mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix IDP not having same salt/passphrase across pods (#2346)

Browse Source 
Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>
This commit is contained in:
Daniel Valdivia
2022-09-29 15:44:17 -07:00
committed by GitHub
parent de4c08c2ff
commit 73a687376a
1 changed files with 3 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
pkg/auth/idp/oauth2/config.go
View File

@@ -22,7 +22,7 @@ import (
"crypto/sha1"
"strings"
"github.com/minio/console/pkg/auth/utils"
"github.com/minio/console/pkg/auth/token"
"github.com/minio/pkg/env"
"golang.org/x/crypto/pbkdf2"
)
@@ -86,18 +86,14 @@ func IsIDPEnabled() bool {
GetIDPClientID() != ""
}
var defaultPassphraseForIDPHmac = utils.RandomCharString(64)
// GetPassphraseForIDPHmac returns passphrase for the pbkdf2 function used to sign the oauth2 state parameter
func getPassphraseForIDPHmac() string {
return env.Get(ConsoleIDPHmacPassphrase, defaultPassphraseForIDPHmac)
return env.Get(ConsoleIDPHmacPassphrase, token.GetPBKDFPassphrase())
}
var defaultSaltForIDPHmac = utils.RandomCharString(64)
// GetSaltForIDPHmac returns salt for the pbkdf2 function used to sign the oauth2 state parameter
func getSaltForIDPHmac() string {
return env.Get(ConsoleIDPHmacSalt, defaultSaltForIDPHmac)
return env.Get(ConsoleIDPHmacSalt, token.GetPBKDFSalt())
}
// getIDPScopes return default scopes during the IDP login request