Merge pull request #2597 from jarhodes314/2591-refactor-the-c8y-remot…

…e-access-plugin-to-use-the-c8y-auth-proxy

Refactor the c8y remote access plugin to use the c8y auth proxy

Cargo.toml

@@ -166,6 +166,7 @@ thiserror = "1.0"
 time = "0.3"
 tokio = { version = "1.23", default-features = false }
 tokio-rustls = "0.24.1"
+tokio-tungstenite = { version = "0.20.0" }
 tokio-util = { version = "0.7", features = ["codec"] }
 toml = "0.7"
 tower = "0.4"

crates/extensions/c8y_auth_proxy/Cargo.toml

@@ -11,7 +11,7 @@ repository = { workspace = true }
 
 [dependencies]
 anyhow = { workspace = true }
-axum = { workspace = true, features = ["macros"] }
+axum = { workspace = true, features = ["macros", "ws", "headers"] }
 axum-server = { workspace = true }
 axum_tls = { workspace = true }
 c8y_http_proxy = { workspace = true }
@@ -29,13 +29,15 @@ tokio = { workspace = true, features = [
     "process",
     "io-util",
 ] }
+tokio-tungstenite = { workspace = true, features = ["rustls-tls-native-roots"] }
 tracing = { workspace = true }
 url = { workspace = true }
 
 [dev-dependencies]
 env_logger = { workspace = true }
 mockito = { workspace = true }
 rcgen = { workspace = true }
+rustls = { workspace = true, features = ["dangerous_configuration"] }
 tedge_http_ext = { workspace = true, features = ["test_helpers"] }
 
 [lints]

crates/extensions/c8y_auth_proxy/src/actor.rs

@@ -19,14 +19,14 @@ use tedge_config::TEdgeConfig;
 use tedge_config_macros::OptionalConfig;
 use tracing::info;
 
-use crate::server::AppState;
+use crate::server::AppData;
 use crate::server::Server;
 use crate::tokens::TokenManager;
 
 type BoxError = Box<dyn std::error::Error + Send + Sync + 'static>;
 
 pub struct C8yAuthProxyBuilder {
-    app_state: AppState,
+    app_data: AppData,
     bind_address: IpAddr,
     bind_port: u16,
     signal_sender: mpsc::Sender<RuntimeRequest>,
@@ -41,8 +41,9 @@ impl C8yAuthProxyBuilder {
         config: &TEdgeConfig,
         jwt: &mut ServerActorBuilder<C8YJwtRetriever, Sequential>,
     ) -> anyhow::Result<Self> {
-        let app_state = AppState {
-            target_host: format!("https://{}", config.c8y.http.or_config_not_set()?).into(),
+        let app_data = AppData {
+            is_https: true,
+            host: config.c8y.http.or_config_not_set()?.to_string(),
             token_manager: TokenManager::new(JwtRetriever::new("C8Y-PROXY => JWT", jwt)).shared(),
         };
         let bind = &config.c8y.proxy.bind;
@@ -52,7 +53,7 @@ impl C8yAuthProxyBuilder {
         let ca_path = config.c8y.proxy.ca_path.clone();
 
         Ok(Self {
-            app_state,
+            app_data,
             bind_address: bind.address,
             bind_port: bind.port,
             signal_sender,
@@ -69,7 +70,7 @@ impl Builder<C8yAuthProxy> for C8yAuthProxyBuilder {
 
     fn try_build(self) -> Result<C8yAuthProxy, Self::Error> {
         Ok(C8yAuthProxy {
-            app_state: self.app_state,
+            app_data: self.app_data,
             bind_address: self.bind_address,
             bind_port: self.bind_port,
             signal_receiver: self.signal_receiver,
@@ -87,7 +88,7 @@ impl RuntimeRequestSink for C8yAuthProxyBuilder {
 }
 
 pub struct C8yAuthProxy {
-    app_state: AppState,
+    app_data: AppData,
     bind_address: IpAddr,
     bind_port: u16,
     signal_receiver: mpsc::Receiver<RuntimeRequest>,
@@ -104,7 +105,7 @@ impl Actor for C8yAuthProxy {
 
     async fn run(mut self) -> Result<(), RuntimeError> {
         let server = Server::try_init(
-            self.app_state,
+            self.app_data,
             self.bind_address,
             self.bind_port,
             self.cert_path,