Add internal api for getting personal access tokens from gitlab-shell
What does this MR do?
This MR implements the internal api side of things to support obtaining personal access tokens via SSH as requested in #19672
The actual user-facing command in gitlab-shell for obtaining tokens is implemented but this endpoint is its hard dependency and needs to be merged first.
When finished it will support a workflow as follows (currently):
censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token
remote:
remote: ========================================================================
remote:
remote: Usage: personal_access_token <name> <scope1[,scope2,...]> [ttl_days]
remote:
remote: ========================================================================
remote:
censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token newtoken read_api,read_repository 30
Token: aAY1G3YPeemECgUvxuXY
Scopes: read_api,read_repository
Expires: 2020-08-07Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry -
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec -
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Edited by Taylan Develioglu