Introduce changes from code review

author: Małgorzata Ksionek <mksionek@gitlab.com> 2019-10-03 11:10:39 +0200
committer: Małgorzata Ksionek <mksionek@gitlab.com> 2019-10-03 11:10:39 +0200
commit: f00c577dec60798f10b6e8809d78a2895cfa6b04 (patch)
tree: f532b9e68bf773d28650b63a4bf9d6c9498555ed /go/internal/gitlabnet
parent: eff3b3c0e48e9ffc213108965f16e96f10bcda3e (diff)
download: gitlab-shell-f00c577dec60798f10b6e8809d78a2895cfa6b04.tar.gz
4 files changed, 6 insertions, 67 deletions
diff --git a/go/internal/gitlabnet/accessverifier/client.go b/go/internal/gitlabnet/accessverifier/client.go
index f0dea7d..880fff5 100644
--- a/go/internal/gitlabnet/accessverifier/client.go
+++ b/go/internal/gitlabnet/accessverifier/client.go
@@ -8,6 +8,7 @@ import (
 	"gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs"
 	"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
 	"gitlab.com/gitlab-org/gitlab-shell/go/internal/gitlabnet"
+	"gitlab.com/gitlab-org/gitlab-shell/go/internal/sshenv"
 )
 
 const (
@@ -26,6 +27,7 @@ type Request struct {
 	Protocol string                  `json:"protocol"`
 	KeyId    string                  `json:"key_id,omitempty"`
 	Username string                  `json:"username,omitempty"`
+	CheckIp  string                  `json:"check_ip,omitempty"`
 }
 
 type Gitaly struct {
@@ -80,7 +82,9 @@ func (c *Client) Verify(args *commandargs.Shell, action commandargs.CommandType,
 		request.KeyId = args.GitlabKeyId
 	}
 
-	response, err := c.client.Post("/allowed/secure", request)
+	request.CheckIp = sshenv.LocalAddr()
+
+	response, err := c.client.Post("/allowed", request)
 	if err != nil {
 		return nil, err
 	}
diff --git a/go/internal/gitlabnet/accessverifier/client_test.go b/go/internal/gitlabnet/accessverifier/client_test.go
index 0f08c0b..f534185 100644
--- a/go/internal/gitlabnet/accessverifier/client_test.go
+++ b/go/internal/gitlabnet/accessverifier/client_test.go
@@ -157,7 +157,7 @@ func setup(t *testing.T) (*Client, func()) {
 
 	requests := []testserver.TestRequestHandler{
 		{
-			Path: "/api/v4/internal/allowed/secure",
+			Path: "/api/v4/internal/allowed",
 			Handler: func(w http.ResponseWriter, r *http.Request) {
 				b, err := ioutil.ReadAll(r.Body)
 				require.NoError(t, err)
diff --git a/go/internal/gitlabnet/client.go b/go/internal/gitlabnet/client.go
index e61b58d..6b253e0 100644
--- a/go/internal/gitlabnet/client.go
+++ b/go/internal/gitlabnet/client.go
@@ -10,7 +10,6 @@ import (
 	"strings"
 
 	"gitlab.com/gitlab-org/gitlab-shell/go/internal/config"
-	"gitlab.com/gitlab-org/gitlab-shell/go/internal/sshenv"
 )
 
 const (
@@ -110,10 +109,6 @@ func (c *GitlabClient) DoRequest(method, path string, data interface{}) (*http.R
 	request.Header.Set(secretHeaderName, encodedSecret)
 
 	request.Header.Add("Content-Type", "application/json")
-	ipAddr := sshenv.LocalAddr()
-	if ipAddr != "" {
-		request.Header.Add("X-Forwarded-For", ipAddr)
-	}
 
 	request.Close = true
 
diff --git a/go/internal/gitlabnet/client_test.go b/go/internal/gitlabnet/client_test.go
index f4ab62f..3bff18a 100644
--- a/go/internal/gitlabnet/client_test.go
+++ b/go/internal/gitlabnet/client_test.go
@@ -51,20 +51,6 @@ func TestClients(t *testing.T) {
 			},
 		},
 		{
-			Path: "/api/v4/internal/with_ip",
-			Handler: func(w http.ResponseWriter, r *http.Request) {
-				header := r.Header.Get("X-Forwarded-For")
-				require.Equal(t, "127.0.0.1", header)
-			},
-		},
-		{
-			Path: "/api/v4/internal/with_empty_ip",
-			Handler: func(w http.ResponseWriter, r *http.Request) {
-				header := r.Header.Get("X-Forwarded-For")
-				require.Equal(t, "", header)
-			},
-		},
-		{
 			Path: "/api/v4/internal/error",
 			Handler: func(w http.ResponseWriter, r *http.Request) {
 				w.Header().Set("Content-Type", "application/json")
@@ -233,49 +219,3 @@ func testAuthenticationHeader(t *testing.T, client *GitlabClient) {
 		assert.Equal(t, "sssh, it's a secret", string(header))
 	})
 }
-
-func testXForwardedForHeader(t *testing.T, client *GitlabClient) {
-	t.Run("X-Forwarded-For for GET", func(t *testing.T) {
-		cleanup, err := testhelper.Setenv("SSH_CONNECTION", "127.0.0.1 0")
-		require.NoError(t, err)
-		defer cleanup()
-
-		response, err := client.Get("/with_ip")
-
-		require.NoError(t, err)
-		require.NotNil(t, response)
-		response.Body.Close()
-	})
-
-	t.Run("X-Forwarded-For for POST", func(t *testing.T) {
-		data := map[string]string{"key": "value"}
-		cleanup, err := testhelper.Setenv("SSH_CONNECTION", "127.0.0.1 0")
-		require.NoError(t, err)
-		defer cleanup()
-
-		response, err := client.Post("/with_ip", data)
-
-		require.NoError(t, err)
-		require.NotNil(t, response)
-		response.Body.Close()
-	})
-}
-
-func testEmptyForwardedForHeader(t *testing.T, client *GitlabClient) {
-	t.Run("X-Forwarded-For empty for GET", func(t *testing.T) {
-		response, err := client.Get("/with_empty_ip")
-
-		require.NoError(t, err)
-		require.NotNil(t, response)
-		response.Body.Close()
-	})
-
-	t.Run("X-Forwarded-For empty for POST", func(t *testing.T) {
-		data := map[string]string{"key": "value"}
-		response, err := client.Post("/with_empty_ip", data)
-
-		require.NoError(t, err)
-		require.NotNil(t, response)
-		response.Body.Close()
-	})
-}
author	Małgorzata Ksionek <mksionek@gitlab.com>	2019-10-03 11:10:39 +0200
committer	Małgorzata Ksionek <mksionek@gitlab.com>	2019-10-03 11:10:39 +0200
commit	f00c577dec60798f10b6e8809d78a2895cfa6b04 (patch)
tree	f532b9e68bf773d28650b63a4bf9d6c9498555ed /go/internal/gitlabnet
parent	eff3b3c0e48e9ffc213108965f16e96f10bcda3e (diff)
download	gitlab-shell-f00c577dec60798f10b6e8809d78a2895cfa6b04.tar.gz