The nonce feature is useful to custom authentication plugins
but at present there is no way to enable a nonce to be presented
other than by setting nkey accounts etc.
This enables the nonce to always be presented in those situations.
Since its primarily useful to embedded scenarios there is no corresponding
configuration file behavior for this flag.
Signed-off-by: R.I.Pienaar <rip@devco.net>
This will cause the server to not trust accounts/user signed by an
identity key
The boot strapping system account will assume the account is issued by
the operator.
If this is not desirable, the system account can be provided right away
as resolver_preload.
[fixes] crash when the system account uses signing keys and an update changes that key set.
Signed-off-by: Matthias Hanel <mh@synadia.com>
Added update to parse and load operator JWTs.
Changed to add in signing keys from operator JWT to list of trusted keys.
Added URL account resolver.
Added account claim updates by system messages.
Signed-off-by: Derek Collison <derek@nats.io>
Add in trusted keys options and binary stamp
User JWT and Account fetch with AccountResolver
Account and User expiration
Account Imports/Exports w/ updates
Import activation expiration
Signed-off-by: Derek Collison <derek@nats.io>
