forked from TrueCloudLab/frostfs-s3-gw
[#71] Supported json file rules in authmate
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
parent
5865ad46a0
commit
1be8030dcd
2 changed files with 12 additions and 4 deletions
|
@ -240,7 +240,7 @@ Creation of the bearer token is mandatory, and creation of the session token is
|
||||||
optional. If you want to add the session token you need to add a parameter
|
optional. If you want to add the session token you need to add a parameter
|
||||||
`create-session-token`.
|
`create-session-token`.
|
||||||
|
|
||||||
Rules for bearer token can be set via param `bearer-rules`, if it is not set,
|
Rules for bearer token can be set via param `bearer-rules` (json-string and file path allowed), if it is not set,
|
||||||
it will be auto-generated with values:
|
it will be auto-generated with values:
|
||||||
|
|
||||||
```
|
```
|
||||||
|
@ -268,7 +268,7 @@ it will be auto-generated with values:
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
Rules for session token can be set via param `session-rules`, default value is:
|
Rules for session token can be set via param `session-rules` (json-string and file path allowed), default value is:
|
||||||
```
|
```
|
||||||
{
|
{
|
||||||
"verb": "PUT",
|
"verb": "PUT",
|
||||||
|
|
|
@ -246,8 +246,8 @@ func issueSecret() *cli.Command {
|
||||||
ContainerFriendlyName: containerFriendlyName,
|
ContainerFriendlyName: containerFriendlyName,
|
||||||
NeoFSKey: key,
|
NeoFSKey: key,
|
||||||
GatesPublicKeys: gatesPublicKeys,
|
GatesPublicKeys: gatesPublicKeys,
|
||||||
EACLRules: []byte(eaclRulesFlag),
|
EACLRules: getJSONRules(eaclRulesFlag),
|
||||||
ContextRules: []byte(contextRulesFlag),
|
ContextRules: getJSONRules(contextRulesFlag),
|
||||||
SessionTkn: sessionTokenFlag,
|
SessionTkn: sessionTokenFlag,
|
||||||
Lifetime: lifetimeFlag,
|
Lifetime: lifetimeFlag,
|
||||||
}
|
}
|
||||||
|
@ -261,6 +261,14 @@ func issueSecret() *cli.Command {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func getJSONRules(val string) []byte {
|
||||||
|
if data, err := os.ReadFile(val); err == nil {
|
||||||
|
return data
|
||||||
|
}
|
||||||
|
|
||||||
|
return []byte(val)
|
||||||
|
}
|
||||||
|
|
||||||
func obtainSecret() *cli.Command {
|
func obtainSecret() *cli.Command {
|
||||||
command := &cli.Command{
|
command := &cli.Command{
|
||||||
Name: "obtain-secret",
|
Name: "obtain-secret",
|
||||||
|
|
Loading…
Reference in a new issue