open-vault/builtin/credential/cert
Peter Verraedt f7fdf43c7e
auth/cert: Add metadata to identity-alias (#14751)
* auth/cert: Add metadata to identity-alias

Add the possibility to include certificate metadata in the created
logical.Alias (the identity alias), in addition to the metadata added
to logical.Auth. This is analogous to the behaviour of the ldap and
approle auth providers.

This possibility can be configured by the config endpoint of the
auth method mount and is disabled by default. We added the read
operation on this config endpoint as well.

Fixes: #14418

Signed-off-by: Peter Verraedt <peter.verraedt@kuleuven.be>

* Add changelog for #14751

Signed-off-by: Peter Verraedt <peter.verraedt@kuleuven.be>

* Test the usage of cert metadata in ACL policies

Signed-off-by: Peter Verraedt <peter@verraedt.be>

Signed-off-by: Peter Verraedt <peter.verraedt@kuleuven.be>
Signed-off-by: Peter Verraedt <peter@verraedt.be>
2022-08-23 11:03:53 -07:00
..
cmd/cert Update to api 1.0.1 and sdk 0.1.8 2019-04-15 14:10:07 -04:00
test-fixtures cert/tests: fix tests due to cert expiry (#6647) 2019-04-26 16:49:30 -07:00
backend.go Switch to go modules (#6585) 2019-04-13 03:44:06 -04:00
backend_test.go auth/cert: Add metadata to identity-alias (#14751) 2022-08-23 11:03:53 -07:00
cli.go
path_certs.go auth/cert: Add certificate extensions as metadata (#13348) 2022-01-03 13:38:16 -08:00
path_config.go auth/cert: Add metadata to identity-alias (#14751) 2022-08-23 11:03:53 -07:00
path_crls.go builtin: deprecate errwrap.Wrapf() throughout (#11430) 2021-04-22 11:20:59 -04:00
path_login.go auth/cert: Add metadata to identity-alias (#14751) 2022-08-23 11:03:53 -07:00
path_login_test.go VAULT-6727 Adjust cert and approle role resolution, add more tests (#16341) 2022-07-20 09:24:06 -04:00