Skip to content

Add admin accesskey sts-revoke and idp ldap accesskey sts-revoke #5160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 11 commits into from
Mar 31, 2025
Merged

Add admin accesskey sts-revoke and idp ldap accesskey sts-revoke #5160

merged 11 commits into from
Mar 31, 2025

Conversation

taran-p
Copy link
Contributor

@taran-p taran-p commented Mar 8, 2025
edited
Loading

Community Contribution License

All community contributions in this pull request are licensed to the project maintainers
under the terms of the Apache 2 license.
By creating this pull request I represent that I have the right to license the
contributions to the project maintainers under the Apache 2 license.

Description

This PR adds mc admin accesskey sts-revoke and mc idp ldap accesskey sts-revoke, two commands for STS token revocation. The admin command can be used for builtin users or for self revocation by service accounts created for other user providers. The idp ldap command can be used to revoke for LDAP users via short username or full DN.

Motivation and Context

miniohq/eos#498

How to test this PR?

Create STS accounts and revoke them with this command.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Optimization (provides speedup with no functional changes)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • Fixes a regression (If yes, please add commit-id or PR # here)
  • Unit tests added/updated
  • Internal documentation updated
  • Create a documentation update request here

@taran-p taran-p mentioned this pull request Mar 25, 2025
Merged
8 tasks
@taran-p taran-p requested a review from Copilot March 31, 2025 17:06
Copilot

This comment was marked as outdated.

Sign in to view

@taran-p taran-p marked this pull request as ready for review March 31, 2025 20:35
@taran-p taran-p requested a review from Copilot March 31, 2025 20:37
Copilot

This comment was marked as outdated.

Sign in to view

taran-p and others added 2 commits March 31, 2025 16:38
@taran-p @Copilot
Update cmd/idp-ldap-accesskey-sts-revoke.go
cdca725 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@taran-p
More spelling stuff
d520f01
@taran-p taran-p requested a review from Copilot March 31, 2025 20:39
Copilot

This comment was marked as outdated.

Sign in to view

@taran-p @Copilot
Update cmd/idp-ldap-accesskey-sts-revoke.go
ebc597b 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@taran-p taran-p requested a review from Copilot March 31, 2025 20:41
Copilot
Copilot AI reviewed Mar 31, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This pull request adds support for STS token revocation by introducing two new commands for LDAP users and admin users.

  • Adds the "sts-revoke" subcommand for idp ldap accesskeys via a new file (idp-ldap-accesskey-sts-revoke.go).
  • Introduces the "sts-revoke" subcommand for admin accesskeys through a new file (admin-accesskey-sts-revoke.go) and updates auto-completion and command registration accordingly.

Reviewed Changes

Copilot reviewed 6 out of 7 changed files in this pull request and generated no comments.

Show a summary per file
File Description
cmd/idp-ldap-accesskey.go Registers the new sts-revoke subcommand
cmd/idp-ldap-accesskey-sts-revoke.go Implements the STS token revocation command for LDAP
cmd/auto-complete.go Updates auto-complete mappings for the new command
cmd/admin-accesskey.go Registers the new sts-revoke subcommand for admin
cmd/admin-accesskey-sts-revoke.go Implements the STS token revocation command for admin
Files not reviewed (1)
  • go.mod: Language not supported
Comments suppressed due to low confidence (2)

cmd/admin-accesskey-sts-revoke.go:102

  • [nitpick] The comment refers to 'checkAdminUserSTSAcctInfoSyntax' while the function is named 'checkSTSRevokeSyntax'. Consider updating the comment to match the function's name.
// checkAdminUserSTSAcctInfoSyntax - validate all the passed arguments

cmd/admin-accesskey-sts-revoke.go:121

  • [nitpick] The comment mentions 'mainAdminUserSTSAcctInfo', but the function is actually named 'mainAdminAccesskeySTSRevoke'. Please update the comment for consistency.
// mainAdminUserSTSAcctInfo is the handle for "mc admin accesskey sts-revoke" command.

@minio minio deleted a comment from Copilot AI Mar 31, 2025
@harshavardhana harshavardhana merged commit 5349af0 into minio:master Mar 31, 2025
5 checks passed
@djwfyi djwfyi mentioned this pull request Apr 3, 2025
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@harshavardhana harshavardhana harshavardhana approved these changes

@donatello donatello Awaiting requested review from donatello

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@taran-p @harshavardhana