On Thu, Jun 16, 2016 at 06:04:27PM -0400, Paul Tagliamonte wrote:
> Anyway, I'd just like folks to know this is super exciting, and having a
> sane PKI system that lets DDs client-auth to services is *huge*, and we
> should totally be building up awesome infra around this stuff. Maybe
> even send OpenPGP signed CSRs to an automated CA to issue new client
> certs?
>
> WHO ELSE IS STOKED? I AM!
>
> Can't wait to build around this amazing work, Enrico!
Yay! I think this is exciting, too.
I've now added a modular command line parser, a curl wrapper:
$ ./debsso curl -D - https://nm.debian.org/api/whoami
HTTP/1.1 200 OK
Date: Sat, 18 Jun 2016 19:56:36 GMT
Server: Apache
Vary: Cookie,Accept-Language
Content-Language: en-gb
Set-Cookie: …
Set-Cookie: …
Strict-Transport-Security: max-age=15552000
X-Clacks-Overhead: GNU Terry Pratchett
Transfer-Encoding: chunked
Content-Type: application/json
{
"username": "enrico@debian.org",
"status": "dd_u",
"uid": "enrico",
"mn": "",
"sn": "Zini",
"fpr": "1793D6AB75663E6BF104953A634F4BD1E7AD5568",
"status_changed": "1003968000",
"email": "enrico@master.debian.org",
"cn": "Enrico"
}
And a "whoami" command as an example for using requests:
$ ./debsso whoami
{
"username": "enrico@debian.org",
"status": "dd_u",
"uid": "enrico",
"mn": "",
"sn": "Zini",
"fpr": "1793D6AB75663E6BF104953A634F4BD1E7AD5568",
"status_changed": "1003968000",
"email": "enrico@master.debian.org",
"cn": "Enrico"
}
It is now ready for actually useful stuff to be added, and from my side
it will probably be something to make DAM review of new processes easier
as I do DAM review of new processes.
I look forward to having other features come in from other people who
need them.
Enrico
--
GPG key: 4096R/634F4BD1E7AD5568 2009-05-08 Enrico Zini <enrico@enricozini.org>
Attachment:
signature.asc
Description: PGP signature