boundary

Commit Graph

Author	SHA1	Message	Date
Todd	40d9c3fd1d	Paginate iam groups (#4194 )	2 years ago
Michael Milton	8d50a0913f	Auth Method list pagination (#4165 ) * wip * implement list pagination for auth methods * remove unused code * update tests to fix sorting * address PR comments * simplify query, add token tests * change test name * wip sql testing * add boolean column to indicate whether auth methods should be returned to unauthenticated users, remove secrets from api response * is_active_public not null * remove secrets and unwrapping * move not null to immediately after data migration * order public_id descending * fix(db): Fix auth method migrations (#4193) * wip * fix db tests * fix failing api tests * reverse order of create time and update time in test --------- Co-authored-by: Michael Gaffney <mike@gaffney.cc>	2 years ago
Todd	0fad770d8a	Paginate iam user (#4185 ) * paginate iam user	2 years ago
Johan Brandhorst-Satzkorn	050bcdfec9	handlers/host_sets: implement pagination for host sets Adds protobuf types and handler logic to support pagination of host sets.	2 years ago
Johan Brandhorst-Satzkorn	f29d559d60	handlers/session_recordings: add pagination support	2 years ago
Johan Brandhorst-Satzkorn	24130c4313	handlers/storage_buckets: add pagination fields	2 years ago
Johan Brandhorst-Satzkorn	597ac645b2	internal/handlers: fix some comments	2 years ago
Johan Brandhorst-Satzkorn	f89e53d5f0	internal/handlers: tidy up test times	2 years ago
Johan Brandhorst-Satzkorn	17b6ad5c5c	handlers/hosts: implement pagination for hosts Adds protobuf types and handler logic to support pagination of hosts.	2 years ago
Todd	5aa560387c	Add pagination for iam Roles (#4161 ) * Add pagination for iam Roles	2 years ago
Johan Brandhorst-Satzkorn	df93313b9a	all: fix test failures after rebase The stability of the authorized_actions have been removed in main, so we need to add these sorts to all our new tests.	2 years ago
Johan Brandhorst-Satzkorn	0259f2f26b	internal/handlers: add credential store pagination	2 years ago
Todd	3558589c90	Return and consume InvalidListToken error code (#4141 ) * Return and consume InvalidListToken error code	2 years ago
Todd	2d18f82c9f	Rename refresh token errors to list error (#4138 )	2 years ago
Todd	b2fec2e4f0	Store and use refresh tokens in the client cache (#3857 ) * Refresh resources using refresh tokens	2 years ago
Michael Milton	6ba3676c37	Auth token pagination (#4113 ) * Add pagination support for auth tokens * change analyze count estimate comment * adjust queries for efficiency and security * even more efficient queries	2 years ago
Johan Brandhorst-Satzkorn	6b03363eb8	internal/handlers: add credential library pagination	2 years ago
Johan Brandhorst-Satzkorn	9f6ac602ee	internal/handlers: add credential pagination support	2 years ago
Michael Milton	9c3eb16046	Sessions list pagination (#4079 ) * Session list pagination refactor * address pr comments, add explanatory comments, clean up sql queries, move tests into proper files * fix build error * fix test error	2 years ago
Johan Brandhorst-Satzkorn	575e9641f8	Some pagination tweaks (#4074 ) * internal/target: fix some target tests We had dupes and missing test cases, this fixes them. * internal/handlers: move listtoken parsing into helper This significantly simplifies the parsing logic needed in each handler.	2 years ago
Johan Brandhorst-Satzkorn	00c4f825c7	handlers/targets: refactor for new pagination design Refactor the application layer to use the new domain layer pagination functionality.	2 years ago
Johan Brandhorst-Satzkorn	f062a8cd75	internal/handlers: add list token helpers Mostly a rename from refresh token, but also a new helper for assembling the final list token.	2 years ago
Johan Brandhorst-Satzkorn	5984f5bba6	handlers/targets: add pagination support	2 years ago
Johan Brandhorst-Satzkorn	a5b24e79b9	handlers: add refresh token helpers Helpers for parsing, marshalling and converting types to domain types.	2 years ago
Johan Brandhorst-Satzkorn	7b5a4be0ab	internal/auth: add GrantsHash method to results The new GrantsHash method can be used to track changes to a users grants across requests.	2 years ago
Johan Brandhorst-Satzkorn	7c996d0e02	internal/pagination: add new purge package The purge package contains a job that is used to purge records from the foo_deleted tables when they become older than 30 days.	2 years ago
Timothy Messier	a77c88ae5d	feat(ratelimit): Increase default values (#4129 ) This increases the default rate limits to: - 1,500 reqs / 30 seconds for list actions in total - 1,500 reqs / 30 seconds for list actions per IP address - 150 reqs / 30 seconds for list actions per auth token And for all other actions: - 30,000 reqs / 30 seconds for list actions in total - 30,000 reqs / 30 seconds for list actions per IP address - 3,000 reqs / 30 seconds for list actions per auth token This seems to be a reasonable default for a small to medium size cluster based on some scale testing. (cherry picked from commit `237c8b6084`)	2 years ago
Elim Tsiagbey	053421600d	feat(oidc-prompts): Add Validation for Prompts (#4130 ) Add validation to prevent "none" from being combined with multiple prompts. - Valid `["none"]` - Invalid `["none", "select_account"]` - Valid `["consent", "select_account"]`	2 years ago
