luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Update login logic for aws creds backend

This commit is contained in:
Calvin Leung Huang 2017-12-15 16:18:19 -05:00
parent ba19b99f55
commit 643451d46a
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
builtin/credential/aws/path_login.go
View File

@ -788,15 +788,15 @@ func (b *backend) pathLoginUpdateEc2(
if roleEntry.MaxTTL > time.Duration(0) {
// Cap maxTTL to the sysview's max TTL
maxTTL := b.System().MaxLeaseTTL()
if roleEntry.MaxTTL < maxTTL {
maxTTL := roleEntry.MaxTTL
if maxTTL > b.System().MaxLeaseTTL() {
maxTTL = b.System().MaxLeaseTTL()
}
// Cap TTL to MaxTTL
if resp.Auth.TTL > maxTTL {
resp.AddWarning(fmt.Sprintf("Effective TTL of '%s' exceeded the effective max_ttl of '%s'; TTL value is capped accordingly", (resp.Auth.TTL / time.Second), (maxTTL / time.Second)))
resp.Auth.TTL = roleEntry.MaxTTL
resp.Auth.TTL = maxTTL
}
}
@ -1295,15 +1295,15 @@ func (b *backend) pathLoginUpdateIam(
if roleEntry.MaxTTL > time.Duration(0) {
// Cap maxTTL to the sysview's max TTL
maxTTL := b.System().MaxLeaseTTL()
if roleEntry.MaxTTL < maxTTL {
maxTTL := roleEntry.MaxTTL
if maxTTL > b.System().MaxLeaseTTL() {
maxTTL = b.System().MaxLeaseTTL()
}
// Cap TTL to MaxTTL
if resp.Auth.TTL > maxTTL {
resp.AddWarning(fmt.Sprintf("Effective TTL of '%s' exceeded the effective max_ttl of '%s'; TTL value is capped accordingly", (resp.Auth.TTL / time.Second), (maxTTL / time.Second)))
resp.Auth.TTL = roleEntry.MaxTTL
resp.Auth.TTL = maxTTL
}
}