From adca8adff4a3b67ea8b82a920f420cf6134b9245 Mon Sep 17 00:00:00 2001 From: Aditya Manthramurthy Date: Sat, 28 Sep 2024 08:14:47 -0700 Subject: [PATCH] fix: token type retrieved in WebIdentity provider (#1446) --- minio/credentials/providers.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/minio/credentials/providers.py b/minio/credentials/providers.py index 197d3298..ee232a25 100644 --- a/minio/credentials/providers.py +++ b/minio/credentials/providers.py @@ -656,7 +656,7 @@ def retrieve(self) -> Credentials: if self._is_web_identity(): query_params["Action"] = "AssumeRoleWithWebIdentity" - query_params["WebIdentityToken"] = jwt.get("access_token", "") + query_params["WebIdentityToken"] = jwt.get("id_token", "") if self._role_arn: query_params["RoleArn"] = self._role_arn query_params["RoleSessionName"] = ( @@ -666,7 +666,7 @@ def retrieve(self) -> Credentials: ) else: query_params["Action"] = "AssumeRoleWithClientGrants" - query_params["Token"] = jwt.get("access_token", "") + query_params["Token"] = jwt.get("id_token", "") url = self._sts_endpoint + "?" + urlencode(query_params) res = _urlopen(self._http_client, "POST", url)