Age | Commit message (Collapse) | Author |
|
|
|
* Fix the gitlab oauth issue.
* Update for gitlab 11.1+
Versions beyond 11.1 (and possibly a few releases before) use a
different method for delivering tokens. They also have disabled
version 3 of the api.
These changes address that and add a debugging mode for the server
that make it easier to debug issues like this in the future.
* Cleanup of PR.
Updated README. Removed code duplication.
|
|
|
|
|
|
Merge server setup and helpers from web.go into server.go
Handlers moved to handlers.go
|
|
|
|
Add `lib.Version` to get updated at build time.
Add --version flags to cashier and cashierd
Send client version in the signing request
Send server version in http response headers and in signing response
Set version at build time
|
|
Microsoft uses JSON Web Tokens (JWT) as OAuth tokens. These can run to many thousands of characters which are too long for TTYs. Work around this by base64-encoding the token and chunk it into smaller pieces.
Closes #70
|
|
|
|
|
|
This hasn't been enabled in a while due to gRPC limitations
|
|
- Add `fast_finish` to travis config
- Specify that Go 1.9 is supported
- Additional error checking which was previously missed
- Make the migrations test better
-
|
|
In retrospect a primary key that has no relation to the certificate is preferred to using the certificate KeyID. The KeyID is also very large for a primary index.
This is a moderately tricky migration, especially for SQLite which has no means of altering the table in this fashion - it involves creating the new table and copying the data.
Order of commands also matters - index names are global in SQLite, so the `idx_expires_at` index needs to be created at the correct stages.
For MySQL migration the necessary steps are run as a single alter statement to minimise the risk of leaving the migration in an incomplete state if anything aborts.
When tested on a table with 250,000 rows (MySQL 5.7) the migration took 3 seconds to complete. As certificates will be requested infrequently the risk of prolonged locking is minimal.
|
|
|
|
|
|
Static content generator finds the root of the git repo and executes from there. Packr will scan subdirs for boxes to be packed.
|
|
|
|
Return an error if the store isn't known, instead of defaulting to a mem store
|
|
|
|
It's currently hard to make changes to the database schema. Use sql-migrate to make incremental changes.
Stop hard-coding the database name (the default is still "certs" for backward-compatibility)
The `automigrate()` function will automatically run pending migrations.
Use a different migration directory per database driver. This carries a cost of duplication, but is easier than creating migrations which will cleanly execute in both SQLite and MySQL.
Migrations are shipped using the packr utility.
|
|
|
|
|
|
|
|
|
|
* Support a message to be passed and logged from client to server
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Infer the redirect url from the request instead
|
|
|
|
It's going away
|
|
Resolves #40
|
|
Google tokens grew in length and on smaller screens the token doesn't
fix within the visible textarea
|
|
|
|
|
|
Use ParseBool instead of writing it on own.
Use c.newClient(token) to get an http client.
|
|
Defaults to public gitlab.com, but easily redirected to self-hosted
installation.
|