NotificationsYou must be signed in to change notification settings
Fork1k
Star11.2k

Commit34593e3

authored

chore: ticket provider interface (#6915)

1 parente0f7f01 commit34593e3Copy full SHA for 34593e3

File tree

16 files changed

+665

-675

lines changed

coderd
- coderd.go
- coderdtest
  - coderdtest.go
- httpapi
  - cookie.go
- workspaceagents.go
- workspaceapps.go
- workspaceapps_test.go
- workspaceapps
codersdk
- client.go

16 files changed

+665

-675

lines changed

`‎coderd/coderd.go‎`

Lines changed: 5 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -123,8 +123,8 @@ type Options struct {`
`123`	`123`	`SwaggerEndpointbool`
`124`	`124`	`SetUserGroupsfunc(ctx context.Context,tx database.Store,userID uuid.UUID,groupNames []string)error`
`125`	`125`	`TemplateScheduleStore schedule.TemplateScheduleStore`
`126`		`-// AppSigningKey denotes the symmetric key to use for signingapp tickets.`
`127`		`-// The key must be 64 bytes long.`
	`126`	`+// AppSigningKey denotes the symmetric key to use for signingtemporary app`
	`127`	`+//tokens.The key must be 64 bytes long.`
`128`	`128`	`AppSigningKey []byte`
`129`	`129`	`HealthcheckFuncfunc(ctx context.Context) (*healthcheck.Report,error)`
`130`	`130`	`HealthcheckTimeout time.Duration`
`@@ -297,7 +297,7 @@ func New(options Options) API {`
`297`	`297`	`Authorizer:options.Authorizer,`
`298`	`298`	`Logger:options.Logger,`
`299`	`299`	`},`
`300`		`-WorkspaceAppsProvider:workspaceapps.New(`
	`300`	`+WorkspaceAppsProvider:workspaceapps.NewDBTokenProvider(`
`301`	`301`	`options.Logger.Named("workspaceapps"),`
`302`	`302`	`options.AccessURL,`
`303`	`303`	`options.Authorizer,`
`@@ -642,7 +642,7 @@ func New(options Options) API {`
`642`	`642`	`r.Post("/metadata/{key}",api.workspaceAgentPostMetadata)`
`643`	`643`	`})`
`644`	`644`	`// No middleware on the PTY endpoint since it uses workspace`
`645`		`-// application auth andtickets.`
	`645`	`+// application auth andsigned app tokens.`
`646`	`646`	`r.Get("/{workspaceagent}/pty",api.workspaceAgentPTY)`
`647`	`647`	`r.Route("/{workspaceagent}",func(r chi.Router) {`
`648`	`648`	`r.Use(`
`@@ -788,7 +788,7 @@ type API struct {`
`788`	`788`	`metricsCache*metricscache.Cache`
`789`	`789`	`workspaceAgentCache*wsconncache.Cache`
`790`	`790`	`updateChecker*updatecheck.Checker`
`791`		`-WorkspaceAppsProvider*workspaceapps.Provider`
	`791`	`+WorkspaceAppsProvider workspaceapps.SignedTokenProvider`
`792`	`792`
`793`	`793`	`// Experiments contains the list of experiments currently enabled.`
`794`	`794`	`// This is used to gate features that are not yet ready for production.`

`‎coderd/coderdtest/coderdtest.go‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -80,7 +80,7 @@ import (`
`80`	`80`	`"github.com/coder/coder/testutil"`
`81`	`81`	`)`
`82`	`82`
`83`		`-// AppSigningKey is a 64-byte key used to sign JWTs for workspace apptickets in`
	`83`	`+// AppSigningKey is a 64-byte key used to sign JWTs for workspace apptokens in`
`84`	`84`	`// tests.`
`85`	`85`	`varAppSigningKey=must(hex.DecodeString("64656164626565666465616462656566646561646265656664656164626565666465616462656566646561646265656664656164626565666465616462656566"))`
`86`	`86`

