Changed SSO Login screen to hide login form by default (#2807)

Signed-off-by: Benjamin Perez <benjamin@bexsoft.net>
2023-05-22 11:20:45 -06:00
parent beed4895c1
commit dc90db6591
14 changed files with 261 additions and 435 deletions
--- a/restapi/embedded_spec.go
+++ b/restapi/embedded_spec.go
@@ -7029,9 +7029,6 @@ func init() {
        "animatedLogin": {
          "type": "boolean"
        },
-        "isDirectPV": {
-          "type": "boolean"
-        },
        "isK8S": {
          "type": "boolean"
        },
@@ -16163,9 +16160,6 @@ func init() {
        "animatedLogin": {
          "type": "boolean"
        },
-        "isDirectPV": {
-          "type": "boolean"
-        },
        "isK8S": {
          "type": "boolean"
        },
--- a/restapi/user_login.go
+++ b/restapi/user_login.go
@@ -24,6 +24,8 @@ import (
 	"net/http"
 	"strings"

+	"github.com/go-openapi/errors"
+
 	"github.com/go-openapi/runtime"
 	"github.com/go-openapi/runtime/middleware"
 	"github.com/minio/console/models"
@@ -89,6 +91,7 @@ func login(credentials ConsoleCredentialsI, sessionFeatures *auth.SessionFeature
 	if err != nil {
 		return nil, err
 	}
+
 	// if we made it here, the consoleCredentials work, generate a jwt with claims
 	token, err := auth.NewEncryptedTokenForClient(&tokens, credentials.GetAccountAccessKey(), sessionFeatures)
 	if err != nil {
@@ -133,6 +136,13 @@ func getLoginResponse(params authApi.LoginParams) (*models.LoginResponse, *model
 			ConsoleCredentials: creds,
 			AccountAccessKey:   lr.AccessKey,
 		}
+
+		credsVerificate, _ := creds.Get()
+
+		if credsVerificate.SessionToken == "" || credsVerificate.SecretAccessKey == "" || credsVerificate.AccessKeyID == "" {
+			return nil, ErrorWithContext(ctx, errors.New(401, "Invalid STS Params"))
+		}
+
 	} else {
 		// prepare console credentials
 		consoleCreds, err = getConsoleCredentials(lr.AccessKey, lr.SecretKey)