diff options
| author | Pritha Srivastava <prsrivas@redhat.com> | 2020-08-20 17:25:51 +0200 |
|---|---|---|
| committer | Pritha Srivastava <prsrivas@redhat.com> | 2020-08-20 17:28:42 +0200 |
| commit | 20bdacbb3e935307c5ae285c0f9de3e63f0ab9f6 (patch) | |
| tree | 53cc36004c8cbffd64a260a5cf5c58162ace4f65 /src/rgw/rgw_sts.h | |
| parent | Merge pull request #36723 from tchaikov/wip-osd-writesame (diff) | |
| download | ceph-20bdacbb3e935307c5ae285c0f9de3e63f0ab9f6.tar.xz ceph-20bdacbb3e935307c5ae285c0f9de3e63f0ab9f6.zip | |
rgw/sts: adding code for "aws:TokenIssueTime" to be used
in condition element of role policy to deny access to
temporary credentials.
Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>
Diffstat (limited to 'src/rgw/rgw_sts.h')
| -rw-r--r-- | src/rgw/rgw_sts.h | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/rgw/rgw_sts.h b/src/rgw/rgw_sts.h index 37519210efb..ed92e7f5f2a 100644 --- a/src/rgw/rgw_sts.h +++ b/src/rgw/rgw_sts.h @@ -130,11 +130,12 @@ struct SessionToken { uint32_t acct_type; string role_session; std::vector<string> token_claims; + string issued_at; SessionToken() {} void encode(bufferlist& bl) const { - ENCODE_START(3, 1, bl); + ENCODE_START(4, 1, bl); encode(access_key_id, bl); encode(secret_access_key, bl); encode(expiration, bl); @@ -147,11 +148,12 @@ struct SessionToken { encode(acct_type, bl); encode(role_session, bl); encode(token_claims, bl); + encode(issued_at, bl); ENCODE_FINISH(bl); } void decode(bufferlist::const_iterator& bl) { - DECODE_START(3, bl); + DECODE_START(4, bl); decode(access_key_id, bl); decode(secret_access_key, bl); decode(expiration, bl); @@ -168,6 +170,9 @@ struct SessionToken { if (struct_v >= 3) { decode(token_claims, bl); } + if (struct_v >= 4) { + decode(issued_at, bl); + } DECODE_FINISH(bl); } }; |