refactor: upgrade tauri 2.0

apps/gpclient/Cargo.toml

@@ -1,5 +1,6 @@
 [package]
 name = "gpclient"
+rust-version.workspace = true
 authors.workspace = true
 version.workspace = true
 edition.workspace = true
@@ -9,10 +10,11 @@ license.workspace = true
 common = { path = "../../crates/common" }
 gpapi = { path = "../../crates/gpapi", features = ["clap"] }
 openconnect = { path = "../../crates/openconnect" }
+
 anyhow.workspace = true
 clap.workspace = true
 env_logger.workspace = true
-inquire = "0.6.2"
+inquire = "0.7"
 log.workspace = true
 tokio.workspace = true
 sysinfo.workspace = true
@@ -22,3 +24,7 @@ tempfile.workspace = true
 reqwest.workspace = true
 directories = "5.0"
 compile-time.workspace = true
+
+[features]
+default = ["webview-auth"]
+webview-auth = ["gpapi/webview-auth"]

apps/gpclient/src/cli.rs

@@ -1,7 +1,10 @@
 use std::{env::temp_dir, fs::File};
 
 use clap::{Parser, Subcommand};
-use gpapi::utils::openssl;
+use gpapi::{
+  clap::{handle_error, Args},
+  utils::openssl,
+};
 use log::{info, LevelFilter};
 use tempfile::NamedTempFile;
 
@@ -50,12 +53,25 @@ struct Cli {
   #[command(subcommand)]
   command: CliCommand,
 
-  #[arg(long, help = "Uses extended compatibility mode for OpenSSL operations to support a broader range of systems and formats.")]
+  #[arg(
+    long,
+    help = "Uses extended compatibility mode for OpenSSL operations to support a broader range of systems and formats."
+  )]
   fix_openssl: bool,
   #[arg(long, help = "Ignore the TLS errors")]
   ignore_tls_errors: bool,
 }
 
+impl Args for Cli {
+  fn fix_openssl(&self) -> bool {
+    self.fix_openssl
+  }
+
+  fn ignore_tls_errors(&self) -> bool {
+    self.ignore_tls_errors
+  }
+}
+
 impl Cli {
   fn fix_openssl(&self) -> anyhow::Result<Option<NamedTempFile>> {
     if self.fix_openssl {
@@ -113,24 +129,7 @@ pub(crate) async fn run() {
   info!("gpclient started: {}", VERSION);
 
   if let Err(err) = cli.run().await {
-    eprintln!("\nError: {}", err);
-
-    let err = err.to_string();
-
-    if err.contains("unsafe legacy renegotiation") && !cli.fix_openssl {
-      eprintln!("\nRe-run it with the `--fix-openssl` option to work around this issue, e.g.:\n");
-      // Print the command
-      let args = std::env::args().collect::<Vec<_>>();
-      eprintln!("{} --fix-openssl {}\n", args[0], args[1..].join(" "));
-    }
-
-    if err.contains("certificate verify failed") && !cli.ignore_tls_errors {
-      eprintln!("\nRe-run it with the `--ignore-tls-errors` option to ignore the certificate error, e.g.:\n");
-      // Print the command
-      let args = std::env::args().collect::<Vec<_>>();
-      eprintln!("{} --ignore-tls-errors {}\n", args[0], args[1..].join(" "));
-    }
-
+    handle_error(err, &cli);
     std::process::exit(1);
   }
 }

apps/gpclient/src/connect.rs

@@ -93,12 +93,15 @@ pub(crate) struct ConnectArgs {
   #[arg(long, help = "Disable DTLS and ESP")]
   no_dtls: bool,
 
+  #[cfg(feature = "webview-auth")]
   #[arg(long, help = "The HiDPI mode, useful for high-resolution screens")]
   hidpi: bool,
 
+  #[cfg(feature = "webview-auth")]
   #[arg(long, help = "Do not reuse the remembered authentication cookie")]
   clean: bool,
 
+  #[cfg(feature = "webview-auth")]
   #[arg(long, help = "Use the default browser to authenticate")]
   default_browser: bool,
 
