Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Client Certificate Authentication with simple permissions model #1550

Merged
merged 20 commits into from Jan 9, 2019
Merged

Client Certificate Authentication with simple permissions model #1550

merged 20 commits into from Jan 9, 2019

Commits on Dec 27, 2018

  1. begin verifying client certs

    @jamesatheyDDS
    jamesatheyDDS committed Dec 27, 2018
    Copy the full SHA
    cd2dfa1 View commit details
    Browse the repository at this point in the history

  2. Basic client cert verification working 

    Use a fixed-length CHAR as the PRIMARY key in the client_certs table instead of a byte array - it's more natural for nearly everything, and performance should be just fine
Add devlocal-ca.pem to clientCAs in test and development
Create "faux" Air Force and Marine Corps certificates and keys, signed by the devlocal CA
Add the faux certificates to the database
    @jamesatheyDDS
    jamesatheyDDS committed Dec 27, 2018
    Copy the full SHA
    24c01de View commit details
    Browse the repository at this point in the history

Commits on Dec 31, 2018

  1. Merge branch 'master' into client-certs

    @jamesatheyDDS
    jamesatheyDDS committed Dec 31, 2018
    Copy the full SHA
    6dfadb1 View commit details
    Browse the repository at this point in the history

  2. update TLS certificate readme

    @jamesatheyDDS
    jamesatheyDDS committed Dec 31, 2018
    Copy the full SHA
    aed6bfe View commit details
    Browse the repository at this point in the history

Commits on Jan 2, 2019

  1. Add devlocal DPS auth certs

    @jamesatheyDDS
    jamesatheyDDS committed Jan 2, 2019
    Copy the full SHA
    d3708a1 View commit details
    Browse the repository at this point in the history

Commits on Jan 3, 2019

  1. Store client certificate information in context (like the Session is … 

    …for users)

Query the DB for the client certificate info in middleware instead of in certificate callback; revert changes to server.go and main.go for that
Check whether certificates are permitted to access APIs in Handlers for DPS Auth API and Orders Gateway API
    @jamesatheyDDS
    jamesatheyDDS committed Jan 3, 2019
    Copy the full SHA
    34ebf47 View commit details
    Browse the repository at this point in the history

  2. Merge branch 'master' into client-certs

    @jamesatheyDDS
    jamesatheyDDS committed Jan 3, 2019
    Copy the full SHA
    9b5567e View commit details
    Browse the repository at this point in the history

  3. use dollar-number substitution syntax to follow safe database queryin… 

    …g guidelines
    @jamesatheyDDS
    jamesatheyDDS committed Jan 3, 2019
    Copy the full SHA
    e9e0e1c View commit details
    Browse the repository at this point in the history

Commits on Jan 7, 2019

  1. Merge branch 'master' into client-certs

    @jamesatheyDDS
    jamesatheyDDS committed Jan 7, 2019
    Copy the full SHA
    ffa28f3 View commit details
    Browse the repository at this point in the history

  2. Add client_certs model unit tests 

    Add id UUID column to make _pop_ happy
    @jamesatheyDDS
    jamesatheyDDS committed Jan 7, 2019
    Copy the full SHA
    adacd6f View commit details
    Browse the repository at this point in the history

  3. Merge branch 'master' into client-certs

    @jamesatheyDDS
    jamesatheyDDS committed Jan 7, 2019
    Copy the full SHA
    5b90514 View commit details
    Browse the repository at this point in the history

  4. set working directory correctly for debugging from VS Code

    @jamesatheyDDS
    jamesatheyDDS committed Jan 7, 2019
    Copy the full SHA
    586685f View commit details
    Browse the repository at this point in the history

Commits on Jan 8, 2019

  1. Merge branch 'master' into client-certs

    @jamesatheyDDS
    jamesatheyDDS committed Jan 8, 2019
    Copy the full SHA
    948672b View commit details
    Browse the repository at this point in the history

  2. Update debug message listing trusted certificate authorities

    @jamesatheyDDS
    jamesatheyDDS committed Jan 8, 2019
    Copy the full SHA
    90d92b8 View commit details
    Browse the repository at this point in the history

  3. Merge branch 'master' into client-certs

    @jamesatheyDDS
    jamesatheyDDS committed Jan 8, 2019
    Copy the full SHA
    a9168e2 View commit details
    Browse the repository at this point in the history

  4. Add shell script to make generating new devlocal-signed client certif… 

    …icates easy from any directory
    @jamesatheyDDS
    jamesatheyDDS committed Jan 8, 2019
    Copy the full SHA
    d5f3c60 View commit details
    Browse the repository at this point in the history

  5. Add test for client certificate model validator

    @jamesatheyDDS
    jamesatheyDDS committed Jan 8, 2019
    Copy the full SHA
    f3e48f0 View commit details
    Browse the repository at this point in the history

Commits on Jan 9, 2019

  1. nil check when trying to get the client certificate info from the req… 

    …uest context
    @jamesatheyDDS
    jamesatheyDDS committed Jan 9, 2019
    Copy the full SHA
    b5d8b9c View commit details
    Browse the repository at this point in the history

  2. Merge branch 'master' into client-certs

    @jamesatheyDDS
    jamesatheyDDS committed Jan 9, 2019
    Copy the full SHA
    947abaf View commit details
    Browse the repository at this point in the history

  3. test suite API changed

    @jamesatheyDDS
    jamesatheyDDS committed Jan 9, 2019
    Copy the full SHA
    0fe308e View commit details
    Browse the repository at this point in the history