Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
698 Commits 4 Branches 45 Tags 7.5 MiB
6eca2eb147
Commit Graph

413 Commits

Author SHA1 Message Date
kevgliss
b2539b843b Fixing and error causing duplicate roles to be created. (#339) 
* Fixing and error causing duplicate roles to be created.

* Fixing python3

* Fixing python2 and python3
 2016-05-31 15:44:54 -07:00
kevgliss
be5dff8472 Adding a visualization for authorities. (#338) 
* Adding a visualization for authorities.

* Fixing some lint.

* Fixing some lint.
 2016-05-30 21:52:34 -07:00
kevgliss
76037e8b3a Fixing certificate names. (#337) 2016-05-27 12:00:10 -07:00
kevgliss
11f4bd503b Fixes (#332) 
* Ensuring domains are returned correctly.

* Ensuring certificates receive owner role
 2016-05-24 17:10:19 -07:00
kevgliss
6688b279e7 Fixing some bad renaming. (#331) 2016-05-24 10:43:40 -07:00
kevgliss
1ca38015bc Fixes (#329) 
* Modifying the way roles are assigned.

* Adding migration scripts.

* Adding endpoints field for future use.

* Fixing dropdowns.
 2016-05-23 18:38:04 -07:00
kevgliss
656269ff17 Closes #147 (#328) 
* Closes #147

* Fixing tests

* Ensuring we can validate max dates.
 2016-05-23 11:28:25 -07:00
kevgliss
bd727b825d Making roles more apparent for certificates and authorities. (#327) 2016-05-20 12:48:12 -07:00
kevgliss
e04c1e7dc9 Fixing a few things, adding tests. (#326) 2016-05-20 09:03:34 -07:00
kevgliss
615df76dd5 Closes 262 (#324) 
Moves the authority -> role relationship from a 1 -> many to a many -> many. This will allow one role to control and have access to many authorities.
 2016-05-19 13:37:05 -07:00
kevgliss
112c6252d6 Adding password reset command to the cli. (#325) 2016-05-19 10:07:15 -07:00
kevgliss
b13370bf0d Making dropdowns look a bit better. (#322) 
* Making dropdowns look a bit better.

* Pleasing Lint.
 2016-05-19 09:04:50 -07:00
kevgliss
88aa5d3fdb Making nested notifications less verbose (#321) 2016-05-19 08:48:55 -07:00
kevgliss
b187d8f836 Adding a better comparison. (#320) 2016-05-16 19:03:10 -07:00
kevgliss
1763a1a717 254 duplication certificate name (#319) 2016-05-16 15:59:40 -07:00
kevgliss
62b61ed980 Fixing various issues. (#318) 
* Fixing various issues.

