Feat/server profiles (#182)

CHANGELOG.md

@@ -17,6 +17,10 @@
 ### Features
 
 - Webinterface has option to show event history for other mytokens in mytoken list.
+- Added server side `profiles` and `templates`
+  - Currently, cannot be used directly (only obtained through API), but the idea is to integrate this into the API
+    requests, i.e. mytoken requests can include profiles, the capability, restrictions, and rotation claims can use
+    templates (directly or included). This would then also be integrated in the webinterface.
 
 ### Enhancements
 
@@ -30,6 +34,11 @@
 
 ### API
 
+- Added profile endpoint:
+  - Any user can get list of groups
+  - Any user can get profiles, and templates (capabilities, restrictions, rotation) for all the groups
+  - Groups credentials are defined in the config file
+    - With Basic authentication profiles and templates for the authenticated group can be created, updated, and deleted.
 - Renamed `revocation_id` to `mom_id`
 - Restructured capabilities related to other mytokens
 - Added possibility to obtain history information for children and other tokens (capability)

config/server-profiles/capabilities/all

+[
+  "AT",
+  "tokeninfo",
+  "manage_mytokens",
+  "create_mytoken",
+  "settings"
+]
\ No newline at end of file

config/server-profiles/capabilities/default

+[
+  "AT",
+  "tokeninfo"
+]
\ No newline at end of file

config/server-profiles/profiles/agent

+{
+  "capabilities": "@all"
+}
\ No newline at end of file

config/server-profiles/restrictions/1d

+{
+  "exp": "+1d"
+}
\ No newline at end of file

config/server-profiles/restrictions/1m

+{
+  "exp": "+30d"
+}
\ No newline at end of file

config/server-profiles/restrictions/1w

+{
+  "exp": "+1w"
+}
\ No newline at end of file

config/server-profiles/restrictions/1y

+{
+  "exp": "+1y"
+}
\ No newline at end of file

config/server-profiles/restrictions/ip-this

+{
+  "hosts": [
+    "this"
+  ]
+}
\ No newline at end of file

config/server-profiles/rotation/AT

+{
+  "include": "at"
+}
\ No newline at end of file

config/server-profiles/rotation/at

+{
+  "on_AT": true
+}
\ No newline at end of file

config/server-profiles/rotation/auto-revoke

+{
+  "auto_revoke": true
+}
\ No newline at end of file

config/server-profiles/rotation/daily

+{
+  "lifetime": 86400
+}
\ No newline at end of file

config/server-profiles/rotation/monthly

+{
+  "lifetime": 2592000
+}
\ No newline at end of file

config/server-profiles/rotation/no-AT

+{
+  "include": "no-at"
+}
\ No newline at end of file

config/server-profiles/rotation/no-at

+{
+  "on_AT": false
+}
\ No newline at end of file

config/server-profiles/rotation/no-auto-revoke

+{
+  "auto_revoke": false
+}
\ No newline at end of file

config/server-profiles/rotation/no-other

+{
+  "on_other": false
+}
\ No newline at end of file

config/server-profiles/rotation/other

+{
+  "on_other": true
+}
\ No newline at end of file

config/server-profiles/rotation/weekly

+{
+  "lifetime": 604800
+}