validate keys before updating for IAM user (#7720)

New secretkey should be validated before updating it on the config. Fixes #7715
5 years ago · 900cc27b51
parent 8528017ad3
commit 900cc27b51
2 changed files with 8 additions and 2 deletions
--- a/cmd/web-handlers.go
+++ b/cmd/web-handlers.go
@ -842,12 +842,17 @@ func (web *webAPIHandlers) SetAuth(r *http.Request, args *SetAuthArgs, reply *Se
 			return errIncorrectCreds
 		}

-		err := globalIAMSys.SetUserSecretKey(claims.Subject, args.NewSecretKey)
+		creds, err := auth.CreateCredentials(claims.Subject, args.NewSecretKey)
 		if err != nil {
 			return toJSONError(err)
 		}

-		reply.Token, err = authenticateWeb(claims.Subject, args.NewSecretKey)
+		err = globalIAMSys.SetUserSecretKey(creds.AccessKey, creds.SecretKey)
+		if err != nil {
+			return toJSONError(err)
+		}
+
+		reply.Token, err = authenticateWeb(creds.AccessKey, creds.SecretKey)
 		if err != nil {
 			return toJSONError(err)
 		}
--- a/cmd/web-handlers_test.go
+++ b/cmd/web-handlers_test.go
@ -709,6 +709,7 @@ func testSetAuthWebHandler(obj ObjectLayer, instanceType string, t TestErrHandle
 	}{
 		{"", "", "", "", false},
 		{"1", "1", "1", "1", false},
+		{credentials.AccessKey, credentials.SecretKey, "azerty", "bar", false},
 		{credentials.AccessKey, credentials.SecretKey, "azerty", "foooooooooooooo", true},
 	}