diff --git a/cmd/access-key.go b/cmd/access-key.go
deleted file mode 100644
index 5ade6037e..000000000
--- a/cmd/access-key.go
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Minio Cloud Storage, (C) 2015, 2016 Minio, Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package cmd
-
-import (
- "crypto/rand"
- "encoding/base64"
-)
-
-// credential container for access and secret keys.
-type credential struct {
- AccessKeyID string `json:"accessKey"`
- SecretAccessKey string `json:"secretKey"`
-}
-
-const (
- accessKeyMinLen = 5
- accessKeyMaxLen = 20
- secretKeyMinLen = 8
- secretKeyMaxLen = 40
-)
-
-// isValidAccessKey - validate access key for right length.
-func isValidAccessKey(accessKey string) bool {
- return len(accessKey) >= accessKeyMinLen && len(accessKey) <= accessKeyMaxLen
-}
-
-// isValidSecretKey - validate secret key for right length.
-func isValidSecretKey(secretKey string) bool {
- return len(secretKey) >= secretKeyMinLen && len(secretKey) <= secretKeyMaxLen
-}
-
-// mustGenAccessKeys - must generate access credentials.
-func mustGenAccessKeys() (creds credential) {
- creds, err := genAccessKeys()
- fatalIf(err, "Unable to generate access keys.")
- return creds
-}
-
-// genAccessKeys - generate access credentials.
-func genAccessKeys() (credential, error) {
- accessKeyID, err := genAccessKeyID()
- if err != nil {
- return credential{}, err
- }
- secretAccessKey, err := genSecretAccessKey()
- if err != nil {
- return credential{}, err
- }
- creds := credential{
- AccessKeyID: string(accessKeyID),
- SecretAccessKey: string(secretAccessKey),
- }
- return creds, nil
-}
-
-// genAccessKeyID - generate random alpha numeric value using only uppercase characters
-// takes input as size in integer
-func genAccessKeyID() ([]byte, error) {
- alpha := make([]byte, accessKeyMaxLen)
- if _, err := rand.Read(alpha); err != nil {
- return nil, err
- }
- for i := 0; i < accessKeyMaxLen; i++ {
- alpha[i] = alphaNumericTable[alpha[i]%byte(len(alphaNumericTable))]
- }
- return alpha, nil
-}
-
-// genSecretAccessKey - generate random base64 numeric value from a random seed.
-func genSecretAccessKey() ([]byte, error) {
- rb := make([]byte, secretKeyMaxLen)
- if _, err := rand.Read(rb); err != nil {
- return nil, err
- }
- return []byte(base64.StdEncoding.EncodeToString(rb))[:secretKeyMaxLen], nil
-}
diff --git a/cmd/admin-handlers_test.go b/cmd/admin-handlers_test.go
index 0e012626f..95f5b853e 100644
--- a/cmd/admin-handlers_test.go
+++ b/cmd/admin-handlers_test.go
@@ -83,7 +83,7 @@ func getAdminCmdRequest(cmd cmdType, cred credential) (*http.Request, error) {
return nil, err
}
req.Header.Set(minioAdminOpHeader, cmd.String())
- err = signRequestV4(req, cred.AccessKeyID, cred.SecretAccessKey)
+ err = signRequestV4(req, cred.AccessKey, cred.SecretKey)
if err != nil {
return nil, err
}
diff --git a/cmd/admin-rpc-client.go b/cmd/admin-rpc-client.go
index 324ecda7b..d454cc05a 100644
--- a/cmd/admin-rpc-client.go
+++ b/cmd/admin-rpc-client.go
@@ -109,8 +109,8 @@ func makeAdminPeers(eps []*url.URL) adminPeers {
// Check if the remote host has been added already
if !seenAddr[ep.Host] {
cfg := authConfig{
- accessKey: serverConfig.GetCredential().AccessKeyID,
- secretKey: serverConfig.GetCredential().SecretAccessKey,
+ accessKey: serverConfig.GetCredential().AccessKey,
+ secretKey: serverConfig.GetCredential().SecretKey,
address: ep.Host,
secureConn: isSSL(),
path: path.Join(reservedBucket, servicePath),
diff --git a/cmd/admin-rpc-server_test.go b/cmd/admin-rpc-server_test.go
index 99832642a..a18f91547 100644
--- a/cmd/admin-rpc-server_test.go
+++ b/cmd/admin-rpc-server_test.go
@@ -31,7 +31,7 @@ func testAdminCmd(cmd cmdType, t *testing.T) {
adminServer := serviceCmd{}
creds := serverConfig.GetCredential()
reply := RPCLoginReply{}
- args := RPCLoginArgs{Username: creds.AccessKeyID, Password: creds.SecretAccessKey}
+ args := RPCLoginArgs{Username: creds.AccessKey, Password: creds.SecretKey}
err = adminServer.LoginHandler(&args, &reply)
if err != nil {
t.Fatalf("Failed to login to admin server - %v", err)
diff --git a/cmd/api-headers.go b/cmd/api-headers.go
index 5dd9ebeac..a16470ca0 100644
--- a/cmd/api-headers.go
+++ b/cmd/api-headers.go
@@ -25,23 +25,26 @@ import (
"strconv"
)
-// Static alphanumeric table used for generating unique request ids
-var alphaNumericTable = []byte("0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ")
+const requestIDLen = 16
-// newRequestID generates and returns request ID string.
-func newRequestID() string {
- alpha := make([]byte, 16)
- rand.Read(alpha)
- for i := 0; i < 16; i++ {
- alpha[i] = alphaNumericTable[alpha[i]%byte(len(alphaNumericTable))]
+// mustGetRequestID generates and returns request ID string.
+func mustGetRequestID() string {
+ reqBytes := make([]byte, requestIDLen)
+ if _, err := rand.Read(reqBytes); err != nil {
+ panic(err)
}
- return string(alpha)
+
+ for i := 0; i < requestIDLen; i++ {
+ reqBytes[i] = alphaNumericTable[reqBytes[i]%alphaNumericTableLen]
+ }
+
+ return string(reqBytes)
}
// Write http common headers
func setCommonHeaders(w http.ResponseWriter) {
// Set unique request ID for each reply.
- w.Header().Set("X-Amz-Request-Id", newRequestID())
+ w.Header().Set("X-Amz-Request-Id", mustGetRequestID())
w.Header().Set("Server", ("Minio/" + ReleaseTag + " (" + runtime.GOOS + "; " + runtime.GOARCH + ")"))
w.Header().Set("Accept-Ranges", "bytes")
}
diff --git a/cmd/api-headers_test.go b/cmd/api-headers_test.go
index a20c4a3a1..540d136ee 100644
--- a/cmd/api-headers_test.go
+++ b/cmd/api-headers_test.go
@@ -22,7 +22,7 @@ import (
func TestNewRequestID(t *testing.T) {
// Ensure that it returns an alphanumeric result of length 16.
- var id = newRequestID()
+ var id = mustGetRequestID()
if len(id) != 16 {
t.Fail()
diff --git a/cmd/auth-handler_test.go b/cmd/auth-handler_test.go
index 0e6989390..a1a536131 100644
--- a/cmd/auth-handler_test.go
+++ b/cmd/auth-handler_test.go
@@ -301,7 +301,7 @@ func mustNewRequest(method string, urlStr string, contentLength int64, body io.R
func mustNewSignedRequest(method string, urlStr string, contentLength int64, body io.ReadSeeker, t *testing.T) *http.Request {
req := mustNewRequest(method, urlStr, contentLength, body, t)
cred := serverConfig.GetCredential()
- if err := signRequestV4(req, cred.AccessKeyID, cred.SecretAccessKey); err != nil {
+ if err := signRequestV4(req, cred.AccessKey, cred.SecretKey); err != nil {
t.Fatalf("Unable to inititalized new signed http request %s", err)
}
return req
diff --git a/cmd/auth-rpc-client.go b/cmd/auth-rpc-client.go
index 905eb2083..978c9382f 100644
--- a/cmd/auth-rpc-client.go
+++ b/cmd/auth-rpc-client.go
@@ -74,7 +74,7 @@ func isRPCTokenValid(tokenStr string) bool {
if _, ok := token.Method.(*jwtgo.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
}
- return []byte(jwt.SecretAccessKey), nil
+ return []byte(jwt.SecretKey), nil
})
if err != nil {
errorIf(err, "Unable to parse JWT token string")
diff --git a/cmd/browser-peer-rpc.go b/cmd/browser-peer-rpc.go
index f62ff80fe..3a76e8ff6 100644
--- a/cmd/browser-peer-rpc.go
+++ b/cmd/browser-peer-rpc.go
@@ -103,8 +103,8 @@ func updateCredsOnPeers(creds credential) map[string]error {
// Initialize client
client := newAuthClient(&authConfig{
- accessKey: serverConfig.GetCredential().AccessKeyID,
- secretKey: serverConfig.GetCredential().SecretAccessKey,
+ accessKey: serverConfig.GetCredential().AccessKey,
+ secretKey: serverConfig.GetCredential().SecretKey,
address: peers[ix],
secureConn: isSSL(),
path: path.Join(reservedBucket, browserPeerPath),
diff --git a/cmd/browser-peer-rpc_test.go b/cmd/browser-peer-rpc_test.go
index 2f34da764..4adfd4abf 100644
--- a/cmd/browser-peer-rpc_test.go
+++ b/cmd/browser-peer-rpc_test.go
@@ -63,8 +63,8 @@ func TestBrowserPeerRPC(t *testing.T) {
func (s *TestRPCBrowserPeerSuite) testBrowserPeerRPC(t *testing.T) {
// Construct RPC call arguments.
creds := credential{
- AccessKeyID: "abcd1",
- SecretAccessKey: "abcd1234",
+ AccessKey: "abcd1",
+ SecretKey: "abcd1234",
}
// Validate for invalid token.
@@ -105,8 +105,8 @@ func (s *TestRPCBrowserPeerSuite) testBrowserPeerRPC(t *testing.T) {
// Validate for success in loing handled with valid credetnails.
rargs = &RPCLoginArgs{
- Username: creds.AccessKeyID,
- Password: creds.SecretAccessKey,
+ Username: creds.AccessKey,
+ Password: creds.SecretKey,
}
rreply = &RPCLoginReply{}
err = rclient.Call("BrowserPeer.LoginHandler", rargs, rreply)
diff --git a/cmd/bucket-handlers_test.go b/cmd/bucket-handlers_test.go
index 24fb82783..212c066eb 100644
--- a/cmd/bucket-handlers_test.go
+++ b/cmd/bucket-handlers_test.go
@@ -50,8 +50,8 @@ func testGetBucketLocationHandler(obj ObjectLayer, instanceType, bucketName stri
// Tests for authenticated request and proper response.
{
bucketName: bucketName,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusOK,
locationResponse: []byte(`
`),
@@ -192,16 +192,16 @@ func testHeadBucketHandler(obj ObjectLayer, instanceType, bucketName string, api
// Bucket exists.
{
bucketName: bucketName,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusOK,
},
// Test case - 2.
// Non-existent bucket name.
{
bucketName: "2333",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotFound,
},
// Test case - 3.
@@ -311,8 +311,8 @@ func testListMultipartUploadsHandler(obj ObjectLayer, instanceType, bucketName s
uploadIDMarker: "",
delimiter: "",
maxUploads: "0",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
shouldPass: false,
},
@@ -325,8 +325,8 @@ func testListMultipartUploadsHandler(obj ObjectLayer, instanceType, bucketName s
uploadIDMarker: "",
delimiter: "",
maxUploads: "0",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotFound,
shouldPass: false,
},
@@ -339,8 +339,8 @@ func testListMultipartUploadsHandler(obj ObjectLayer, instanceType, bucketName s
uploadIDMarker: "",
delimiter: "-",
maxUploads: "0",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotImplemented,
shouldPass: false,
},
@@ -353,8 +353,8 @@ func testListMultipartUploadsHandler(obj ObjectLayer, instanceType, bucketName s
uploadIDMarker: "",
delimiter: "",
maxUploads: "0",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotImplemented,
shouldPass: false,
},
@@ -367,8 +367,8 @@ func testListMultipartUploadsHandler(obj ObjectLayer, instanceType, bucketName s
uploadIDMarker: "abc",
delimiter: "",
maxUploads: "0",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotImplemented,
shouldPass: false,
},
@@ -381,8 +381,8 @@ func testListMultipartUploadsHandler(obj ObjectLayer, instanceType, bucketName s
uploadIDMarker: "",
delimiter: "",
maxUploads: "-1",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
shouldPass: false,
},
@@ -396,8 +396,8 @@ func testListMultipartUploadsHandler(obj ObjectLayer, instanceType, bucketName s
uploadIDMarker: "",
delimiter: "/",
maxUploads: "100",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusOK,
shouldPass: true,
},
@@ -410,8 +410,8 @@ func testListMultipartUploadsHandler(obj ObjectLayer, instanceType, bucketName s
uploadIDMarker: "",
delimiter: "",
maxUploads: "100",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusOK,
shouldPass: true,
},
@@ -535,8 +535,8 @@ func testListBucketsHandler(obj ObjectLayer, instanceType, bucketName string, ap
// Validate a good case request succeeds.
