- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 14 for IsTemp (0.23 sec)
-
cmd/iam-store.go
// non-empty session tokens. if !(cred.IsServiceAccount() || cred.IsTemp()) || cred.SessionToken == "" { continue } var ( err error claims map[string]interface{} = cred.Claims ) if cred.IsServiceAccount() { claims, err = getClaimsFromTokenWithSecret(cred.SessionToken, cred.SecretKey) } else if cred.IsTemp() { var secretKey string
Go - Registered: Sun Apr 28 19:28:10 GMT 2024 - Last Modified: Sat Apr 27 10:04:10 GMT 2024 - 75.2K bytes - Viewed (2) -
cmd/auth-handler.go
} if token == "" && cred.IsTemp() && !cred.IsServiceAccount() { // Temporary credentials should always have x-amz-security-token return nil, ErrInvalidToken } if token != "" && !cred.IsTemp() { // x-amz-security-token should not present for static credentials. return nil, ErrInvalidToken }
Go - Registered: Sun Apr 28 19:28:10 GMT 2024 - Last Modified: Thu Apr 04 12:04:40 GMT 2024 - 26K bytes - Viewed (0) -
cmd/iam.go
} if isGroup { _, err = sys.GetGroupDescription(userOrGroup) if err != nil { return } } else { var isTemp bool isTemp, _, err = sys.IsTempUser(userOrGroup) if err != nil && err != errNoSuchUser { return } if isTemp { err = errIAMActionNotAllowed return } // When the user is root credential you are not allowed to
Go - Registered: Sun Apr 28 19:28:10 GMT 2024 - Last Modified: Thu Apr 25 21:28:16 GMT 2024 - 71.1K bytes - Viewed (1) -
internal/auth/credentials.go
if cred.Expiration.IsZero() || cred.Expiration.Equal(timeSentinel) { return false } return cred.Expiration.Before(time.Now().UTC()) } // IsTemp - returns whether credential is temporary or not. func (cred Credentials) IsTemp() bool { return cred.SessionToken != "" && !cred.Expiration.IsZero() && !cred.Expiration.Equal(timeSentinel) }
Go - Registered: Sun Apr 28 19:28:10 GMT 2024 - Last Modified: Fri Mar 01 21:09:42 GMT 2024 - 11.4K bytes - Viewed (0) -
cmd/bucket-policy.go
currTime := UTCNow() var ( username = cred.AccessKey claims = cred.Claims groups = cred.Groups ) if cred.IsTemp() || cred.IsServiceAccount() { // For derived credentials, check the parent user's permissions. username = cred.ParentUser } principalType := "Anonymous" if username != "" { principalType = "User"
Go - Registered: Sun Apr 28 19:28:10 GMT 2024 - Last Modified: Thu Apr 04 12:04:40 GMT 2024 - 8K bytes - Viewed (0) -
cmd/jwt.go
if u.Credentials.Status == auth.AccountOff { return nil, errAccessKeyDisabled } return nil, errInvalidAccessKeyID } cred := u.Credentials // Expired credentials return error. if cred.IsTemp() && cred.IsExpired() { return nil, errInvalidAccessKeyID } return []byte(cred.SecretKey), nil } // this means claims.AccessKey == rootAccessKey if !globalAPIConfig.permitRootAccess() {
Go - Registered: Sun Apr 28 19:28:10 GMT 2024 - Last Modified: Fri Apr 19 16:45:14 GMT 2024 - 5.4K bytes - Viewed (0) -
cmd/sftp-server-driver.go
return minio.New(f.endpoint, &minio.Options{ Creds: mcreds, Secure: globalIsTLS, Transport: globalRemoteFTPClientTransport, }) } // ok == true - at this point if ui.Credentials.IsTemp() { // Temporary credentials are not allowed. return nil, errAuthentication } return minio.New(f.endpoint, &minio.Options{
Go - Registered: Sun Apr 28 19:28:10 GMT 2024 - Last Modified: Fri Apr 19 12:23:42 GMT 2024 - 12.9K bytes - Viewed (0) -
cmd/admin-handlers-users.go
user, exists := globalIAMSys.GetUser(ctx, accessKey) if exists && (user.Credentials.IsTemp() || user.Credentials.IsServiceAccount()) { // Updating STS credential is not allowed, and this API does not // support updating service accounts. writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAddUserInvalidArgument), r.URL) return } if (cred.IsTemp() || cred.IsServiceAccount()) && cred.ParentUser == accessKey {
Go - Registered: Sun Apr 28 19:28:10 GMT 2024 - Last Modified: Thu Apr 25 15:50:16 GMT 2024 - 77.3K bytes - Viewed (0) -
cmd/iam-etcd-store.go
return nil } if u.Credentials.AccessKey == "" { u.Credentials.AccessKey = user } if u.Credentials.SessionToken != "" { jwtClaims, err := extractJWTClaims(u) if err != nil { if u.Credentials.IsTemp() { // We should delete such that the client can re-request // for the expiring credentials. deleteKeyEtcd(ctx, ies.client, getUserIdentityPath(user, userType))
Go - Registered: Sun Apr 28 19:28:10 GMT 2024 - Last Modified: Thu Apr 04 12:04:40 GMT 2024 - 13.6K bytes - Viewed (0) -
cmd/admin-handlers-idp-ldap.go
// account or STS account): requestorUser := cred.AccessKey requestorParentUser := cred.AccessKey requestorGroups := cred.Groups requestorIsDerivedCredential := false if cred.IsServiceAccount() || cred.IsTemp() { requestorParentUser = cred.ParentUser requestorIsDerivedCredential = true } // Check if we are creating svc account for request sender. isSvcAccForRequestor := false
Go - Registered: Sun Apr 28 19:28:10 GMT 2024 - Last Modified: Thu Apr 25 15:50:16 GMT 2024 - 13.3K bytes - Viewed (0)