autosign 0.1.4 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +12 -0
- data/.rubocop_todo.yml +659 -0
- data/.travis.yml +4 -4
- data/CHANGELOG.md +53 -0
- data/Gemfile.lock +66 -34
- data/README.md +37 -0
- data/Rakefile +22 -22
- data/autosign.gemspec +23 -18
- data/bin/autosign +10 -6
- data/bin/autosign-validator +5 -5
- data/lib/autosign/config.rb +66 -52
- data/lib/autosign/validator.rb +33 -196
- data/lib/autosign/{validators → validator}/jwt.rb +41 -42
- data/lib/autosign/{validators → validator}/multiplexer.rb +24 -32
- data/lib/autosign/{validators → validator}/passwordlist.rb +16 -17
- data/lib/autosign/validator/validator_base.rb +168 -0
- data/lib/autosign/version.rb +1 -1
- metadata +78 -75
- data/features/autosign.feature +0 -93
- data/features/step_definitions/autosign_steps.rb +0 -44
- data/features/support/env.rb +0 -17
- data/features/validate.feature +0 -22
- data/fixtures/i-7672fe81.pem +0 -34
- data/spec/spec_helper.rb +0 -102
- data/spec/specs/config_spec.rb +0 -20
- data/spec/specs/decoder_spec.rb +0 -24
- data/spec/specs/journal_spec.rb +0 -41
- data/spec/specs/token_spec.rb +0 -102
- data/spec/specs/validators/jwt_spec.rb +0 -69
- data/spec/specs/validators/passwordlist_spec.rb +0 -51
data/lib/autosign/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,185 +1,185 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: autosign
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 1.0.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Daniel Dreier
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-05-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
|
-
name:
|
|
14
|
+
name: aruba
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '
|
|
19
|
+
version: '0.6'
|
|
20
20
|
type: :development
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '
|
|
26
|
+
version: '0.6'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
|
-
name:
|
|
28
|
+
name: coveralls
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
|
-
- - "
|
|
31
|
+
- - ">="
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '
|
|
33
|
+
version: '0'
|
|
34
34
|
type: :development
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
|
-
- - "
|
|
38
|
+
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '
|
|
40
|
+
version: '0'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
|
-
name:
|
|
42
|
+
name: cucumber
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: '
|
|
47
|
+
version: '2'
|
|
48
48
|
type: :development
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '
|
|
54
|
+
version: '2'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
|
-
name:
|
|
56
|
+
name: pry
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
59
|
- - "~>"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: '
|
|
61
|
+
version: '0.10'
|
|
62
62
|
type: :development
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: '
|
|
68
|
+
version: '0.10'
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: puppet
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
|
72
72
|
requirements:
|
|
73
73
|
- - "~>"
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
|
-
version: '
|
|
75
|
+
version: '6'
|
|
76
76
|
type: :development
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
80
|
- - "~>"
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
|
-
version: '
|
|
82
|
+
version: '6'
|
|
83
83
|
- !ruby/object:Gem::Dependency
|
|
84
|
-
name:
|
|
84
|
+
name: rake
|
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
|
86
86
|
requirements:
|
|
87
87
|
- - "~>"
|
|
88
88
|
- !ruby/object:Gem::Version
|
|
89
|
-
version: '
|
|
89
|
+
version: '13'
|
|
90
90
|
type: :development
|
|
91
91
|
prerelease: false
|
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
93
|
requirements:
|
|
94
94
|
- - "~>"
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
|
-
version: '
|
|
96
|
+
version: '13'
|
|
97
97
|
- !ruby/object:Gem::Dependency
|
|
98
|
-
name:
|
|
98
|
+
name: rdoc
|
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
|
100
100
|
requirements:
|
|
101
|
-
- - "
|
|
101
|
+
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: '
|
|
103
|
+
version: '4'
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
|
-
- - "
|
|
108
|
+
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: '
|
|
110
|
+
version: '4'
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
|
-
name:
|
|
112
|
+
name: rspec
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: '
|
|
117
|
+
version: '3'
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: '
|
|
124
|
+
version: '3'
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
|
-
name:
|
|
126
|
+
name: rubocop
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements:
|
|
129
129
|
- - "~>"
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: 0.
