From: Ward Vandewege <ward@curii.com>
Date: Thu, 17 Feb 2022 18:03:33 +0000 (-0500)
Subject: 18676: be a bit more specific in testing for V2 tokens.
X-Git-Tag: 2.4.0~80^2~2
X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/63645c871246a61a2148b259f10d2fedf30e8df8

18676: be a bit more specific in testing for V2 tokens.

Arvados-DCO-1.1-Signed-off-by: Ward Vandewege <ward@curii.com>
---

diff --git a/lib/config/load.go b/lib/config/load.go
index e412c87ff9..7136c60e46 100644
--- a/lib/config/load.go
+++ b/lib/config/load.go
@@ -358,6 +358,9 @@ func (ldr *Loader) checkToken(label, token string, mandatory bool, acceptV2 bool
 		if len(tmp) != 3 {
 			return fmt.Errorf("%s: unacceptable characters in token (only a-z, A-Z, 0-9 are acceptable)", label)
 		}
+		if strings.Index(token, "v2/") == -1 {
+			return fmt.Errorf("%s: unacceptable characters in token (only a-z, A-Z, 0-9 are acceptable)", label)
+		}
 		ldr.Logger.Warnf("%s: token is a full V2 token, should just be a secret (remove everything up to and including the last forward slash)", label)
 		if !acceptableTokenRe.MatchString(tmp[2]) {
 			return fmt.Errorf("%s: unacceptable characters in V2 token secret (only a-z, A-Z, 0-9 are acceptable)", label)