minio

Commit Graph

Author	SHA1	Message	Date
Harshavardhana	09d35d3b4c	fix: sts to return appropriate errors (#9161 )	5 years ago
Ashish Kumar Sinha	fa5a1cebd9	support space character in access key (#8335 )	5 years ago
Harshavardhana	e6d8e272ce	Use const slashSeparator instead of "/" everywhere (#8028 )	5 years ago
kannappanr	5ecac91a55	Replace Minio refs in docs with MinIO and links (#7494 )	6 years ago
poornas	1011d21416	Fix credential parsing in signature v4 (#7377 ) Fixes #7376	6 years ago
Harshavardhana	c3ca954684	Implement AssumeRole API for Minio users (#7267 ) For actual API reference read here https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html Documentation is added and updated as well at docs/sts/assume-role.md Fixes #6381	6 years ago
Harshavardhana	df35d7db9d	Introduce staticcheck for stricter builds (#7035 )	6 years ago
Harshavardhana	bf414068a3	Parse and return proper errors with x-amz-security-token (#6766 ) This PR also simplifies the token and access key validation across our signature handling.	6 years ago
Harshavardhana	54ae364def	Introduce STS client grants API and OPA policy integration (#6168 ) This PR introduces two new features - AWS STS compatible STS API named AssumeRoleWithClientGrants ``` POST /?Action=AssumeRoleWithClientGrants&Token=<jwt> ``` This API endpoint returns temporary access credentials, access tokens signature types supported by this API - RSA keys - ECDSA keys Fetches the required public key from the JWKS endpoints, provides them as rsa or ecdsa public keys. - External policy engine support, in this case OPA policy engine - Credentials are stored on disks	6 years ago
Andreas Auernhammer	267a0a3dfa	fix `X-Amz-Credential` parsing for V4 policy signature (#6451 ) This commit fixes an AWS S3 incompatibility issue. The AccessKeyID may contain one or more `/` which caused the server to interpret parts of the AccessKeyID as other `X-Amz-Credential` parameters (like date, region, ...) This commit fixes this by allowing 5 or more `X-Amz-Credential` parameter strings and only interpreting the last 5. Fixes #6443	6 years ago
Harshavardhana	d90985b6d8	Return authHeaderMalformed for an incorrect region in signature (#5618 )	7 years ago
kannappanr	f460eceb6d	Check for value > 7 days in X-Amz-Expires header. (#5163 ) Add a check to see if the X-Amz-Expires header in the presigned URL is less than 7 days. Fixes #5162	7 years ago
Bala FA	32c6b62932	move credentials as separate package (#5115 )	7 years ago
Frank Wessels	46897b1100	Name return values to prevent the need (and unnecessary code bloat) (#4576 ) This is done to explicitly instantiate objects for every return statement.	8 years ago
Krishna Srinivas	5db1e9f3dd	signature: use region from Auth header if server's region not configured (#4329 )	8 years ago
Krishna Srinivas	45d9cfa0c5	signature-v4: stringToSign and signingKey should use Scope's date. (#3688 ) fixes #3676	8 years ago
Bala FA	e8ce3b64ed	Generate and use access/secret keys properly (#3498 )	8 years ago
Harshavardhana	a8ab02a73a	v4/presign: Fix presign requests when there are more signed headers. (#3222 ) This fix removes a wrong logic which fails for requests which have more signed headers in a presign request. Fixes #3217	8 years ago
Harshavardhana	9161016962	tests: Improve coverage on signature v4 tests. (#3188 ) Fixes #3065	8 years ago
Harshavardhana	d9674f7524	Improve coverage of web-handlers.go (#3157 ) This patch additionally relaxes the requirement for accesskeys to be in a regexy set of values. Fixes #3063	8 years ago
Harshavardhana	bccf549463	server: Move all the top level files into cmd folder. (#2490 ) This change brings a change which was done for the 'mc' package to allow for clean repo and have a cleaner github drop in experience.	8 years ago
karthic rao	e0cf4ee9fc	presignV4: fix errors response and tests. (#2375 ) - Fix error response when one of the query params in the presign URL is missing. - Exhasutive test coverage for presignv4.	8 years ago
Harshavardhana	02ad48466d	error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267	9 years ago
Harshavardhana	9dca46e156	signature: Use a layered approach for signature verification. Signature calculation has now moved out from being a package to top-level as a layered mechanism. In case of payload calculation with body, go-routines are initiated to simultaneously write and calculate shasum. Errors are sent over the writer so that the lower layer removes the temporary files properly.	9 years ago
Harshavardhana	653ceee9ee	signV4: Move pkg/signature to pkg/s3/signature4 Cleanup and move this to relevant path.	9 years ago
Harshavardhana	dd9aaa855c	web/rpc: Merge ports with API server. Fixes #1081 and #1130	9 years ago
Harshavardhana	5a9333a67b	signature: Rewrite signature handling and move it into a library.	9 years ago

21 Commits (d61eac080ba54e30721fa58c6fee38cc7224ebcf)