Kenneth Jenkins 5568606f03 config: support client certificate SAN match (#4453) ... Add a new match_subject_alt_names option to the downstream_mtls settings group. This setting can be used to further constrain the allowed client certificates by requiring that certificates contain a Subject Alternative Name of a particular type, matching a particular regex. When set, populate the corresponding match_typed_subject_alt_names setting within Envoy, and also implement a corresponding check in the authorize service.		2023-08-11 13:27:12 -07:00
..
evaluator	config: support client certificate SAN match (#4453)	2023-08-11 13:27:12 -07:00
internal/store	authorize: move sign out and jwks urls to route, update issuer for JWT (#4046)	2023-03-08 12:40:15 -07:00
access_tracker.go	sets: convert set types to generics (#3519)	2022-07-29 12:32:17 -06:00
access_tracker_test.go	databroker: add support for putting multiple records (#3291)	2022-04-26 16:41:38 -06:00
authorize.go	config: support client certificate SAN match (#4453)	2023-08-11 13:27:12 -07:00
authorize_test.go	log context (#2107)	2021-04-22 10:58:13 -04:00
check_response.go	authorize: add "client-certificate-required" reason (#4389)	2023-07-25 10:03:51 -07:00
check_response_test.go	authorize: add "client-certificate-required" reason (#4389)	2023-07-25 10:03:51 -07:00
databroker.go	authorize: fix user caching (#3734)	2022-11-08 08:23:41 -07:00
databroker_test.go	authorize: fix user caching (#3734)	2022-11-08 08:23:41 -07:00
grpc.go	authorize: do not rely on Envoy client cert validation (#4438)	2023-08-03 10:45:55 -07:00
grpc_test.go	authorize: do not rely on Envoy client cert validation (#4438)	2023-08-03 10:45:55 -07:00
log.go	authorize: log id token claims separately from id token (#4394)	2023-07-26 11:45:10 -06:00
log_test.go	authorize: log id token claims separately from id token (#4394)	2023-07-26 11:45:10 -06:00
state.go	authenticate: fix authenticate_internal_service_url for all in one (#4003)	2023-02-22 10:42:27 -05:00