Timothy Messier	758e7b8bf1	test(credentials): Disable rate limiting for test This test quickly polls a list endpoint, which exceeds the default rate limits before the test can complete in CI.	2 years ago
Timothy Messier	a7730b02ac	test(host_catalog): Fix flaky assertion	2 years ago
Timothy Messier	35b91c66de	refact(ratelimit): Rename MaxEntries to MaxQuotas	2 years ago
Timothy Messier	a150c588bb	feat(controller): Emit sys event detailing the rate limit configuration A sys event will be emitted when the controller is constructed, and if the rate limits are changed via a SIGHUP. The event contains the details of the rate limits for each combination of resource and action. This event can be used by operators to confirm the limits are set as they would expect based on the controller config.	2 years ago
Timothy Messier	9438be4506	feat(ratelimier): Support disabling rate limiting	2 years ago
Timothy Messier	3c2bed92b0	feat(ratelimit): Expose metrics on quota usage This provides two prometheus metrics to monitor the rate limiter: boundary_controller_api_ratelimiter_quota_storage_capacity: This is a gague that shows the total number of quotas that can be stored at a given moment by the rate limiter. boundary_controller_api_ratelimiter_quota_storage_usage: This is a gague that shows the number of quotas currently being stored by the limiter. If this becomes equal to the capacity, requests that would result in a new quota being created will get limited and receive a 429 status code.	2 years ago
Timothy Messier	0bc423ebd8	feat(controller): Reload api rate limits on SIGHUP	2 years ago
Timothy Messier	e337cf8f69	feat(controller): Add authtoken public id to request context This allows for http middleware handler functions that run later in the handler function stack to have access to the extracted auth token public id.	2 years ago
Timothy Messier	059d4992de	feat(ratelimit): Add support for limits per ip address and auth token	2 years ago
Timothy Messier	00bd2899af	feat(controller): Add ratelimiter http middleware	2 years ago
Timothy Messier	6da47443fd	feat(ratelimit): Create rate limits from configs	2 years ago
Timothy Messier	51adde4b2c	feat(handlers): Register actions for each resource type This registers the ActionSets for each resource when the handler packages are initialized. This then allows other packages to retrieve the ActionSets for a given resource from the action package. The initial consumer of this will be the ratelimit package so that it can programmatically enumerate all of the valid combinations of a resource and action. This leaves a number of TODO to refactor the handler packages to also retrieve the action sets from the registered actions instead of using a package variable. This is left as a TODO since there is some inconsistencies in how these package variables are used between the handlers. For example a number of packages use a map of subtypes to ActionSets which is then used withing the handler implementation. Others use a map, but don't seem to use it at all. And others just use an ActionSet.	2 years ago
Timothy Messier	c52caae345	refact(action): Make ActionSet behave as a set instead of a list This switches the implementation of an ActionSet from a slice to a map to ensure the elements in an ActionSet are unique. This allows for other packages to perform set operations such as a union or difference without needing to account for duplicates.	2 years ago
Jim	798e86cefe	tests (ldap managed groups): extend tests to include ldap grps for GrantsForUser(...) (#3972 ) * chore (managed groups): just a small rename to improve readability * test (aut/ldap): add a test for user grants based on ldap grp * tests (role grant): extend TestGrantsForUser(...) to cover ldap grps * refact (iam.(Repository).GrantsForUser): more readable grantsQuery Convert existing CTE to use sub-selects for readability	2 years ago
Johan Brandhorst-Satzkorn	a89573b35f	subtypes,handlers: add runtime trace regions (#4060 ) * subtypes,handlers: add runtime trace regions The subtype.Filterable and handlers.ProtoToStruct functions are costly and worth measuring whenever runtime tracing is in use. This has almost no cost when tracing is not in use, so there's little harm in having them in place. * testing: Add TRACING.md TRACING.md contains information about how to perform Go runtime tracing of the Boundary application.	2 years ago
Elim Tsiagbey	8b8d2822df	feat(oidc): OIDC Prompt (#4053 ) Boundary OIDC method does not currently support passing in prompts during authentication. This change adds the capability of passing OIDC prompts. Prompts are optional OIDC parameters that determine the behaviour of the authentication server: https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest ## Changes - New `auth_oidc_prompt` table which contains all the prompts for OIDC auth method - New `auth_oidc_prompt_enm` table which contains possible enum values for a prompt - Currently supported: - `none`: The Authorization Server MUST NOT display any authentication or consent user interface pages - `login`: The Authorization Server SHOULD prompt the End-User for reauthentication - `consent`: The Authorization Server SHOULD prompt the End-User for consent before returning information to the Client - `select_account`: The Authorization Server SHOULD prompt the End-User to select a user account - `oidc_auth_method_with_value_obj` view has been updated to return `prompt` value - Add `prompt` option for OIDC auth method CLI create and update - Pass configured prompt during OIDC authentication - Add `prompt` API validation for create and update	2 years ago
