Fix authentication parameters for Git streaming audit events HTTP requests

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Work on this issue
• Close this issue

Context

The log_git_streaming_audit_events feature flag rollout caused authentication failures when Workhorse makes requests to the new /shellhorse/git_audit_event endpoint. The current implementation has overly restrictive authentication that doesn't account for all HTTP-based Git operation scenarios.

Background

• Feature flag log_git_streaming_audit_events was globally enabled but reverted due to flooding logs with 404 errors
• The new workflow moved from checking access and sending audit events in the same /allowed request to using a dedicated endpoint
• Current authorization may be missing permissions for deploy tokens and other HTTP authentication methods

Expected behavior

Workhorse should successfully authenticate and send Git audit events for all valid HTTP-based Git operations, including deploy token usage.

Current Behavior

Workhorse requests result in high volumes of 404 "Not Found" and 401 "Forbidden" errors, causing log flooding and Sentry alerts.

Both issues are blocking the rollout of Git streaming audit events and need to be resolved before the feature can be safely enabled in production.