allow JWT parsing on large session policy based tokens (#17167)

This commit is contained in:
Harshavardhana
2023-05-09 00:53:08 -07:00
committed by GitHub
parent 57acacd5a7
commit a7f266c907
6 changed files with 19 additions and 11 deletions
+2 -3
View File
@@ -32,7 +32,6 @@ import (
"sync/atomic"
"time"
humanize "github.com/dustin/go-humanize"
"github.com/minio/madmin-go/v2"
"github.com/minio/minio-go/v7/pkg/set"
"github.com/minio/minio/internal/arn"
@@ -944,8 +943,8 @@ func (sys *IAMSys) NewServiceAccount(ctx context.Context, parentUser string, gro
if err != nil {
return auth.Credentials{}, time.Time{}, err
}
if len(policyBuf) > 16*humanize.KiByte {
return auth.Credentials{}, time.Time{}, fmt.Errorf("Session policy should not exceed 16 KiB characters")
if len(policyBuf) > 2048 {
return auth.Credentials{}, time.Time{}, errSessionPolicyTooLarge
}
}