This is an automated email from the ASF dual-hosted git repository.
lahirujayathilake pushed a change to branch signer-service
in repository https://gitbox.apache.org/repos/asf/airavata-custos.git
from f21b7aa69 maintain a denied list for the extensions in client config
and move the force-command to the certificate issuance
add cdb7104c3 add SSH extension validation and resolution logic with tests
add 3fdb6ba76 Add source of truth validation against LDAP and caching logic
add b35bfb06d Add defaultSubject support in dev mode configuration
No new revisions were added by this update.
Summary of changes:
signer/config.example.yaml | 8 +-
signer/go.mod | 12 +-
signer/go.sum | 17 ++
signer/internal/auth/oidc_validator.go | 10 +-
signer/internal/cert/extensions.go | 121 +++++++++++++
signer/internal/cert/extensions_test.go | 188 ++++++++++++++++++++
signer/internal/config/config.go | 22 +--
signer/internal/handler/sign.go | 6 +-
signer/internal/store/client_config.go | 5 +-
signer/internal/validation/dispatcher.go | 172 ++++++++++++++++++
signer/internal/validation/dispatcher_test.go | 219 +++++++++++++++++++++++
signer/internal/validation/ldap.go | 155 +++++++++++++++++
signer/internal/validation/ldap_test.go | 241 ++++++++++++++++++++++++++
signer/internal/vault/client.go | 51 ++++++
signer/main.go | 21 ++-
signer/migrations/001_initial_schema.up.sql | 1 +
16 files changed, 1208 insertions(+), 41 deletions(-)
create mode 100644 signer/internal/cert/extensions.go
create mode 100644 signer/internal/cert/extensions_test.go
create mode 100644 signer/internal/validation/dispatcher.go
create mode 100644 signer/internal/validation/dispatcher_test.go
create mode 100644 signer/internal/validation/ldap.go
create mode 100644 signer/internal/validation/ldap_test.go