{
bucketName: bucketName,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusOK,
},
// Test case - 2.
@@ -684,7 +684,7 @@ func testAPIDeleteMultipleObjectsHandler(obj ObjectLayer, instanceType, bucketNa
bucket: bucketName,
objects: successRequest0,
accessKey: "Invalid-AccessID",
- secretKey: credentials.SecretAccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: nil,
expectedRespStatus: http.StatusForbidden,
},
@@ -693,8 +693,8 @@ func testAPIDeleteMultipleObjectsHandler(obj ObjectLayer, instanceType, bucketNa
{
bucket: bucketName,
objects: successRequest0,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodedSuccessResponse0,
expectedRespStatus: http.StatusOK,
},
@@ -703,8 +703,8 @@ func testAPIDeleteMultipleObjectsHandler(obj ObjectLayer, instanceType, bucketNa
{
bucket: bucketName,
objects: successRequest1,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodedSuccessResponse1,
expectedRespStatus: http.StatusOK,
},
@@ -713,8 +713,8 @@ func testAPIDeleteMultipleObjectsHandler(obj ObjectLayer, instanceType, bucketNa
{
bucket: bucketName,
objects: successRequest1,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodedErrorResponse,
expectedRespStatus: http.StatusOK,
},
diff --git a/cmd/bucket-notification-handlers_test.go b/cmd/bucket-notification-handlers_test.go
index e4ef7b35b..986749fdd 100644
--- a/cmd/bucket-notification-handlers_test.go
+++ b/cmd/bucket-notification-handlers_test.go
@@ -209,7 +209,7 @@ func testGetBucketNotificationHandler(obj ObjectLayer, instanceType, bucketName
}
rec := httptest.NewRecorder()
req, err := newTestSignedRequestV4("GET", getGetBucketNotificationURL("", bucketName),
- 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ 0, nil, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("%s: Failed to create HTTP testRequest for ListenBucketNotification: %v", instanceType, err)
}
@@ -222,7 +222,7 @@ func testGetBucketNotificationHandler(obj ObjectLayer, instanceType, bucketName
}
rec = httptest.NewRecorder()
req, err = newTestSignedRequestV4("GET", getGetBucketNotificationURL("", bucketName),
- 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ 0, nil, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("%s: Failed to create HTTP testRequest for ListenBucketNotification: %v", instanceType, err)
}
@@ -268,7 +268,7 @@ func testListenBucketNotificationNilHandler(obj ObjectLayer, instanceType, bucke
[]string{"*.jpg"}, []string{
"s3:ObjectCreated:*",
"s3:ObjectRemoved:*",
- }), 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ }), 0, nil, credentials.AccessKey, credentials.SecretKey)
if tErr != nil {
t.Fatalf("%s: Failed to create HTTP testRequest for ListenBucketNotification: %v", instanceType, tErr)
}
@@ -294,7 +294,7 @@ func testRemoveNotificationConfig(obj ObjectLayer, instanceType, bucketName stri
testRec := httptest.NewRecorder()
testReq, tErr := newTestSignedRequestV4("PUT", getPutBucketNotificationURL("", randBucket),
int64(len(sampleNotificationBytes)), bytes.NewReader(sampleNotificationBytes),
- credentials.AccessKeyID, credentials.SecretAccessKey)
+ credentials.AccessKey, credentials.SecretKey)
if tErr != nil {
t.Fatalf("%s: Failed to create HTTP testRequest for PutBucketNotification: %v", instanceType, tErr)
}
diff --git a/cmd/bucket-policy-handlers_test.go b/cmd/bucket-policy-handlers_test.go
index 5b89e5289..c4d893e5d 100644
--- a/cmd/bucket-policy-handlers_test.go
+++ b/cmd/bucket-policy-handlers_test.go
@@ -277,8 +277,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName))),
policyLen: len(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName)),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNoContent,
},
// Test case - 2.
@@ -289,8 +289,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName))),
policyLen: maxAccessPolicySize + 1,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
},
// Test case - 3.
@@ -301,8 +301,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName))),
policyLen: 0,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusLengthRequired,
},
// Test case - 4.
@@ -312,8 +312,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
bucketPolicyReader: nil,
policyLen: 10,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
},
// Test case - 5.
@@ -336,8 +336,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
bucketPolicyReader: bytes.NewReader([]byte("dummy-policy")),
policyLen: len([]byte("dummy-policy")),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
},
// Test case - 7.
@@ -348,8 +348,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName))),
policyLen: len(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName)),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
},
// Test case - 8.
@@ -361,8 +361,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, "non-existent-bucket", "non-existent-bucket"))),
policyLen: len(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName)),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotFound,
},
// Test case - 9.
@@ -374,8 +374,8 @@ func testPutBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
bucketPolicyReader: bytes.NewReader([]byte(fmt.Sprintf(bucketPolicyTemplate, ".invalid-bucket", ".invalid-bucket"))),
policyLen: len(fmt.Sprintf(bucketPolicyTemplate, bucketName, bucketName)),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
},
}
@@ -469,7 +469,7 @@ func testGetBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
// expected Response.
expectedRespStatus int
}{
- {bucketName, credentials.AccessKeyID, credentials.SecretAccessKey, http.StatusNoContent},
+ {bucketName, credentials.AccessKey, credentials.SecretKey, http.StatusNoContent},
}
// Iterating over the cases and writing the bucket policy.
@@ -520,8 +520,8 @@ func testGetBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
// Case which valid inputs, expected to return success status of 200OK.
{
bucketName: bucketName,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedBucketPolicy: bucketPolicyTemplate,
expectedRespStatus: http.StatusOK,
},
@@ -529,8 +529,8 @@ func testGetBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
// Case with non-existent bucket name.
{
bucketName: "non-existent-bucket",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedBucketPolicy: bucketPolicyTemplate,
expectedRespStatus: http.StatusNotFound,
},
@@ -538,8 +538,8 @@ func testGetBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName string
// Case with invalid bucket name.
{
bucketName: ".invalid-bucket-name",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedBucketPolicy: "",
expectedRespStatus: http.StatusBadRequest,
},
@@ -693,8 +693,8 @@ func testDeleteBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName str
}{
{
bucketName: bucketName,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNoContent,
},
}
@@ -731,24 +731,24 @@ func testDeleteBucketPolicyHandler(obj ObjectLayer, instanceType, bucketName str
// Test case - 1.
{
bucketName: bucketName,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNoContent,
},
// Test case - 2.
// Case with non-existent-bucket.
{
bucketName: "non-existent-bucket",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotFound,
},
// Test case - 3.
// Case with invalid bucket name.
{
bucketName: ".invalid-bucket-name",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
},
}
diff --git a/cmd/config-migrate.go b/cmd/config-migrate.go
index 0107a3d8c..04da1c882 100644
--- a/cmd/config-migrate.go
+++ b/cmd/config-migrate.go
@@ -112,8 +112,8 @@ func migrateV2ToV3() error {
srvConfig.Version = "3"
srvConfig.Addr = ":9000"
srvConfig.Credential = credential{
- AccessKeyID: cv2.Credentials.AccessKeyID,
- SecretAccessKey: cv2.Credentials.SecretAccessKey,
+ AccessKey: cv2.Credentials.AccessKey,
+ SecretKey: cv2.Credentials.SecretKey,
}
srvConfig.Region = cv2.Credentials.Region
if srvConfig.Region == "" {
diff --git a/cmd/config-migrate_test.go b/cmd/config-migrate_test.go
index 2e0a1ce41..f2f4d3229 100644
--- a/cmd/config-migrate_test.go
+++ b/cmd/config-migrate_test.go
@@ -148,11 +148,11 @@ func TestServerConfigMigrateV2toV11(t *testing.T) {
}
// Check if accessKey and secretKey are not altered during migration
- if serverConfig.Credential.AccessKeyID != accessKey {
- t.Fatalf("Access key lost during migration, expected: %v, found:%v", accessKey, serverConfig.Credential.AccessKeyID)
+ if serverConfig.Credential.AccessKey != accessKey {
+ t.Fatalf("Access key lost during migration, expected: %v, found:%v", accessKey, serverConfig.Credential.AccessKey)
}
- if serverConfig.Credential.SecretAccessKey != secretKey {
- t.Fatalf("Secret key lost during migration, expected: %v, found: %v", secretKey, serverConfig.Credential.SecretAccessKey)
+ if serverConfig.Credential.SecretKey != secretKey {
+ t.Fatalf("Secret key lost during migration, expected: %v, found: %v", secretKey, serverConfig.Credential.SecretKey)
}
// Initialize server config and check again if everything is fine
diff --git a/cmd/config-old.go b/cmd/config-old.go
index 5f85873ce..ebf8edb3b 100644
--- a/cmd/config-old.go
+++ b/cmd/config-old.go
@@ -10,9 +10,9 @@ import (
/////////////////// Config V1 ///////////////////
type configV1 struct {
- Version string `json:"version"`
- AccessKeyID string `json:"accessKeyId"`
- SecretAccessKey string `json:"secretAccessKey"`
+ Version string `json:"version"`
+ AccessKey string `json:"accessKeyId"`
+ SecretKey string `json:"secretAccessKey"`
}
// loadConfigV1 load config
@@ -41,9 +41,9 @@ func loadConfigV1() (*configV1, error) {
type configV2 struct {
Version string `json:"version"`
Credentials struct {
- AccessKeyID string `json:"accessKeyId"`
- SecretAccessKey string `json:"secretAccessKey"`
- Region string `json:"region"`
+ AccessKey string `json:"accessKeyId"`
+ SecretKey string `json:"secretAccessKey"`
+ Region string `json:"region"`
} `json:"credentials"`
MongoLogger struct {
Addr string `json:"addr"`
diff --git a/cmd/config-v11.go b/cmd/config-v11.go
index 9bf425b26..ebef56f36 100644
--- a/cmd/config-v11.go
+++ b/cmd/config-v11.go
@@ -50,7 +50,7 @@ func initConfig() (bool, error) {
srvCfg := &serverConfigV11{}
srvCfg.Version = globalMinioConfigVersion
srvCfg.Region = "us-east-1"
- srvCfg.Credential = mustGenAccessKeys()
+ srvCfg.Credential = newCredential()
// Enable console logger by default on a fresh run.
srvCfg.Logger.Console = consoleLogger{
diff --git a/cmd/credential.go b/cmd/credential.go
new file mode 100644
index 000000000..3e2c7d576
--- /dev/null
+++ b/cmd/credential.go
@@ -0,0 +1,74 @@
+/*
+ * Minio Cloud Storage, (C) 2015, 2016 Minio, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cmd
+
+import (
+ "crypto/rand"
+ "encoding/base64"
+)
+
+const (
+ accessKeyMinLen = 5
+ accessKeyMaxLen = 20
+ secretKeyMinLen = 8
+ secretKeyMaxLen = 40
+
+ alphaNumericTable = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ alphaNumericTableLen = byte(len(alphaNumericTable))
+)
+
+func mustGetAccessKey() string {
+ keyBytes := make([]byte, accessKeyMaxLen)
+ if _, err := rand.Read(keyBytes); err != nil {
+ panic(err)
+ }
+
+ for i := 0; i < accessKeyMaxLen; i++ {
+ keyBytes[i] = alphaNumericTable[keyBytes[i]%alphaNumericTableLen]
+ }
+
+ return string(keyBytes)
+}
+
+func mustGetSecretKey() string {
+ keyBytes := make([]byte, secretKeyMaxLen)
+ if _, err := rand.Read(keyBytes); err != nil {
+ panic(err)
+ }
+
+ return string([]byte(base64.StdEncoding.EncodeToString(keyBytes))[:secretKeyMaxLen])
+}
+
+// isAccessKeyValid - validate access key for right length.
