diff options
Diffstat (limited to 'go/internal/gitlabnet')
| -rw-r--r-- | go/internal/gitlabnet/accessverifier/client.go | 6 | ||||
| -rw-r--r-- | go/internal/gitlabnet/accessverifier/client_test.go | 2 | ||||
| -rw-r--r-- | go/internal/gitlabnet/client.go | 5 | ||||
| -rw-r--r-- | go/internal/gitlabnet/client_test.go | 60 |
4 files changed, 6 insertions, 67 deletions
diff --git a/go/internal/gitlabnet/accessverifier/client.go b/go/internal/gitlabnet/accessverifier/client.go index f0dea7d..880fff5 100644 --- a/go/internal/gitlabnet/accessverifier/client.go +++ b/go/internal/gitlabnet/accessverifier/client.go @@ -8,6 +8,7 @@ import ( "gitlab.com/gitlab-org/gitlab-shell/go/internal/command/commandargs" "gitlab.com/gitlab-org/gitlab-shell/go/internal/config" "gitlab.com/gitlab-org/gitlab-shell/go/internal/gitlabnet" + "gitlab.com/gitlab-org/gitlab-shell/go/internal/sshenv" ) const ( @@ -26,6 +27,7 @@ type Request struct { Protocol string `json:"protocol"` KeyId string `json:"key_id,omitempty"` Username string `json:"username,omitempty"` + CheckIp string `json:"check_ip,omitempty"` } type Gitaly struct { @@ -80,7 +82,9 @@ func (c *Client) Verify(args *commandargs.Shell, action commandargs.CommandType, request.KeyId = args.GitlabKeyId } - response, err := c.client.Post("/allowed/secure", request) + request.CheckIp = sshenv.LocalAddr() + + response, err := c.client.Post("/allowed", request) if err != nil { return nil, err } diff --git a/go/internal/gitlabnet/accessverifier/client_test.go b/go/internal/gitlabnet/accessverifier/client_test.go index 0f08c0b..f534185 100644 --- a/go/internal/gitlabnet/accessverifier/client_test.go +++ b/go/internal/gitlabnet/accessverifier/client_test.go @@ -157,7 +157,7 @@ func setup(t *testing.T) (*Client, func()) { requests := []testserver.TestRequestHandler{ { - Path: "/api/v4/internal/allowed/secure", + Path: "/api/v4/internal/allowed", Handler: func(w http.ResponseWriter, r *http.Request) { b, err := ioutil.ReadAll(r.Body) require.NoError(t, err) diff --git a/go/internal/gitlabnet/client.go b/go/internal/gitlabnet/client.go index e61b58d..6b253e0 100644 --- a/go/internal/gitlabnet/client.go +++ b/go/internal/gitlabnet/client.go @@ -10,7 +10,6 @@ import ( "strings" "gitlab.com/gitlab-org/gitlab-shell/go/internal/config" - "gitlab.com/gitlab-org/gitlab-shell/go/internal/sshenv" ) const ( @@ -110,10 +109,6 @@ func (c *GitlabClient) DoRequest(method, path string, data interface{}) (*http.R request.Header.Set(secretHeaderName, encodedSecret) request.Header.Add("Content-Type", "application/json") - ipAddr := sshenv.LocalAddr() - if ipAddr != "" { - request.Header.Add("X-Forwarded-For", ipAddr) - } request.Close = true diff --git a/go/internal/gitlabnet/client_test.go b/go/internal/gitlabnet/client_test.go index f4ab62f..3bff18a 100644 --- a/go/internal/gitlabnet/client_test.go +++ b/go/internal/gitlabnet/client_test.go @@ -51,20 +51,6 @@ func TestClients(t *testing.T) { }, }, { - Path: "/api/v4/internal/with_ip", - Handler: func(w http.ResponseWriter, r *http.Request) { - header := r.Header.Get("X-Forwarded-For") - require.Equal(t, "127.0.0.1", header) - }, - }, - { - Path: "/api/v4/internal/with_empty_ip", - Handler: func(w http.ResponseWriter, r *http.Request) { - header := r.Header.Get("X-Forwarded-For") - require.Equal(t, "", header) - }, - }, - { Path: "/api/v4/internal/error", Handler: func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -233,49 +219,3 @@ func testAuthenticationHeader(t *testing.T, client *GitlabClient) { assert.Equal(t, "sssh, it's a secret", string(header)) }) } - -func testXForwardedForHeader(t *testing.T, client *GitlabClient) { - t.Run("X-Forwarded-For for GET", func(t *testing.T) { - cleanup, err := testhelper.Setenv("SSH_CONNECTION", "127.0.0.1 0") - require.NoError(t, err) - defer cleanup() - - response, err := client.Get("/with_ip") - - require.NoError(t, err) - require.NotNil(t, response) - response.Body.Close() - }) - - t.Run("X-Forwarded-For for POST", func(t *testing.T) { - data := map[string]string{"key": "value"} - cleanup, err := testhelper.Setenv("SSH_CONNECTION", "127.0.0.1 0") - require.NoError(t, err) - defer cleanup() - - response, err := client.Post("/with_ip", data) - - require.NoError(t, err) - require.NotNil(t, response) - response.Body.Close() - }) -} - -func testEmptyForwardedForHeader(t *testing.T, client *GitlabClient) { - t.Run("X-Forwarded-For empty for GET", func(t *testing.T) { - response, err := client.Get("/with_empty_ip") - - require.NoError(t, err) - require.NotNil(t, response) - response.Body.Close() - }) - - t.Run("X-Forwarded-For empty for POST", func(t *testing.T) { - data := map[string]string{"key": "value"} - response, err := client.Post("/with_empty_ip", data) - - require.NoError(t, err) - require.NotNil(t, response) - response.Body.Close() - }) -} |