Jeff Mitchell	b6df5693b5	Add generic read/update/delete commands (#3992 ) * Add generic read/update/delete commands This adds three generic commands that use the resource prefix to determine the subcommand to run and pass through args over to that subcommand. Since this occurs very early on and to avoid loading essentially every internal resource package, I moved subtype definitions to globals. This replaces #3967 Co-authored-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com> * De-duplicate Subtype code (#4031) Co-authored-by: Timothy Messier <tim.messier@gmail.com> --------- Co-authored-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com> Co-authored-by: Timothy Messier <tim.messier@gmail.com>	2 years ago
Jeff Mitchell	a9e372930d	Revert `0bf60996c5` (#3990 ) Post-merge some issues were discovered with the ways typing is used for proto reflection. This will be reworked without moving the subtypes around.	3 years ago
Jeff Mitchell	0bf60996c5	Add generic read/update/delete commands (#3967 ) * Add generic read/update/delete commands This adds three generic commands that use the resource prefix to determine the subcommand to run and pass through args over to that subcommand. Since this occurs very early on and to avoid loading essentially every internal resource package, I moved subtype definitions to globals. * Update main.go Co-authored-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com> * Update changelog and remove another deprecated command --------- Co-authored-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com>	3 years ago
Michael Gaffney	90276b5e91	tests: Set a default job run interval based on the test deadline The Vault Credential Store only accepts Vault tokens that have a TTL greater than the internal job scheduler's run frequency. This prevents a Vault Credential Store from being created with a Vault token that will expire before Boundary can renew it. The Vault test server, by default, creates Vault tokens with a TTL equal to the duration of time remaining until `t.Deadline()` is reached. This change sets the test controller's default job scheduler duration to be half of time remaining until `t.Deadline()`. The default job scheduler duration can still be overridden by setting a duration on `TestConrollerOpts.SchedulerRunJobInterval`. This change fixes the error received when running: go test -timeout 30s \ -tags devlicense \ -run '^TestList$' \ github.com/hashicorp/boundary/internal/tests/api/credentialstores Which returned this error: {"kind":"Internal", "message":"credentialstores.(Service).createInRepo: unable to create credential store: vault.(Repository).CreateCredentialStore: unknown, unknown: error #0: scheduler interval must be greater than token ttl. scheduler jobs interval value: 1m0s"}	3 years ago
Sepehr	4dce290aeb	telemetry(observations): fix the details flag check (#3960 ) * telemetry(observations): fix the details flag check * telemetry(observations): fix the test names	3 years ago
Jim	75cef86a34	feat (authmethod/password): add additional telmemetry for passwd acct authen (#3958 )	3 years ago
Johan Brandhorst-Satzkorn	6081b6c58d	internal/credential: simplify TestObject test helper (#3899 ) The TestObject test helper previously returned an error, but it's easier to have it perform the error check itself, as it conventionally done with test helpers.	3 years ago
Sepehr	f9dee55e4d	Telemetry(observations): add oidc and ldap observation events (#3945 ) * telemetry(observations): Add observations for oidc and ldap authentications * telemetry(observations): Add tests ldap and oidc observation events	3 years ago
dani	c89777de41	Expose Valid Principals for Vault SSH Signed Certs (#3791 ) * allow additional valid principals when creating vault ssh signed cert cred lib * add additional_valid_principals field to credential libraries documentation page	3 years ago
Jeff Mitchell	fb4a5a98dc	Add some target fields and move some things around (#3879 ) In preparation for putting proxy code in the api package this creates some necessary fields in the target output and it pre-moves credential parsing and proxy handshake code to their new places. This will make the diff for the actual proxy code move quite a bit smaller. Co-authored-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com>	3 years ago
Jeff Mitchell	20ac42c851	Add some useful dev flags (#3865 )	3 years ago
Jeff Mitchell	eb20b80c71	Migrate some credential bits around (#3864 )	3 years ago
Jim	1ed0a13004	refact (kms): convert to the new stdlib slices pkg (#3836 )	3 years ago
Michael Li	dc912e2a86	test: Update tests to account for deprecated features in 0.14.0 (#3776 ) * chore: Fix comment typo * test(e2e): Update to use new credential library type * test(e2e): Update to use new field name * test(bats): Remove tests that use deprecated subcommand * chore: Update to 0.14.0 * test(credentiallibraries): Update to use new credential library type * doc: Add deprecation notices for 0.14.0 * fixup! doc: Add deprecation notices for 0.14.0	3 years ago
