From 3bfc2556fc41dea99ebb6aa6e066d4ff4ce2260d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9sar=20Nieto?= Date: Wed, 6 May 2020 14:47:49 -0700 Subject: [PATCH] authenticate websocket apis using sts (#97) --- restapi/ws_handle.go | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/restapi/ws_handle.go b/restapi/ws_handle.go index 8be8c72b2..4730aedf0 100644 --- a/restapi/ws_handle.go +++ b/restapi/ws_handle.go @@ -109,9 +109,8 @@ func (c wsConn) readMessage() (messageType int, p []byte, err error) { // // TODO: Enable CORS func serveWS(w http.ResponseWriter, req *http.Request) { - // authenticate WS connection - // TODO: use this claims to create the adminClient - _, err := ws.Authenticate(req) + // authenticate WS connection with MCS + claims, err := ws.Authenticate(req) if err != nil { log.Print("error on ws authentication: ", err) errors.ServeError(w, req, err) @@ -126,13 +125,9 @@ func serveWS(w http.ResponseWriter, req *http.Request) { return } - // TODO: CHANGE ! to use newMAdminClient once Assume Role is - // allowed to do Trace use jwt on ws. - - // Using newSuperMAdminClient in the meantime for sake of functionality // Only start Websocket Interaction after user has been - // authenticated. - mAdmin, err := newSuperMAdminClient() + // authenticated with MinIO + mAdmin, err := newAdminFromClaims(claims) if err != nil { log.Println("error creating Madmin Client:", err) errors.ServeError(w, req, err)