Skip to content

Commit 934b1ff

Browse files
kylecarbskylecarbs
committed
Add basic proxy logic
1 parent 0805250 commit 934b1ff

File tree

9 files changed

+146
-4
lines changed

9 files changed

+146
-4
lines changed

.vscode/settings.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
{
22
"cSpell.words": [
3+
"apps",
34
"buildname",
45
"circbuf",
56
"cliflag",
@@ -9,7 +10,6 @@
910
"codersdk",
1011
"cronstrue",
1112
"devel",
12-
"apps",
1313
"drpc",
1414
"drpcconn",
1515
"drpcmux",
@@ -72,6 +72,7 @@
7272
"VMID",
7373
"weblinks",
7474
"webrtc",
75+
"workspaceapps",
7576
"xerrors",
7677
"xstate",
7778
"yamux"

coderd/coderd.go

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ package coderd
22

33
import (
44
"context"
5+
"crypto/cipher"
56
"crypto/x509"
67
"fmt"
78
"net/http"
@@ -47,15 +48,18 @@ type Options struct {
4748
// app. Specific routes may have their own limiters.
4849
APIRateLimit int
4950
AWSCertificates awsidentity.Certificates
51+
Authorizer rbac.Authorizer
5052
AzureCertificates x509.VerifyOptions
5153
GoogleTokenValidator *idtoken.Validator
5254
GithubOAuth2Config *GithubOAuth2Config
5355
ICEServers []webrtc.ICEServer
5456
SecureAuthCookie bool
5557
SSHKeygenAlgorithm gitsshkey.Algorithm
5658
TURNServer *turnconn.Server
57-
Authorizer rbac.Authorizer
5859
TracerProvider *sdktrace.TracerProvider
60+
// WildcardCipher is used to encrypt session tokens so that authentication
61+
// can be securely transferred to the wildcard host.
62+
WildcardCipher cipher.AEAD
5963
}
6064

6165
// New constructs a Coder API handler.
@@ -342,6 +346,8 @@ func New(options *Options) *API {
342346
})
343347
r.NotFound(site.DefaultHandler().ServeHTTP)
344348

349+
// /workspaceapps/auth
350+
345351
return api
346352
}
347353

coderd/database/databasefake/databasefake.go

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1043,6 +1043,22 @@ func (q *fakeQuerier) GetWorkspaceAgentsByResourceIDs(_ context.Context, resourc
10431043
return workspaceAgents, nil
10441044
}
10451045

1046+
func (q *fakeQuerier) GetWorkspaceAppByAgentIDAndName(ctx context.Context, arg database.GetWorkspaceAppByAgentIDAndNameParams) (database.WorkspaceApp, error) {
1047+
q.mutex.RLock()
1048+
defer q.mutex.RUnlock()
1049+
1050+
for _, app := range q.workspaceApps {
1051+
if app.AgentID != arg.AgentID {
1052+
continue
1053+
}
1054+
if app.Name != arg.Name {
1055+
continue
1056+
}
1057+
return app, nil
1058+
}
1059+
return database.WorkspaceApp{}, sql.ErrNoRows
1060+
}
1061+
10461062
func (q *fakeQuerier) GetProvisionerDaemonByID(_ context.Context, id uuid.UUID) (database.ProvisionerDaemon, error) {
10471063
q.mutex.RLock()
10481064
defer q.mutex.RUnlock()

coderd/database/querier.go

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries.sql.go

Lines changed: 25 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries/workspaceapps.sql

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,9 @@ SELECT * FROM workspace_apps WHERE agent_id = $1;
44
-- name: GetWorkspaceAppsByAgentIDs :many
55
SELECT * FROM workspace_apps WHERE agent_id = ANY(@ids :: uuid [ ]);
66

7+
-- name: GetWorkspaceAppByAgentIDAndName :one
8+
SELECT * FROM workspace_apps WHERE agent_id = $1 AND name = $2;
9+
710
-- name: InsertWorkspaceApp :one
811
INSERT INTO
912
workspace_apps (

coderd/workspaceapps.go

Lines changed: 25 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,32 @@ package coderd
22

