MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 12:52:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

run gofumpt cleanup across code-base (#14015)

Browse Source
This commit is contained in:
Harshavardhana
2022-01-02 09:15:06 -08:00
committed by GitHub
parent 6f474982ed
commit f527c708f2
250 changed files with 1201 additions and 1264 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
cmd/sts-handlers.go
View File

@@ -139,7 +139,6 @@ func registerSTSRouter(router *mux.Router) {
stsRouter.Methods(http.MethodPost).HandlerFunc(httpTraceAll(sts.AssumeRoleWithCertificate)).
Queries(stsAction, clientCertificate).
Queries(stsVersion, stsAPIVersion)
}
func checkAssumeRoleAuth(ctx context.Context, r *http.Request) (user auth.Credentials, isErrCodeSTS bool, stsErr STSErrorCode) {
@@ -684,7 +683,7 @@ func (sts *stsAPIHandlers) AssumeRoleWithLDAPIdentity(w http.ResponseWriter, r *
//
// API endpoint: https://minio:9000?Action=AssumeRoleWithCertificate&Version=2011-06-15
func (sts *stsAPIHandlers) AssumeRoleWithCertificate(w http.ResponseWriter, r *http.Request) {
var ctx = newContext(r, w, "AssumeRoleWithCertificate")
ctx := newContext(r, w, "AssumeRoleWithCertificate")
if !globalSTSTLSConfig.Enabled {
writeSTSErrorResponse(ctx, w, true, ErrSTSNotInitialized, errors.New("STS API 'AssumeRoleWithCertificate' is disabled"))
@@ -706,7 +705,7 @@ func (sts *stsAPIHandlers) AssumeRoleWithCertificate(w http.ResponseWriter, r *h
// policy mapping would be ambigious.
// However, we can filter all CA certificates and only check
// whether they client has sent exactly one (non-CA) leaf certificate.
var peerCertificates = make([]*x509.Certificate, 0, len(r.TLS.PeerCertificates))
peerCertificates := make([]*x509.Certificate, 0, len(r.TLS.PeerCertificates))
for _, cert := range r.TLS.PeerCertificates {
if cert.IsCA {
continue
@@ -726,7 +725,7 @@ func (sts *stsAPIHandlers) AssumeRoleWithCertificate(w http.ResponseWriter, r *h
return
}
var certificate = r.TLS.PeerCertificates[0]
certificate := r.TLS.PeerCertificates[0]
if !globalSTSTLSConfig.InsecureSkipVerify { // Verify whether the client certificate has been issued by a trusted CA.
_, err := certificate.Verify(x509.VerifyOptions{
KeyUsages: []x509.ExtKeyUsage{
@@ -812,7 +811,7 @@ func (sts *stsAPIHandlers) AssumeRoleWithCertificate(w http.ResponseWriter, r *h
return
}
var response = new(AssumeRoleWithCertificateResponse)
response := new(AssumeRoleWithCertificateResponse)
response.Result.Credentials = tmpCredentials
response.Metadata.RequestID = w.Header().Get(xhttp.AmzRequestID)
writeSuccessResponseXML(w, encodeResponse(response))