mirror of
https://github.com/pgsty/minio.git
synced 2026-07-19 20:20:25 +03:00
restore rotating root credentials properly (#16812)
This commit is contained in:
+1
-1
@@ -207,7 +207,7 @@ func getClaimsFromTokenWithSecret(token, secret string) (map[string]interface{},
|
||||
// that clients cannot decode the token using the temp
|
||||
// secret keys and generate an entirely new claim by essentially
|
||||
// hijacking the policies. We need to make sure that this is
|
||||
// based an admin credential such that token cannot be decoded
|
||||
// based on admin credential such that token cannot be decoded
|
||||
// on the client side and is treated like an opaque value.
|
||||
claims, err := auth.ExtractClaims(token, secret)
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user