- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 444 for Claims (0.1 sec)
-
internal/config/identity/openid/jwt.go
// and overwrite them with the claims from JWT. if ok && pCfg.ClaimUserinfo { if accessToken == "" { return errors.New("access_token is mandatory if user_info claim is enabled") } uclaims, err := pCfg.UserInfo(ctx, accessToken, r.transport) if err != nil { return err } for k, v := range uclaims { if _, ok := claims[k]; !ok { // only add to claims not update it.
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri Sep 06 02:46:36 UTC 2024 - 8.4K bytes - Viewed (0) -
cmd/jwt.go
return nil, nil, false, errNoAuthToken } return nil, nil, false, err } claims := xjwt.NewMapClaims() if err := xjwt.ParseWithClaims(token, claims, func(claims *xjwt.MapClaims) ([]byte, error) { if claims.AccessKey != globalActiveCred.AccessKey { u, ok := globalIAMSys.GetUser(req.Context(), claims.AccessKey) if !ok { // Credentials will be invalid but for disabled
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Mon Jul 22 07:04:48 UTC 2024 - 4.5K bytes - Viewed (0) -
cmd/sts-handlers.go
// metadata map claims[expClaim] = UTCNow().Add(time.Duration(expiry) * time.Second).Unix() claims[subClaim] = parentUser claims[roleArnClaim] = roleArn.String() claims[parentClaim] = parentUser // Add all other claims from the plugin **without** replacing any // existing claims. for k, v := range res.Success.Claims { if _, ok := claims[k]; !ok { claims[k] = v } }
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Thu Aug 15 01:29:20 UTC 2024 - 33.9K bytes - Viewed (0) -
cmd/auth-handler.go
return token } return r.Form.Get(xhttp.AmzSecurityToken) } // Fetch claims in the security token returned by the client, doesn't return // errors - upon errors the returned claims map will be empty. func mustGetClaimsFromToken(r *http.Request) map[string]interface{} { claims, _ := getClaimsFromToken(getSessionToken(r)) return claims } func getClaimsFromTokenWithSecret(token, secret string) (*xjwt.MapClaims, error) {
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue Sep 17 16:45:46 UTC 2024 - 26.1K bytes - Viewed (0) -
internal/config/identity/openid/jwt_test.go
{time.Duration(3) * time.Minute, "900", false}, } for _, testCase := range testCases { testCase := testCase t.Run("", func(t *testing.T) { claims := map[string]interface{}{} claims["exp"] = testCase.exp err := updateClaimsExpiry(testCase.dsecs, claims) if err != nil && !testCase.expectedFailure { t.Errorf("Expected success, got failure %s", err) } if err == nil && testCase.expectedFailure {
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri May 24 23:05:23 UTC 2024 - 8.3K bytes - Viewed (0) -
cmd/admin-handlers-idp-ldap.go
writeErrorResponseJSON(ctx, w, APIErr, r.URL) return } // In case of LDAP/OIDC we need to set `opts.claims` to ensure // it is associated with the LDAP/OIDC user properly. for k, v := range cred.Claims { if k == expClaim { continue } opts.claims[k] = v } } else { // We still need to ensure that the target user is a valid LDAP user. //
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Sat Sep 21 11:35:40 UTC 2024 - 19.1K bytes - Viewed (0) -
internal/jwt/parser_test.go
var err error // Figure out correct claims type switch claims := data.claims.(type) { case *MapClaims: if data.tokenString == "" { data.tokenString = mapClaimsToken(claims) } err = ParseWithClaims(data.tokenString, &MapClaims{}, data.keyfunc) case *StandardClaims: if data.tokenString == "" { data.tokenString = standardClaimsToken(claims) }
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri Nov 05 19:20:08 UTC 2021 - 6K bytes - Viewed (0) -
internal/auth/credentials.go
return jwt.SignedString([]byte(tokenSecret)) } // ExtractClaims extracts JWT claims from a security token using a secret key func ExtractClaims(token, secretKey string) (*jwt.MapClaims, error) { if token == "" || secretKey == "" { return nil, errors.New("invalid argument") } claims := jwt.NewMapClaims() stsTokenCallback := func(claims *jwt.MapClaims) ([]byte, error) { return []byte(secretKey), nil }
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue May 28 17:14:16 UTC 2024 - 12K bytes - Viewed (0) -
internal/jwt/parser.go
return jwtgo.ErrSignatureInvalid } borrow.ReturnAll() if claims.AccessKey == "" && claims.Subject == "" { return jwtgo.NewValidationError("accessKey/sub missing", jwtgo.ValidationErrorClaimsInvalid) } // Signature is valid, lets validate the claims for // other fields such as expiry etc. return claims.Valid() }
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue Sep 17 16:45:46 UTC 2024 - 14.1K bytes - Viewed (0) -
docs/sts/wso2.md
**We recommend setting `policy` as a custom claim for the JWT service provider follow [here](https://docs.wso2.com/display/IS550/Configuring+Claims+for+a+Service+Provider) and [here](https://docs.wso2.com/display/IS550/Handling+Custom+Claims+with+the+JWT+Bearer+Grant+Type) for relevant docs on how to configure claims for a service provider.** ### 5. Setup MinIO with OpenID configuration URL
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Thu Sep 29 04:28:45 UTC 2022 - 8.7K bytes - Viewed (0)