luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Fixed null token panic from 'v1/auth/token/' endpoints and returned p… (#13233) 

* Fixed null token panic from 'v1/auth/token/' endpoints and returned proper error response

* added changelog entry for PR #13233

* changed error message from 'bad token' to 'null token'

* rebased off of main

* Revert "changed error message from 'bad token' to 'null token'"

This reverts commit 381ed9b32c5ddd5e47adb1643ef7e46fb768bc76.

* changed 'bad token' error message to 'invalid token' after revert

* remove unnecessary vault-data folder
This commit is contained in:
Anthony (Ryo) Wright 2021-12-21 09:46:56 -08:00 committed by GitHub
parent f574e75f11
commit e0ac921b8f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/auth_token.go
View File

@ -1,6 +1,8 @@
package api package api
import "context" import (
"context"
)
// TokenAuth is used to perform token backend operations on Vault // TokenAuth is used to perform token backend operations on Vault
type TokenAuth struct { type TokenAuth struct {

3
changelog/13233.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
core/token: Fix null token panic from 'v1/auth/token/' endpoints and return proper error response.
```

2
vault/request_handling.go
View File

@ -553,7 +553,7 @@ func (c *Core) handleCancelableRequest(ctx context.Context, req *logical.Request
break break
} }
if token == nil { if token == nil {
return logical.ErrorResponse("bad token"), logical.ErrPermissionDenied return logical.ErrorResponse("invalid token"), logical.ErrPermissionDenied
} }
_, nsID := namespace.SplitIDFromString(token.(string)) _, nsID := namespace.SplitIDFromString(token.(string))
if nsID != "" { if nsID != "" {