aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-06-15Merge pull request #22 from nsheridan/whitelistNiall Sheridan
Update whitelisting
2016-06-14Update whitelistingNiall Sheridan
Whitelist Google users based on their email address instead of the username part of the email address. Plain gmail (non Google Apps) accounts don't necessarily end in '@gmail.com', and whitelisting on username alone is open to abuse. Skip testing for a Google Apps domain (ui.Hd) if no domain is configured. Principals will still be added as the user part of the email address. For the Github provider, skip checking that the user is a member of an organization is none is configured.
2016-06-14Update READMENiall Sheridan
2016-06-14Merge pull request #21 from nsheridan/whitelist_supportMarco Bonetti
Add support for a users whitelist
2016-06-14Add support for a users whitelistMarco Bonetti
2016-06-13Don't test against tipNiall Sheridan
2016-06-13Run the linter as part of tests.Niall Sheridan
Fix lint warnings.
2016-06-06Merge pull request #18 from nsheridan/agent_lifetimeNiall Sheridan
Remove certs from the agent when they expire
2016-06-06Update agent packageNiall Sheridan
Added support for certificate lifetimes
2016-06-06Merge pull request #17 from nsheridan/vendorNiall Sheridan
update dependencies
2016-06-06Merge pull request #16 from nsheridan/s3Niall Sheridan
Add AWS S3 and Google GCS virtual filesystems
2016-06-06Merge pull request #15 from nsheridan/auth_stateNiall Sheridan
Save oauth 'state' identifier in the client
2016-06-06update vendorNiall Sheridan
2016-06-06Save oauth 'state' identifier in the clientNiall Sheridan
2016-06-05Add AWS S3 and Google GCS virtual filesystems.Niall Sheridan
This allows the signing key to be read directly from S3 using a path like /s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>.
2016-06-02Set an expiry on keys added to the agentNiall Sheridan
2016-06-02Validate tokens correctlyNiall Sheridan
This switch statement doesn't do what I thought it does
2016-06-01FixNiall Sheridan
2016-05-29Add tmp to .gitignorePatrick O'Doherty
2016-05-29Merge pull request #10 from nsheridan/hclNiall Sheridan
Switch from json to hcl configs
2016-05-29Filter vendor packages from testsNiall Sheridan
2016-05-29Replace json examples with hcl examplesNiall Sheridan
2016-05-29Ignore new default config file.Niall Sheridan
2016-05-29Switch from json to hcl configsNiall Sheridan
This is backward-compatible with the JSON config format - this is a non-breaking change. HCL treats config blocks as repeated fields so the config has to be unmarshalled into a struct comprised of []Server, []Auth, []SSH first.
2016-05-29Merge pull request #7 from nsheridan/client_configNiall Sheridan
client: use a config file in addition to command-line flags
2016-05-29Merge pull request #11 from nsheridan/go_versionsNiall Sheridan
Run more CI checks
2016-05-29Run more CI checksNiall Sheridan
Re-enable go 1.5 Run `go build`, `gofmt` and `go vet` in addition to tests.
2016-05-29Use flags as defaults, allow them to override config fileNiall Sheridan
2016-05-29Remove unneeded template_dirNiall Sheridan
2016-05-29Mention GO15VENDOREXPERIMENTNiall Sheridan
2016-05-29fix client_test.go invocations of send methodPatrick O'Doherty
2016-05-29Add validate_tls_certificate option to client configPatrick O'Doherty
To allow for easier development on localhost where one cannot get a root-CA signed TLS certificate, add a new validate_tls_certificate option to the configuration file which optionally allows for certificate chain checking to be disabled.
2016-05-29Fix testsNiall Sheridan
2016-05-29Use a simple config file for configuring the client.Niall Sheridan
2016-05-28Merge pull request #9 from nsheridan/github_authNiall Sheridan
Set expiry time in the github auth package
2016-05-28Set expiry time in the github auth packageNiall Sheridan
2016-05-28Define the token tmpl as a stringNiall Sheridan
2016-05-25Fix key name in example config.Patrick O'Doherty
Add config.json to a gitignore to prevent it being versioned.
2016-05-24Merge pull request #4 from patrickod/patrickod/fail-open-open-configPatrick O'Doherty
Don't allow wide-open Google or Github configs
2016-05-24Don't allow wide-open Google or Github configsPatrick O'Doherty
Fail loudly if either the google_opts domain value or github_opts organization values are not set in the configuration. The lack of these values means that a) in the Google case any @gmail.com address will be allowed b) the Github case any Github user will be allowed. This was previously documented but left as a foot-gun in the code. Future commits will allow for explicit wildcards to be set.
2016-05-22Update READMENiall Sheridan
2016-05-22update readmeNiall Sheridan
2016-05-22Make template directory configurableNiall Sheridan
2016-05-22updateNiall Sheridan
2016-05-22Move binaries into cmd/ directoryNiall Sheridan
2016-05-22unusedNiall Sheridan
2016-05-22Move server/main.go to top-level server.goNiall Sheridan
Also add a Dockerfile
2016-05-22Make 2048 the default key size.Niall Sheridan
2016-05-22Drop go 1.5Niall Sheridan
2016-05-22Use govendorNiall Sheridan