|
|
131
|
+
version: 0.83.0
|
|
132
132
|
type: :development
|
|
133
133
|
prerelease: false
|
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
135
135
|
requirements:
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
|
-
version: 0.
|
|
138
|
+
version: 0.83.0
|
|
139
139
|
- !ruby/object:Gem::Dependency
|
|
140
|
-
name:
|
|
140
|
+
name: yard
|
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
|
142
142
|
requirements:
|
|
143
143
|
- - "~>"
|
|
144
144
|
- !ruby/object:Gem::Version
|
|
145
|
-
version:
|
|
146
|
-
type: :
|
|
145
|
+
version: 0.9.11
|
|
146
|
+
type: :development
|
|
147
147
|
prerelease: false
|
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
|
149
149
|
requirements:
|
|
150
150
|
- - "~>"
|
|
151
151
|
- !ruby/object:Gem::Version
|
|
152
|
-
version:
|
|
152
|
+
version: 0.9.11
|
|
153
153
|
- !ruby/object:Gem::Dependency
|
|
154
|
-
name:
|
|
154
|
+
name: bundler
|
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
|
156
156
|
requirements:
|
|
157
157
|
- - "~>"
|
|
158
158
|
- !ruby/object:Gem::Version
|
|
159
|
-
version: '
|
|
160
|
-
type: :
|
|
159
|
+
version: '2.0'
|
|
160
|
+
type: :development
|
|
161
161
|
prerelease: false
|
|
162
162
|
version_requirements: !ruby/object:Gem::Requirement
|
|
163
163
|
requirements:
|
|
164
164
|
- - "~>"
|
|
165
165
|
- !ruby/object:Gem::Version
|
|
166
|
-
version: '
|
|
166
|
+
version: '2.0'
|
|
167
167
|
- !ruby/object:Gem::Dependency
|
|
168
|
-
name:
|
|
168
|
+
name: deep_merge
|
|
169
169
|
requirement: !ruby/object:Gem::Requirement
|
|
170
170
|
requirements:
|
|
171
171
|
- - "~>"
|
|
172
172
|
- !ruby/object:Gem::Version
|
|
173
|
-
version: '1'
|
|
173
|
+
version: '1.2'
|
|
174
174
|
type: :runtime
|
|
175
175
|
prerelease: false
|
|
176
176
|
version_requirements: !ruby/object:Gem::Requirement
|
|
177
177
|
requirements:
|
|
178
178
|
- - "~>"
|
|
179
179
|
- !ruby/object:Gem::Version
|
|
180
|
-
version: '1'
|
|
180
|
+
version: '1.2'
|
|
181
181
|
- !ruby/object:Gem::Dependency
|
|
182
|
-
name:
|
|
182
|
+
name: gli
|
|
183
183
|
requirement: !ruby/object:Gem::Requirement
|
|
184
184
|
requirements:
|
|
185
185
|
- - "~>"
|
|
@@ -193,21 +193,21 @@ dependencies:
|
|
|
193
193
|
- !ruby/object:Gem::Version
|
|
194
194
|
version: '2'
|
|
195
195
|
- !ruby/object:Gem::Dependency
|
|
196
|
-
name:
|
|
196
|
+
name: iniparse
|
|
197
197
|
requirement: !ruby/object:Gem::Requirement
|
|
198
198
|
requirements:
|
|
199
|
-
- - "
|
|
199
|
+
- - "~>"
|
|
200
200
|
- !ruby/object:Gem::Version
|
|
201
201
|
version: '1'
|
|
202
202
|
type: :runtime
|
|
203
203
|
prerelease: false
|
|
204
204
|
version_requirements: !ruby/object:Gem::Requirement
|
|
205
205
|
requirements:
|
|
206
|
-
- - "
|
|
206
|
+
- - "~>"
|
|
207
207
|
- !ruby/object:Gem::Version
|
|
208
208
|
version: '1'
|
|
209
209
|
- !ruby/object:Gem::Dependency
|
|
210
|
-
name:
