diff options
| author | Stan Hu <stanhu@gmail.com> | 2020-07-23 06:19:57 +0000 |
|---|---|---|
| committer | Igor Drozdov <idrozdov@gitlab.com> | 2020-07-23 06:19:57 +0000 |
| commit | 6555cb81641af139aa65865c4a749a8c7d53e07e (patch) | |
| tree | 5f2fe6b065969b0e71e5d3de18a9267951576dad /internal/gitlabnet | |
| parent | b8b75477d9b49e809926826a1cd4bc413d018514 (diff) | |
| download | gitlab-shell-6555cb81641af139aa65865c4a749a8c7d53e07e.tar.gz | |
Log SSH key details
Right now when a client such as gitlab-shell calls the
`/api/v4/internal/allowed` API, the response only tells the client what
user has been granted access, and it's impossible to tell which deploy
key/token was used in the authentication request.
This commit adds logs for the following when available:
1. `gl_key_type` (e.g. `deploy_key` or `key`)
2. `gl_key_id`
These fields make it possible for admins to identify the exact record
that was used to authenticate the user.
API changes in the `/internal/allowed` endpoint in
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37289 are needed
to support this.
Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/203
Diffstat (limited to 'internal/gitlabnet')
| -rw-r--r-- | internal/gitlabnet/accessverifier/client.go | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/internal/gitlabnet/accessverifier/client.go b/internal/gitlabnet/accessverifier/client.go index a9c7d97..234e854 100644 --- a/internal/gitlabnet/accessverifier/client.go +++ b/internal/gitlabnet/accessverifier/client.go @@ -55,6 +55,8 @@ type Response struct { Message string `json:"message"` Repo string `json:"gl_repository"` UserId string `json:"gl_id"` + KeyType string `json:"gl_key_type"` + KeyId int `json:"gl_key_id"` Username string `json:"gl_username"` GitConfigOptions []string `json:"git_config_options"` Gitaly Gitaly `json:"gitaly"` |