+func isAccessKeyValid(accessKey string) bool {
+ return len(accessKey) >= accessKeyMinLen && len(accessKey) <= accessKeyMaxLen
+}
+
+// isSecretKeyValid - validate secret key for right length.
+func isSecretKeyValid(secretKey string) bool {
+ return len(secretKey) >= secretKeyMinLen && len(secretKey) <= secretKeyMaxLen
+}
+
+// credential container for access and secret keys.
+type credential struct {
+ AccessKey string `json:"accessKey"`
+ SecretKey string `json:"secretKey"`
+}
+
+func newCredential() credential {
+ return credential{mustGetAccessKey(), mustGetSecretKey()}
+}
diff --git a/cmd/lock-instrument.go b/cmd/lock-instrument.go
index 2442e53ee..7c00ba6bd 100644
--- a/cmd/lock-instrument.go
+++ b/cmd/lock-instrument.go
@@ -268,5 +268,5 @@ func (n *nsLockMap) deleteLockInfoEntryForOps(param nsParam, opsID string) error
// Return randomly generated string ID
func getOpsID() string {
- return newRequestID()
+ return mustGetRequestID()
}
diff --git a/cmd/lock-rpc-server_test.go b/cmd/lock-rpc-server_test.go
index 30519b5b1..27098309e 100644
--- a/cmd/lock-rpc-server_test.go
+++ b/cmd/lock-rpc-server_test.go
@@ -55,7 +55,7 @@ func createLockTestServer(t *testing.T) (string, *lockServer, string) {
lockMap: make(map[string][]lockRequesterInfo),
}
creds := serverConfig.GetCredential()
- loginArgs := RPCLoginArgs{Username: creds.AccessKeyID, Password: creds.SecretAccessKey}
+ loginArgs := RPCLoginArgs{Username: creds.AccessKey, Password: creds.SecretKey}
loginReply := RPCLoginReply{}
err = locker.LoginHandler(&loginArgs, &loginReply)
if err != nil {
diff --git a/cmd/login-server_test.go b/cmd/login-server_test.go
index a79e18371..3d8f66a97 100644
--- a/cmd/login-server_test.go
+++ b/cmd/login-server_test.go
@@ -32,7 +32,7 @@ func TestLoginHandler(t *testing.T) {
}{
// Valid username and password
{
- args: RPCLoginArgs{Username: creds.AccessKeyID, Password: creds.SecretAccessKey},
+ args: RPCLoginArgs{Username: creds.AccessKey, Password: creds.SecretKey},
expectedErr: nil,
},
// Invalid username length
@@ -47,12 +47,12 @@ func TestLoginHandler(t *testing.T) {
},
// Invalid username
{
- args: RPCLoginArgs{Username: "aaaaa", Password: creds.SecretAccessKey},
+ args: RPCLoginArgs{Username: "aaaaa", Password: creds.SecretKey},
expectedErr: errInvalidAccessKeyID,
},
// Invalid password
{
- args: RPCLoginArgs{Username: creds.AccessKeyID, Password: "aaaaaaaa"},
+ args: RPCLoginArgs{Username: creds.AccessKey, Password: "aaaaaaaa"},
expectedErr: errAuthentication,
},
}
diff --git a/cmd/main.go b/cmd/main.go
index 9bd2292e2..073f3e922 100644
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -189,14 +189,14 @@ func minioInit() {
if accessKey != "" && secretKey != "" {
// Set new credentials.
serverConfig.SetCredential(credential{
- AccessKeyID: accessKey,
- SecretAccessKey: secretKey,
+ AccessKey: accessKey,
+ SecretKey: secretKey,
})
}
- if !isValidAccessKey(serverConfig.GetCredential().AccessKeyID) {
+ if !isAccessKeyValid(serverConfig.GetCredential().AccessKey) {
fatalIf(errInvalidArgument, "Invalid access key. Accept only a string starting with a alphabetic and containing from 5 to 20 characters.")
}
- if !isValidSecretKey(serverConfig.GetCredential().SecretAccessKey) {
+ if !isSecretKeyValid(serverConfig.GetCredential().SecretKey) {
fatalIf(errInvalidArgument, "Invalid secret key. Accept only a string containing from 8 to 40 characters.")
}
diff --git a/cmd/namespace-lock.go b/cmd/namespace-lock.go
index f549dd4f8..9f9ba73a5 100644
--- a/cmd/namespace-lock.go
+++ b/cmd/namespace-lock.go
@@ -40,8 +40,8 @@ func initDsyncNodes(eps []*url.URL) error {
return errInvalidArgument
}
clnts[index] = newAuthClient(&authConfig{
- accessKey: cred.AccessKeyID,
- secretKey: cred.SecretAccessKey,
+ accessKey: cred.AccessKey,
+ secretKey: cred.SecretKey,
// Construct a new dsync server addr.
secureConn: isSSL(),
address: ep.Host,
diff --git a/cmd/object-handlers_test.go b/cmd/object-handlers_test.go
index da23c77dd..7ea378bdb 100644
--- a/cmd/object-handlers_test.go
+++ b/cmd/object-handlers_test.go
@@ -97,8 +97,8 @@ func testAPIHeadObjectHandler(obj ObjectLayer, instanceType, bucketName string,
{
bucketName: bucketName,
objectName: objectName,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusOK,
},
// Test case - 2.
@@ -106,8 +106,8 @@ func testAPIHeadObjectHandler(obj ObjectLayer, instanceType, bucketName string,
{
bucketName: bucketName,
objectName: "abcd",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotFound,
},
// Test case - 3.
@@ -117,7 +117,7 @@ func testAPIHeadObjectHandler(obj ObjectLayer, instanceType, bucketName string,
bucketName: bucketName,
objectName: objectName,
accessKey: "Invalid-AccessID",
- secretKey: credentials.SecretAccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusForbidden,
},
}
@@ -248,8 +248,8 @@ func testAPIGetObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
bucketName: bucketName,
objectName: objectName,
byteRange: "",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: bytesData[0].byteData,
expectedRespStatus: http.StatusOK,
@@ -260,8 +260,8 @@ func testAPIGetObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
bucketName: bucketName,
objectName: "abcd",
byteRange: "",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodeResponse(getAPIErrorResponse(getAPIError(ErrNoSuchKey), getGetObjectURL("", bucketName, "abcd"))),
expectedRespStatus: http.StatusNotFound,
@@ -272,8 +272,8 @@ func testAPIGetObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
bucketName: bucketName,
objectName: objectName,
byteRange: "bytes=10-100",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: bytesData[0].byteData[10:101],
expectedRespStatus: http.StatusPartialContent,
@@ -284,8 +284,8 @@ func testAPIGetObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
bucketName: bucketName,
objectName: objectName,
byteRange: "bytes=-0",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodeResponse(getAPIErrorResponse(getAPIError(ErrInvalidRange), getGetObjectURL("", bucketName, objectName))),
expectedRespStatus: http.StatusRequestedRangeNotSatisfiable,
@@ -297,8 +297,8 @@ func testAPIGetObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
bucketName: bucketName,
objectName: objectName,
byteRange: "bytes=10-1000000000000000",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: bytesData[0].byteData[10:],
expectedRespStatus: http.StatusPartialContent,
@@ -311,7 +311,7 @@ func testAPIGetObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
objectName: objectName,
byteRange: "",
accessKey: "Invalid-AccessID",
- secretKey: credentials.SecretAccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodeResponse(getAPIErrorResponse(getAPIError(ErrInvalidAccessKeyID), getGetObjectURL("", bucketName, objectName))),
expectedRespStatus: http.StatusForbidden,
@@ -470,8 +470,8 @@ func testAPIPutObjectStreamSigV4Handler(obj ObjectLayer, instanceType, bucketNam
chunkSize: 64 * humanize.KiByte,
expectedContent: []byte{},
expectedRespStatus: http.StatusOK,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
shouldPass: true,
},
// Test case - 2
@@ -484,8 +484,8 @@ func testAPIPutObjectStreamSigV4Handler(obj ObjectLayer, instanceType, bucketNam
chunkSize: 1 * humanize.KiByte,
expectedContent: []byte{},
expectedRespStatus: http.StatusOK,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
shouldPass: true,
},
// Test case - 3
@@ -512,8 +512,8 @@ func testAPIPutObjectStreamSigV4Handler(obj ObjectLayer, instanceType, bucketNam
chunkSize: 64 * humanize.KiByte,
expectedContent: []byte{},
expectedRespStatus: http.StatusBadRequest,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
shouldPass: false,
removeAuthHeader: true,
},
@@ -527,8 +527,8 @@ func testAPIPutObjectStreamSigV4Handler(obj ObjectLayer, instanceType, bucketNam
chunkSize: 100 * humanize.KiByte,
expectedContent: []byte{},
expectedRespStatus: http.StatusOK,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
shouldPass: false,
},
// Test case - 6
@@ -541,8 +541,8 @@ func testAPIPutObjectStreamSigV4Handler(obj ObjectLayer, instanceType, bucketNam
chunkSize: 1024,
expectedContent: []byte{},
expectedRespStatus: http.StatusInternalServerError,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
shouldPass: false,
fault: malformedEncoding,
},
@@ -556,8 +556,8 @@ func testAPIPutObjectStreamSigV4Handler(obj ObjectLayer, instanceType, bucketNam
chunkSize: 1024,
expectedContent: []byte{},
expectedRespStatus: http.StatusBadRequest,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
shouldPass: false,
fault: unexpectedEOF,
},
@@ -571,8 +571,8 @@ func testAPIPutObjectStreamSigV4Handler(obj ObjectLayer, instanceType, bucketNam
chunkSize: 1024,
expectedContent: []byte{},
expectedRespStatus: http.StatusForbidden,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
shouldPass: false,
fault: signatureMismatch,
},
@@ -587,8 +587,8 @@ func testAPIPutObjectStreamSigV4Handler(obj ObjectLayer, instanceType, bucketNam
chunkSize: 1024,
expectedContent: []byte{},
expectedRespStatus: http.StatusForbidden,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
shouldPass: false,
fault: chunkDateMismatch,
},
@@ -602,8 +602,8 @@ func testAPIPutObjectStreamSigV4Handler(obj ObjectLayer, instanceType, bucketNam
chunkSize: 1024,
expectedContent: []byte{},
expectedRespStatus: http.StatusInternalServerError,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
shouldPass: false,
fault: tooBigDecodedLength,
},
@@ -733,8 +733,8 @@ func testAPIPutObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
objectName: objectName,
data: bytesData,
dataLen: len(bytesData),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusOK,
},
@@ -746,7 +746,7 @@ func testAPIPutObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
data: bytesData,
dataLen: len(bytesData),
accessKey: "Wrong-AcessID",
- secretKey: credentials.SecretAccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusForbidden,
},
@@ -758,8 +758,8 @@ func testAPIPutObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
headers: copySourceHeader,
data: bytesData,
dataLen: len(bytesData),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
},
// Test case - 4.
@@ -770,8 +770,8 @@ func testAPIPutObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
headers: invalidMD5Header,
data: bytesData,
dataLen: len(bytesData),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
},
// Test case - 5.
