avoid using URL encoding to generate keys (#6731)

This commit is contained in:
Aarushi Arya 2018-10-31 15:07:20 -07:00 committed by kannappanr
parent 3f744c0361
commit 89b14639a9
1 changed files with 2 additions and 1 deletions

View File

@ -21,6 +21,7 @@ import (
"crypto/subtle"
"encoding/base64"
"fmt"
"strings"
"time"
jwtgo "github.com/dgrijalva/jwt-go"
@ -131,7 +132,7 @@ func GetNewCredentialsWithMetadata(m map[string]interface{}, tokenSecret string)
if err != nil {
return cred, err
}
cred.SecretKey = string([]byte(base64.URLEncoding.EncodeToString(keyBytes))[:secretKeyMaxLen])
cred.SecretKey = strings.Replace(string([]byte(base64.StdEncoding.EncodeToString(keyBytes))[:secretKeyMaxLen]), "/", "+", -1)
cred.Status = "enabled"
expiry, ok := m["exp"].(float64)