATCH support to KV (#12687) 2021-10-13 15:24:31 -04:00
policy_store.go Adds ability to define an inline policy and internal metadata on tokens (#12682) 2021-10-07 10:36:22 -07:00
policy_store_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
policy_store_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
policy_test.go Add HTTP PATCH support to KV (#12687) 2021-10-13 15:24:31 -04:00
policy_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
raft.go Fix raft paralle retry bug (#14303) 2022-02-28 10:38:34 -08:00
rekey.go Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
rekey_test.go Shutdown Test Cores when Tests Complete (#10912) 2021-02-12 13:04:48 -07:00
request_forwarding.go Fix a Deadlock on HA leadership transfer (#12691) 2021-10-04 13:55:15 -04:00
request_forwarding_rpc.go Remove another use gopsutil/host. (#13390) 2021-12-10 09:59:52 -05:00
request_forwarding_rpc_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
request_forwarding_service.pb.go Login MFA (#14025) 2022-02-17 13:08:51 -08:00
request_forwarding_service.proto Add "operator members" command to list nodes in the cluster. (#13292) 2021-11-30 14:49:58 -05:00
request_forwarding_service_grpc.pb.go Update protobuf & grpc libraries and protoc plugins (#12679) 2021-09-29 18:25:15 -07:00
request_handling.go Fix ent diff check 2022/02/23 (#14237) 2022-02-24 11:57:40 -08:00
request_handling_test.go SSCT Optimizations (OSS) (#14323) 2022-03-01 12:24:45 -08:00
request_handling_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
rollback.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
rollback_test.go Run a more strict formatter over the code (#11312) 2021-04-08 09:43:39 -07:00
router.go SSCT Optimizations (OSS) (#14323) 2022-03-01 12:24:45 -08:00
router_access.go The big one (#5346) 2018-09-17 23:03:00 -04:00
router_test.go Authenticate to "login" endpoint for non-existent mount path bug (#13162) 2021-11-22 17:06:59 -08:00
router_testing.go AWS upgrade role entries (#7025) 2019-07-05 16:55:40 -07:00
seal.go reformat using 'make fmt' (#13794) 2022-01-27 10:06:34 -08:00
seal_access.go Migrate built in auto seal to go-kms-wrapping (#8118) 2020-01-10 20:39:52 -05:00
seal_autoseal.go Fix a data race in the new autoseal health check (#13136) 2021-11-12 15:58:46 -06:00
seal_autoseal_test.go Fix autoseal health check race by passing metrics sink in CoreConfig (#14196) 2022-03-01 09:00:39 -05:00
seal_test.go Shamir seals now come in two varieties: legacy and new-style. (#7694) 2019-10-18 14:46:00 -04:00
seal_testing.go Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
seal_testing_util.go Rename master key to root key (#13324) 2021-12-06 17:12:20 -08:00
sealunwrapper.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
sealunwrapper_test.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
testing.go Ensure that fewer goroutines survive after a test completes (#14197) 2022-02-23 10:33:52 -05:00
testing_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
token_store.go fix version check (#14395) 2022-03-07 15:42:06 -08:00
token_store_test.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
token_store_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00
token_store_util_common.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
ui.go port of semgrep fixes oss (#14488) 2022-03-15 13:17:55 -07:00
ui_test.go Fix UI custom header values (#10511) 2020-12-15 15:58:03 +01:00
util.go
util_test.go
vault_version_time.go Port: add client ID to TWEs in activity log [vault-3136] (#12820) 2021-10-14 09:10:59 -07:00
version_store.go fix version check (#14395) 2022-03-07 15:42:06 -08:00
version_store_test.go Only create new batch tokens if we're on at least 1.10.0 (#14370) 2022-03-04 14:16:51 -08:00
wrapping.go SSCT Tokens Feature [OSS] (#14109) 2022-02-17 11:43:07 -08:00
wrapping_util.go Convert to Go 1.17 go:build directive (#13579) 2022-01-05 12:02:03 -06:00