mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove user secret key from encrypted session token (#652)

Browse Source 
User secret key is not really need it to be stored inside the encrypted
session key, since the `change-password` endpoint requires the user to
provide the current `secret key` that password will be used to
initialize a new minio client then we will leverage on the
`SetUser` operation, this api only works with actual user credentials
and not sts credentials
This commit is contained in:
Lenin Alevski
2021-03-18 10:27:27 -07:00
committed by GitHub
parent 3fcf278460
commit c48a024310
12 changed files with 13 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/auth/token_test.go
View File

@@ -36,14 +36,14 @@ func TestNewJWTWithClaimsForClient(t *testing.T) {
funcAssert := assert.New(t)
// Test-1 : NewEncryptedTokenForClient() is generated correctly without errors
function := "NewEncryptedTokenForClient()"
token, err := NewEncryptedTokenForClient(creds, "", "", []string{""})
token, err := NewEncryptedTokenForClient(creds, "", []string{""})
if err != nil || token == "" {
t.Errorf("Failed on %s:, error occurred: %s", function, err)
}
// saving token for future tests
goodToken = token
// Test-2 : NewEncryptedTokenForClient() throws error because of empty credentials
if _, err = NewEncryptedTokenForClient(nil, "", "", []string{""}); err != nil {
if _, err = NewEncryptedTokenForClient(nil, "", []string{""}); err != nil {
funcAssert.Equal("provided credentials are empty", err.Error())
}
}