dani	a7c1876d7b	remove deprecated option application-credential-source (#3728 ) Co-authored-by: Danielle Miu <29378233+DanielleMiu@users.noreply.github.com>	3 years ago
Sepehr	167161448b	Add write observation interceptors, add validation check, fix default deny filter	3 years ago
Jeff Mitchell	b64eadedbf	Fix flaky TestServer_ReloadInitialUpstreams (#3758 ) With the KMS changes this should never have worked at all (because the different databases means the credentials conveyed after the KMS-based authentication would never be valid). However, it was sometimes passing because of a race condition: the worker could be found in the database before the new credentials were returned to the worker, causing the worker to start at the KMS step with the second controller. This changes the test to use the same database for two controllers, but to only ever have one running at a time, and uses a sequence of two changed (or unchanged, depending) status updates from the worker to ensure that the reload was successful.	3 years ago
Johan Brandhorst-Satzkorn	2e0587bff0	credential: fix lint errors (#3746 ) The existing pattern was subject to a bug whereby a lock value was copied every time the value was passed around. This was happening because of the use of an embedded protobuf type. To avoid copying a mutex, use a pointer type in the embedding. Also fixes a few linter warnings complaining about the use of unkeyed literals.	3 years ago
Jim	0d19892e03	fix (events): convert multierror to stdlib error (#3743 ) * fix (events): convert multierror to stdlib error multierror errors will be converted to a stdlib error (because multierror doesn't support json marshaling). * refact (errors): convert from multierror to stdlib errors.Join(...) * refact: convert from pkg/errors to stdlib error wrapping	3 years ago
Irena Rindos	9733a250fa	refact(event): move observability/event to event (#3704 )	3 years ago
Johan Brandhorst-Satzkorn	f89515a19c	all: avoid mutating global state in parallel tests (#3687 ) The SetupSuiteTargetFilters globally mutates the function used for logic inside the target handler service. This means that we could get inconsistent logical behavior in certain tests that were run in parallel, since the logic can change at runtime. Ensure tests that make use of this function are never run in parallel with other tests.	3 years ago
Jim	dc89ca28a1	feat: add API support for additional LDAP auth method fields. (#3679 ) * feat (auth/ldap): add Repo support for max page size and deref aliases (#3670) * chore: update cap/ldap dependency This latest version of cap/ldap adds support for MaxPageSize and DerefAliases * feat (auth/ldap): add MaxPageSize and DerefAliases to storage proto * feat (api/authmethods): add new ldap fields. Add support for maximum_page_size and dereference_aliases * feat (auth/ldap): schema changes to support new LDAP attributes * feat (auth/ldap): add Repo support for max page size and deref aliases * feat (handlers/ldap): add support for new fields (#3674) Added API support for new ldap fields: MaximumPageSize and DereferenceAliases * chore: add CHANGELOG entry for new api auth ldap fields	3 years ago
Johan Brandhorst-Satzkorn	90cf20d0dd	handlers/targets/tcp: run tests in parallel (#3639 ) This reduces the runtime from 79s to 24s on my machine	3 years ago
hashicorp-copywrite[bot]	29da0bcb92	[COMPLIANCE] License changes (#3567 ) * Adding explicit MPL license for sub-package. This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Adding explicit MPL license for sub-package This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Updating the license from MPL to Business Source License Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at https://hashi.co/bsl-blog, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl. * Update copyright file headers to BUS-1.1 * Rerun make gen This will pick up the last of the license changes * Revert "Rerun make gen" This reverts commit `dbe0968bff`. * Remove copywrite from generation script The current version of copywrite is not sophisticated enough to only apply the copywrite changes to certain subdirectories, so to avoid accidentally relicensing our api and sdk modules, we will stop running the copywrite script until such time that it can do the right thing. * License protobuf API as MPL The protobuf API files are used to generate the SDK, since we want the SDK to be MPL, the protobuf files must also be MPL. This extends to all protobuf files whose sources end up in the SDK directory, including: - internal/proto/controller/api - internal/proto/controller/custom_options - internal/proto/plugin It also includes the generated service directory in internal/gen/controller/api/services, since they are generated from the protobuf sources used for the SDK. * Change website license file name This makes the naming scheme consistent with the rest of the repository. * Add note on licensing to README * Set copywrite license to BUSL * Revert "Add note on licensing to README" This reverts commit `4d865a91a7`. --------- Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com> Co-authored-by: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com>	3 years ago
Lars Lehtonen	ecadeaee2d	internal/daemon/controller/handlers/sessions: fix dropped error (#3529 )	3 years ago
