18676: be a bit more specific in testing for V2 tokens.

Arvados-DCO-1.1-Signed-off-by: Ward Vandewege <ward@curii.com>

diff --git a/lib/config/load.go b/lib/config/load.go
index e412c87ff93ac073c2fe2ae78f0ee72b4232936a..7136c60e468aa716af93ad6f011810287c5230e8 100644 (file)
--- a/lib/config/load.go
+++ b/lib/config/load.go
@@ -358,6 +358,9 @@ func (ldr *Loader) checkToken(label, token string, mandatory bool, acceptV2 bool
                if len(tmp) != 3 {
                        return fmt.Errorf("%s: unacceptable characters in token (only a-z, A-Z, 0-9 are acceptable)", label)
                }
+               if strings.Index(token, "v2/") == -1 {
+                       return fmt.Errorf("%s: unacceptable characters in token (only a-z, A-Z, 0-9 are acceptable)", label)
+               }
                ldr.Logger.Warnf("%s: token is a full V2 token, should just be a secret (remove everything up to and including the last forward slash)", label)
                if !acceptableTokenRe.MatchString(tmp[2]) {
                        return fmt.Errorf("%s: unacceptable characters in V2 token secret (only a-z, A-Z, 0-9 are acceptable)", label)