[#132] authmate: Add bearer token to obtain-secret
result
Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
This commit is contained in:
parent
19c89b38e6
commit
8fcaf76f41
3 changed files with 24 additions and 4 deletions
|
@ -24,6 +24,7 @@ This document outlines major changes between releases.
|
|||
- Add new `kludge.use_default_xmlns_for_complete_multipart` config param (TrueCloudLab#40)
|
||||
- Support dump metrics descriptions (#80)
|
||||
- Support impersonate bearer token (#81)
|
||||
- Return bearer token in `s3-authmate obtain-secret` result (#132)
|
||||
|
||||
### Changed
|
||||
- Remove object from tree and reset its cache on object deletion when it is already removed from storage (#78)
|
||||
|
|
|
@ -137,7 +137,7 @@ type (
|
|||
}
|
||||
|
||||
obtainingResult struct {
|
||||
BearerToken *bearer.Token `json:"-"`
|
||||
BearerToken *bearer.Token `json:"bearer_token"`
|
||||
SecretAccessKey string `json:"secret_access_key"`
|
||||
}
|
||||
)
|
||||
|
|
|
@ -24,7 +24,7 @@ potentially).
|
|||
2. [Bearer tokens](#bearer-tokens)
|
||||
3. [Session tokens](#session-tokens)
|
||||
4. [Containers policy](#containers-policy)
|
||||
3. [Obtainment of a secret](#obtainment-of-a-secret-access-key)
|
||||
3. [Obtainment of a secret](#obtaining-credential-secrets)
|
||||
4. [Generate presigned url](#generate-presigned-url)
|
||||
|
||||
## Generation of wallet
|
||||
|
@ -252,9 +252,9 @@ can be set via parameter `--container-policy` (json-string and file path allowed
|
|||
}
|
||||
```
|
||||
|
||||
## Obtainment of a secret access key
|
||||
## Obtaining credential secrets
|
||||
|
||||
You can get a secret access key associated with an access key ID by obtaining a
|
||||
You can get a secret access key and bearer token associated with an access key ID by obtaining a
|
||||
secret stored on the FrostFS network. Here is an example of providing one password (for `wallet.json`) via env variable
|
||||
and the other (for `gate-wallet.json`) interactively:
|
||||
|
||||
|
@ -267,6 +267,25 @@ frostfs-s3-authmate obtain-secret --wallet wallet.json \
|
|||
|
||||
Enter password for gate-wallet.json >
|
||||
{
|
||||
"bearer_token": {
|
||||
"body": {
|
||||
"eaclTable": null,
|
||||
"ownerID": {
|
||||
"value": "Naq5pfYuroaGE7h9o5iQsPR/1aRe5gmWrg=="
|
||||
},
|
||||
"lifetime": {
|
||||
"exp": "10813",
|
||||
"nbf": "13",
|
||||
"iat": "13"
|
||||
},
|
||||
"allowImpersonate": true
|
||||
},
|
||||
"signature": {
|
||||
"key": "Axpsb7vfAso1F0X6hrm6WpRS14WsT3/Ct1SMoqRsT89K",
|
||||
"signature": "BMIOqcNEwTughI26ivFw7vnGyzhWip8NsgSYTTf21aVkv0AH7bgE9R91gglYgS6tGNVcWZMTisYCJCT3OEQ9lkw=",
|
||||
"scheme": "ECDSA_SHA512"
|
||||
}
|
||||
},
|
||||
"secret_access_key": "438bbd8243060e1e1c9dd4821756914a6e872ce29bf203b68f81b140ac91231c"
|
||||
}
|
||||
```
|
||||
|
|
Loading…
Reference in a new issue