gogrlx/nats-server
1
0
Fork 0
mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-02 03:38:42 -07:00
Code Issues Packages Projects Releases Wiki Activity
5,716 Commits 30 Branches 48 Tags
5cc4d0ca4a56b30fcea520a4cfed0733c02fe302
Commit Graph

107 Commits

Author SHA1 Message Date
Matthias Hanel
3799b90011 [Adding] support for account_token_position (#1874) 
This change does 4 things:
Refactor to only have one function to validate imports.
Have this function support the jwt field account_token_position.
For completeness make this value configurable as well.
unit tests.

Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-02-01 19:51:36 -05:00
Derek Collison
a9b8948abe Add in tracking for quorum in raft and do auto stepdown. 
Also added in API responses when no leader is present for meta, streams and consumers.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-01-27 13:34:00 -08:00
Matthias Hanel
dea9effa8d [added] support for StrictSigningKeyUsage and updated jwt library (#1845) 
This will cause the server to not trust accounts/user signed by an
identity key

The boot strapping system account will assume the account is issued by
the operator.
If this is not desirable, the system account can be provided right away
as resolver_preload.

[fixes] crash when the system account uses signing keys and an update changes that key set.

Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-01-26 17:49:58 -05:00
Derek Collison
9c858d197a Added ability to properly restore consumers from a snapshot. 
This made us add forwarding proposals functionality in the raft layer.
More general cleanup and bug fixes as well.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-01-24 19:30:34 -08:00
Derek Collison
d7cfb8f6e9 Use client version for stream and consumer extended info 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-01-22 13:11:36 -08:00
Derek Collison
cb69df7118 Add proper support for stream update 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-01-16 06:29:37 -08:00
Derek Collison
4bfe9d4c24 Fixes to PR. 
Add nats to default storage directory
Fix race in raft, change leader notice
Fix test crash on failure

Signed-off-by: Derek Collison <derek@nats.io>
 2021-01-14 05:56:05 -08:00
Derek Collison
37cf7584bd Merge branch 'master' into jsc 2021-01-14 02:52:35 -07:00
Derek Collison
f0cdf89c61 JetStream Clustering WIP 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-01-14 01:14:52 -08:00
Matthias Hanel
0ff6252692 Added tests for cfg/jwt based queue restrictions and updated jwt lib 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-01-07 17:30:51 -05:00
Matthias Hanel
d59b074c64 Incorporating review comments 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-01-05 18:45:46 -05:00
Matthias Hanel
592a6447a7 [Added] support for wildcard services and import remapping by JWT. 
Imports in JWT where extended to contain a new filed LocalSubject.
This Change pulls the new JWT library version in.
It was needed as prefix did not exist in the JWT library and the
original field could not be used. The field To has been deprecated.

When LocalSubject is set, service imports can be configured the same way
they are in config. Meaning, no reversal due to the type.

This change also ensures that wildcard references in transforms are only
set in To/LocalSubject. Before, for services, $1 would have to be set in Subject.

Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-01-04 14:11:36 -05:00
Alberto Ricart
f09992a889 updated iteration of signing keys (previously a list, now a map). (#1779) 2020-12-17 13:59:18 -07:00
Matthias Hanel
c6daffbfcc [Added] ability to use jwt latency sampling properties headers/share 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-12-16 14:34:09 -05:00
Ivan Kozlovic
a79a4d9834 Updated go mod/vendor due to PR #1737 
The PR #1737 added a new file with an import of "golang.org/x/sys/unix"
but vendor directory was not updated.

Related to #1737

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2020-12-16 12:19:31 -07:00
Derek Collison
3b18f188ed Switched behavior to never refuse new request, and to alert when expiring ones with interest 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-10-21 10:35:29 -07:00
Derek Collison
610d2d21b7 More robust waiting queue for pull mode consumers 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-10-19 19:51:46 -07:00
Matthias Hanel
2bfb8b1227 [Fixed] revocation check for activations used current time instead of jwt issue time 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-10-15 15:36:50 -04:00
Matthias Hanel
387e1e1ee4 [Fixed] revocation check used current time instead of jwt issue time 
Also empty revoked keys once account jwt has no revocations.

Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-10-06 21:45:34 -04:00
Matthias Hanel
08e37e0d94 Updated jwt library and check (account/token) issuer prior to jwt Validate 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-09-29 21:03:40 -04:00
Ivan Kozlovic
7ccbaca782 Added an allowed connection type filter for users 
Users and NKey users will now have the option to specify a list
of allowed connection types.

This will allow for instance a certain user to be allowed to
connect as a standard NATS client, but not as Websocket, or
vice-versa.

This also fixes the websocket auth override. Indeed, with
the original behavior, the websocket users would have been bound
to $G, which would not work when there are accounts defined, since
when that is the case, no app can connect/bind to $G account.

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2020-09-16 18:22:44 -06:00
Matthias Hanel
431560b004 Update JWT and incorporate change of cidr ranges from string to array 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-08-27 23:11:54 -04:00
Matthias Hanel
32615b4c71 Update jwtv2 and fix test that embedded jwtv2 operators 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-08-24 11:49:50 -04:00
Derek Collison
06ca580334 Update write deadline, client processing and slow proxy 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-06-30 16:41:01 -07:00
Derek Collison
4dee03b587 Allow mixed TLS and non-TLS on same port 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-06-05 18:04:11 -07:00
Matthias Hanel
cf6fcda75c Added default_permissions to accounts and account jwt 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-06-02 16:06:01 -04:00
Matthias Hanel
2d61507bb7 Moving nats.go unit test and updating go modules 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-06-02 12:44:00 -04:00
Matthias Hanel
547afa47d6 Pulling in updated jwtv2 and using server version stored in operator 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-06-01 18:08:50 -04:00
aricart
38d179c100 updated jwtv2 2020-06-01 18:01:12 -04:00
aricart
e7590f3065 jwt2 testbed 2020-06-01 18:00:13 -04:00
Derek Collison
19cf156d00 go.mod cleanup 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-05-31 05:46:16 -07:00
Derek Collison
dbde2479c2 Add in headers to consumer delivered messages 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-05-30 15:03:54 -07:00
Derek Collison
eca04c6fce First pass header support for JetStream 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-05-30 10:04:23 -07:00
Derek Collison
c9f78d6f79 Fixes post rebasing with master 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-05-19 16:38:19 -07:00
Derek Collison
d2ff4311d4 Rebase with master, updates to go.mod and vendor, bumped version 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-05-19 14:20:02 -07:00
Derek Collison
f78efe2d91 Add Name to Observable info 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-05-19 14:15:11 -07:00
Derek Collison
0d44a6150a More debug info on startup and restore 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-05-19 14:15:11 -07:00
Derek Collison
79b85ae385 Optimize for concurrent pub/sub 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-05-19 14:13:22 -07:00
Derek Collison
39aba7de92 filestore first pass 
Signed-off-by: Derek Collison <derek@nats.io>
 2020-05-19 14:12:28 -07:00
Matthias Hanel
84e52bfb44 Pointing to jwt master 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-05-19 16:06:22 -04:00
Matthias Hanel
a989024075 Picking up jwt branch corresponding to this change 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2020-05-18 18:57:39 -04:00
Ivan Kozlovic
b329215af3 Release v2.1.7 
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2020-05-13 19:40:49 -06:00
Ivan Kozlovic
182e30adb6 Update dependencies 
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2020-03-30 18:23:43 -06:00
Ivan Kozlovic
4a03b6382e Release 2.1.2 
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-11-18 15:22:52 -07:00
Derek Collison
fccf147898 Updated JWT dependency 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-09-20 10:13:09 -07:00
Derek Collison
0551371b31 Add in JWT support for tracking latency 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-09-18 08:51:43 -07:00
Ivan Kozlovic
07e3db6b8e Prepare for v2.0.4 with goreleaser 
Also fixed some flappers

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-08-15 09:06:56 -06:00
Stephen Asbury
4d63709852 Added support for service response types 
Test checks that response types are initialized
Updated to latest JWT library with response types
Updated jwt in vendor
 2019-08-09 17:54:17 -07:00
Derek Collison
bf902d9e7c Add in user JWT support for ResponsePermissions 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-26 16:15:13 -07:00
Derek Collison
2cad1055c7 Update modules and vendor 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-11 11:34:32 -07:00