Generate and use access/secret keys properly (#3498)

2025-11-07 12:52:58 -05:00 · 2016-12-26 23:51:23 +05:30
parent 6ee27daac1
commit e8ce3b64ed
42 changed files with 429 additions and 447 deletions
--- a/cmd/bucket-policy-handlers_test.go
+++ b/cmd/bucket-policy-handlers_test.go
@@ -277,8 +277,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 			bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName))),

 			policyLen:          len(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName)),
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusNoContent,
 		},
 		// Test case - 2.
@@ -289,8 +289,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 			bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName))),

 			policyLen:          maxAccessPolicySize + 1,
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusBadRequest,
 		},
 		// Test case - 3.
@@ -301,8 +301,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 			bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName))),

 			policyLen:          0,
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusLengthRequired,
 		},
 		// Test case - 4.
@@ -312,8 +312,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 			bucketPolicyReader: nil,

 			policyLen:          10,
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusBadRequest,
 		},
 		// Test case - 5.
@@ -336,8 +336,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 			bucketPolicyReader: bytes.NewReader([]byte("dummy-policy")),

 			policyLen:          len([]byte("dummy-policy")),
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusBadRequest,
 		},
 		// Test case - 7.
@@ -348,8 +348,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 			bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName))),

 			policyLen:          len(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName)),
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusBadRequest,
 		},
 		// Test case - 8.
@@ -361,8 +361,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 			bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, "non-existent-bucket", "non-existent-bucket"))),

 			policyLen:          len(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName)),
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusNotFound,
 		},
 		// Test case - 9.
@@ -374,8 +374,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 			bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, ".invalid-bucket", ".invalid-bucket"))),

 			policyLen:          len(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName)),
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusBadRequest,
 		},
 	}
@@ -469,7 +469,7 @@ func testGetBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 		// expected Response.
 		expectedRespStatus int
 	}{
-		{bucketName, credentials.AccessKeyID, credentials.SecretAccessKey, http.StatusNoContent},
+		{bucketName, credentials.AccessKey, credentials.SecretKey, http.StatusNoContent},
 	}

 	// Iterating over the cases and writing the bucket policy.
@@ -520,8 +520,8 @@ func testGetBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 		// Case which valid inputs, expected to return success status of 200OK.
 		{
 			bucketName:           bucketName,
-			accessKey:            credentials.AccessKeyID,
-			secretKey:            credentials.SecretAccessKey,
+			accessKey:            credentials.AccessKey,
+			secretKey:            credentials.SecretKey,
 			expectedBucketPolicy: bucketPolicyTemplate,
 			expectedRespStatus:   http.StatusOK,
 		},
@@ -529,8 +529,8 @@ func testGetBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 		// Case with non-existent bucket name.
 		{
 			bucketName:           "non-existent-bucket",
-			accessKey:            credentials.AccessKeyID,
-			secretKey:            credentials.SecretAccessKey,
+			accessKey:            credentials.AccessKey,
+			secretKey:            credentials.SecretKey,
 			expectedBucketPolicy: bucketPolicyTemplate,
 			expectedRespStatus:   http.StatusNotFound,
 		},
@@ -538,8 +538,8 @@ func testGetBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
 		// Case with invalid bucket name.
 		{
 			bucketName:           ".invalid-bucket-name",
-			accessKey:            credentials.AccessKeyID,
-			secretKey:            credentials.SecretAccessKey,
+			accessKey:            credentials.AccessKey,
+			secretKey:            credentials.SecretKey,
 			expectedBucketPolicy: "",
 			expectedRespStatus:   http.StatusBadRequest,
 		},
@@ -693,8 +693,8 @@ func testDeleteBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName str
 	}{
 		{
 			bucketName:         bucketName,
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusNoContent,
 		},
 	}
@@ -731,24 +731,24 @@ func testDeleteBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName str
 		// Test case - 1.
 		{
 			bucketName:         bucketName,
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusNoContent,
 		},
 		// Test case - 2.
 		// Case with non-existent-bucket.
 		{
 			bucketName:         "non-existent-bucket",
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusNotFound,
 		},
 		// Test case - 3.
 		// Case with invalid bucket name.
 		{
 			bucketName:         ".invalid-bucket-name",
-			accessKey:          credentials.AccessKeyID,
-			secretKey:          credentials.SecretAccessKey,
+			accessKey:          credentials.AccessKey,
+			secretKey:          credentials.SecretKey,
 			expectedRespStatus: http.StatusBadRequest,
 		},
 	}