* Fixing tests
 2016-05-16 11:09:50 -07:00
kevgliss
c11034b9bc Fixes various issues. (#317) 2016-05-16 09:23:48 -07:00
kevgliss
58e8fe0bd0 Fixes various issues. (#316) 2016-05-13 14:35:38 -07:00
kevgliss
a0c8765588 Various bug fixes. (#314) 2016-05-12 12:38:44 -07:00
kevgliss
9022059dc6 Marshmallowing roles (#313) 2016-05-10 14:22:22 -07:00
kevgliss
7f790be1e4 Marsmallowing users (#312) 2016-05-10 14:19:24 -07:00
kevgliss
93791c999d Marsmallowing destinations (#311) 2016-05-10 13:43:26 -07:00
kevgliss
5e9f1437ad Marsmallowing sources (#310) 2016-05-10 13:16:33 -07:00
kevgliss
f9655213b3 Marshmallowing notifications. (#308) 2016-05-10 11:27:57 -07:00
kevgliss
008d608ec4 Fixing error in notifications. (#307) 2016-05-09 17:35:18 -07:00
kevgliss
78c8d12ad8 Cleaning up the way authorities are selected and upgrading uib dependencies. 2016-05-09 17:17:00 -07:00
kevgliss
df0ad4d875 Authorities marshmallow addition (#303) 2016-05-09 11:00:16 -07:00
Harm Weites
776e0fcd11 Slack plugin for notifications (#305) 2016-05-08 09:07:16 -07:00
kevgliss
6ec3bad49a Closes #278 (#298) 
* Closes #278
 2016-05-05 15:28:17 -07:00
kevgliss
52f44c3ea6 Closes #278 and #199, Starting transition to marshmallow (#299) 
* Closes #278  and #199, Starting transition to marshmallow
 2016-05-05 12:52:08 -07:00
kevgliss
db8243b4b4 Closes #301 2016-05-04 16:56:05 -07:00
kevgliss
8e1b7c0036 Removing validation because regex is hard 2016-04-25 16:13:33 -07:00
kevgliss
9b0e0fa9c2 removing validtion from openssl 2016-04-25 16:11:37 -07:00
kevgliss
b9fe359d23 Fixes #285 Renames sync_sources function to sync to align documentation. 2016-04-25 11:21:25 -07:00
kevgliss
dbd1279226 Fixes #289 and #275 2016-04-21 16:22:19 -07:00
kevgliss
82b4f5125d Fixes an issue where custom OIDs would clear out san extensions 2016-04-11 11:17:18 -07:00
kevgliss
3f89d6d009 Merge pull request #271 from kevgliss/195 
Closes #195
 2016-04-08 12:01:10 -07:00
kevgliss
c2387dc120 Fixes an issue where custom OIDs would clear out san extensions 2016-04-07 10:29:08 -07:00
kevgliss
dbc4964e94 Fixing an issue were metrics would not be sent 2016-04-05 10:23:33 -07:00
kevgliss
62d03b0d41 Closes #216 2016-04-01 16:54:33 -07:00
kevgliss
b5a4b293a9 Merge pull request #270 from kevgliss/248 
Closes #248
 2016-04-01 14:28:52 -07:00
kevgliss
bfcfdb83a7 Closes #195 2016-04-01 14:27:57 -07:00
kevgliss
4ccbfa8164 Closes #248 2016-04-01 13:29:08 -07:00
kevgliss
2cde7336dc Closes #263 2016-04-01 13:01:56 -07:00
kevgliss
3ceb297276 Merge pull request #267 from kevgliss/261 
Closes #261
 2016-04-01 10:12:10 -07:00
kevgliss
5958bac2a2 Merge pull request #265 from kevgliss/257 
Closes #257
 2016-04-01 10:11:32 -07:00
kevgliss
47891d2953 Closes #261 2016-04-01 09:58:19 -07:00
kevgliss
939194158a Closes #257 2016-04-01 09:49:44 -07:00
kevgliss
576265e09c Closes #246 2016-04-01 09:19:36 -07:00
Mike Grima
ba666ddbfa Removed deprecated auth api endpoint. 2016-02-16 15:04:53 -08:00
kevgliss
ac1f493338 version bump 2016-02-05 13:12:21 -08:00
kevgliss
e8e7bdf9e0 adding changelog 2016-02-05 13:00:59 -08:00
kevgliss
028d86c0bb Adding a new flag to export plugins 'requires_key' that specifies whether the export plugin needs access to the private key. Defaults to True. 2016-01-29 12:45:18 -08:00
kevgliss
f8b6830013 Merge pull request #239 from kevgliss/228-filter-values 
Fixing documentation for filter format
 2016-01-29 11:54:13 -08:00
kevgliss
2ba48995fe Fixing documentation for filter format 2016-01-29 11:47:16 -08:00
kevgliss
3cc8ade6d8 associating new authorities with the owner roles 2016-01-29 10:59:04 -08:00
kevgliss
39c9a0a299 Merge pull request #237 from kevgliss/218_password_regex 
relaxing keystore password validation
 2016-01-29 10:37:49 -08:00
kevgliss
3ad317fb6d Merge pull request #236 from kevgliss/migration_script_fixups 
Removing per 2.0 migration scripts
 2016-01-29 10:30:41 -08:00
kevgliss
bd46440d12 relaxing keystore password validation 2016-01-29 10:29:04 -08:00
kevgliss
9f8f64b9ec removing pre 2.0 migration scripts, and adding documentation for correct path during init 2016-01-29 09:22:12 -08:00
kevgliss
1e524a49c0 making 'replacements' a non-require attribute for importing. Closes #226 2016-01-29 09:02:51 -08:00
Edward Barker
b36e72bfcc Minor spelling fix 
Using the possessive “Your” rather than “You’re” in “Your passphrase
is:”
 2016-01-12 22:04:42 -08:00
kevgliss
48f8b33d7d Adding a rolling metric count 2016-01-11 15:26:32 -08:00
kevgliss
d87ace8c89 Merge pull request #211 from kevgliss/hotfix 
fixing an issue were urllib does not like unicode
 2016-01-11 10:38:45 -08:00
kevgliss
b1326d4145 fixing an issue were urllib does not like unicode 2016-01-11 10:31:58 -08:00
kevgliss
7c2862c958 Merge pull request #210 from kevgliss/hotfix 
Fixes an assumption that 'subAltNames' are always passed to the API.
 2016-01-11 09:08:38 -08:00
kevgliss
0a4f5ad64d Fixing an assumption that 'subAltNames' are always passed to the API. 2016-01-10 17:33:19 -08:00
kevgliss
c617a11c55 Merge pull request #209 from kevgliss/migrate_chain 
Adding command to transparently rotate the chain on an ELB
 2016-01-10 14:37:29 -08:00
kevgliss
053167965a Adding command to transparently rotate the chain on an ELB 2016-01-10 14:20:36 -08:00
kevgliss
a7ac45b937 Merge pull request #206 from kevgliss/syncing 
Fixing issue where we were seeing AWS API errors due to certificates …
 2016-01-08 16:39:51 -08:00
kevgliss
5482bbf4bd Fixing issue where we were seeing AWS API errors due to certificates not having private keys and could not be uploaded or 'synced' 2016-01-07 13:42:46 -08:00
Robert Picard
a1395a5808 Fix how the provider settings are passed to Satellizer 2016-01-05 17:26:09 -08:00
kevgliss
685e2c8b6d fixing typo 2016-01-05 09:40:53 -08:00
kevgliss
967c7ded8d Improving documentation layout 2015-12-31 11:12:56 -08:00
kevgliss
d6917155e8 Fixing tests 2015-12-30 15:32:01 -08:00
kevgliss
3f024c1ef4 Adds ability for domains to be marked as sensitive and only be allowed to be issued by an admin closes #5 2015-12-30 15:11:08 -08:00
kevgliss
9b166fb9a9 version bump 2015-12-30 09:15:11 -08:00
kevgliss
ca82b227b9 0.2.1 release info 2015-12-30 09:11:19 -08:00
Matthias Hähnel
8bb9a8c5d1 Define ACTIVE_PROVIDERS in default config 
The configuration item ACTIVE_PROVIDERS must be initialized