|
|
210
|
+
name: jwt
|
|
211
211
|
requirement: !ruby/object:Gem::Requirement
|
|
212
212
|
requirements:
|
|
213
213
|
- - "~>"
|
|
@@ -221,17 +221,31 @@ dependencies:
|
|
|
221
221
|
- !ruby/object:Gem::Version
|
|
222
222
|
version: '1'
|
|
223
223
|
- !ruby/object:Gem::Dependency
|
|
224
|
-
name:
|
|
224
|
+
name: logging
|
|
225
225
|
requirement: !ruby/object:Gem::Requirement
|
|
226
226
|
requirements:
|
|
227
227
|
- - "~>"
|
|
228
228
|
- !ruby/object:Gem::Version
|
|
229
|
-
version: '
|
|
229
|
+
version: '2'
|
|
230
230
|
type: :runtime
|
|
231
231
|
prerelease: false
|
|
232
232
|
version_requirements: !ruby/object:Gem::Requirement
|
|
233
233
|
requirements:
|
|
234
234
|
- - "~>"
|
|
235
|
+
- !ruby/object:Gem::Version
|
|
236
|
+
version: '2'
|
|
237
|
+
- !ruby/object:Gem::Dependency
|
|
238
|
+
name: multi_json
|
|
239
|
+
requirement: !ruby/object:Gem::Requirement
|
|
240
|
+
requirements:
|
|
241
|
+
- - ">="
|
|
242
|
+
- !ruby/object:Gem::Version
|
|
243
|
+
version: '1'
|
|
244
|
+
type: :runtime
|
|
245
|
+
prerelease: false
|
|
246
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
247
|
+
requirements:
|
|
248
|
+
- - ">="
|
|
235
249
|
- !ruby/object:Gem::Version
|
|
236
250
|
version: '1'
|
|
237
251
|
description:
|
|
@@ -240,11 +254,17 @@ executables:
|
|
|
240
254
|
- autosign
|
|
241
255
|
- autosign-validator
|
|
242
256
|
extensions: []
|
|
243
|
-
extra_rdoc_files:
|
|
257
|
+
extra_rdoc_files:
|
|
258
|
+
- CHANGELOG.md
|
|
259
|
+
- LICENSE
|
|
260
|
+
- README.md
|
|
244
261
|
files:
|
|
245
262
|
- ".gitignore"
|
|
246
263
|
- ".rspec"
|
|
264
|
+
- ".rubocop.yml"
|
|
265
|
+
- ".rubocop_todo.yml"
|
|
247
266
|
- ".travis.yml"
|
|
267
|
+
- CHANGELOG.md
|
|
248
268
|
- Gemfile
|
|
249
269
|
- Gemfile.lock
|
|
250
270
|
- LICENSE
|
|
@@ -253,38 +273,22 @@ files:
|
|
|
253
273
|
- autosign.gemspec
|
|
254
274
|
- bin/autosign
|
|
255
275
|
- bin/autosign-validator
|
|
256
|
-
- features/autosign.feature
|
|
257
|
-
- features/step_definitions/autosign_steps.rb
|
|
258
|
-
- features/support/env.rb
|
|
259
|
-
- features/validate.feature
|
|
260
|
-
- fixtures/i-7672fe81.pem
|
|
261
276
|
- lib/autosign.rb
|
|
262
277
|
- lib/autosign/config.rb
|
|
263
278
|
- lib/autosign/decoder.rb
|
|
264
279
|
- lib/autosign/journal.rb
|
|
265
280
|
- lib/autosign/token.rb
|
|
266
281
|
- lib/autosign/validator.rb
|
|
267
|
-
- lib/autosign/
|
|
268
|
-
- lib/autosign/
|
|
269
|
-
- lib/autosign/
|
|
282
|
+
- lib/autosign/validator/jwt.rb
|
|
283
|
+
- lib/autosign/validator/multiplexer.rb
|
|
284
|
+
- lib/autosign/validator/passwordlist.rb
|
|
285
|
+
- lib/autosign/validator/validator_base.rb
|
|
270
286
|
- lib/autosign/version.rb
|
|
271
|
-
- spec/spec_helper.rb
|
|
272
|
-
- spec/specs/config_spec.rb
|
|
273
|
-
- spec/specs/decoder_spec.rb
|
|
274
|
-
- spec/specs/journal_spec.rb
|
|
275
|
-
