aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar Rutger Broekhoff2024-01-02 21:38:45 +0100
committerLibravatar Rutger Broekhoff2024-01-02 21:38:45 +0100
commitab988b1dae67a04dbcfc7af14052a1b033946029 (patch)
tree046c674d10c4edb31398b9e802246ea1c197a52e
parentf8b10c51e3f850203201e2cf926f5203192f93c7 (diff)
downloadgitolfs3-ab988b1dae67a04dbcfc7af14052a1b033946029.tar.gz
gitolfs3-ab988b1dae67a04dbcfc7af14052a1b033946029.zip
Make tokens short-lived
-rw-r--r--cmd/git-lfs-authenticate/main.go2
-rw-r--r--cmd/git-lfs-server/main.go4
2 files changed, 3 insertions, 3 deletions
diff --git a/cmd/git-lfs-authenticate/main.go b/cmd/git-lfs-authenticate/main.go
index a76fdff..3d2c1ea 100644
--- a/cmd/git-lfs-authenticate/main.go
+++ b/cmd/git-lfs-authenticate/main.go
@@ -180,7 +180,7 @@ func main() {
180 die("forbidden") 180 die("forbidden")
181 } 181 }
182 182
183 expiresIn := time.Hour * 24 183 expiresIn := time.Minute * 5
184 claims := customClaims{ 184 claims := customClaims{
185 Gitolfs3: gitolfs3Claims{ 185 Gitolfs3: gitolfs3Claims{
186 Type: "batch-api", 186 Type: "batch-api",
diff --git a/cmd/git-lfs-server/main.go b/cmd/git-lfs-server/main.go
index cfad3e0..eec7d00 100644
--- a/cmd/git-lfs-server/main.go
+++ b/cmd/git-lfs-server/main.go
@@ -150,7 +150,6 @@ func sha256AsBase64(hash string) string {
150 150
151func (h *handler) handleDownloadObject(ctx context.Context, repo string, obj parsedBatchObject) batchResponseObject { 151func (h *handler) handleDownloadObject(ctx context.Context, repo string, obj parsedBatchObject) batchResponseObject {
152 fullPath := path.Join(repo+".git", "lfs/objects", obj.firstByte, obj.secondByte, obj.fullHash) 152 fullPath := path.Join(repo+".git", "lfs/objects", obj.firstByte, obj.secondByte, obj.fullHash)
153 expiresIn := time.Hour * 24
154 153
155 info, err := h.mc.StatObject(ctx, h.bucket, fullPath, minio.StatObjectOptions{Checksum: true}) 154 info, err := h.mc.StatObject(ctx, h.bucket, fullPath, minio.StatObjectOptions{Checksum: true})
156 if err != nil { 155 if err != nil {
@@ -170,6 +169,7 @@ func (h *handler) handleDownloadObject(ctx context.Context, repo string, obj par
170 return makeObjError(obj, "Incorrect size specified for object or object currupted", http.StatusUnprocessableEntity) 169 return makeObjError(obj, "Incorrect size specified for object or object currupted", http.StatusUnprocessableEntity)
171 } 170 }
172 171
172 expiresIn := time.Minute * 10
173 claims := handleObjectCustomClaims{ 173 claims := handleObjectCustomClaims{
174 Gitolfs3: handleObjectGitolfs3Claims{ 174 Gitolfs3: handleObjectGitolfs3Claims{
175 Type: "basic-transfer", 175 Type: "basic-transfer",
@@ -242,7 +242,7 @@ func (h *handler) handleUploadObject(ctx context.Context, repo string, obj parse
242 return &objErr 242 return &objErr
243 } 243 }
244 244
245 expiresIn := time.Hour * 24 245 expiresIn := time.Minute * 10
246 claims := handleObjectCustomClaims{ 246 claims := handleObjectCustomClaims{
247 Gitolfs3: handleObjectGitolfs3Claims{ 247 Gitolfs3: handleObjectGitolfs3Claims{
248 Type: "basic-transfer", 248 Type: "basic-transfer",