Skip to content

G
gitlab-shell
Commit aedf824d authored by Pablo Carranza's avatar Pablo Carranza
Browse files
Options

Change use of fingerprint for whole key

parent 459e4482
Hide whitespace changes
Inline Side-by-side
Showing with 10 additions and 10 deletions
bin/authorized_keys
View file @ aedf824d
...@@ -4,22 +4,22 @@ ...@@ -4,22 +4,22 @@
# GitLab shell authorized_keys. Query gitlab API to get the authorized command for a given ssh key fingerprint # GitLab shell authorized_keys. Query gitlab API to get the authorized command for a given ssh key fingerprint
# #
# Ex. # Ex.
# /bin/authorized_keys e6:17:f2:f3:b7 # /bin/authorized_keys BASE64-KEY
# #
# Returns # Returns
# command="/bin/gitlab-shell key-#",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQA... # command="/bin/gitlab-shell key-#",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQA...
# #
fingerprint = ARGV[0] key = ARGV[0]
abort "# No fingerprint provided" if fingerprint.nil? abort "# No key provided" if key.nil?
require_relative "../lib/gitlab_init" require_relative "../lib/gitlab_init"
require_relative "../lib/gitlab_net" require_relative "../lib/gitlab_net"
require_relative "../lib/gitlab_keys" require_relative "../lib/gitlab_keys"
authorized_key = GitlabNet.new.authorized_key(fingerprint) authorized_key = GitlabNet.new.authorized_key(key)
unless authorized_key.nil? unless authorized_key.nil?
puts GitlabKey.new.key_line(authorized_key["id"], authorized_key["key"]) puts GitlabKey.new.key_line(authorized_key["id"], authorized_key["key"])
else else
puts "# No key was found with fingerprint #{fingerprint}" puts "# No key was found for #{key}"
end end
lib/gitlab_net.rb
View file @ aedf824d
...@@ -56,8 +56,8 @@ class GitlabNet ...@@ -56,8 +56,8 @@ class GitlabNet
get("#{host}/check", read_timeout: CHECK_TIMEOUT) get("#{host}/check", read_timeout: CHECK_TIMEOUT)
end end
def authorized_key(fingerprint) def authorized_key(key)
resp = get("#{host}/authorized_keys?fingerprint=#{fingerprint}") resp = get("#{host}/authorized_keys?key=#{key}")
JSON.parse(resp.body) if resp.code == "200" JSON.parse(resp.body) if resp.code == "200"
rescue rescue
nil nil
......
spec/vcr_cassettes/ssh-key-not-found.yml
View file @ aedf824d
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
http_interactions: http_interactions:
- request: - request:
method: get method: get
uri: https://dev.gitlab.org/api/v3/internal/ssh-key?fingerprint=whatever uri: https://dev.gitlab.org/api/v3/internal/authorized_keys?key=whatever
body: body:
encoding: US-ASCII encoding: US-ASCII
string: secret_token=a123 string: secret_token=a123
......
spec/vcr_cassettes/ssh-key-not-implemented.yml
View file @ aedf824d
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
http_interactions: http_interactions:
- request: - request:
method: get method: get
uri: https://dev.gitlab.org/api/v3/internal/authorized_keys?fingerprint=whatever uri: https://dev.gitlab.org/api/v3/internal/authorized_keys?key=whatever
body: body:
encoding: US-ASCII encoding: US-ASCII
string: secret_token=a123 string: secret_token=a123
......
spec/vcr_cassettes/ssh-key-ok.yml
View file @ aedf824d
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
http_interactions: http_interactions:
- request: - request:
method: get method: get
uri: https://dev.gitlab.org/api/v3/internal/authorized_keys?fingerprint=42:18:16 uri: https://dev.gitlab.org/api/v3/internal/authorized_keys?key=42:18:16
body: body:
encoding: US-ASCII encoding: US-ASCII
string: secret_token=a123 string: secret_token=a123
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7