vault

mirror of https://github.com/hashicorp/vault.git synced 2025-08-20 06:01:10 +02:00

Author	SHA1	Message	Date
Vishal Nayak	f4d74fe4cc	AppRole: Support restricted use tokens (#2435 ) * approle: added token_num_uses to the role * approle: added RUD tests for token_num_uses on role * approle: doc: added token_num_uses	2017-03-03 09:31:20 -05:00
Vishal Nayak	be9153cfcf	approle: secret-id listing lock sanity check (#2315 ) * approle: secret-id listing lock sanity * Skip processing an empty secretIDHMAC item during the iteration * approle: use dedicated lock for listing of secret-id-accessors	2017-02-01 18:13:49 -05:00
Jeff Mitchell	be2d33e4b6	Update path help for approle secret id TTL	2016-11-15 11:50:51 -05:00
vishalnayak	4caa09f6e6	Fix regression caused by not creating a role_id secondary index	2016-10-14 12:56:29 -04:00
vishalnayak	d672d3c5dc	Added website docs for lookup and destroy APIs	2016-09-28 22:11:48 -04:00
vishalnayak	11614805e0	Make secret-id reading and deleting, a POST op instead of GET	2016-09-28 20:22:37 -04:00
vishalnayak	5c5871ee5a	Don't reset the deprecated value yet	2016-09-28 15:48:50 -04:00
vishalnayak	2964c925d3	Fix the misplaced response warning	2016-09-28 14:20:03 -04:00
vishalnayak	a716e20261	Added testcase to check secret_id_num_uses	2016-09-28 13:58:53 -04:00
vishalnayak	020237779e	Pull out reading and storing of secret ID into separate functions and handle upgrade properly	2016-09-28 12:42:26 -04:00
Vishal Nayak	92cb781be9	Merge pull request #1910 from hashicorp/secret-id-cidr-list CIDR restrictions on Secret ID	2016-09-26 10:22:48 -04:00
Vishal Nayak	a31ab07615	Merge pull request #1920 from legal90/fix-approle-delete Fix panic on deleting the AppRole which doesn't exist	2016-09-26 10:05:33 -04:00
Mikhail Zholobov	9667cd9377	Fix panic on deleting the AppRole which doesn't exist #pathRoleDelete should return silently if the specified AppRole doesn't exist Fixes GH-1919	2016-09-26 16:55:08 +03:00
Jeff Mitchell	bba2ea63f1	Don't use time.Time in responses. (#1912 ) This fixes #1911 but not directly; it doesn't address the cause of the panic. However, it turns out that this is the correct fix anyways, because it ensures that the value being logged is RFC3339 format, which is what the time turns into in JSON but not the normal time string value, so what we audit log (and HMAC) matches what we are returning.	2016-09-23 12:32:07 -04:00
vishalnayak	8ce3fa75ba	Store the CIDR list in the secret ID storage entry. Use the stored information to validate the source address and credential issue time. Correct the logic used to verify BoundCIDRList on the role. Reverify the subset requirements between secret ID and role during credential issue time.	2016-09-21 20:19:26 -04:00
vishalnayak	7f89bb5f68	Pass only valid inputs to validation methods	2016-09-21 15:44:54 -04:00
vishalnayak	c93bded97b	Added cidrutil helper	2016-09-21 13:58:32 -04:00
vishalnayak	32a8ab3cc7	Safely manipulate secret id accessors	2016-09-15 18:13:50 -04:00
vishalnayak	7d4edbde69	check for nil role	2016-09-15 12:10:40 -04:00
vishalnayak	dbb3f49438	Address review feedback	2016-09-13 18:30:04 -04:00
vishalnayak	de334d1688	upgrade notes entry for approle constraint and warning on role read	2016-09-13 17:44:07 -04:00
vishalnayak	166d67c0a8	Ensure at least one constraint on the role	2016-09-13 16:03:15 -04:00
vishalnayak	edd7b3deb5	approle: fix racy updates problem for roles	2016-08-30 16:11:14 -04:00
vishalnayak	7d772e445f	Extract out common code	2016-08-21 15:46:11 -04:00
vishalnayak	1a62fb64c2	Seperate endpoints for read/delete using secret-id and accessor	2016-08-21 14:42:49 -04:00
Jeff Mitchell	7d1f0facb8	Add arbitrary string slice parsing. Like the KV function, this supports either separated strings or JSON strings, base64-encoded or not. Fixes #1619 in theory.	2016-08-03 14:24:16 -04:00
Jeff Mitchell	3329d38959	Cleanup	2016-08-03 13:09:12 -04:00
vishalnayak	59930fda8f	AppRole authentication backend	2016-07-26 09:32:41 -04:00

1 2

78 Commits