Jim	f8ea8c9744	fix (ldap): support only updating the bind-dn and/or bind-password (#3511 ) * fix (ldap): support only updating the bind-dn and/or bind-password * chore: changelog entry for PR #3511	3 years ago
Irena Rindos	39953fe329	fix(targets): return LookupTargets error in AuthorizeSession (#3484 ) * fix(targets): return LookupTargets error in AuthorizeSession	3 years ago
Jim	474afe4671	fix: allow ldap managed grps to be set and removed as principals… (#3363 )	3 years ago
Jim	84cc3a5988	fix(ldap managed grp): allow ldap managed grps to be added as principals (#3361 )	3 years ago
Jeff Mitchell	8322916fb4	Remove all deprecated Err/Wrap/E calls (#3286 )	3 years ago
Jeff Mitchell	feb3aea38f	Support multiple IDs in grants (#3263 ) This allows specifying multiple IDs in grants via an `ids` field, which will eventually become the normal way to specify IDs. Internally, each grant with multiple IDs turns into multiple ACL grants each with a single ID; to make this distinction clearer and allow for better separation of concerns an AclGrant type has been introduced, so really multiple IDs in a Grant turn into multiple AclGrants. The nice thing about doing it this way is that it becomes purely a parsing concern; no actual validation logic has changed. For backwards compatibility with grants already stored in roles, we do not error out if `id` is specified. However, eventually we will simply not support grants with `id` coming via the API; they will fail API validation, such that new grants will require the use of the updated `ids` field. A follow-on PR will plumb this through the service handlers/API/CLI, but I decided to do it in separate chunks to make reviewing easier, given that they are easily separable into the internal and external aspects of the change. * Add CLI/API checks around using ID in grants (#3264) * Plumb through some contexts to remove a lot of deprecated errors (#3268)	3 years ago
Jeff Mitchell	74e8491f85	Disallow updates on all types of KMS workers (#3295 ) This also slightly changes delete logic and ensures authorized actions match what is allowable.	3 years ago
Michael Milton	fbf56793c6	Add snapshot job (#3282 ) * snapshot job * update census to include context, controller to include snapshot registry * no need to export runFn in snapshot	3 years ago
Jim	2b3e50ebdd	fix (listing): return all resources from listing requests (#3278 )	3 years ago
Jim	5029be9999	fix: allow responses larger than the default 4194304 recv msg size (#3276 )	3 years ago
Louis Ruch	281f217dcc	feat(plugins): Refactor host plugins to boundary plugins (#3262 )	3 years ago
Jim	d4e537c88d	chore: updgrade pgx direct deps to v5 (#3258 )	3 years ago
Jeff Mitchell	3d5bed9ce8	Don't allow managed workers to be deleted (#3254 ) This also adds checks to ensure the tag cannot be added to workers via the API.	3 years ago
Timothy Messier	f64f03ed46	fix(targets): Support authorize session request with target name (#3252 ) For requests to the target authorize session endpoint we support passing a target name instead of an id. This means that `req.GetId()` might not be the target's public id. Since the first thing authorize session does includes retrieving the target as part of the authorization checks, this subtype check can leverage the public id of the target instead of using the request. Fixes: `6178dd516e`	3 years ago
Todd	6178dd516e	Let a target subtype validate the authorize session's session state	3 years ago
Jim	d49fde2299	feat(cli/session-recordings): add download cmd	3 years ago
Jim	9207ec08f2	feat: add request ctx stream interceptor	3 years ago
Jim	0c465706cc	chore: increment base version to 0.13.0	3 years ago
Jeff Mitchell	18e59998e9	Add storage bucket worker filter handling	3 years ago
Todd	25d50d1077	Add tests for recording collection actions on scopes	3 years ago
Todd	cfe0dc08d9	Add session recording service stuff	3 years ago
Johan Brandhorst-Satzkorn	328b039138	scopes: fix test expectation	3 years ago
Louis Ruch	1662445e8e	feat(storage): Wire up storage buckets in session recording	3 years ago
Louis Ruch	8ea61054cd	feat(storage): Add support for Storage Bucket API	3 years ago
Danielle Miu	a4a14fc7fc	merged commit for plugin rework, storage bucket sql and proto, storage bucket secret rewrapping, storage bucket repository	3 years ago
Johan Brandhorst-Satzkorn	ad62df6b36	cluster: pass controller ext to authorize conn Make the controller extension availalbe to the protocol context constructor.	3 years ago
Johan Brandhorst-Satzkorn	5837d6f387	target: add PostSessionAuthorization callback The callback is called for any steps that need to be performed after a successful authorization but before returning to the user.	3 years ago
Johan Brandhorst-Satzkorn	13e1196797	target: add error handling to authorize session Attempt to undo operations if there are failures during session authorization.	3 years ago
Johan Brandhorst-Satzkorn	517fc91ebf	target: return selected worker when authorizing	3 years ago
Johan Brandhorst-Satzkorn	6d219bd5d1	target: add controller extension to service handler The controller extension can be used to access types unavailable in OSS.	3 years ago
Todd	bc48f2d0e0	Add monitor session job proto and controller changes This adds a new Job type that is for generic session state monitoring. Monitoring sessions does not include any information about specific connections.	3 years ago