Workaround for this error:
2015-12-30 13:58:48,073 ERROR: Internal Error [in /www/lemur/local/lib/python2.7/site-packages/flask_restful/__init__.py:299]
Traceback (most recent call last):
  File "/www/lemur/local/lib/python2.7/site-packages/flask/app.py", line 1475, in full_dispatch_request
    rv = self.dispatch_request()
  File "/www/lemur/local/lib/python2.7/site-packages/flask/app.py", line 1461, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/www/lemur/local/lib/python2.7/site-packages/flask_restful/__init__.py", line 462, in wrapper
    resp = resource(*args, **kwargs)
  File "/www/lemur/local/lib/python2.7/site-packages/flask/views.py", line 84, in view
    return self.dispatch_request(*args, **kwargs)
  File "/www/lemur/local/lib/python2.7/site-packages/flask_restful/__init__.py", line 572, in dispatch_request
    resp = meth(*args, **kwargs)
  File "/www/lemur/lemur/auth/views.py", line 276, in get
    for provider in current_app.config.get("ACTIVE_PROVIDERS"):
TypeError: 'NoneType' object is not iterable
 2015-12-30 14:56:59 +01:00
kevgliss
00cb66484b Merge pull request #188 from kevgliss/csr 
Adding the ability to submit a third party CSR
 2015-12-29 12:11:11 -08:00
kevgliss
cabe2ae18d Adding the ability to issue third party created CSRs 2015-12-29 10:49:33 -08:00
kevgliss
3b5d7eaab6 More Linting 2015-12-27 18:08:17 -05:00
kevgliss
aa2358aa03 Fixing linting 2015-12-27 18:02:38 -05:00
kevgliss
a7decc1948 Fixing some issues with dynamically supporting multiple SSO providers 2015-12-27 17:54:11 -05:00
Robert Picard
60856cb7b9 Add an endpoint to return active authentication providers 
This endpoint can be used by Angular to figure out what authentication
options to display to the user. It returns a dictionary of configuration
details that the front-end needs for each provider.
 2015-12-22 18:03:56 -05:00
Robert Picard
350d013043 Add Google SSO 
This pull request adds Google SSO support. There are two main changes:

