mirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-30 06:51:47 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: use correct dummy ARN for claim-based OIDC provider when listing access keys (#21549)
Some checks failed
VulnCheck / Analysis (push) Has been cancelled
Details
Lock Threads / action (push) Has been cancelled
Details

Browse Source 
fix: use correct dummy ARN for claim-based OIDC provider

When listing OIDC access keys, use the correct ARN when looking up the provider configuration for the claim-based provider.  Without this it was impossible to list access keys for a claim-based provider, only for a role-policy-based provider.

Fixes minio/minio#21548
This commit is contained in:
Ian Roberts 2025-09-06 18:38:46 +01:00 committed by GitHub
parent da532ab93d
commit d0f50cdd9b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/admin-handlers-idp-openid.go
View File

@ -173,6 +173,8 @@ func (a adminAPIHandlers) ListAccessKeysOpenIDBulk(w http.ResponseWriter, r *htt
if _, ok := accessKey.Claims[iamPolicyClaimNameOpenID()]; !ok { if _, ok := accessKey.Claims[iamPolicyClaimNameOpenID()]; !ok {
continue // skip if no roleArn and no policy claim continue // skip if no roleArn and no policy claim
} }
// claim-based provider is in the roleArnMap under dummy ARN
arn = dummyRoleARN
} }
matchingCfgName, ok := roleArnMap[arn] matchingCfgName, ok := roleArnMap[arn]
if !ok { if !ok {