mirror of
https://github.com/OpenMaxIO/openmaxio-object-browser
synced 2026-07-01 07:41:18 -07:00
Fix IDP not having same salt/passphrase across pods (#2346)
Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>
This commit is contained in:
@@ -22,7 +22,7 @@ import (
|
|||||||
"crypto/sha1"
|
"crypto/sha1"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/minio/console/pkg/auth/utils"
|
"github.com/minio/console/pkg/auth/token"
|
||||||
"github.com/minio/pkg/env"
|
"github.com/minio/pkg/env"
|
||||||
"golang.org/x/crypto/pbkdf2"
|
"golang.org/x/crypto/pbkdf2"
|
||||||
)
|
)
|
||||||
@@ -86,18 +86,14 @@ func IsIDPEnabled() bool {
|
|||||||
GetIDPClientID() != ""
|
GetIDPClientID() != ""
|
||||||
}
|
}
|
||||||
|
|
||||||
var defaultPassphraseForIDPHmac = utils.RandomCharString(64)
|
|
||||||
|
|
||||||
// GetPassphraseForIDPHmac returns passphrase for the pbkdf2 function used to sign the oauth2 state parameter
|
// GetPassphraseForIDPHmac returns passphrase for the pbkdf2 function used to sign the oauth2 state parameter
|
||||||
func getPassphraseForIDPHmac() string {
|
func getPassphraseForIDPHmac() string {
|
||||||
return env.Get(ConsoleIDPHmacPassphrase, defaultPassphraseForIDPHmac)
|
return env.Get(ConsoleIDPHmacPassphrase, token.GetPBKDFPassphrase())
|
||||||
}
|
}
|
||||||
|
|
||||||
var defaultSaltForIDPHmac = utils.RandomCharString(64)
|
|
||||||
|
|
||||||
// GetSaltForIDPHmac returns salt for the pbkdf2 function used to sign the oauth2 state parameter
|
// GetSaltForIDPHmac returns salt for the pbkdf2 function used to sign the oauth2 state parameter
|
||||||
func getSaltForIDPHmac() string {
|
func getSaltForIDPHmac() string {
|
||||||
return env.Get(ConsoleIDPHmacSalt, defaultSaltForIDPHmac)
|
return env.Get(ConsoleIDPHmacSalt, token.GetPBKDFSalt())
|
||||||
}
|
}
|
||||||
|
|
||||||
// getIDPScopes return default scopes during the IDP login request
|
// getIDPScopes return default scopes during the IDP login request
|
||||||
|
|||||||
Reference in New Issue
Block a user