- spec/specs/token_spec.rb
|
|
276
|
-
- spec/specs/validators/jwt_spec.rb
|
|
277
|
-
- spec/specs/validators/passwordlist_spec.rb
|
|
278
287
|
homepage: https://github.com/danieldreier/autosign
|
|
279
288
|
licenses: []
|
|
280
289
|
metadata: {}
|
|
281
290
|
post_install_message:
|
|
282
|
-
rdoc_options:
|
|
283
|
-
- "--title"
|
|
284
|
-
- autosign
|
|
285
|
-
- "--main"
|
|
286
|
-
- README.rdoc
|
|
287
|
-
- "-ri"
|
|
291
|
+
rdoc_options: []
|
|
288
292
|
require_paths:
|
|
289
293
|
- lib
|
|
290
294
|
- lib
|
|
@@ -292,15 +296,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
292
296
|
requirements:
|
|
293
297
|
- - ">="
|
|
294
298
|
- !ruby/object:Gem::Version
|
|
295
|
-
version: '
|
|
299
|
+
version: '2.4'
|
|
296
300
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
297
301
|
requirements:
|
|
298
302
|
- - ">="
|
|
299
303
|
- !ruby/object:Gem::Version
|
|
300
304
|
version: '0'
|
|
301
305
|
requirements: []
|
|
302
|
-
|
|
303
|
-
rubygems_version: 2.7.7
|
|
306
|
+
rubygems_version: 3.0.8
|
|
304
307
|
signing_key:
|
|
305
308
|
specification_version: 4
|
|
306
309
|
summary: Tooling to make puppet autosigning easy, secure, and extensible
|
data/features/autosign.feature
DELETED
|
@@ -1,93 +0,0 @@
|
|
|
1
|
-
Feature: Generate autosign key
|
|
2
|
-
In order to sign puppet certificates automatically
|
|
3
|
-
I want to generate autosign keys programatically
|
|
4
|
-
So I don't have to use static strings as keys
|
|
5
|
-
|
|
6
|
-
Scenario: Generate new token
|
|
7
|
-
Given a pre-shared key of "secret"
|
|
8
|
-
And a hostname of "foo.example.com"
|
|
9
|
-
And a file named "autosign.conf" with:
|
|
10
|
-
"""
|
|
11
|
-
---
|
|
12
|
-
jwt_token:
|
|
13
|
-
validity: '7200'
|
|
14
|
-
secret: 'secret'
|
|
15
|
-
"""
|
|
16
|
-
When I run `chmod 600 autosign.conf`
|
|
17
|
-
And I run `autosign --config autosign.conf generate foo.example.com`
|
|
18
|
-
Then the output should contain "Autosign token for: foo.example.com"
|
|
19
|
-
And the output should contain "valid until"
|
|
20
|
-
And the exit status should be 0
|
|
21
|
-
|
|
22
|
-
Scenario: Generate new token using the --bare flag
|
|
23
|
-
Given a pre-shared key of "secret"
|
|
24
|
-
And a hostname of "foo.example.com"
|
|
25
|
-
And a file named "autosign.conf" with:
|
|
26
|
-
"""
|
|
27
|
-
---
|
|
28
|
-
jwt_token:
|
|
29
|
-
validity: '7200'
|
|
30
|
-
secret: 'secret'
|
|
31
|
-
"""
|
|
32
|
-
When I run `chmod 600 autosign.conf`
|
|
33
|
-
And I run `autosign --config autosign.conf generate --bare foo.example.com`
|
|
34
|
-
Then the output should be a JSON web token
|
|
35
|
-
And the output should not contain "Autosign token for: foo.example.com"
|
|
36
|
-
And the output should not contain "valid until"
|
|
37
|
-
And the exit status should be 0
|
|
38
|
-
|
|
39
|
-
Scenario: Generate new reusable token
|
|
40
|
-
Given a pre-shared key of "secret"
