mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-11-01 19:17:58 +00:00
000d754c40
* Update EAB management urls underneath pki/eab - It was decided that for ease of ACLing, the management paths for EAB apis should be outside of the acme path prefix - Delete duplicated tests, rely on the proper cluster based tests for EAB management. * Update ACME EAB creation paths to be directory specific - Make the EAB creation APIs directory specific. - This commit is still missing the enforcement that they can be redeemed on a specific path. * Enforce EAB tokens per ACME directory context like accounts - Do not allow an EAB from one ACME directory to be used in another. - Rework the ACME directory function to simply get the path from the request instead of parsing out the role/issuer name. - Add some commentary around expectations if operators change issuer names * Add an EAB certbot integration test - Verify with the 3rd party certbot cli that our EAB workflow works as expected. * Fix unit test - Unit test wasn't setting up r.Path within the request that we now use to determine the acme directory.