@@ -781,8 +781,8 @@ func testAPIPutObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
objectName: objectName,
data: bytesData,
dataLen: len(bytesData),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
fault: TooBigObject,
expectedRespStatus: http.StatusBadRequest,
},
@@ -793,8 +793,8 @@ func testAPIPutObjectHandler(obj ObjectLayer, instanceType, bucketName string, a
objectName: objectName,
data: bytesData,
dataLen: len(bytesData),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
fault: MissingContentLength,
expectedRespStatus: http.StatusLengthRequired,
},
@@ -991,8 +991,8 @@ func testAPICopyObjectHandler(obj ObjectLayer, instanceType, bucketName string,
bucketName: bucketName,
newObjectName: "newObject1",
copySourceHeader: url.QueryEscape("/" + bucketName + "/" + objectName),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusOK,
},
@@ -1003,8 +1003,8 @@ func testAPICopyObjectHandler(obj ObjectLayer, instanceType, bucketName string,
bucketName: bucketName,
newObjectName: "newObject1",
copySourceHeader: url.QueryEscape("/"),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
},
@@ -1014,8 +1014,8 @@ func testAPICopyObjectHandler(obj ObjectLayer, instanceType, bucketName string,
bucketName: bucketName,
newObjectName: objectName,
copySourceHeader: url.QueryEscape("/" + bucketName + "/" + objectName),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusBadRequest,
},
@@ -1027,8 +1027,8 @@ func testAPICopyObjectHandler(obj ObjectLayer, instanceType, bucketName string,
bucketName: bucketName,
newObjectName: objectName,
copySourceHeader: url.QueryEscape("/" + bucketName + "/" + "non-existent-object"),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotFound,
},
@@ -1040,19 +1040,19 @@ func testAPICopyObjectHandler(obj ObjectLayer, instanceType, bucketName string,
bucketName: "non-existent-destination-bucket",
newObjectName: objectName,
copySourceHeader: url.QueryEscape("/" + bucketName + "/" + objectName),
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotFound,
},
// Test case - 6.
- // Case with invalid AccessKeyID.
+ // Case with invalid AccessKey.
{
bucketName: bucketName,
newObjectName: objectName,
copySourceHeader: url.QueryEscape("/" + bucketName + "/" + objectName),
accessKey: "Invalid-AccessID",
- secretKey: credentials.SecretAccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusForbidden,
},
@@ -1175,7 +1175,7 @@ func testAPINewMultipartHandler(obj ObjectLayer, instanceType, bucketName string
rec := httptest.NewRecorder()
// construct HTTP request for NewMultipart upload.
req, err := newTestSignedRequestV4("POST", getNewMultipartURL("", bucketName, objectName),
- 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ 0, nil, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("Failed to create HTTP request for NewMultipart Request: %v", err)
@@ -1208,7 +1208,7 @@ func testAPINewMultipartHandler(obj ObjectLayer, instanceType, bucketName string
// construct HTTP request for NewMultipart upload.
// Setting an invalid accessID.
req, err = newTestSignedRequestV4("POST", getNewMultipartURL("", bucketName, objectName),
- 0, nil, "Invalid-AccessID", credentials.SecretAccessKey)
+ 0, nil, "Invalid-AccessID", credentials.SecretKey)
if err != nil {
t.Fatalf("Failed to create HTTP request for NewMultipart Request: %v", err)
@@ -1227,7 +1227,7 @@ func testAPINewMultipartHandler(obj ObjectLayer, instanceType, bucketName string
recV2 := httptest.NewRecorder()
// construct HTTP request for NewMultipartUpload endpoint.
reqV2, err := newTestSignedRequestV2("POST", getNewMultipartURL("", bucketName, objectName),
- 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ 0, nil, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("Failed to create HTTP request for NewMultipart Request: %v", err)
@@ -1260,7 +1260,7 @@ func testAPINewMultipartHandler(obj ObjectLayer, instanceType, bucketName string
// construct HTTP request for NewMultipartUpload endpoint.
// Setting invalid AccessID.
reqV2, err = newTestSignedRequestV2("POST", getNewMultipartURL("", bucketName, objectName),
- 0, nil, "Invalid-AccessID", credentials.SecretAccessKey)
+ 0, nil, "Invalid-AccessID", credentials.SecretKey)
if err != nil {
t.Fatalf("Failed to create HTTP request for NewMultipart Request: %v", err)
@@ -1331,7 +1331,7 @@ func testAPINewMultipartHandlerParallel(obj ObjectLayer, instanceType, bucketNam
defer wg.Done()
rec := httptest.NewRecorder()
// construct HTTP request NewMultipartUpload.
- req, err := newTestSignedRequestV4("POST", getNewMultipartURL("", bucketName, objectName), 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ req, err := newTestSignedRequestV4("POST", getNewMultipartURL("", bucketName, objectName), 0, nil, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("Failed to create HTTP request for NewMultipart request: %v", err)
@@ -1527,8 +1527,8 @@ func testAPICompleteMultipartHandler(obj ObjectLayer, instanceType, bucketName s
object: objectName,
uploadID: uploadIDs[0],
parts: inputParts[0].parts,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodeResponse(getAPIErrorResponse(getAPIError(toAPIErrorCode(BadDigest{})),
getGetObjectURL("", bucketName, objectName))),
@@ -1542,8 +1542,8 @@ func testAPICompleteMultipartHandler(obj ObjectLayer, instanceType, bucketName s
object: objectName,
uploadID: uploadIDs[0],
parts: []completePart{},
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodeResponse(getAPIErrorResponse(getAPIError(ErrMalformedXML),
getGetObjectURL("", bucketName, objectName))),
@@ -1557,8 +1557,8 @@ func testAPICompleteMultipartHandler(obj ObjectLayer, instanceType, bucketName s
object: objectName,
uploadID: "abc",
parts: inputParts[0].parts,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodeResponse(getAPIErrorResponse(getAPIError(toAPIErrorCode(InvalidUploadID{UploadID: "abc"})),
getGetObjectURL("", bucketName, objectName))),
@@ -1571,8 +1571,8 @@ func testAPICompleteMultipartHandler(obj ObjectLayer, instanceType, bucketName s
object: objectName,
uploadID: uploadIDs[0],
parts: inputParts[1].parts,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodeResponse(completeMultipartAPIError{int64(4), int64(5242880), 1, "e2fc714c4727ee9395f324cd2e7f331f",
getAPIErrorResponse(getAPIError(toAPIErrorCode(PartTooSmall{PartNumber: 1})),
@@ -1586,8 +1586,8 @@ func testAPICompleteMultipartHandler(obj ObjectLayer, instanceType, bucketName s
object: objectName,
uploadID: uploadIDs[0],
parts: inputParts[2].parts,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodeResponse(getAPIErrorResponse(getAPIError(toAPIErrorCode(InvalidPart{})),
getGetObjectURL("", bucketName, objectName))),
@@ -1601,8 +1601,8 @@ func testAPICompleteMultipartHandler(obj ObjectLayer, instanceType, bucketName s
object: objectName,
uploadID: uploadIDs[0],
parts: inputParts[3].parts,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodeResponse(getAPIErrorResponse(getAPIError(ErrInvalidPartOrder),
getGetObjectURL("", bucketName, objectName))),
@@ -1617,7 +1617,7 @@ func testAPICompleteMultipartHandler(obj ObjectLayer, instanceType, bucketName s
uploadID: uploadIDs[0],
parts: inputParts[4].parts,
accessKey: "Invalid-AccessID",
- secretKey: credentials.SecretAccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodeResponse(getAPIErrorResponse(getAPIError(ErrInvalidAccessKeyID),
getGetObjectURL("", bucketName, objectName))),
@@ -1631,8 +1631,8 @@ func testAPICompleteMultipartHandler(obj ObjectLayer, instanceType, bucketName s
object: objectName,
uploadID: uploadIDs[0],
parts: inputParts[4].parts,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedContent: encodedSuccessResponse,
expectedRespStatus: http.StatusOK,
@@ -1813,8 +1813,8 @@ func testAPIAbortMultipartHandler(obj ObjectLayer, instanceType, bucketName stri
bucket: bucketName,
object: objectName,
uploadID: uploadIDs[0],
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNoContent,
},
// Test case - 2.
@@ -1823,8 +1823,8 @@ func testAPIAbortMultipartHandler(obj ObjectLayer, instanceType, bucketName stri
bucket: bucketName,
object: objectName,
uploadID: "nonexistent-upload-id",
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNotFound,
},
// Test case - 3.
@@ -1834,7 +1834,7 @@ func testAPIAbortMultipartHandler(obj ObjectLayer, instanceType, bucketName stri
object: objectName,
uploadID: uploadIDs[0],
accessKey: "Invalid-AccessID",
- secretKey: credentials.SecretAccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusForbidden,
},
}
@@ -1957,8 +1957,8 @@ func testAPIDeleteObjectHandler(obj ObjectLayer, instanceType, bucketName string
{
bucketName: bucketName,
objectName: objectName,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNoContent,
},
@@ -1968,8 +1968,8 @@ func testAPIDeleteObjectHandler(obj ObjectLayer, instanceType, bucketName string
{
bucketName: bucketName,
objectName: objectName,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusNoContent,
},
@@ -1980,7 +1980,7 @@ func testAPIDeleteObjectHandler(obj ObjectLayer, instanceType, bucketName string
bucketName: bucketName,
objectName: objectName,
accessKey: "Invalid-AccessKey",
- secretKey: credentials.SecretAccessKey,
+ secretKey: credentials.SecretKey,
expectedRespStatus: http.StatusForbidden,
},
@@ -2070,7 +2070,7 @@ func testAPIPutObjectPartHandlerPreSign(obj ObjectLayer, instanceType, bucketNam
testObject := "testobject"
rec := httptest.NewRecorder()
req, err := newTestSignedRequestV4("POST", getNewMultipartURL("", bucketName, "testobject"),
- 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ 0, nil, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("[%s] - Failed to create a signed request to initiate multipart upload for %s/%s: %v",
instanceType, bucketName, testObject, err)
@@ -2096,7 +2096,7 @@ func testAPIPutObjectPartHandlerPreSign(obj ObjectLayer, instanceType, bucketNam
t.Fatalf("[%s] - Failed to create an unsigned request to put object part for %s/%s %v",
instanceType, bucketName, testObject, err)
}
- err = preSignV2(req, credentials.AccessKeyID, credentials.SecretAccessKey, int64(10*60*60))
+ err = preSignV2(req, credentials.AccessKey, credentials.SecretKey, int64(10*60*60))
if err != nil {
t.Fatalf("[%s] - Failed to presign an unsigned request to put object part for %s/%s %v",
instanceType, bucketName, testObject, err)
@@ -2113,7 +2113,7 @@ func testAPIPutObjectPartHandlerPreSign(obj ObjectLayer, instanceType, bucketNam
t.Fatalf("[%s] - Failed to create an unsigned request to put object part for %s/%s %v",
instanceType, bucketName, testObject, err)
}
- err = preSignV4(req, credentials.AccessKeyID, credentials.SecretAccessKey, int64(10*60*60))
+ err = preSignV4(req, credentials.AccessKey, credentials.SecretKey, int64(10*60*60))
if err != nil {
t.Fatalf("[%s] - Failed to presign an unsigned request to put object part for %s/%s %v",
instanceType, bucketName, testObject, err)
@@ -2136,7 +2136,7 @@ func testAPIPutObjectPartHandlerStreaming(obj ObjectLayer, instanceType, bucketN
testObject := "testobject"
rec := httptest.NewRecorder()
req, err := newTestSignedRequestV4("POST", getNewMultipartURL("", bucketName, "testobject"),
- 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ 0, nil, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("[%s] - Failed to create a signed request to initiate multipart upload for %s/%s: %v",
instanceType, bucketName, testObject, err)
@@ -2171,7 +2171,7 @@ func testAPIPutObjectPartHandlerStreaming(obj ObjectLayer, instanceType, bucketN
rec = httptest.NewRecorder()
req, err = newTestStreamingSignedRequest("PUT",
getPutObjectPartURL("", bucketName, testObject, mpartResp.UploadID, "1"),
- 5, 1, bytes.NewReader([]byte("hello")), credentials.AccessKeyID, credentials.SecretAccessKey)