Jim	4d60f42210	feat(bsr): add bsr kms support in config, dev and tests	3 years ago
Louis Ruch	798a1f952a	feat(storage): Add support for storage plugins	3 years ago
Damian Debkowski	9ef94892f4	test(plugin): Support storage service in loopback plugin	3 years ago
Louis Ruch	351444f1bd	refact(plugin): Move host loopback plugin into internal/plugin/loopback	3 years ago
Jim	c4b31313a6	feat (controller): define a ControllerExtension	3 years ago
Johan Brandhorst-Satzkorn	7632143861	add session recording API definitions	3 years ago
Jim	f9b45ca5b7	refact: extend registerControllerUpstreamMessageService to reg hdrs Extend registerControllerUpstreamMessageService to register upstream message handlers	3 years ago
Jim	410bec1e00	feature(worker/controller): register UpstreamMessageServiceServer	3 years ago
Jim	20cf521cc0	feat(bsr): add bsr kms support in config, dev and tests	3 years ago
Michael Milton	9ae2bdfae6	feat: license util config (#3248 ) * feat: license util config * address comments * introduce census job * add job * fix import groups * remove pointers	3 years ago
Jeff Mitchell	769a7c9e1c	Remove cleanup calls for test controller/worker (#3245 ) A previous commit added a call to t.Cleanup in the NewTestController/NewTestWorker commands; as a result these statements are no longer needed.	3 years ago
Hugo	dba7d88523	fix(handlers/scopes): Whitespace on Name and Description fields (#3235 ) This commit fixes the behaviour of scopes where whitespace was allowed (and thus persisted) in the Name and Description fields. It also adds some more tests for scope Create and Updateto cover more error cases. For scope update, `handlers.ValidateUpdateRequest` exists, however this was not used as it does not work properly for requests where the `global` scope is updated. In `ValidateUpdateRequest`, an ID check is performed and it assumes there's always a resource prefix (eg: "p", "o") and an identifier (random numbers and letters) after the prefix. This fails for `global`. See `handlers.ValidId`.	3 years ago
Jeff Mitchell	e8559d142a	Fix worker auth rotation test (#3243 ) Most of the changes here are changes or enhancements that are useful for tests. The crux of the issue was that I had pulled up one var to the package level so it could be read from tests, but that var was not being reset between tests. It's not even used in tests anymore, so I put it back to function-local.	3 years ago
Jeff Mitchell	e0787f4de0	Simplify worker auth rotation timing logic (#3237 ) * Simplify worker auth rotation timing logic * Add some jitter	3 years ago
Jeff Mitchell	77fd51fb12	Add more logging to worker auth rotation and test flags This makes it much easier to figure out when and why rotation is happening and control it for tests/debugging. Remove cert skew Cherry-picked from release/0.12.x	3 years ago
Jeff Mitchell	037dc0cf18	Add missing nil check in test	3 years ago
Jeff Mitchell	f9f7ee2cc4	Fix build	3 years ago
Jeff Mitchell	bbe9719e19	Add tracking of worker used for injection (#3204 )	3 years ago
Elim Tsiagbey	a2f8d87bfb	Add support for setting, adding & deleting LDAP account assoicated to a user (#3198 )	3 years ago
Jeff Mitchell	c6d7dc01a0	Exit before filtering if no workers are listed (#3196 ) This is just an early error message to avoid running the filtering function if there are no workers to begin with.	3 years ago
Jim	667ea285be	feature (boundary dev): add support for dev ldap auth method (#3192 )	3 years ago
Jeff Mitchell	e7bf134710	Enhance tcp client port vet logic (#3175 )	3 years ago
Jeff Mitchell	20391e3503	Add default client port to targets and use in connect command (#2767 )	3 years ago
Damian Debkowski	c5b1b7bbc7	fix(handler): return human readable error for json cred w/ empty object (#3109 ) * fix(handler): return human readable error for json cred w/ empty object * fix(handler): sync error messages for create/update json cred * fix(handler): sync error logic for create/update json cred	3 years ago
Jim	a4f54cb98f	refactor (events): QOL fix: turn off events for tests. (#3163 )	3 years ago
Hugo Vieira	45dc8251ec	feat(api): Support plugin host external_name field	3 years ago
Jeff Mitchell	bdf7bf7702	Do not allow PKI-KMS workers to have names updated via API (#3143 ) Do not allow PKI-KMS workers to have names updated via API This would cause their public IDs to change, which we do not want. Descriptions are also disallowed, since those come from the config file. This also adds logic to allow upgrading from old KMS method to new, with a test. Co-authored-by: Irena Rindos <irenarindos@users.noreply.github.com>	3 years ago
Haotian	5b26634b8a	feat(ui): serve controller metadata from ui handler (#3120 ) * adds noop metadata function to OSS UI handler * removes old-style build tags for UI handler files	3 years ago
