remoting (#9680)

This PR provides some of the plumbing needed for a "remote" zed instance. The way this will work is: * From zed on your laptop you'll be able to manage a set of dev servers, each of which is identified by a token. * You'll run `zed --dev-server-token XXXX` to boot a remotable dev server. * From the zed on your laptop you'll be able to open directories and work on the projects on the remote server (exactly like collaboration works today). For now all this PR does is provide the ability for a zed instance to sign in using a "dev server token". The next steps will be: * Adding support to the collaboration protocol to instruct a dev server to "open" a directory and share it into a channel. * Adding UI to manage these servers and tokens (manually for now) Related #5347 Release Notes: - N/A --------- Co-authored-by: Nathan <nathan@zed.dev>
2024-03-22 08:44:56 -06:00 · 2024-03-22 08:44:56 -06:00 · cb4f868815
commit cb4f868815
parent f56707e076
19 changed files with 582 additions and 296 deletions
--- a/crates/client/src/client.rs
+++ b/crates/client/src/client.rs
@ -27,8 +27,8 @@ use release_channel::{AppVersion, ReleaseChannel};
 use rpc::proto::{AnyTypedEnvelope, EntityMessage, EnvelopedMessage, PeerId, RequestMessage};
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
-
 use settings::{Settings, SettingsStore};
+use std::fmt;
 use std::{
    any::TypeId,
    convert::TryFrom,
@ -52,6 +52,15 @@ pub use rpc::*;
 pub use telemetry_events::Event;
 pub use user::*;

+#[derive(Debug, Clone, Eq, PartialEq)]
+pub struct DevServerToken(pub String);
+
+impl fmt::Display for DevServerToken {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        write!(f, "{}", self.0)
+    }
+}
+
 lazy_static! {
    static ref ZED_SERVER_URL: Option<String> = std::env::var("ZED_SERVER_URL").ok();
    static ref ZED_RPC_URL: Option<String> = std::env::var("ZED_RPC_URL").ok();
@ -277,10 +286,22 @@ enum WeakSubscriber {
    Pending(Vec<Box<dyn AnyTypedEnvelope>>),
 }

-#[derive(Clone, Debug)]
-pub struct Credentials {
-    pub user_id: u64,
-    pub access_token: String,
+#[derive(Clone, Debug, Eq, PartialEq)]
+pub enum Credentials {
+    DevServer { token: DevServerToken },
+    User { user_id: u64, access_token: String },
+}
+
+impl Credentials {
+    pub fn authorization_header(&self) -> String {
+        match self {
+            Credentials::DevServer { token } => format!("dev-server-token {}", token),
+            Credentials::User {
+                user_id,
+                access_token,
+            } => format!("{} {}", user_id, access_token),
+        }
+    }
 }

 impl Default for ClientState {
@ -497,11 +518,11 @@ impl Client {
    }

    pub fn user_id(&self) -> Option<u64> {
-        self.state
-            .read()
-            .credentials
-            .as_ref()
-            .map(|credentials| credentials.user_id)
+        if let Some(Credentials::User { user_id, .. }) = self.state.read().credentials.as_ref() {
+            Some(*user_id)
+        } else {
+            None
+        }
    }

    pub fn peer_id(&self) -> Option<PeerId> {
@ -746,6 +767,10 @@ impl Client {
        read_credentials_from_keychain(cx).await.is_some()
    }

+    pub fn set_dev_server_token(&self, token: DevServerToken) {
+        self.state.write().credentials = Some(Credentials::DevServer { token });
+    }
+
    #[async_recursion(?Send)]
    pub async fn authenticate_and_connect(
        self: &Arc<Self>,
@ -796,7 +821,9 @@ impl Client {
            }
        }
        let credentials = credentials.unwrap();
-        self.set_id(credentials.user_id);
+        if let Credentials::User { user_id, .. } = &credentials {
+            self.set_id(*user_id);
+        }

        if was_disconnected {
            self.set_status(Status::Connecting, cx);
@ -812,7 +839,9 @@ impl Client {
                    Ok(conn) => {
                        self.state.write().credentials = Some(credentials.clone());
                        if !read_from_keychain && IMPERSONATE_LOGIN.is_none() {
-                            write_credentials_to_keychain(credentials, cx).await.log_err();
+                            if let Credentials::User{user_id, access_token} = credentials {
+                                write_credentials_to_keychain(user_id, access_token, cx).await.log_err();
+                            }
                        }

                        futures::select_biased! {
@ -1020,10 +1049,7 @@ impl Client {
            .unwrap_or_default();

        let request = Request::builder()
-            .header(
-                "Authorization",
-                format!("{} {}", credentials.user_id, credentials.access_token),
-            )
+            .header("Authorization", credentials.authorization_header())
            .header("x-zed-protocol-version", rpc::PROTOCOL_VERSION)
            .header("x-zed-app-version", app_version)
            .header(
@ -1176,7 +1202,7 @@ impl Client {
                        .decrypt_string(&access_token)
                        .context("failed to decrypt access token")?;

-                    Ok(Credentials {
+                    Ok(Credentials::User {
                        user_id: user_id.parse()?,
                        access_token,
                    })
@ -1226,7 +1252,7 @@ impl Client {

        // Use the admin API token to authenticate as the impersonated user.
        api_token.insert_str(0, "ADMIN_TOKEN:");
-        Ok(Credentials {
+        Ok(Credentials::User {
            user_id: response.user.id,
            access_token: api_token,
        })
@ -1439,21 +1465,22 @@ async fn read_credentials_from_keychain(cx: &AsyncAppContext) -> Option<Credenti
        .await
        .log_err()??;

-    Some(Credentials {
+    Some(Credentials::User {
        user_id: user_id.parse().ok()?,
        access_token: String::from_utf8(access_token).ok()?,
    })
 }

 async fn write_credentials_to_keychain(
-    credentials: Credentials,
+    user_id: u64,
+    access_token: String,
    cx: &AsyncAppContext,
 ) -> Result<()> {
    cx.update(move |cx| {
        cx.write_credentials(
            &ClientSettings::get_global(cx).server_url,
-            &credentials.user_id.to_string(),
-            credentials.access_token.as_bytes(),
+            &user_id.to_string(),
+            access_token.as_bytes(),
        )
    })?
    .await
@ -1558,7 +1585,7 @@ mod tests {
        // Time out when client tries to connect.
        client.override_authenticate(move |cx| {
            cx.background_executor().spawn(async move {
-                Ok(Credentials {
+                Ok(Credentials::User {
                    user_id,
                    access_token: "token".into(),
                })
--- a/crates/client/src/test.rs
+++ b/crates/client/src/test.rs
@ -48,7 +48,7 @@ impl FakeServer {
                        let mut state = state.lock();
                        state.auth_count += 1;
                        let access_token = state.access_token.to_string();
-                        Ok(Credentials {
+                        Ok(Credentials::User {
                            user_id: client_user_id,
                            access_token,
                        })
@ -71,9 +71,12 @@ impl FakeServer {
                            )))?
                        }

-                        assert_eq!(credentials.user_id, client_user_id);
-
-                        if credentials.access_token != state.lock().access_token.to_string() {
+                        if credentials
+                            != (Credentials::User {
+                                user_id: client_user_id,
+                                access_token: state.lock().access_token.to_string(),
+                            })
+                        {
                            Err(EstablishConnectionError::Unauthorized)?
                        }