oyd
/
minio
6
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #1272 from krishnasrinivas/get-auth

Browse Source 
GetAuth implementation. min/max check for accessKey and secretKey.
master
Harshavardhana 9 years ago
parent 2395c42fb5 e318925f62
commit 272c5165aa
2 changed files with 6 additions and 6 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      access-key.go
  2. 8
      web-handlers.go

4
access-key.go
Unescape View File

@ -44,10 +44,10 @@ const (
)
// isValidSecretKey - validate secret key.
var isValidSecretKey = regexp.MustCompile("^.{40}$")
var isValidSecretKey = regexp.MustCompile("^.{8,40}$")
// isValidAccessKey - validate access key.
var isValidAccessKey = regexp.MustCompile("^[A-Z0-9\\-\\.\\_\\~]{20}$")
var isValidAccessKey = regexp.MustCompile("^[a-zA-Z0-9\\-\\.\\_\\~]{5,20}$")
// mustGenAccessKeys - must generate access credentials.
func mustGenAccessKeys() (creds credential) {

8
web-handlers.go
Unescape View File

@ -311,11 +311,11 @@ func (web *webAPI) SetAuth(r *http.Request, args *SetAuthArgs, reply *SetAuthRep
if !isJWTReqAuthenticated(r) {
return &json2.Error{Message: "Unauthorized request"}
}
if args.AccessKey == "" {
return &json2.Error{Message: "Empty access key not allowed"}
if !isValidAccessKey.MatchString(args.AccessKey) {
return &json2.Error{Message: "Invalid Access Key"}
}
if args.SecretKey == "" {
return &json2.Error{Message: "Empty secret key not allowed"}
if !isValidSecretKey.MatchString(args.SecretKey) {
return &json2.Error{Message: "Invalid Secret Key"}
}
cred := credential{args.AccessKey, args.SecretKey}
serverConfig.SetCredential(cred)

Write Preview
Loading…
Cancel
Save