`‎coderd/httpapi/cookie.go‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ func StripCoderCookies(header string) string {`
`24`	`24`	`name==codersdk.OAuth2StateCookie\|\|`
`25`	`25`	`name==codersdk.OAuth2RedirectCookie\|\|`
`26`	`26`	`name==codersdk.DevURLSessionTokenCookie\|\|`
`27`		`-name==codersdk.DevURLSessionTicketCookie {`
	`27`	`+name==codersdk.DevURLSignedAppTokenCookie {`
`28`	`28`	`continue`
`29`	`29`	`}`
`30`	`30`	`cookies=append(cookies,part)`

`‎coderd/workspaceagents.go‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -564,7 +564,7 @@ func (api API) workspaceAgentPTY(rw http.ResponseWriter, r http.Request) {`
`564`	`564`	`api.WebsocketWaitMutex.Unlock()`
`565`	`565`	`deferapi.WebsocketWaitGroup.Done()`
`566`	`566`
`567`		`-ticket,ok:=api.WorkspaceAppsProvider.ResolveRequest(rw,r, workspaceapps.Request{`
	`567`	`+appToken,ok:=workspaceapps.ResolveRequest(api.Logger,api.AccessURL,api.WorkspaceAppsProvider,rw,r, workspaceapps.Request{`
`568`	`568`	`AccessMethod:workspaceapps.AccessMethodTerminal,`
`569`	`569`	`BasePath:r.URL.Path,`
`570`	`570`	`AgentNameOrID:chi.URLParam(r,"workspaceagent"),`
`@@ -608,7 +608,7 @@ func (api API) workspaceAgentPTY(rw http.ResponseWriter, r http.Request) {`
`608`	`608`
`609`	`609`	`gohttpapi.Heartbeat(ctx,conn)`
`610`	`610`
`611`		`-agentConn,release,err:=api.workspaceAgentCache.Acquire(ticket.AgentID)`
	`611`	`+agentConn,release,err:=api.workspaceAgentCache.Acquire(appToken.AgentID)`
`612`	`612`	`iferr!=nil {`
`613`	`613`	`_=conn.Close(websocket.StatusInternalError,httpapi.WebsocketCloseSprintf("dial workspace agent: %s",err))`
`614`	`614`	`return`