1. Add the Google auth view resource
2. Make passwords optional when creating a new user. This allows an admin
to create a user without a password so that they can only login via Google.
 2015-12-22 13:44:30 -05:00
kevgliss
6211b126a9 Fixing py3 syntax error 2015-12-18 11:01:08 -05:00
kevgliss
54c3fcc72a Adding rotate command 2015-12-17 23:17:27 -05:00
kevgliss
b8c2d42cad Closes #176 2015-12-17 14:52:20 -08:00
kevgliss
2896ce0dad Closes #172 2015-12-16 08:18:01 -08:00
kevgliss
29bcde145c 0.2.1 release 2015-12-14 10:42:51 -08:00
kevgliss
6d17e4d538 Fixing templates 2015-12-04 09:51:38 -08:00
kevgliss
de9478a992 Disabling one-time binding 2015-12-03 16:57:37 -08:00
kevgliss
78037dc9ec Fixing the startup port 2015-12-02 17:13:52 -08:00
kevgliss
041382b02f Version bump 2015-12-02 14:53:46 -08:00
kevgliss
aa18b88a61 Making the notification email template cleaner 2015-12-01 17:13:43 -08:00
kevgliss
b1e842ae47 Merge pull request #162 from kevgliss/160-startup 
Closes #160
 2015-12-01 10:08:03 -08:00
kevgliss
e2524e43cf adding exports 2015-12-01 09:44:41 -08:00
kevgliss
6aac2d62be Closes #160 2015-12-01 09:40:27 -08:00
kevgliss
95e2636f23 Updating docs 2015-12-01 09:15:53 -08:00
kevgliss
11f2d88b16 Adding current migration files. 2015-11-30 15:43:38 -08:00
kevgliss
c3091a7346 Adding missing files. 2015-11-30 14:08:17 -08:00
kevgliss
9cadebcd50 adding example requests 2015-11-30 13:51:27 -08:00
kevgliss
f194e2a1be Linting 2015-11-30 10:24:53 -08:00
kevgliss
ec896461a7 Adding final touches to #125 2015-11-30 09:47:36 -08:00
kevgliss
8eeed821d3 Adding UI elements 2015-11-27 13:27:14 -08:00
kevgliss
920d595c12 Initial work on #125 2015-11-25 14:54:08 -08:00
kevgliss
1c6e9caa40 Closes #144 2015-11-24 16:07:44 -08:00
kevgliss
d6b3f5af81 Closes #122 2015-11-24 14:53:22 -08:00
kevgliss
e14eefdc31 Added the ability to find an authority even if a user only types the name in and does not select it. 2015-11-23 16:41:31 -08:00
kevgliss
f0324e4755 Merge pull request #148 from kevgliss/120-error-length 
Closes #120
 2015-11-23 15:25:30 -08:00
kevgliss
00f0f957c0 Lint again 2015-11-23 15:13:18 -08:00
kevgliss
9c652d784d Merge pull request #143 from kevgliss/requirements 
Updating requirements
 2015-11-23 14:59:31 -08:00
kevgliss
eb2fa74661 Fixing test 2015-11-23 14:49:05 -08:00
kevgliss
146c599deb Lint cleanup 2015-11-23 14:47:34 -08:00
kevgliss
574c4033ab Closes #120 2015-11-23 14:30:23 -08:00
kevgliss
eb0f6a04d8 Closes #140 2015-11-23 10:43:07 -08:00
kevgliss
df4364714e Closes #139 2015-11-23 09:53:55 -08:00
Ryan Clough
2073090628 Use american english for consistency 2015-10-28 19:39:10 -07:00
kevgliss
0453afcb0e Fixing issuer where roles were not added correctly to user. 2015-10-26 10:59:20 -07:00
kevgliss
4b968a9474 Adding aes - fernet migration 2015-10-23 16:47:17 -07:00
Robert Picard
40eb950e94 Use MultiFernet for encryption 
Facilitates key rotation and uses more secure encryption than what
sqlalchemy-utils does.