33
import (
44
"net/http"
5+
6+
"github.com/coder/coder/coderd/database"
7+
"github.com/google/uuid"
58
)
69

7-
func (api *API) proxyPath(rw http.ResponseWriter, r *http.Request) {
10+
// workspaceAppsAuthWildcard authenticates the wildcard domain.
11+
func (api *API) workspaceAppsAuthWildcard(rw http.ResponseWriter, r *http.Request) {
12+
// r.URL.Query().Get("redirect")
13+
14+
}
15+
16+
func (api *API) workspaceAppsProxyWildcard(rw http.ResponseWriter, r *http.Request) {
17+
18+
}
819

20+
func (api *API) workspaceAppsProxyPath(rw http.ResponseWriter, r *http.Request) {
21+
conn, err := api.dialWorkspaceAgent(r, uuid.Nil)
22+
if err != nil {
23+
return
24+
}
25+
app, err := api.Database.GetWorkspaceAppByAgentIDAndName(r.Context(), database.GetWorkspaceAppByAgentIDAndNameParams{
26+
AgentID: uuid.Nil,
27+
Name: "something",
28+
})
29+
if err != nil {
30+
return
31+
}
32+
conn.DialContext(r.Context(), "tcp", "localhost:3000")
933
}

coderd/workspaceapps_test.go

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1 +1,59 @@
11
package coderd_test
2+
3+
import (
4+
"testing"
5+
6+
"cdr.dev/slog/sloggers/slogtest"
7+
"github.com/coder/coder/agent"
8+
"github.com/coder/coder/coderd/coderdtest"
9+
"github.com/coder/coder/codersdk"
10+
"github.com/coder/coder/provisioner/echo"
11+
"github.com/coder/coder/provisionersdk/proto"
12+
"github.com/google/uuid"
13+
)
14+
15+
func TestWorkspaceAppsProxyPath(t *testing.T) {
16+
t.Parallel()
17+
t.Run("Proxies", func(t *testing.T) {
18+
t.Parallel()
19+
client, coderAPI := coderdtest.NewWithAPI(t, nil)
20+
user := coderdtest.CreateFirstUser(t, client)
21+
daemonCloser := coderdtest.NewProvisionerDaemon(t, coderAPI)
22+
authToken := uuid.NewString()
23+
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, &echo.Responses{
24+
Parse: echo.ParseComplete,
25+
ProvisionDryRun: echo.ProvisionComplete,
26+
Provision: []*proto.Provision_Response{{
27+
Type: &proto.Provision_Response_Complete{
28+
Complete: &proto.Provision_Complete{
29+
Resources: []*proto.Resource{{
30+
Name: "example",
31+
Type: "aws_instance",
32+
Agents: []*proto.Agent{{
33+
Id: uuid.NewString(),
34+
Auth: &proto.Agent_Token{
35+
Token: authToken,
36+
},
37+
}},
38+
}},
39+
},
40+
},
41+
}},
42+
})
43+
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
44+
coderdtest.AwaitTemplateVersionJob(t, client, version.ID)
45+
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
46+
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
47+
daemonCloser.Close()
48+
49+
agentClient := codersdk.New(client.URL)
50+
agentClient.SessionToken = authToken
51+
agentCloser := agent.New(agentClient.ListenWorkspaceAgent, &agent.Options{
52+
Logger: slogtest.Make(t, nil),
53+
})
54+
t.Cleanup(func() {
55+
_ = agentCloser.Close()
56+
})
57+
resources := coderdtest.AwaitWorkspaceAgents(t, client, workspace.LatestBuild.ID)
58+
})
59+
}

codersdk/workspaceapps.go

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,10 @@
11
package codersdk
22

3-
import "github.com/google/uuid"
3+
import (
4+
"context"
5+
6+
"github.com/google/uuid"
7+
)
48

59
type WorkspaceApp struct {
610
ID uuid.UUID `json:"id"`
@@ -14,3 +18,7 @@ type WorkspaceApp struct {
1418
// an icon to be displayed in the dashboard.
1519
Icon string `json:"icon"`
1620
}
21+
22+
func (c *Client) ProxyWorkspaceApplication(ctx context.Context) {
23+
24+
}

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy