Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'workhorse/internal/secret/roundtripper.go')
-rw-r--r--workhorse/internal/secret/roundtripper.go35
1 files changed, 35 insertions, 0 deletions
diff --git a/workhorse/internal/secret/roundtripper.go b/workhorse/internal/secret/roundtripper.go
new file mode 100644
index 00000000000..50bf7fff5b8
--- /dev/null
+++ b/workhorse/internal/secret/roundtripper.go
@@ -0,0 +1,35 @@
+package secret
+
+import (
+ "net/http"
+)
+
+const (
+ // This header carries the JWT token for gitlab-rails
+ RequestHeader = "Gitlab-Workhorse-Api-Request"
+)
+
+type roundTripper struct {
+ next http.RoundTripper
+ version string
+}
+
+// NewRoundTripper creates a RoundTripper that adds the JWT token header to a
+// request. This is used to verify that a request came from workhorse
+func NewRoundTripper(next http.RoundTripper, version string) http.RoundTripper {
+ return &roundTripper{next: next, version: version}
+}
+
+func (r *roundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
+ tokenString, err := JWTTokenString(DefaultClaims)
+ if err != nil {
+ return nil, err
+ }
+
+ // Set a custom header for the request. This can be used in some
+ // configurations (Passenger) to solve auth request routing problems.
+ req.Header.Set("Gitlab-Workhorse", r.version)
+ req.Header.Set(RequestHeader, tokenString)
+
+ return r.next.RoundTrip(req)
+}