Jeff Mitchell	163ce184b8	KMS-PKI Workers (#3101 ) This adds a new mechanism for worker authentication that uses the third-party arbitration of the original KMS flow by leveraging recently-added capabilities in nodeenrollment to support a registration wrapper. This allows for workers to be registered to the system with just a name and a matching wrapper, while at the same time allowing these workers to be used for private Vault access and multi-hop as they contain per-worker encryption keys and support rotation. Nodes using this mode will generate and rotate credentials in-memory (using another recently added nodeenrollment capability) so will have a new set of keys on every startup. This has the side effect of ensuring that there is never a conflict or re-use of these credentials. Note that the normal test worker flow was using the now-deprecated KMS method; there is still a test that uses this (explicitly) but all other tests using test workers that did not specify a specific PKI flow now actually use this mechanism. This means there is fairly decent test coverage in a general sense, plus the specific tests updated/added for this feature. This also adds a new KMS type that can be used to have distinct KMSes for upstream authentication vs. accepting from downstream.	3 years ago
Elim Tsiagbey	16f48686a7	Refactor Target Repository (#3092 ) - Refactor the Target domain repository functions so that they no longer return 4 different types. `Target` struct now contains `HostSource` & `CredentialSources` with Getters & Setters - Extending `Target` to contain `HostSource` & `CredentialSources` enables `funcs` to just return `Target` instead of multiple return types. This also allows easy future refactors and extensions of `Target`	3 years ago
Jeff Mitchell	fc664eb35f	Improve grant validation (#3081 ) This adds several relationships into the resource package that are then made use of to improve the grant validation that runs during Parse. By understanding mappings between ID and resource type the validation checks can far better align with actual allowed grant formats so we can find several common misunderstandings before they simply result in an authorization failure. In the future some of these functions could be used in the logic in the actual ACL checks but it's not currently necessary and I don't want to lump that change in with this. Note that the tests have not meaningfully changed, but they _have_ had to be updated because the stricter validation is actually catching issues.	3 years ago
Jim	86192f75eb	feature (auth/ldap): add LDAP auth method along with associated accounts and managed groups (#2912 ) * feature (auth): required schema changes for auth ldap method (#2669) chore (auth/ldap): move schema changes to next avail migration number * feature (auth/ldap): define AuthMethod and all its value objects (#2703) * feature (auth/ldap): storage protos * feature (auth/ldap): define AuthMethod and all its value objects * feature (auth/ldap): add repo and reading an auth method (#2718) * feature (auth/ldap): add Repository.CreateAuthMethod(...) and Repository.DeleteAuthMethod(...) (#2724) * feature (auth/ldap): add Repository.UpdateAuthMethod(...) (#2739) * feature (auth/ldap): add Account * feature (auth/ldap): add AuthMethod.EnableGroups * fix (auth/ldap): refactor AuthMethod.oplog to enforce proper constraints * feature (auth/ldap): add Account repo functions * refactor (auth/ldap): remove entry attributes from account Realized the entry attributes could have absolutely anything in them (including binary data) and since we absolutely don't have to have them there's just no reason to take on the risk. * feature (auth/ldap): add AuthMethod.UseTokenGroups * feature (auth/ldap): add Authenticate(...) * refactor (auth/ldap): ensure options take a context as the 1st parameter * feature (auth/ldap): add Account attribute maps * chore (auth/ldap): make fmt deltas * feature (auth/ldap): add managed groups (#2760) * tests (auth/ldap): add missing unit test to Repository.DeleteAccount(...) Add bits to test the delete operation when you're not able to generate oplog metadata * feature (auth/ldap): add managed groups fixup! feature (auth/ldap): add managed groups (#2760) * feature (auth/ldap): service proto definition (#2761) * feature (handlers/authmethods): add handlers for ldap auth method operations (#2794) * feature (auth/ldap): add Account attribute maps * chore (auth/ldap): update cap/ldap to latest version * feature (auth/ldap): add ldap api generation definitions * feature (authmethods): add ldap repo NewService(...) * feature (authmethods/ldap): add proper mask_mapping to protobufs * feature (authmethods): add support to get an ldap auth method * refactor (auth/ldap): export TestGenerateCA(...) * feature (authmethods): add support to create an ldap auth method * feature (authmethods): add support to delete an ldap auth method * feature (authmethods): add support to list ldap auth methods * refactor (auth/ldap): make urls optional for NewAuthMethod(...) * refactor (auth/ldap): export ldap.TestInvalidPem * chore: make fmt changes * fix (auth/ldap): properly handle group search config Add constraints and tests to ensure when an ldap AuthMethod.EnableGroups is true, and UseTokenGroups is false; that there's a GroupDn configured for finding a user's associated groups * feature (authmethods): add support to update an ldap auth methods * chore (db/ldap): tmp mv migrations so there's no conflict with ongoing work * feature (verifier): add ldap auth method to verifier bits * fix (controller): prevent panic when controller stops when there's no listener * feature (authmethods): add support to authenticate via ldap auth methods * chore (migrations): fix