+ 5, 1, bytes.NewReader([]byte("hello")), credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("Failed to create new streaming signed HTTP request: %v.", err)
@@ -2273,8 +2273,8 @@ func testAPIPutObjectPartHandler(obj ObjectLayer, instanceType, bucketName strin
reader: bytes.NewReader([]byte("hello")),
partNumber: "1",
fault: None,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedAPIError: noAPIErr,
},
@@ -2285,8 +2285,8 @@ func testAPIPutObjectPartHandler(obj ObjectLayer, instanceType, bucketName strin
reader: bytes.NewReader([]byte("hello")),
partNumber: "9999999999999999999",
fault: None,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedAPIError: invalidPart,
},
@@ -2297,8 +2297,8 @@ func testAPIPutObjectPartHandler(obj ObjectLayer, instanceType, bucketName strin
reader: bytes.NewReader([]byte("hello")),
partNumber: strconv.Itoa(maxPartID + 1),
fault: None,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedAPIError: invalidMaxParts,
},
@@ -2309,8 +2309,8 @@ func testAPIPutObjectPartHandler(obj ObjectLayer, instanceType, bucketName strin
reader: bytes.NewReader([]byte("hello")),
partNumber: "1",
fault: MissingContentLength,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedAPIError: missingContent,
},
@@ -2321,8 +2321,8 @@ func testAPIPutObjectPartHandler(obj ObjectLayer, instanceType, bucketName strin
reader: bytes.NewReader([]byte("hello")),
partNumber: "1",
fault: TooBigObject,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedAPIError: entityTooLarge,
},
@@ -2333,8 +2333,8 @@ func testAPIPutObjectPartHandler(obj ObjectLayer, instanceType, bucketName strin
reader: bytes.NewReader([]byte("hello")),
partNumber: "1",
fault: BadSignature,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedAPIError: badSigning,
},
@@ -2346,8 +2346,8 @@ func testAPIPutObjectPartHandler(obj ObjectLayer, instanceType, bucketName strin
reader: bytes.NewReader([]byte("hello")),
partNumber: "1",
fault: BadMD5,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedAPIError: badChecksum,
},
@@ -2358,8 +2358,8 @@ func testAPIPutObjectPartHandler(obj ObjectLayer, instanceType, bucketName strin
reader: bytes.NewReader([]byte("hello")),
partNumber: "1",
fault: MissingUploadID,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
expectedAPIError: noSuchUploadID,
},
@@ -2372,7 +2372,7 @@ func testAPIPutObjectPartHandler(obj ObjectLayer, instanceType, bucketName strin
partNumber: "1",
fault: None,
accessKey: "Invalid-AccessID",
- secretKey: credentials.SecretAccessKey,
+ secretKey: credentials.SecretKey,
expectedAPIError: invalidAccessID,
},
@@ -2541,7 +2541,7 @@ func testAPIListObjectPartsHandlerPreSign(obj ObjectLayer, instanceType, bucketN
testObject := "testobject"
rec := httptest.NewRecorder()
req, err := newTestSignedRequestV4("POST", getNewMultipartURL("", bucketName, testObject),
- 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ 0, nil, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("[%s] - Failed to create a signed request to initiate multipart upload for %s/%s: %v",
instanceType, bucketName, testObject, err)
@@ -2564,7 +2564,7 @@ func testAPIListObjectPartsHandlerPreSign(obj ObjectLayer, instanceType, bucketN
rec = httptest.NewRecorder()
req, err = newTestSignedRequestV4("PUT",
getPutObjectPartURL("", bucketName, testObject, mpartResp.UploadID, "1"),
- int64(len("hello")), bytes.NewReader([]byte("hello")), credentials.AccessKeyID, credentials.SecretAccessKey)
+ int64(len("hello")), bytes.NewReader([]byte("hello")), credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("[%s] - Failed to create a signed request to initiate multipart upload for %s/%s: %v",
instanceType, bucketName, testObject, err)
@@ -2584,7 +2584,7 @@ func testAPIListObjectPartsHandlerPreSign(obj ObjectLayer, instanceType, bucketN
instanceType, bucketName, mpartResp.UploadID)
}
- err = preSignV2(req, credentials.AccessKeyID, credentials.SecretAccessKey, int64(10*60*60))
+ err = preSignV2(req, credentials.AccessKey, credentials.SecretKey, int64(10*60*60))
if err != nil {
t.Fatalf("[%s] - Failed to presignV2 an unsigned request to list object parts for bucket %s, uploadId %s",
instanceType, bucketName, mpartResp.UploadID)
@@ -2604,7 +2604,7 @@ func testAPIListObjectPartsHandlerPreSign(obj ObjectLayer, instanceType, bucketN
instanceType, bucketName, mpartResp.UploadID)
}
- err = preSignV4(req, credentials.AccessKeyID, credentials.SecretAccessKey, int64(10*60*60))
+ err = preSignV4(req, credentials.AccessKey, credentials.SecretKey, int64(10*60*60))
if err != nil {
t.Fatalf("[%s] - Failed to presignV2 an unsigned request to list object parts for bucket %s, uploadId %s",
instanceType, bucketName, mpartResp.UploadID)
@@ -2724,7 +2724,7 @@ func testAPIListObjectPartsHandler(obj ObjectLayer, instanceType, bucketName str
// constructing a v4 signed HTTP request for ListMultipartUploads.
reqV4, err = newTestSignedRequestV4("GET",
getListMultipartURLWithParams("", bucketName, testObject, uploadID, test.maxParts, test.partNumberMarker, ""),
- 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ 0, nil, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("Failed to create a V4 signed request to list object parts for %s/%s: %v.",
@@ -2734,7 +2734,7 @@ func testAPIListObjectPartsHandler(obj ObjectLayer, instanceType, bucketName str
// construct HTTP request for PutObject Part Object endpoint.
reqV2, err = newTestSignedRequestV2("GET",
getListMultipartURLWithParams("", bucketName, testObject, uploadID, test.maxParts, test.partNumberMarker, ""),
- 0, nil, credentials.AccessKeyID, credentials.SecretAccessKey)
+ 0, nil, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatalf("Failed to create a V2 signed request to list object parts for %s/%s: %v.",
diff --git a/cmd/post-policy_test.go b/cmd/post-policy_test.go
index 6881f18af..1b9b891d9 100644
--- a/cmd/post-policy_test.go
+++ b/cmd/post-policy_test.go
@@ -154,9 +154,9 @@ func testPostPolicyBucketHandler(obj ObjectLayer, instanceType string, t TestErr
accessKey string
secretKey string
}{
- {http.StatusForbidden, "invalidaccesskey", credentials.SecretAccessKey},
- {http.StatusForbidden, credentials.AccessKeyID, "invalidsecretkey"},
- {http.StatusNoContent, credentials.AccessKeyID, credentials.SecretAccessKey},
+ {http.StatusForbidden, "invalidaccesskey", credentials.SecretKey},
+ {http.StatusForbidden, credentials.AccessKey, "invalidsecretkey"},
+ {http.StatusNoContent, credentials.AccessKey, credentials.SecretKey},
}
for i, test := range testCasesV2 {
@@ -190,8 +190,8 @@ func testPostPolicyBucketHandler(obj ObjectLayer, instanceType string, t TestErr
data: []byte("Hello, World"),
expectedRespStatus: http.StatusNoContent,
expectedHeaders: map[string]string{"X-Amz-Meta-Uuid": "1234"},
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
malformedBody: false,
},
// Bad case invalid request.
@@ -208,8 +208,8 @@ func testPostPolicyBucketHandler(obj ObjectLayer, instanceType string, t TestErr
objectName: "test",
data: []byte("Hello, World"),
expectedRespStatus: http.StatusBadRequest,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
malformedBody: true,
},
}
@@ -262,20 +262,20 @@ func testPostPolicyBucketHandler(obj ObjectLayer, instanceType string, t TestErr
objectName: "test",
data: []byte("Hello, World"),
expectedRespStatus: http.StatusNoContent,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
dates: []interface{}{curTimePlus5Min.Format(expirationDateFormat), curTime.Format(iso8601DateFormat), curTime.Format(yyyymmdd)},
- policy: `{"expiration": "%s","conditions":[["eq", "$bucket", "` + bucketName + `"], ["starts-with", "$key", "test/"], ["eq", "$x-amz-algorithm", "AWS4-HMAC-SHA256"], ["eq", "$x-amz-date", "%s"], ["eq", "$x-amz-credential", "` + credentials.AccessKeyID + `/%s/us-east-1/s3/aws4_request"]]}`,
+ policy: `{"expiration": "%s","conditions":[["eq", "$bucket", "` + bucketName + `"], ["starts-with", "$key", "test/"], ["eq", "$x-amz-algorithm", "AWS4-HMAC-SHA256"], ["eq", "$x-amz-date", "%s"], ["eq", "$x-amz-credential", "` + credentials.AccessKey + `/%s/us-east-1/s3/aws4_request"]]}`,
},
// Corrupted Base 64 result
{
objectName: "test",
data: []byte("Hello, World"),
expectedRespStatus: http.StatusBadRequest,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
dates: []interface{}{curTimePlus5Min.Format(expirationDateFormat), curTime.Format(iso8601DateFormat), curTime.Format(yyyymmdd)},
- policy: `{"expiration": "%s","conditions":[["eq", "$bucket", "` + bucketName + `"], ["starts-with", "$key", "test/"], ["eq", "$x-amz-algorithm", "AWS4-HMAC-SHA256"], ["eq", "$x-amz-date", "%s"], ["eq", "$x-amz-credential", "` + credentials.AccessKeyID + `/%s/us-east-1/s3/aws4_request"]]}`,
+ policy: `{"expiration": "%s","conditions":[["eq", "$bucket", "` + bucketName + `"], ["starts-with", "$key", "test/"], ["eq", "$x-amz-algorithm", "AWS4-HMAC-SHA256"], ["eq", "$x-amz-date", "%s"], ["eq", "$x-amz-credential", "` + credentials.AccessKey + `/%s/us-east-1/s3/aws4_request"]]}`,
corruptedBase64: true,
},
// Corrupted Multipart body
@@ -283,10 +283,10 @@ func testPostPolicyBucketHandler(obj ObjectLayer, instanceType string, t TestErr
objectName: "test",
data: []byte("Hello, World"),
expectedRespStatus: http.StatusBadRequest,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
dates: []interface{}{curTimePlus5Min.Format(expirationDateFormat), curTime.Format(iso8601DateFormat), curTime.Format(yyyymmdd)},
- policy: `{"expiration": "%s","conditions":[["eq", "$bucket", "` + bucketName + `"], ["starts-with", "$key", "test/"], ["eq", "$x-amz-algorithm", "AWS4-HMAC-SHA256"], ["eq", "$x-amz-date", "%s"], ["eq", "$x-amz-credential", "` + credentials.AccessKeyID + `/%s/us-east-1/s3/aws4_request"]]}`,
+ policy: `{"expiration": "%s","conditions":[["eq", "$bucket", "` + bucketName + `"], ["starts-with", "$key", "test/"], ["eq", "$x-amz-algorithm", "AWS4-HMAC-SHA256"], ["eq", "$x-amz-date", "%s"], ["eq", "$x-amz-credential", "` + credentials.AccessKey + `/%s/us-east-1/s3/aws4_request"]]}`,
corruptedMultipart: true,
},
@@ -305,18 +305,18 @@ func testPostPolicyBucketHandler(obj ObjectLayer, instanceType string, t TestErr
objectName: "test",
data: []byte("Hello, World"),
expectedRespStatus: http.StatusBadRequest,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
dates: []interface{}{curTime.Add(-1 * time.Minute * 5).Format(expirationDateFormat), curTime.Format(iso8601DateFormat), curTime.Format(yyyymmdd)},
- policy: `{"expiration": "%s","conditions":[["eq", "$bucket", "` + bucketName + `"], ["starts-with", "$key", "test/"], ["eq", "$x-amz-algorithm", "AWS4-HMAC-SHA256"], ["eq", "$x-amz-date", "%s"], ["eq", "$x-amz-credential", "` + credentials.AccessKeyID + `/%s/us-east-1/s3/aws4_request"]]}`,
+ policy: `{"expiration": "%s","conditions":[["eq", "$bucket", "` + bucketName + `"], ["starts-with", "$key", "test/"], ["eq", "$x-amz-algorithm", "AWS4-HMAC-SHA256"], ["eq", "$x-amz-date", "%s"], ["eq", "$x-amz-credential", "` + credentials.AccessKey + `/%s/us-east-1/s3/aws4_request"]]}`,
},
// Corrupted policy document
{
objectName: "test",
data: []byte("Hello, World"),
expectedRespStatus: http.StatusBadRequest,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
dates: []interface{}{curTimePlus5Min.Format(expirationDateFormat), curTime.Format(iso8601DateFormat), curTime.Format(yyyymmdd)},
policy: `{"3/aws4_request"]]}`,
},
@@ -354,8 +354,8 @@ func testPostPolicyBucketHandler(obj ObjectLayer, instanceType string, t TestErr
objectName: "test",
data: bytes.Repeat([]byte("a"), 1025),
expectedRespStatus: http.StatusNoContent,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
malformedBody: false,
},
// Failed with entity too small.