|
|
41
|
-
And a hostname of "foo.example.com"
|
|
42
|
-
And a file named "autosign.conf" with:
|
|
43
|
-
"""
|
|
44
|
-
---
|
|
45
|
-
jwt_token:
|
|
46
|
-
validity: '7200'
|
|
47
|
-
secret: 'secret'
|
|
48
|
-
"""
|
|
49
|
-
When I run `chmod 600 autosign.conf`
|
|
50
|
-
When I run `autosign --config autosign.conf generate foo.example.com --reusable`
|
|
51
|
-
Then the output should contain "Autosign token for: foo.example.com"
|
|
52
|
-
And the output should contain "valid until"
|
|
53
|
-
And the exit status should be 0
|
|
54
|
-
|
|
55
|
-
Scenario: Validate a token
|
|
56
|
-
Given a pre-shared key of "secret"
|
|
57
|
-
And a hostname of "foo.example.com"
|
|
58
|
-
And a file named "autosign.conf" with:
|
|
59
|
-
"""
|
|
60
|
-
---
|
|
61
|
-
jwt_token:
|
|
62
|
-
secret: 'secret'
|
|
63
|
-
"""
|
|
64
|
-
When I run `chmod 600 autosign.conf`
|
|
65
|
-
When I run `autosign --config autosign.conf validate --certname "foo.example.com" "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJkYXRhIjoie1wiY2VydG5hbWVcIjpcImZvby5leGFtcGxlLmNvbVwiLFwicmVxdWVzdGVyXCI6XCJEYW5pZWxzLU1hY0Jvb2stUHJvLTIubG9jYWxcIixcInJldXNhYmxlXCI6ZmFsc2UsXCJ2YWxpZGZvclwiOjI5OTk5OTk5OSxcInV1aWRcIjpcIjlkYTA0Yzc4LWQ5NjUtNDk2OC04MWNjLWVhM2RjZDllZjVjMFwifSIsImV4cCI6IjE3MzY0NjYxMzAifQ.PJwY8rIunVyWi_lw0ypFclME0jx3Vd9xJIQSyhN3VUmul3V8u4Tp9XwDgoAu9DVV0-WEG2Tfxs6F8R6Fn71Ndg"`
|
|
66
|
-
Then the output should contain "token validated successfully"
|
|
67
|
-
And the exit status should be 0
|
|
68
|
-
|
|
69
|
-
Scenario: Not validate a bad token
|
|
70
|
-
Given a pre-shared key of "secret"
|
|
71
|
-
And a hostname of "foo.example.com"
|
|
72
|
-
And a file named "autosign.conf" with:
|
|
73
|
-
"""
|
|
74
|
-
---
|
|
75
|
-
jwt_token:
|
|
76
|
-
secret: 'secret'
|
|
77
|
-
"""
|
|
78
|
-
When I run `chmod 600 autosign.conf`
|
|
79
|
-
When I run `autosign --config autosign.conf validate --certname "foo.example.com" "invalid_token"`
|
|
80
|
-
Then the exit status should be 1
|
|
81
|
-
|
|
82
|
-
Scenario: Not validate an expired token
|
|
83
|
-
Given a pre-shared key of "secret"
|
|
84
|
-
And a hostname of "foo.example.com"
|
|
85
|
-
And a file named "autosign.conf" with:
|
|
86
|
-
"""
|
|
87
|
-
---
|
|
88
|
-
jwt_token:
|
|
89
|
-
secret: 'secret'
|
|
90
|
-
"""
|
|
91
|
-
When I run `chmod 600 autosign.conf`
|
|
92
|
-
When I run `autosign --config autosign.conf validate --certname "foo.example.com" "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJkYXRhIjoie1wiY2VydG5hbWVcIjpcImZvby5leGFtcGxlLmNvbVwiLFwicmVxdWVzdGVyXCI6XCJEYW5pZWxzLU1hY0Jvb2stUHJvLTIubG9jYWxcIixcInJldXNhYmxlXCI6ZmFsc2UsXCJ2YWxpZGZvclwiOjEsXCJ1dWlkXCI6XCJlNjI1Y2I1Ny02NzY5LTQwMzQtODNiZS0zNzkxNmQ5YmMxMDRcIn0iLCJleHAiOiIxNDM2NDY2MzAyIn0.UXEDEbRqEWx5SdSpQjfowU56JubY5Yz2QN6cckby2es-g2P_n2lyAS6AwFeliBXyCDyVUelIT3g1QP4TdB9EEA"`
|
|
93
|
-
Then the exit status should be 1
|