whitespace in stmt * chore: fmt fixup * tests (auth/ldap): invalid err msg * feature (cli/authmethods): add support for ldap auth-methods CRUD and authenticate (#2810) * feature (authmethods): add CLI support for ldap auth methods CRUD * tests (api/auth): ldap auth method classification tests * feature (authmethods): add CLI support for ldap auth authenticate * feature (auth/ldap): set request timeouts for ldap server connections * feature (handlers/authmethods): handle u_anon listing properly. * feature (account/handers): ldap account and managed group CRUDL APIs (#2852) * feature (auth/ldap) add repository Listing of ManagedGroupMemberAccount * feature (controller/handlers): add ldapRepoFn to accounts service * feature (auth/ldap) register ldap managed group subtype * feature (account/handlers): ldap account CRUDL APIs * feature (controller/handlers): add ldapRepo to managed groups service * feature (account/handlers): ldap managed group CRUDL APIs * docs (domain): add LDAP accounts, auth-methods and managed groups (#2857) * feature (ldap/cli) add ldap accounts and managed groups CRUDL commands (#2856) * fix (handlers/authmethods): fix ldap authorized actions (#2892) * feature (cli/ldap/authenticate): use primary auth method if none is provided (#2890) * fix (auth/ldap): support setting the state attribute * feature (cli/ldap/authenticate): use primary auth method if none is provided * feature (wh/ldap) add tests for new ldap auth method and accounts (#2919) * refactor (migrations/ldap): mv to correct directory * chore: add copyright headers * fix (api/authmethods/ldap): renumber new LdapAuthMethodAttributes field * fix (auth/ldap): allow the auth method state to be updated (#2951) * chore: update sdk and api versions for llb - this is tmp until merging * tests (managed groups): add required errContains for new test	3 years ago
Jeff Mitchell	b76b24a4ad	Move prefixes for many packages into the globals package (#3069 ) This is a prerequisite for some enhancements to grant validation	3 years ago
Todd	6adc0c86b5	Rename downstream router to receiver (#3068 ) This was done previously but these were missed.	3 years ago
Jeff Mitchell	b2bab45c13	Port over changes (#3061 ) (#3062 )	3 years ago
Johan Brandhorst-Satzkorn	18eed58ec5	fix(targets): Use correct error string in enterprise (#2984 ) In enterprise the error is different, so we need a different test error string to compare against. Create a variable that can be overwritten in the enterprise repo.	3 years ago
Johan Brandhorst-Satzkorn	8a0ee97f3b	fix(targets): Readd WorkerFilterDeprecationMessage (#2982 ) This variable is updated in the enterprise repo and needs to stay.	3 years ago
Johan Brandhorst-Satzkorn	ac3543bdfb	fix(targets): Use correct field name in deprecation warning (#2978 )	3 years ago
Todd	fe5b554370	AuthorizedDownstreamWorkers now separated from AuthorizedWorkers to maintain API compatibility (#2957 ) * AuthorizedDownstreamWorkers now separated from AuthorizedWorkers to maintain API compatibility	3 years ago
Johan Brandhorst-Satzkorn	cf412b95a2	fix: Support streaming HTTP responses (#2956 ) * all: Upgrade listenerutil dependency The new listenerutil implements http.Flusher, which is necessary for streaming responses from the grpc-gateway to work. * daemon/controller: Remove newline delimiter in streaming responses The default gRPC-Gateway HTTPBody marshaler uses newlines as a delimiter. This introduces newlines in our streamed responses. Wrapping the default marshaler lets us define a nil delimiter, which ensures our streaming responses are unaffected by the server side chunking.	3 years ago
Todd	1e89be1b1a	Downstream worker connections are tracked by worker id (#2949 ) When possible downstream workers will include their worker id information in the connections they establish with the upstream using the nodeenrollment library. The tracking listener now tracks connections that are connected in this same way instead of just connections of type *tls.Conn.	3 years ago
Damian Debkowski	cabe362534	fix(handler): return targetId as hostId for cli edge case support (#2920 )	3 years ago
Damian Debkowski	84b410974b	fix(handlers): return error when updating json cred w/ empty obj (#2903 ) * fix(handlers): return error when updating json cred w/ empty obj * chore(handlers): split cond stmt & refactor func name	3 years ago
Timothy Messier	e25b0e7888	fix(credentiallibraries): Fallback logic to support 0.11.x cli (#2910 )	3 years ago
Johan Brandhorst-Satzkorn	3c29308673	chore: Add license headers to all files	3 years ago
Timothy Messier	718e183a1e	fix(credentiallibraries): Correctly populate attrs for vault-generic (#2901 )	3 years ago
Irena Rindos	4114b41527	Filter managed workers from egress workers when the host address is unsafe (#2899 )	3 years ago
Hugo	e455e31f9e	fix(target): Incorrectly allowing whitespace on Target's address field (#2862 )	3 years ago
Timothy Messier	12a53bbfa9	feat(target): Allow vault ssh cert library as credential source This allows the new vault ssh certificate credential library to be used as an injected application credential source.	3 years ago
Timothy Messier	1aaaf4af1d	feat(controller): Translate ssh certificate credentials for worker	3 years ago

1 2 3 4 5 ...

412 Commits (c2bc19c71fac7c3ccf106b3cdf0c19fb7ecf899d)