@@ -363,8 +363,8 @@ func testPostPolicyBucketHandler(obj ObjectLayer, instanceType string, t TestErr
objectName: "test",
data: bytes.Repeat([]byte("a"), 1023),
expectedRespStatus: http.StatusBadRequest,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
malformedBody: false,
},
// Failed with entity too large.
@@ -372,8 +372,8 @@ func testPostPolicyBucketHandler(obj ObjectLayer, instanceType string, t TestErr
objectName: "test",
data: bytes.Repeat([]byte("a"), (1*humanize.MiByte)+1),
expectedRespStatus: http.StatusBadRequest,
- accessKey: credentials.AccessKeyID,
- secretKey: credentials.SecretAccessKey,
+ accessKey: credentials.AccessKey,
+ secretKey: credentials.SecretKey,
malformedBody: false,
},
}
@@ -444,14 +444,14 @@ func testPostPolicyBucketHandlerRedirect(obj ObjectLayer, instanceType string, t
rec := httptest.NewRecorder()
dates := []interface{}{curTimePlus5Min.Format(expirationDateFormat), curTime.Format(iso8601DateFormat), curTime.Format(yyyymmdd)}
- policy := `{"expiration": "%s","conditions":[["eq", "$bucket", "` + bucketName + `"], {"success_action_redirect":"` + redirectURL + `"},["starts-with", "$key", "test/"], ["eq", "$x-amz-algorithm", "AWS4-HMAC-SHA256"], ["eq", "$x-amz-date", "%s"], ["eq", "$x-amz-credential", "` + credentials.AccessKeyID + `/%s/us-east-1/s3/aws4_request"]]}`
+ policy := `{"expiration": "%s","conditions":[["eq", "$bucket", "` + bucketName + `"], {"success_action_redirect":"` + redirectURL + `"},["starts-with", "$key", "test/"], ["eq", "$x-amz-algorithm", "AWS4-HMAC-SHA256"], ["eq", "$x-amz-date", "%s"], ["eq", "$x-amz-credential", "` + credentials.AccessKey + `/%s/us-east-1/s3/aws4_request"]]}`
// Generate the final policy document
policy = fmt.Sprintf(policy, dates...)
// Create a new POST request with success_action_redirect field specified
req, perr := newPostRequestV4Generic("", bucketName, keyName, []byte("objData"),
- credentials.AccessKeyID, credentials.SecretAccessKey, curTime,
+ credentials.AccessKey, credentials.SecretKey, curTime,
[]byte(policy), map[string]string{"success_action_redirect": redirectURL}, false, false)
if perr != nil {
diff --git a/cmd/prepare-storage-msg.go b/cmd/prepare-storage-msg.go
index bf442a0f8..d4d38700a 100644
--- a/cmd/prepare-storage-msg.go
+++ b/cmd/prepare-storage-msg.go
@@ -103,7 +103,7 @@ func getHealMsg(endpoints []*url.URL, storageDisks []StorageAPI) string {
// msg += "MINIO_SECRET_KEY=%s "
// msg += "minio control heal %s"
// creds := serverConfig.GetCredential()
- // msg = fmt.Sprintf(msg, creds.AccessKeyID, creds.SecretAccessKey, getHealEndpoint(isSSL(), endpoints[0]))
+ // msg = fmt.Sprintf(msg, creds.AccessKey, creds.SecretKey, getHealEndpoint(isSSL(), endpoints[0]))
disksInfo, _, _ := getDisksInfo(storageDisks)
for i, info := range disksInfo {
if storageDisks[i] == nil {
diff --git a/cmd/s3-peer-client.go b/cmd/s3-peer-client.go
index 758256f8b..670eb14bf 100644
--- a/cmd/s3-peer-client.go
+++ b/cmd/s3-peer-client.go
@@ -62,8 +62,8 @@ func makeS3Peers(eps []*url.URL) s3Peers {
// Check if the remote host has been added already
if !seenAddr[ep.Host] {
cfg := authConfig{
- accessKey: serverConfig.GetCredential().AccessKeyID,
- secretKey: serverConfig.GetCredential().SecretAccessKey,
+ accessKey: serverConfig.GetCredential().AccessKey,
+ secretKey: serverConfig.GetCredential().SecretKey,
address: ep.Host,
secureConn: isSSL(),
path: path.Join(reservedBucket, s3Path),
diff --git a/cmd/server-startup-msg.go b/cmd/server-startup-msg.go
index 8e0e96742..720ede6c7 100644
--- a/cmd/server-startup-msg.go
+++ b/cmd/server-startup-msg.go
@@ -75,8 +75,8 @@ func printServerCommonMsg(endPoints []string) {
endPointStr := strings.Join(endPoints, " ")
// Colorize the message and print.
console.Println(colorBlue("\nEndpoint: ") + colorBold(fmt.Sprintf(getFormatStr(len(endPointStr), 1), endPointStr)))
- console.Println(colorBlue("AccessKey: ") + colorBold(fmt.Sprintf("%s ", cred.AccessKeyID)))
- console.Println(colorBlue("SecretKey: ") + colorBold(fmt.Sprintf("%s ", cred.SecretAccessKey)))
+ console.Println(colorBlue("AccessKey: ") + colorBold(fmt.Sprintf("%s ", cred.AccessKey)))
+ console.Println(colorBlue("SecretKey: ") + colorBold(fmt.Sprintf("%s ", cred.SecretKey)))
console.Println(colorBlue("Region: ") + colorBold(fmt.Sprintf(getFormatStr(len(region), 3), region)))
printEventNotifiers()
@@ -109,10 +109,10 @@ func printCLIAccessMsg(endPoint string) {
// Configure 'mc', following block prints platform specific information for minio client.
console.Println(colorBlue("\nCommand-line Access: ") + mcQuickStartGuide)
if runtime.GOOS == "windows" {
- mcMessage := fmt.Sprintf("$ mc.exe config host add myminio %s %s %s", endPoint, cred.AccessKeyID, cred.SecretAccessKey)
+ mcMessage := fmt.Sprintf("$ mc.exe config host add myminio %s %s %s", endPoint, cred.AccessKey, cred.SecretKey)
console.Println(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
} else {
- mcMessage := fmt.Sprintf("$ mc config host add myminio %s %s %s", endPoint, cred.AccessKeyID, cred.SecretAccessKey)
+ mcMessage := fmt.Sprintf("$ mc config host add myminio %s %s %s", endPoint, cred.AccessKey, cred.SecretKey)
console.Println(fmt.Sprintf(getFormatStr(len(mcMessage), 3), mcMessage))
}
}
diff --git a/cmd/server_test.go b/cmd/server_test.go
index 7d6f57c54..5f6fa9b83 100644
--- a/cmd/server_test.go
+++ b/cmd/server_test.go
@@ -94,14 +94,10 @@ func (s *TestSuiteCommon) TearDownSuite(c *C) {
}
func (s *TestSuiteCommon) TestAuth(c *C) {
- secretID, err := genSecretAccessKey()
- c.Assert(err, IsNil)
-
- accessID, err := genAccessKeyID()
- c.Assert(err, IsNil)
+ cred := newCredential()
- c.Assert(len(secretID), Equals, secretKeyMaxLen)
- c.Assert(len(accessID), Equals, accessKeyMaxLen)
+ c.Assert(len(cred.AccessKey), Equals, accessKeyMaxLen)
+ c.Assert(len(cred.SecretKey), Equals, secretKeyMaxLen)
}
func (s *TestSuiteCommon) TestBucketSQSNotification(c *C) {
diff --git a/cmd/signature-jwt.go b/cmd/signature-jwt.go
index 7866eef4e..ab2d1b4cd 100644
--- a/cmd/signature-jwt.go
+++ b/cmd/signature-jwt.go
@@ -43,10 +43,10 @@ const (
// newJWT - returns new JWT object.
func newJWT(expiry time.Duration, cred credential) (*JWT, error) {
- if !isValidAccessKey(cred.AccessKeyID) {
+ if !isAccessKeyValid(cred.AccessKey) {
return nil, errInvalidAccessKeyLength
}
- if !isValidSecretKey(cred.SecretAccessKey) {
+ if !isSecretKeyValid(cred.SecretKey) {
return nil, errInvalidSecretKeyLength
}
return &JWT{cred, expiry}, nil
@@ -60,7 +60,7 @@ func (jwt *JWT) GenerateToken(accessKey string) (string, error) {
// Trim spaces.
accessKey = strings.TrimSpace(accessKey)
- if !isValidAccessKey(accessKey) {
+ if !isAccessKeyValid(accessKey) {
return "", errInvalidAccessKeyLength
}
@@ -71,7 +71,7 @@ func (jwt *JWT) GenerateToken(accessKey string) (string, error) {
"iat": tUTCNow.Unix(),
"sub": accessKey,
})
- return token.SignedString([]byte(jwt.SecretAccessKey))
+ return token.SignedString([]byte(jwt.SecretKey))
}
var errInvalidAccessKeyID = errors.New("The access key ID you provided does not exist in our records")
@@ -82,18 +82,18 @@ func (jwt *JWT) Authenticate(accessKey, secretKey string) error {
// Trim spaces.
accessKey = strings.TrimSpace(accessKey)
- if !isValidAccessKey(accessKey) {
+ if !isAccessKeyValid(accessKey) {
return errInvalidAccessKeyLength
}
- if !isValidSecretKey(secretKey) {
+ if !isSecretKeyValid(secretKey) {
return errInvalidSecretKeyLength
}
- if accessKey != jwt.AccessKeyID {
+ if accessKey != jwt.AccessKey {
return errInvalidAccessKeyID
}
- hashedSecretKey, _ := bcrypt.GenerateFromPassword([]byte(jwt.SecretAccessKey), bcrypt.DefaultCost)
+ hashedSecretKey, _ := bcrypt.GenerateFromPassword([]byte(jwt.SecretKey), bcrypt.DefaultCost)
if bcrypt.CompareHashAndPassword(hashedSecretKey, []byte(secretKey)) != nil {
return errAuthentication
}
diff --git a/cmd/signature-jwt_test.go b/cmd/signature-jwt_test.go
index 2fe96dcb8..b3421deb1 100644
--- a/cmd/signature-jwt_test.go
+++ b/cmd/signature-jwt_test.go
@@ -190,11 +190,11 @@ func TestAuthenticate(t *testing.T) {
// Authentication error.
{"myuser", "mypassword", errInvalidAccessKeyID},
// Authentication error.
- {serverConfig.GetCredential().AccessKeyID, "mypassword", errAuthentication},
+ {serverConfig.GetCredential().AccessKey, "mypassword", errAuthentication},
// Success.
- {serverConfig.GetCredential().AccessKeyID, serverConfig.GetCredential().SecretAccessKey, nil},
+ {serverConfig.GetCredential().AccessKey, serverConfig.GetCredential().SecretKey, nil},
// Success when access key contains leading/trailing spaces.
- {" " + serverConfig.GetCredential().AccessKeyID + " ", serverConfig.GetCredential().SecretAccessKey, nil},
+ {" " + serverConfig.GetCredential().AccessKey + " ", serverConfig.GetCredential().SecretKey, nil},
}
// Run tests.
diff --git a/cmd/signature-v2.go b/cmd/signature-v2.go
index 4913fe71d..3952a912f 100644
--- a/cmd/signature-v2.go
+++ b/cmd/signature-v2.go
@@ -67,12 +67,12 @@ var resourceList = []string{
func doesPolicySignatureV2Match(formValues map[string]string) APIErrorCode {
cred := serverConfig.GetCredential()
accessKey := formValues["Awsaccesskeyid"]
- if accessKey != cred.AccessKeyID {
+ if accessKey != cred.AccessKey {
return ErrInvalidAccessKeyID
}
signature := formValues["Signature"]
policy := formValues["Policy"]
- if signature != calculateSignatureV2(policy, cred.SecretAccessKey) {
+ if signature != calculateSignatureV2(policy, cred.SecretKey) {
return ErrSignatureDoesNotMatch
}
return ErrNone
@@ -126,7 +126,7 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
}
// Validate if access key id same.