Fixes #117 and #119.
 2015-10-13 16:58:58 -07:00
Robert Picard
2fc6d4cd21 Fix a handful of typos in documentation 
As I was reading through the docs I made note of grammar issues and
typos I saw. Not a huge deal but might as well fix what I noticed.
 2015-10-06 15:05:05 -07:00
kevgliss
a20726a301 Fixing python 3.x syntax error 2015-10-06 13:11:24 -07:00
kevgliss
39727a1c9f Fixing tests 2015-10-06 13:00:06 -07:00
kevgliss
168f46a436 Adding the ability to track a certificates signing key algorithm 2015-10-06 12:51:59 -07:00
kevgliss
798a6295ee Fixes destination stat 2015-10-06 09:43:31 -07:00
kevgliss
63b7b71b49 adding clipboard functionality 2015-10-05 16:06:56 -07:00
kevgliss
9965af9ccd fixing links, and adding zeroclipboard 2015-10-05 09:48:52 -07:00
kevgliss
867be09e29 more double quotes 2015-10-05 09:24:11 -07:00
kevgliss
8362a92898 fixing double quotes 2015-10-05 09:19:14 -07:00
kevgliss
162482dbc4 Adding ui router and perma links to certificates and authorities 2015-10-05 09:00:51 -07:00
kevgliss
2187898494 adding copy and a better profile picture for non-sso users 2015-10-02 15:36:50 -07:00
kevgliss
d4bc6ae7a1 Fixes #105 2015-10-02 13:46:13 -07:00
kevgliss
5cfa9d4bc5 description should be optional 2015-09-29 16:37:32 -07:00
kevgliss
7ebd0bf5d4 making fields required 2015-09-24 08:42:31 -07:00
kevgliss
06a69c09a0 Fixing a bug where notifications associated during certificate creation would not be respected. 2015-09-22 13:01:05 -07:00
kevgliss
be6a5b859e adding notification example 2015-09-22 09:46:54 -07:00
Eric Mill
baef329a4d Rename SSL to TLS 2015-09-21 18:16:19 -04:00
Eric Mill
a3385bd2ac Rename SSL to TLS 2015-09-21 18:15:25 -04:00
kevgliss
fc0a884d5f Cleaning up unneed/unused files 2015-09-20 09:49:16 -07:00
kevgliss
ef72de89b3 Minor fixes 2015-09-18 15:50:59 -07:00
kevgliss
a563986ce4 fixing an error where dates components were not replaced in logical order 2015-09-16 11:10:09 -07:00
kevgliss
d3cf273a45 Merge pull request #72 from kevgliss/docker 
[WIP] Docker
 2015-09-11 15:36:25 -07:00
kevgliss
25f652c1eb fixing merge conflict 2015-09-11 08:38:48 -07:00
kevgliss
7f119e95e1 making the verisign urls more generic 2015-09-11 08:27:34 -07:00
kevgliss
1e314b505f fixing keyerror 2015-09-08 18:18:14 -07:00
kevgliss
ef9a80ebfd adding actual recipients 2015-09-08 18:03:18 -07:00
kevgliss
84d0afae4c fixing email internvals 2015-09-08 17:56:20 -07:00
kevgliss
48a53ad436 fixing error in default password creation 2015-09-08 17:42:57 -07:00