mirror of
https://github.com/minio/minio.git
synced 2024-12-23 21:55:53 -05:00
validate keys before updating for IAM user (#7720)
New secretkey should be validated before updating it on the config. Fixes #7715
This commit is contained in:
parent
8528017ad3
commit
900cc27b51
@ -842,12 +842,17 @@ func (web *webAPIHandlers) SetAuth(r *http.Request, args *SetAuthArgs, reply *Se
|
||||
return errIncorrectCreds
|
||||
}
|
||||
|
||||
err := globalIAMSys.SetUserSecretKey(claims.Subject, args.NewSecretKey)
|
||||
creds, err := auth.CreateCredentials(claims.Subject, args.NewSecretKey)
|
||||
if err != nil {
|
||||
return toJSONError(err)
|
||||
}
|
||||
|
||||
reply.Token, err = authenticateWeb(claims.Subject, args.NewSecretKey)
|
||||
err = globalIAMSys.SetUserSecretKey(creds.AccessKey, creds.SecretKey)
|
||||
if err != nil {
|
||||
return toJSONError(err)
|
||||
}
|
||||
|
||||
reply.Token, err = authenticateWeb(creds.AccessKey, creds.SecretKey)
|
||||
if err != nil {
|
||||
return toJSONError(err)
|
||||
}
|
||||
|
@ -709,6 +709,7 @@ func testSetAuthWebHandler(obj ObjectLayer, instanceType string, t TestErrHandle
|
||||
}{
|
||||
{"", "", "", "", false},
|
||||
{"1", "1", "1", "1", false},
|
||||
{credentials.AccessKey, credentials.SecretKey, "azerty", "bar", false},
|
||||
{credentials.AccessKey, credentials.SecretKey, "azerty", "foooooooooooooo", true},
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user