- if accessKey != cred.AccessKeyID {
+ if accessKey != cred.AccessKey {
return ErrInvalidAccessKeyID
}
@@ -150,7 +150,7 @@ func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
}
// Authorization = "AWS" + " " + AWSAccessKeyId + ":" + Signature;
-// Signature = Base64( HMAC-SHA1( YourSecretAccessKeyID, UTF-8-Encoding-Of( StringToSign ) ) );
+// Signature = Base64( HMAC-SHA1( YourSecretKey, UTF-8-Encoding-Of( StringToSign ) ) );
//
// StringToSign = HTTP-Verb + "\n" +
// Content-Md5 + "\n" +
@@ -193,7 +193,7 @@ func validateV2AuthHeader(v2Auth string) APIErrorCode {
// Access credentials.
cred := serverConfig.GetCredential()
- if keySignFields[0] != cred.AccessKeyID {
+ if keySignFields[0] != cred.AccessKey {
return ErrInvalidAccessKeyID
}
@@ -239,15 +239,15 @@ func calculateSignatureV2(stringToSign string, secret string) string {
func preSignatureV2(method string, encodedResource string, encodedQuery string, headers http.Header, expires string) string {
cred := serverConfig.GetCredential()
stringToSign := presignV2STS(method, encodedResource, encodedQuery, headers, expires)
- return calculateSignatureV2(stringToSign, cred.SecretAccessKey)
+ return calculateSignatureV2(stringToSign, cred.SecretKey)
}
// Return signature-v2 authrization header.
func signatureV2(method string, encodedResource string, encodedQuery string, headers http.Header) string {
cred := serverConfig.GetCredential()
stringToSign := signV2STS(method, encodedResource, encodedQuery, headers)
- signature := calculateSignatureV2(stringToSign, cred.SecretAccessKey)
- return fmt.Sprintf("%s %s:%s", signV2Algorithm, cred.AccessKeyID, signature)
+ signature := calculateSignatureV2(stringToSign, cred.SecretKey)
+ return fmt.Sprintf("%s %s:%s", signV2Algorithm, cred.AccessKey, signature)
}
// Return canonical headers.
diff --git a/cmd/signature-v2_test.go b/cmd/signature-v2_test.go
index 6b8533539..4983eb183 100644
--- a/cmd/signature-v2_test.go
+++ b/cmd/signature-v2_test.go
@@ -55,7 +55,7 @@ func TestDoesPresignedV2SignatureMatch(t *testing.T) {
queryParams: map[string]string{
"Expires": "60s",
"Signature": "badsignature",
- "AWSAccessKeyId": serverConfig.GetCredential().AccessKeyID,
+ "AWSAccessKeyId": serverConfig.GetCredential().AccessKey,
},
expected: ErrMalformedExpires,
},
@@ -64,7 +64,7 @@ func TestDoesPresignedV2SignatureMatch(t *testing.T) {
queryParams: map[string]string{
"Expires": "60",
"Signature": "badsignature",
- "AWSAccessKeyId": serverConfig.GetCredential().AccessKeyID,
+ "AWSAccessKeyId": serverConfig.GetCredential().AccessKey,
},
expected: ErrExpiredPresignRequest,
},
@@ -73,7 +73,7 @@ func TestDoesPresignedV2SignatureMatch(t *testing.T) {
queryParams: map[string]string{
"Expires": fmt.Sprintf("%d", now.Unix()+60),
"Signature": "badsignature",
- "AWSAccessKeyId": serverConfig.GetCredential().AccessKeyID,
+ "AWSAccessKeyId": serverConfig.GetCredential().AccessKey,
},
expected: ErrSignatureDoesNotMatch,
},
@@ -82,7 +82,7 @@ func TestDoesPresignedV2SignatureMatch(t *testing.T) {
queryParams: map[string]string{
"Expires": fmt.Sprintf("%d", now.Unix()),
"Signature": "zOM2YrY/yAQe15VWmT78OlBrK6g=",
- "AWSAccessKeyId": serverConfig.GetCredential().AccessKeyID,
+ "AWSAccessKeyId": serverConfig.GetCredential().AccessKey,
},
expected: ErrSignatureDoesNotMatch,
},
@@ -126,7 +126,7 @@ func TestValidateV2AuthHeader(t *testing.T) {
if err := serverConfig.Save(); err != nil {
t.Fatal(err)
}
- accessID := serverConfig.GetCredential().AccessKeyID
+ accessID := serverConfig.GetCredential().AccessKey
testCases := []struct {
authString string
@@ -207,9 +207,9 @@ func TestDoesPolicySignatureV2Match(t *testing.T) {
signature string
errCode APIErrorCode
}{
- {"invalidAccessKey", policy, calculateSignatureV2(policy, creds.SecretAccessKey), ErrInvalidAccessKeyID},
- {creds.AccessKeyID, policy, calculateSignatureV2("random", creds.SecretAccessKey), ErrSignatureDoesNotMatch},
- {creds.AccessKeyID, policy, calculateSignatureV2(policy, creds.SecretAccessKey), ErrNone},
+ {"invalidAccessKey", policy, calculateSignatureV2(policy, creds.SecretKey), ErrInvalidAccessKeyID},
+ {creds.AccessKey, policy, calculateSignatureV2("random", creds.SecretKey), ErrSignatureDoesNotMatch},
+ {creds.AccessKey, policy, calculateSignatureV2(policy, creds.SecretKey), ErrNone},
}
for i, test := range testCases {
formValues := make(map[string]string)
diff --git a/cmd/signature-v4-parser.go b/cmd/signature-v4-parser.go
index 8b24bb22b..913099e47 100644
--- a/cmd/signature-v4-parser.go
+++ b/cmd/signature-v4-parser.go
@@ -47,7 +47,7 @@ func parseCredentialHeader(credElement string) (credentialHeader, APIErrorCode)
if len(credElements) != 5 {
return credentialHeader{}, ErrCredMalformed
}
- if !isValidAccessKey(credElements[0]) {
+ if !isAccessKeyValid(credElements[0]) {
return credentialHeader{}, ErrInvalidAccessKeyID
}
// Save access key id.
diff --git a/cmd/signature-v4.go b/cmd/signature-v4.go
index 2e6a0dda4..cf54c85a3 100644
--- a/cmd/signature-v4.go
+++ b/cmd/signature-v4.go
@@ -171,7 +171,7 @@ func doesPolicySignatureV4Match(formValues map[string]string) APIErrorCode {
}
// Verify if the access key id matches.
- if credHeader.accessKey != cred.AccessKeyID {
+ if credHeader.accessKey != cred.AccessKey {
return ErrInvalidAccessKeyID
}
@@ -188,7 +188,7 @@ func doesPolicySignatureV4Match(formValues map[string]string) APIErrorCode {
}
// Get signing key.
- signingKey := getSigningKey(cred.SecretAccessKey, t, region)
+ signingKey := getSigningKey(cred.SecretKey, t, region)
// Get signature.
newSignature := getSignature(signingKey, formValues["Policy"])
@@ -217,7 +217,7 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, region s
}
// Verify if the access key id matches.
- if pSignValues.Credential.accessKey != cred.AccessKeyID {
+ if pSignValues.Credential.accessKey != cred.AccessKey {
return ErrInvalidAccessKeyID
}
@@ -268,7 +268,7 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, region s
query.Set("X-Amz-Date", t.Format(iso8601Format))
query.Set("X-Amz-Expires", strconv.Itoa(expireSeconds))
query.Set("X-Amz-SignedHeaders", getSignedHeaders(extractedSignedHeaders))
- query.Set("X-Amz-Credential", cred.AccessKeyID+"/"+getScope(t, sRegion))
+ query.Set("X-Amz-Credential", cred.AccessKey+"/"+getScope(t, sRegion))
// Save other headers available in the request parameters.
for k, v := range req.URL.Query() {
@@ -313,7 +313,7 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, region s
presignedStringToSign := getStringToSign(presignedCanonicalReq, t, region)
// Get hmac presigned signing key.
- presignedSigningKey := getSigningKey(cred.SecretAccessKey, t, region)
+ presignedSigningKey := getSigningKey(cred.SecretKey, t, region)
// Get new signature.
newSignature := getSignature(presignedSigningKey, presignedStringToSign)
@@ -369,7 +369,7 @@ func doesSignatureMatch(hashedPayload string, r *http.Request, region string) AP
}
// Verify if the access key id matches.
- if signV4Values.Credential.accessKey != cred.AccessKeyID {
+ if signV4Values.Credential.accessKey != cred.AccessKey {
return ErrInvalidAccessKeyID
}
@@ -410,7 +410,7 @@ func doesSignatureMatch(hashedPayload string, r *http.Request, region string) AP
stringToSign := getStringToSign(canonicalRequest, t, region)
// Get hmac signing key.
- signingKey := getSigningKey(cred.SecretAccessKey, t, region)
+ signingKey := getSigningKey(cred.SecretKey, t, region)
// Calculate signature.
newSignature := getSignature(signingKey, stringToSign)
diff --git a/cmd/signature-v4_test.go b/cmd/signature-v4_test.go
index c55520866..45efb295b 100644
--- a/cmd/signature-v4_test.go
+++ b/cmd/signature-v4_test.go
@@ -36,7 +36,7 @@ func niceError(code APIErrorCode) string {
func TestDoesPolicySignatureMatch(t *testing.T) {
credentialTemplate := "%s/%s/%s/s3/aws4_request"
now := time.Now().UTC()
- accessKey := serverConfig.GetCredential().AccessKeyID
+ accessKey := serverConfig.GetCredential().AccessKey
testCases := []struct {
form map[string]string
@@ -83,7 +83,7 @@ func TestDoesPolicySignatureMatch(t *testing.T) {
form: map[string]string{
"X-Amz-Credential": fmt.Sprintf(credentialTemplate, accessKey, now.Format(yyyymmdd), "us-east-1"),
"X-Amz-Date": now.Format(iso8601Format),
- "X-Amz-Signature": getSignature(getSigningKey(serverConfig.GetCredential().SecretAccessKey, now, "us-east-1"), "policy"),
+ "X-Amz-Signature": getSignature(getSigningKey(serverConfig.GetCredential().SecretKey, now, "us-east-1"), "policy"),
"Policy": "policy",
},
expected: ErrNone,
@@ -112,7 +112,7 @@ func TestDoesPresignedSignatureMatch(t *testing.T) {
credentialTemplate := "%s/%s/%s/s3/aws4_request"
region := serverConfig.GetRegion()
- accessKeyID := serverConfig.GetCredential().AccessKeyID
+ accessKeyID := serverConfig.GetCredential().AccessKey
testCases := []struct {
queryParams map[string]string
headers map[string]string
diff --git a/cmd/storage-rpc-client.go b/cmd/storage-rpc-client.go
index 4ed639c2f..3f969d497 100644
--- a/cmd/storage-rpc-client.go
+++ b/cmd/storage-rpc-client.go
@@ -104,8 +104,8 @@ func newStorageRPC(ep *url.URL) (StorageAPI, error) {
rpcAddr := ep.Host
// Initialize rpc client with network address and rpc path.
- accessKeyID := serverConfig.GetCredential().AccessKeyID
- secretAccessKey := serverConfig.GetCredential().SecretAccessKey
+ accessKeyID := serverConfig.GetCredential().AccessKey
+ secretAccessKey := serverConfig.GetCredential().SecretKey
if ep.User != nil {
accessKeyID = ep.User.Username()
if key, set := ep.User.Password(); set {
diff --git a/cmd/storage-rpc-server_test.go b/cmd/storage-rpc-server_test.go
index 4dc47475c..14ce5daa4 100644
--- a/cmd/storage-rpc-server_test.go
+++ b/cmd/storage-rpc-server_test.go
@@ -45,12 +45,12 @@ func createTestStorageServer(t *testing.T) *testStorageRPCServer {
t.Fatalf("unable to get new JWT, %s", err)
}
- err = jwt.Authenticate(serverConfig.GetCredential().AccessKeyID, serverConfig.GetCredential().SecretAccessKey)
+ err = jwt.Authenticate(serverConfig.GetCredential().AccessKey, serverConfig.GetCredential().SecretKey)
if err != nil {
t.Fatalf("unable for JWT to authenticate, %s", err)
}
- token, err := jwt.GenerateToken(serverConfig.GetCredential().AccessKeyID)
+ token, err := jwt.GenerateToken(serverConfig.GetCredential().AccessKey)
if err != nil {
t.Fatalf("unable for JWT to generate token, %s", err)
}
diff --git a/cmd/streaming-signature-v4.go b/cmd/streaming-signature-v4.go
index 85c0c0063..d2bbc3d66 100644
--- a/cmd/streaming-signature-v4.go
+++ b/cmd/streaming-signature-v4.go
@@ -56,7 +56,7 @@ func getChunkSignature(seedSignature string, date time.Time, hashedChunk string)
hashedChunk
// Get hmac signing key.
