Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-04-13 | Simplify | Ben Burwell | |
2018-08-22 | Make all handlers methods of app | Niall Sheridan | |
Merge server setup and helpers from web.go into server.go Handlers moved to handlers.go | |||
2018-08-10 | Add version string | Niall Sheridan | |
Add `lib.Version` to get updated at build time. Add --version flags to cashier and cashierd Send client version in the signing request Send server version in http response headers and in signing response Set version at build time | |||
2018-08-10 | Add Microsoft auth provider | Kevin Lyda | |
Microsoft uses JSON Web Tokens (JWT) as OAuth tokens. These can run to many thousands of characters which are too long for TTYs. Work around this by base64-encoding the token and chunk it into smaller pieces. Closes #70 | |||
2018-08-09 | Only request a reason from the client if the server requires it | Niall Sheridan | |
2018-08-09 | Remove gRPC | Niall Sheridan | |
This hasn't been enabled in a while due to gRPC limitations | |||
2018-08-08 | Correct client behaviours for option handling | Niall Sheridan | |
A config file is not required - don't error if one doesn't exist. Don't overwrite default options with an empty string. | |||
2017-10-18 | allow whitespace in message (#68) | Bob Long | |
2017-10-17 | Support a message to be passed and logged from client to server (#67) | Bob Long | |
* Support a message to be passed and logged from client to server | |||
2017-06-05 | Saving private keys (#61) | fuero | |
* enables saving private keys * renames public_file_prefix to key_file_prefix and updates its docs to better reflect the changes | |||
2017-04-10 | don't log timestamps | Niall Sheridan | |
2017-02-20 | Split the servers out of main | Niall Sheridan | |
2017-02-19 | Add grpc signer | Niall Sheridan | |
2017-02-12 | Minor fixups | Niall Sheridan | |
Correct some flag strings and some format strings Don't fatal when the client config file is missing Make keysigner, certstore and authprovider package-level | |||
2017-02-12 | Initial pass at prometheus support. (#56) | Kevin Lyda | |
2017-02-11 | Revert "Remove the oauth_callback_url config option" | Niall Sheridan | |
2017-02-09 | Remove the oauth_callback_url config option | Niall Sheridan | |
Infer the redirect url from the request instead | |||
2017-01-27 | Add a public_file_prefix option to cashier.conf | Kevin Lyda | |
Allow the client to save the public key and public cert to files that start with public_file_prefix and end with .pub and -cert.pub respectively. This is the naming scheme the ssh IdentityFile config option supported for certs starting in version 5.4p1. Starting in version 7.2p1, an additional option, CertificateFile, was added, but the IdentityFile-only method with those names still works. Used in conjunction with a user's ~/.ssh/config file setting IdentitiesOnly and IdentityFile, this change will allow for multiple ssh CAs for different services. Note that this will resolve #49 . | |||
2017-01-25 | Create a gitlab auth source. | Kevin Lyda | |
Defaults to public gitlab.com, but easily redirected to self-hosted installation. | |||
2017-01-25 | Switch to scl, an extension of hcl | Niall Sheridan | |
2017-01-15 | Add more context to errors | Niall Sheridan | |
2017-01-13 | Use wkfs to manage the lets encrypt cache | Niall Sheridan | |
2017-01-09 | Merge branch 'master' into opts2 | Niall Sheridan | |
2017-01-08 | Remove dbinit and use sql/js seed files | Niall Sheridan | |
2017-01-06 | Check that tls cert/key are set if use_tls is true | Niall Sheridan | |
2017-01-05 | Move GetPublicKey to the shared `lib` package | Niall Sheridan | |
2017-01-04 | Simplify key generation | Niall Sheridan | |
Use functions to build key generation options. Make it entirely optional. | |||
2016-12-29 | Use vendored s3 wkfs | Niall Sheridan | |
2016-12-28 | Add LetsEncrypt support | Niall Sheridan | |
When configured the server will request a TLS certificate for the specified server name from LetsEncrypt | |||
2016-10-11 | Replace the 'datastore' option with a 'database' option | Niall Sheridan | |
The 'datastore' string option is deprecated and will be removed in a future version. The new 'database' map option is preferred. | |||
2016-10-06 | Add support for Hashicorp Vault | Niall Sheridan | |
Vault is supported for the following: As a well-known filesystem for TLS cert, TLS key and SSH signing key. For configuration secrets for cookie_secret, csrf_secret, oauth_client_id and oauth_client_secret options. | |||
2016-10-06 | Use wkfs when loading tls certs | Niall Sheridan | |
2016-09-30 | Use json.NewDecoder to decode json from http | Niall Sheridan | |
2016-09-11 | Add a toggle for unexpired certs | Niall Sheridan | |
2016-09-10 | Make client a top-level package for consistency | Niall Sheridan | |
2016-09-03 | Add comments for exported types and functions | Niall Sheridan | |
2016-09-03 | Move signing & agent logic out of the main package | Niall Sheridan | |
2016-09-01 | Remove the Principal field from the request | Niall Sheridan | |
The server will always overwrite this field with the username obtained from the auth provider. Allowing the client to set it is a waste of time. | |||
2016-08-27 | Allow setting some config from environment | Niall Sheridan | |
2016-08-27 | Update dependencies | Niall Sheridan | |
2016-08-26 | First attempt at dropping privileges | sid77 | |
2016-08-20 | Replace Fatals with Errors | Niall Sheridan | |
2016-08-20 | Run some tests in parallel | Niall Sheridan | |
2016-08-20 | Use references to config structs | Niall Sheridan | |
2016-08-20 | Add key expiry time to the comment | Niall Sheridan | |
2016-08-16 | Allow selecting which ip to listen on | Niall Sheridan | |
2016-08-16 | Add private key along certificate | sid77 | |
2016-08-15 | Ensure the /sign url is valid before use | Niall Sheridan | |
2016-08-09 | Document sqlite | Niall Sheridan | |
2016-08-09 | SQLite DB support | Niall Sheridan | |