Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-15 21:18:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 126
fleet/server/service/contract
History
Victor Lyuboslavsky 836cc044d2
Fleet server verifies HTTP signature (#30825) 
Fixes #30473 

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Added/updated automated tests
- [ ] Manual QA for all new/changed functionality

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **New Features**
* Added support for TPM-backed host identity certificates enabling
hardware-backed HTTP signature authentication for hosts.
* Introduced HTTP signature verification middleware for API requests,
applied conditionally for premium licenses.
* Hosts presenting identity certificates must authenticate with matching
HTTP message signatures during enrollment and authentication.
* Added SCEP-based certificate issuance for secure host identity
management.
* Updated enrollment endpoints to use standardized request/response
contract types.

* **Bug Fixes**
* Enhanced authentication logic to verify consistency between host
identity certificates and host records, preventing duplicate or
mismatched identities.

* **Chores**
* Updated dependencies and test infrastructure to support HTTP signature
verification and host identity certificate workflows.
* Added comprehensive integration and datastore tests for host identity
certificate issuance, storage, and authentication.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-07-16 20:08:27 +02:00
..
orbit.go Fleet server verifies HTTP signature (#30825) 2025-07-16 20:08:27 +02:00
osquery.go Fleet server verifies HTTP signature (#30825) 2025-07-16 20:08:27 +02:00
README.md Added scim/details endpoint (#28007) 2025-04-10 14:08:45 -05:00
scim.go Added scim/details endpoint (#28007) 2025-04-10 14:08:45 -05:00
sessions.go Added scim/details endpoint (#28007) 2025-04-10 14:08:45 -05:00

README.md

📦 contract Package

This package contains the request and response structs used by the HTTP API.

Keeping these in a separate package makes the code:

  • Easier to maintain — the shape of API data is defined in one place
  • Clearer — shows exactly what the API expects and returns
  • Reusable — the same types can be used by handlers, tests, or clients

This package should only define data structures — no business logic.

🔄 Note: Some request/response structs may still live in the server/service packages. Move them here as needed to keep API contracts organized and consistent.