forked from TrueCloudLab/frostfs-s3-gw
Merge pull request #116 from KirillovDenis/feature/71-authmate_json_eacl
[#71] Supported json file rules in authmate
This commit is contained in:
commit
d77cc52836
2 changed files with 12 additions and 4 deletions
|
@ -240,7 +240,7 @@ Creation of the bearer token is mandatory, and creation of the session token is
|
|||
optional. If you want to add the session token you need to add a parameter
|
||||
`create-session-token`.
|
||||
|
||||
Rules for bearer token can be set via param `bearer-rules`, if it is not set,
|
||||
Rules for bearer token can be set via param `bearer-rules` (json-string and file path allowed), if it is not set,
|
||||
it will be auto-generated with values:
|
||||
|
||||
```
|
||||
|
@ -268,7 +268,7 @@ it will be auto-generated with values:
|
|||
}
|
||||
```
|
||||
|
||||
Rules for session token can be set via param `session-rules`, default value is:
|
||||
Rules for session token can be set via param `session-rules` (json-string and file path allowed), default value is:
|
||||
```
|
||||
{
|
||||
"verb": "PUT",
|
||||
|
|
|
@ -246,8 +246,8 @@ func issueSecret() *cli.Command {
|
|||
ContainerFriendlyName: containerFriendlyName,
|
||||
NeoFSKey: key,
|
||||
GatesPublicKeys: gatesPublicKeys,
|
||||
EACLRules: []byte(eaclRulesFlag),
|
||||
ContextRules: []byte(contextRulesFlag),
|
||||
EACLRules: getJSONRules(eaclRulesFlag),
|
||||
ContextRules: getJSONRules(contextRulesFlag),
|
||||
SessionTkn: sessionTokenFlag,
|
||||
Lifetime: lifetimeFlag,
|
||||
}
|
||||
|
@ -261,6 +261,14 @@ func issueSecret() *cli.Command {
|
|||
}
|
||||
}
|
||||
|
||||
func getJSONRules(val string) []byte {
|
||||
if data, err := os.ReadFile(val); err == nil {
|
||||
return data
|
||||
}
|
||||
|
||||
return []byte(val)
|
||||
}
|
||||
|
||||
func obtainSecret() *cli.Command {
|
||||
command := &cli.Command{
|
||||
Name: "obtain-secret",
|
||||
|
|
Loading…
Reference in a new issue