- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 254 for eclaims (0.05 sec)
-
cmd/jwt.go
// Check if the access key is part of users credentials. u, ok := globalIAMSys.GetUser(req.Context(), claims.AccessKey) if !ok { return nil, nil, false, errInvalidAccessKeyID } ucred := u.Credentials // get embedded claims eclaims, s3Err := checkClaimsFromToken(req, ucred) if s3Err != ErrNone { return nil, nil, false, errAuthentication } for k, v := range eclaims {
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Mon Jul 22 07:04:48 UTC 2024 - 4.5K bytes - Viewed (0) -
internal/config/identity/openid/jwt.go
// and overwrite them with the claims from JWT. if ok && pCfg.ClaimUserinfo { if accessToken == "" { return errors.New("access_token is mandatory if user_info claim is enabled") } uclaims, err := pCfg.UserInfo(ctx, accessToken, r.transport) if err != nil { return err } for k, v := range uclaims { if _, ok := claims[k]; !ok { // only add to claims not update it.
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri Sep 06 02:46:36 UTC 2024 - 8.4K bytes - Viewed (0) -
cmd/sts-handlers.go
// metadata map claims[expClaim] = UTCNow().Add(time.Duration(expiry) * time.Second).Unix() claims[subClaim] = parentUser claims[roleArnClaim] = roleArn.String() claims[parentClaim] = parentUser // Add all other claims from the plugin **without** replacing any // existing claims. for k, v := range res.Success.Claims { if _, ok := claims[k]; !ok { claims[k] = v } }
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Thu Aug 15 01:29:20 UTC 2024 - 33.9K bytes - Viewed (0) -
cmd/bucket-policy.go
// JWT specific values // // Add all string claims for k, v := range claims { vStr, ok := v.(string) if ok { // Trim any LDAP specific prefix args[strings.ToLower(strings.TrimPrefix(k, "ldap"))] = []string{vStr} } } // Add groups claim which could be a list. This will ensure that the claim // `jwt:groups` works. if grpsVal, ok := claims["groups"]; ok {
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri May 24 23:05:23 UTC 2024 - 8K bytes - Viewed (0) -
docs/sts/wso2.md
**We recommend setting `policy` as a custom claim for the JWT service provider follow [here](https://docs.wso2.com/display/IS550/Configuring+Claims+for+a+Service+Provider) and [here](https://docs.wso2.com/display/IS550/Handling+Custom+Claims+with+the+JWT+Bearer+Grant+Type) for relevant docs on how to configure claims for a service provider.** ### 5. Setup MinIO with OpenID configuration URL
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Thu Sep 29 04:28:45 UTC 2022 - 8.7K bytes - Viewed (0) -
apache-maven/src/main/appended-resources/licenses/EPL-2.0.txt
Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to
Registered: Sun Nov 03 03:35:11 UTC 2024 - Last Modified: Tue Jun 04 06:45:16 UTC 2024 - 13.9K bytes - Viewed (0) -
internal/config/identity/openid/jwt_test.go
{time.Duration(3) * time.Minute, "900", false}, } for _, testCase := range testCases { testCase := testCase t.Run("", func(t *testing.T) { claims := map[string]interface{}{} claims["exp"] = testCase.exp err := updateClaimsExpiry(testCase.dsecs, claims) if err != nil && !testCase.expectedFailure { t.Errorf("Expected success, got failure %s", err) } if err == nil && testCase.expectedFailure {
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri May 24 23:05:23 UTC 2024 - 8.3K bytes - Viewed (0) -
docs/sts/README.md
decode the id_token to access the payload of the token that includes following JWT claims, `policy` claim is mandatory and should be present as part of your JWT claim. Without this claim the generated credentials will not have access to any resources on the server, using these credentials application would receive 'Access Denied' errors. | Claim Name | Type | Claim Value ...
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue Oct 25 00:44:15 UTC 2022 - 7.8K bytes - Viewed (0) -
internal/jwt/parser.go
return jwtgo.ErrSignatureInvalid } borrow.ReturnAll() if claims.AccessKey == "" && claims.Subject == "" { return jwtgo.NewValidationError("accessKey/sub missing", jwtgo.ValidationErrorClaimsInvalid) } // Signature is valid, lets validate the claims for // other fields such as expiry etc. return claims.Valid() }
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue Sep 17 16:45:46 UTC 2024 - 14.1K bytes - Viewed (0) -
docs/sts/web-identity.md
temporary credentials generated in the AssumeRoleWithWebIdentity call. 2. `id_token` claims: When the role policy is not configured, MinIO looks for a specific claim in the `id_token` (JWT) returned by the OpenID provider in the STS request. The default claim is `policy` and can be overridden by the `claim_name` configuration parameter or the `MINIO_IDENTITY_OPENID_CLAIM_NAME` environment variable. The claim value can be a string (comma-separated list) or an array of IAM access policy names defined...
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Wed Jul 10 20:16:44 UTC 2024 - 18.9K bytes - Viewed (0)