fix: Add support for DurationSeconds in LDAP STS API (#12778)

2025-11-07 21:02:58 -05:00 · 2021-07-22 12:13:21 -07:00
parent 17a37241f0
commit a3079a7de2
3 changed files with 70 additions and 6 deletions
--- a/cmd/sts-handlers.go
+++ b/cmd/sts-handlers.go
@@ -541,7 +541,12 @@ func (sts *stsAPIHandlers) AssumeRoleWithLDAPIdentity(w http.ResponseWriter, r *
 		return
 	}

-	expiryDur := globalLDAPConfig.GetExpiryDuration()
+	expiryDur, err := globalLDAPConfig.GetExpiryDuration(r.Form.Get(stsDurationSeconds))
+	if err != nil {
+		writeSTSErrorResponse(ctx, w, true, ErrSTSInvalidParameterValue, err)
+		return
+	}
+
 	m := map[string]interface{}{
 		expClaim:  UTCNow().Add(expiryDur).Unix(),
 		ldapUser:  ldapUserDN,