Caleb Doxsey
57c0c0a1bc
authorize: log additional session details ( #2419 )
2021-08-02 12:08:34 -06:00
Caleb Doxsey
1a95036b8c
sessions: add impersonate_session_id, remove legacy impersonation ( #2407 )
...
* sessions: add impersonate_session_id, remove legacy impersonation
* show impersonated user details
* fix headers
* address feedback
* only check impersonate id on non-nil pbSession
* Revert "only check impersonate id on non-nil pbSession"
This reverts commit a6f7ca5abd
2021-07-30 08:42:36 -06:00
Caleb Doxsey
cef08a1c2d
authorize: remove service account impersonate user id, email and groups ( #2365 )
2021-07-15 09:31:45 -06:00
Caleb Doxsey
8e155bdf61
authorize: log service account and impersonation details ( #2354 )
2021-07-12 14:21:37 -06:00
Caleb Doxsey
dad35bcfb0
ppl: refactor authorize to evaluate PPL ( #2224 )
...
* ppl: refactor authorize to evaluate PPL
* remove opa test step
* add log statement
* simplify assignment
* deny with forbidden if logged in
* add safeEval function
* create evaluator-specific config and options
* embed the headers rego file directly
2021-05-21 09:50:18 -06:00
bobby
7973ab43fe
authorize: audit log had duplicate "message" key ( #2141 )
...
* authorize: audit log had duplicate "message" key
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
2021-04-27 15:26:16 -06:00
wasaga
e0c09a0998
log context ( #2107 )
2021-04-22 10:58:13 -04:00
Caleb Doxsey
8a2af8029b
authorize: additional tracing, add benchmark for encryptor ( #2059 )
2021-04-05 12:55:16 -06:00
Caleb Doxsey
f4c4fe314a
authorize: audit logging ( #2050 )
...
* authorize: add databroker server and record version to result, force sync via polling
* authorize: audit logging
2021-04-05 09:58:55 -06:00