- signingKey := getSigningKey(cred.SecretAccessKey, date, region)
+ signingKey := getSigningKey(cred.SecretKey, date, region)
// Calculate signature.
newSignature := getSignature(signingKey, stringToSign)
@@ -101,7 +101,7 @@ func calculateSeedSignature(r *http.Request) (signature string, date time.Time,
return "", time.Time{}, errCode
}
// Verify if the access key id matches.
- if signV4Values.Credential.accessKey != cred.AccessKeyID {
+ if signV4Values.Credential.accessKey != cred.AccessKey {
return "", time.Time{}, ErrInvalidAccessKeyID
}
@@ -138,7 +138,7 @@ func calculateSeedSignature(r *http.Request) (signature string, date time.Time,
stringToSign := getStringToSign(canonicalRequest, date, region)
// Get hmac signing key.
- signingKey := getSigningKey(cred.SecretAccessKey, date, region)
+ signingKey := getSigningKey(cred.SecretKey, date, region)
// Calculate signature.
newSignature := getSignature(signingKey, stringToSign)
diff --git a/cmd/test-utils_test.go b/cmd/test-utils_test.go
index fc7440283..b427a6ae2 100644
--- a/cmd/test-utils_test.go
+++ b/cmd/test-utils_test.go
@@ -199,8 +199,8 @@ func UnstartedTestServer(t TestErrHandler, instanceType string) TestServer {
if err != nil {
t.Fatalf("Unexpected error %s", err)
}
- testServer.AccessKey = credentials.AccessKeyID
- testServer.SecretKey = credentials.SecretAccessKey
+ testServer.AccessKey = credentials.AccessKey
+ testServer.SecretKey = credentials.SecretKey
objLayer, storageDisks, err := initObjectLayer(testServer.Disks)
if err != nil {
@@ -361,8 +361,8 @@ func StartTestStorageRPCServer(t TestErrHandler, instanceType string, diskN int)
testRPCServer.Root = root
testRPCServer.Disks = endpoints
- testRPCServer.AccessKey = credentials.AccessKeyID
- testRPCServer.SecretKey = credentials.SecretAccessKey
+ testRPCServer.AccessKey = credentials.AccessKey
+ testRPCServer.SecretKey = credentials.SecretKey
// Run TestServer.
testRPCServer.Server = httptest.NewServer(initTestStorageRPCEndPoint(serverCmdConfig{
@@ -396,8 +396,8 @@ func StartTestPeersRPCServer(t TestErrHandler, instanceType string) TestServer {
testRPCServer.Root = root
testRPCServer.Disks = endpoints
- testRPCServer.AccessKey = credentials.AccessKeyID
- testRPCServer.SecretKey = credentials.SecretAccessKey
+ testRPCServer.AccessKey = credentials.AccessKey
+ testRPCServer.SecretKey = credentials.SecretKey
// create temporary backend for the test server.
objLayer, storageDisks, err := initObjectLayer(endpoints)
@@ -2131,8 +2131,8 @@ func StartTestBrowserPeerRPCServer(t TestErrHandler, instanceType string) TestSe
credentials := serverConfig.GetCredential()
testRPCServer.Root = root
- testRPCServer.AccessKey = credentials.AccessKeyID
- testRPCServer.SecretKey = credentials.SecretAccessKey
+ testRPCServer.AccessKey = credentials.AccessKey
+ testRPCServer.SecretKey = credentials.SecretKey
// Initialize and run the TestServer.
testRPCServer.Server = httptest.NewServer(initTestBrowserPeerRPCEndPoint())
@@ -2152,8 +2152,8 @@ func StartTestS3PeerRPCServer(t TestErrHandler) (TestServer, []string) {
credentials := serverConfig.GetCredential()
testRPCServer.Root = root
- testRPCServer.AccessKey = credentials.AccessKeyID
- testRPCServer.SecretKey = credentials.SecretAccessKey
+ testRPCServer.AccessKey = credentials.AccessKey
+ testRPCServer.SecretKey = credentials.SecretKey
// init disks
objLayer, fsDirs, err := prepareXL()
diff --git a/cmd/web-handlers.go b/cmd/web-handlers.go
index eb6de45ee..2f4324566 100644
--- a/cmd/web-handlers.go
+++ b/cmd/web-handlers.go
@@ -52,7 +52,7 @@ func isJWTReqAuthenticated(req *http.Request) bool {
if _, ok := token.Method.(*jwtgo.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
}
- return []byte(jwt.SecretAccessKey), nil
+ return []byte(jwt.SecretKey), nil
}
token, err := jwtreq.ParseFromRequest(req, jwtreq.AuthorizationHeaderExtractor, reqCallback)
if err != nil {
@@ -347,9 +347,9 @@ func (web webAPIHandlers) GenerateAuth(r *http.Request, args *WebGenericArgs, re
if !isJWTReqAuthenticated(r) {
return toJSONError(errAuthentication)
}
- cred := mustGenAccessKeys()
- reply.AccessKey = cred.AccessKeyID
- reply.SecretKey = cred.SecretAccessKey
+ cred := newCredential()
+ reply.AccessKey = cred.AccessKey
+ reply.SecretKey = cred.SecretKey
reply.UIVersion = miniobrowser.UIVersion
return nil
}
@@ -375,8 +375,8 @@ func (web *webAPIHandlers) SetAuth(r *http.Request, args *SetAuthArgs, reply *Se
// Initialize jwt with the new access keys, fail if not possible.
jwt, err := newJWT(defaultJWTExpiry, credential{
- AccessKeyID: args.AccessKey,
- SecretAccessKey: args.SecretKey,
+ AccessKey: args.AccessKey,
+ SecretKey: args.SecretKey,
}) // JWT Expiry set to 24Hrs.
if err != nil {
return toJSONError(err)
@@ -460,8 +460,8 @@ func (web *webAPIHandlers) GetAuth(r *http.Request, args *WebGenericArgs, reply
return toJSONError(errAuthentication)
}
creds := serverConfig.GetCredential()
- reply.AccessKey = creds.AccessKeyID
- reply.SecretKey = creds.SecretAccessKey
+ reply.AccessKey = creds.AccessKey
+ reply.SecretKey = creds.SecretKey
reply.UIVersion = miniobrowser.UIVersion
return nil
}
@@ -531,7 +531,7 @@ func (web *webAPIHandlers) Download(w http.ResponseWriter, r *http.Request) {
if _, ok := token.Method.(*jwtgo.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
}
- return []byte(jwt.SecretAccessKey), nil
+ return []byte(jwt.SecretKey), nil
})
if e != nil || !token.Valid {
writeWebErrorResponse(w, errAuthentication)
@@ -760,8 +760,8 @@ func presignedGet(host, bucket, object string, expiry int64) string {
cred := serverConfig.GetCredential()
region := serverConfig.GetRegion()
- accessKey := cred.AccessKeyID
- secretKey := cred.SecretAccessKey
+ accessKey := cred.AccessKey
+ secretKey := cred.SecretKey
date := time.Now().UTC()
dateStr := date.Format(iso8601Format)
diff --git a/cmd/web-handlers_test.go b/cmd/web-handlers_test.go
index 8a937c4a8..42cad932a 100644
--- a/cmd/web-handlers_test.go
+++ b/cmd/web-handlers_test.go
@@ -149,7 +149,7 @@ func testLoginWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler)
{"", "foo", false},
{"azerty", "", false},
{"azerty", "foo", false},
- {credentials.AccessKeyID, credentials.SecretAccessKey, true},
+ {credentials.AccessKey, credentials.SecretKey, true},
}
// Iterating over the test cases, calling the function under test and asserting the response.
@@ -186,7 +186,7 @@ func testStorageInfoWebHandler(obj ObjectLayer, instanceType string, t TestErrHa
credentials := serverConfig.GetCredential()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -232,7 +232,7 @@ func testServerInfoWebHandler(obj ObjectLayer, instanceType string, t TestErrHan
credentials := serverConfig.GetCredential()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -278,7 +278,7 @@ func testMakeBucketWebHandler(obj ObjectLayer, instanceType string, t TestErrHan
credentials := serverConfig.GetCredential()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -338,7 +338,7 @@ func testListBucketsWebHandler(obj ObjectLayer, instanceType string, t TestErrHa
credentials := serverConfig.GetCredential()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -397,7 +397,7 @@ func testListObjectsWebHandler(obj ObjectLayer, instanceType string, t TestErrHa
rec := httptest.NewRecorder()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -468,7 +468,7 @@ func testRemoveObjectWebHandler(obj ObjectLayer, instanceType string, t TestErrH
credentials := serverConfig.GetCredential()
rec := httptest.NewRecorder()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -544,7 +544,7 @@ func testGenerateAuthWebHandler(obj ObjectLayer, instanceType string, t TestErrH
credentials := serverConfig.GetCredential()
rec := httptest.NewRecorder()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -590,7 +590,7 @@ func testSetAuthWebHandler(obj ObjectLayer, instanceType string, t TestErrHandle
credentials := serverConfig.GetCredential()
rec := httptest.NewRecorder()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -651,7 +651,7 @@ func testGetAuthWebHandler(obj ObjectLayer, instanceType string, t TestErrHandle
credentials := serverConfig.GetCredential()
rec := httptest.NewRecorder()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -670,7 +670,7 @@ func testGetAuthWebHandler(obj ObjectLayer, instanceType string, t TestErrHandle
if err != nil {
t.Fatalf("Failed, %v", err)
}
- if getAuthReply.AccessKey != credentials.AccessKeyID || getAuthReply.SecretKey != credentials.SecretAccessKey {
+ if getAuthReply.AccessKey != credentials.AccessKey || getAuthReply.SecretKey != credentials.SecretKey {
t.Fatalf("Failed to get correct auth keys")
}
}
@@ -696,7 +696,7 @@ func testUploadWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler
credentials := serverConfig.GetCredential()
rec := httptest.NewRecorder()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -760,7 +760,7 @@ func testDownloadWebHandler(obj ObjectLayer, instanceType string, t TestErrHandl
credentials := serverConfig.GetCredential()
rec := httptest.NewRecorder()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -815,7 +815,7 @@ func testWebPresignedGetHandler(obj ObjectLayer, instanceType string, t TestErrH
credentials := serverConfig.GetCredential()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -928,7 +928,7 @@ func testWebGetBucketPolicyHandler(obj ObjectLayer, instanceType string, t TestE
credentials := serverConfig.GetCredential()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -1011,7 +1011,7 @@ func testWebListAllBucketPoliciesHandler(obj ObjectLayer, instanceType string, t
credentials := serverConfig.GetCredential()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -1117,7 +1117,7 @@ func testWebSetBucketPolicyHandler(obj ObjectLayer, instanceType string, t TestE
credentials := serverConfig.GetCredential()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate")
}
@@ -1278,7 +1278,7 @@ func TestWebObjectLayerNotReady(t *testing.T) {
rec := httptest.NewRecorder()
credentials := serverConfig.GetCredential()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate", err)
}
@@ -1382,7 +1382,7 @@ func TestWebObjectLayerFaultyDisks(t *testing.T) {
rec := httptest.NewRecorder()
credentials := serverConfig.GetCredential()
- authorization, err := getWebRPCToken(apiRouter, credentials.AccessKeyID, credentials.SecretAccessKey)
+ authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
if err != nil {
t.Fatal("Cannot authenticate", err)
}