Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-08-07 | Use bootstrap | Niall Sheridan | |
Move templates and static under server/ | |||
2016-08-07 | Ping the db before attempting to query it | Niall Sheridan | |
2016-08-01 | fix build | Niall Sheridan | |
2016-07-31 | Support mongo datastores | Niall Sheridan | |
2016-07-31 | Use a KRL for revoked certs | Niall Sheridan | |
2016-07-24 | Add a page for revoking certs | Niall Sheridan | |
Add a template for revocation Use DATETIME type to store created/expires times Require auth for the /admin and /revoke endpoints | |||
2016-07-17 | Add some handlers tests | Niall Sheridan | |
2016-07-03 | first pass at a certificate store | Niall Sheridan | |
2016-06-30 | Configurable logfile location | Niall Sheridan | |
2016-06-14 | Update whitelisting | Niall Sheridan | |
Whitelist Google users based on their email address instead of the username part of the email address. Plain gmail (non Google Apps) accounts don't necessarily end in '@gmail.com', and whitelisting on username alone is open to abuse. Skip testing for a Google Apps domain (ui.Hd) if no domain is configured. Principals will still be added as the user part of the email address. For the Github provider, skip checking that the user is a member of an organization is none is configured. | |||
2016-06-14 | Merge pull request #21 from nsheridan/whitelist_support | Marco Bonetti | |
Add support for a users whitelist | |||
2016-06-14 | Add support for a users whitelist | Marco Bonetti | |
2016-06-13 | Run the linter as part of tests. | Niall Sheridan | |
Fix lint warnings. | |||
2016-06-06 | Merge pull request #16 from nsheridan/s3 | Niall Sheridan | |
Add AWS S3 and Google GCS virtual filesystems | |||
2016-06-06 | Save oauth 'state' identifier in the client | Niall Sheridan | |
2016-06-05 | Add AWS S3 and Google GCS virtual filesystems. | Niall Sheridan | |
This allows the signing key to be read directly from S3 using a path like /s3/<bucket>/<path/to/signing.key> or /gcs/<bucket>/<path/to/signing.key>. | |||
2016-06-02 | Validate tokens correctly | Niall Sheridan | |
This switch statement doesn't do what I thought it does | |||
2016-05-29 | Switch from json to hcl configs | Niall Sheridan | |
This is backward-compatible with the JSON config format - this is a non-breaking change. HCL treats config blocks as repeated fields so the config has to be unmarshalled into a struct comprised of []Server, []Auth, []SSH first. | |||
2016-05-29 | Remove unneeded template_dir | Niall Sheridan | |
2016-05-28 | Set expiry time in the github auth package | Niall Sheridan | |
2016-05-24 | Don't allow wide-open Google or Github configs | Patrick O'Doherty | |
Fail loudly if either the google_opts domain value or github_opts organization values are not set in the configuration. The lack of these values means that a) in the Google case any @gmail.com address will be allowed b) the Github case any Github user will be allowed. This was previously documented but left as a foot-gun in the code. Future commits will allow for explicit wildcards to be set. | |||
2016-05-22 | Make template directory configurable | Niall Sheridan | |
2016-05-22 | Move server/main.go to top-level server.go | Niall Sheridan | |
Also add a Dockerfile | |||
2016-05-22 | Open the browser automatically | Niall Sheridan | |
2016-05-21 | Log the issuing of new certs | Niall Sheridan | |
2016-05-21 | Remove database config. Not needed. | Niall Sheridan | |
2016-05-18 | misc | Niall Sheridan | |
2016-05-18 | Don't use jwt, it doesn't buy a whole lot for this application | Niall Sheridan | |
2016-05-18 | Do login if the provided token is invalid | Niall Sheridan | |
2016-05-09 | Placeholder for database config. | Niall Sheridan | |
2016-04-23 | Add config file tests | Niall Sheridan | |
2016-04-23 | Refactor to use an io.Reader for easier testing | Niall Sheridan | |
2016-04-23 | Fix comments | Niall Sheridan | |
2016-04-22 | Add github oauth provider. | Niall Sheridan | |
2016-04-22 | Fix typo in comment. | Olivier Tharan | |
2016-04-21 | Fix test | Niall Sheridan | |
2016-04-21 | Just make ProviderOpts a map[string]string. | Niall Sheridan | |
I have no idea why I made it a map[string]interface{} and it's a pain to deal with. | |||
2016-04-21 | Some small fixes. | Niall Sheridan | |
Rename 'GoogleOpts' to 'ProviderOpts'. Rename Principals to AdditionalPrincipals to match the config option. | |||
2016-04-21 | use correct config parameter | Niall Sheridan | |
2016-04-21 | Missed some bits | Niall Sheridan | |
2016-04-20 | add comments | Niall Sheridan | |
2016-04-20 | Add comments. | Niall Sheridan | |
2016-04-20 | Be explicit that this is for signing user keys | Niall Sheridan | |
2016-04-20 | dumb tests for the google auth provider | Niall Sheridan | |
2016-04-20 | use a better function name | Niall Sheridan | |
2016-04-20 | dumb tests for the google auth provider | Niall Sheridan | |
2016-04-19 | this serves no purpose | Niall Sheridan | |
2016-04-19 | SSH signer tests | Niall Sheridan | |
2016-04-18 | Initial commit | Niall Sheridan | |