`‎coderd/workspaceapps.go‎`

Lines changed: 9 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -124,7 +124,7 @@ func (api API) workspaceAppsProxyPath(rw http.ResponseWriter, r http.Request)`
`124`	`124`	`chiPath="/"+chiPath`
`125`	`125`	`}`
`126`	`126`
`127`		`-ticket,ok:=api.WorkspaceAppsProvider.ResolveRequest(rw,r, workspaceapps.Request{`
	`127`	`+token,ok:=workspaceapps.ResolveRequest(api.Logger,api.AccessURL,api.WorkspaceAppsProvider,rw,r, workspaceapps.Request{`
`128`	`128`	`AccessMethod:workspaceapps.AccessMethodPath,`
`129`	`129`	`BasePath:basePath,`
`130`	`130`	`UsernameOrID:chi.URLParam(r,"user"),`
`@@ -137,7 +137,7 @@ func (api API) workspaceAppsProxyPath(rw http.ResponseWriter, r http.Request)`
`137`	`137`	`return`
`138`	`138`	`}`
`139`	`139`
`140`		`-api.proxyWorkspaceApplication(rw,r,*ticket,chiPath)`
	`140`	`+api.proxyWorkspaceApplication(rw,r,*token,chiPath)`
`141`	`141`	`}`
`142`	`142`
`143`	`143`	`// handleSubdomainApplications handles subdomain-based application proxy`
`@@ -247,7 +247,7 @@ func (api *API) handleSubdomainApplications(middlewares ...func(http.Handler) ht`
`247`	`247`	`return`
`248`	`248`	`}`
`249`	`249`
`250`		`-ticket,ok:=api.WorkspaceAppsProvider.ResolveRequest(rw,r, workspaceapps.Request{`
	`250`	`+token,ok:=workspaceapps.ResolveRequest(api.Logger,api.AccessURL,api.WorkspaceAppsProvider,rw,r, workspaceapps.Request{`
`251`	`251`	`AccessMethod:workspaceapps.AccessMethodSubdomain,`
`252`	`252`	`BasePath:"/",`
`253`	`253`	`UsernameOrID:app.Username,`
`@@ -263,7 +263,7 @@ func (api *API) handleSubdomainApplications(middlewares ...func(http.Handler) ht`
`263`	`263`	`// app.`
`264`	`264`	`mws:=chi.Middlewares(middlewares)`
`265`	`265`	`mws.Handler(http.HandlerFunc(func(rw http.ResponseWriter,r*http.Request) {`
`266`		`-api.proxyWorkspaceApplication(rw,r,*ticket,r.URL.Path)`
	`266`	`+api.proxyWorkspaceApplication(rw,r,*token,r.URL.Path)`
`267`	`267`	`})).ServeHTTP(rw,r.WithContext(ctx))`
`268`	`268`	`})`
`269`	`269`	`}`
`@@ -561,7 +561,7 @@ func (api API) setWorkspaceAppCookie(rw http.ResponseWriter, r http.Request, t`
`561`	`561`	`returntrue`
`562`	`562`	`}`
`563`	`563`
`564`		`-func (apiAPI)proxyWorkspaceApplication(rw http.ResponseWriter,rhttp.Request,ticket workspaceapps.Ticket,pathstring) {`
	`564`	`+func (apiAPI)proxyWorkspaceApplication(rw http.ResponseWriter,rhttp.Request,appToken workspaceapps.SignedToken,pathstring) {`
`565`	`565`	`ctx:=r.Context()`
`566`	`566`
`567`	`567`	`// Filter IP headers from untrusted origins.`
`@@ -573,12 +573,12 @@ func (api API) proxyWorkspaceApplication(rw http.ResponseWriter, r http.Reques`
`573`	`573`	`return`
`574`	`574`	`}`
`575`	`575`
`576`		`-appURL,err:=url.Parse(ticket.AppURL)`
	`576`	`+appURL,err:=url.Parse(appToken.AppURL)`
`577`	`577`	`iferr!=nil {`
`578`	`578`	`site.RenderStaticErrorPage(rw,r, site.ErrorPageData{`
`579`	`579`	`Status:http.StatusBadRequest,`
`580`	`580`	`Title:"Bad Request",`
`581`		`-Description:fmt.Sprintf("Application has an invalid URL %q: %s",ticket.AppURL,err.Error()),`
	`581`	`+Description:fmt.Sprintf("Application has an invalid URL %q: %s",appToken.AppURL,err.Error()),`
`582`	`582`	`RetryEnabled:true,`
`583`	`583`	`DashboardURL:api.AccessURL.String(),`
`584`	`584`	`})`
`@@ -592,7 +592,7 @@ func (api API) proxyWorkspaceApplication(rw http.ResponseWriter, r http.Reques`
`592`	`592`	`portInt,err:=strconv.Atoi(port)`
`593`	`593`	`iferr!=nil {`
`594`	`594`	`httpapi.Write(ctx,rw,http.StatusBadRequest, codersdk.Response{`
`595`		`-Message:fmt.Sprintf("App URL %q has an invalid port %q.",ticket.AppURL,port),`
	`595`	`+Message:fmt.Sprintf("App URL %q has an invalid port %q.",appToken.AppURL,port),`
`596`	`596`	`Detail:err.Error(),`
`597`	`597`	`})`
`598`	`598`	`return`
`@@ -639,7 +639,7 @@ func (api API) proxyWorkspaceApplication(rw http.ResponseWriter, r http.Reques`
`639`	`639`	`})`
`640`	`640`	`}`
`641`	`641`
`642`		`-conn,release,err:=api.workspaceAgentCache.Acquire(ticket.AgentID)`
	`642`	`+conn,release,err:=api.workspaceAgentCache.Acquire(appToken.AgentID)`
`643`	`643`	`iferr!=nil {`
`644`	`644`	`site.RenderStaticErrorPage(rw,r, site.ErrorPageData{`
`645`	`645`	`Status:http.StatusBadGateway,`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit34593e3

File tree

16 files changed

16 files changed

`‎coderd/coderd.go‎`

`‎coderd/coderdtest/coderdtest.go‎`

`‎coderd/httpapi/cookie.go‎`

`‎coderd/workspaceagents.go‎`

`‎coderd/workspaceapps.go‎`

0 commit comments