@@ -151,6 +154,7 @@ impl<'a> ConnectHandler<'a> {
   }
 
   pub(crate) async fn handle(&self) -> anyhow::Result<()> {
+    #[cfg(feature = "webview-auth")]
     if self.args.default_browser && self.args.browser.is_some() {
       bail!("Cannot use `--default-browser` and `--browser` options at the same time");
     }
@@ -343,28 +347,34 @@ impl<'a> ConnectHandler<'a> {
 
     match prelogin {
       Prelogin::Saml(prelogin) => {
-        let use_default_browser = prelogin.support_default_browser() && self.args.default_browser;
         let browser = if prelogin.support_default_browser() {
           self.args.browser.as_deref()
+        } else if !cfg!(feature = "webview-auth") {
+          bail!("The server does not support authentication via the default browser and the gpclient is not built with the `webview-auth` feature");
         } else {
           None
         };
 
-        let cred = SamlAuthLauncher::new(&self.args.server)
+        let os_version = self.args.os_version();
+        let auth_launcher = SamlAuthLauncher::new(&self.args.server)
           .gateway(is_gateway)
           .saml_request(prelogin.saml_request())
           .user_agent(&self.args.user_agent)
           .os(self.args.os.as_str())
-          .os_version(Some(&self.args.os_version()))
-          .hidpi(self.args.hidpi)
+          .os_version(Some(&os_version))
           .fix_openssl(self.shared_args.fix_openssl)
           .ignore_tls_errors(self.shared_args.ignore_tls_errors)
-          .clean(self.args.clean)
-          .default_browser(use_default_browser)
-          .browser(browser)
-          .launch()
-          .await?;
+          .browser(browser);
 
+        #[cfg(feature = "webview-auth")]
+        let use_default_browser = prelogin.support_default_browser() && self.args.default_browser;
+        #[cfg(feature = "webview-auth")]
+        let auth_launcher = auth_launcher
+          .hidpi(self.args.hidpi)
+          .clean(self.args.clean)
+          .default_browser(use_default_browser);
+
+        let cred = auth_launcher.launch().await?;
         Ok(cred)
       }
 

apps/gpclient/src/disconnect.rs

@@ -1,7 +1,7 @@
 use crate::GP_CLIENT_LOCK_FILE;
 use log::{info, warn};
 use std::fs;
-use sysinfo::{Pid, ProcessExt, Signal, System, SystemExt};
+use sysinfo::{Pid, Signal, System};
 
 pub(crate) struct DisconnectHandler;
 

apps/gpclient/src/launch_gui.rs

@@ -4,7 +4,8 @@ use clap::Args;
 use directories::ProjectDirs;
 use gpapi::{
   process::service_launcher::ServiceLauncher,
-  utils::{endpoint::http_endpoint, env_file, shutdown_signal},
+  utils::{endpoint::http_endpoint, env_utils, shutdown_signal},
+  GP_CALLBACK_PORT_FILENAME,
 };
 use log::info;
 use tokio::io::AsyncWriteExt;
@@ -62,7 +63,7 @@ impl<'a> LaunchGuiHandler<'a> {
     extra_envs.insert("GP_LOG_FILE".into(), log_file_path.clone());
 
     // Persist the environment variables to a file
-    let env_file = env_file::persist_env_vars(Some(extra_envs))?;
+    let env_file = env_utils::persist_env_vars(Some(extra_envs))?;
     let env_file = env_file.into_temp_path();
     let env_file_path = env_file.to_string_lossy().to_string();
 
@@ -80,42 +81,17 @@ impl<'a> LaunchGuiHandler<'a> {
 }
 
 async fn feed_auth_data(auth_data: &str) -> anyhow::Result<()> {
-  let (res_gui, res_cli) = tokio::join!(feed_auth_data_gui(auth_data), feed_auth_data_cli(auth_data));
-  if let Err(err) = res_gui {
-    info!("Failed to feed auth data to the GUI: {}", err);
-  }
-
-  if let Err(err) = res_cli {
+  if let Err(err) = feed_auth_data_cli(auth_data).await {
     info!("Failed to feed auth data to the CLI: {}", err);
   }
 
-  // Cleanup the temporary file
-  let html_file = temp_dir().join("gpauth.html");
-  if let Err(err) = std::fs::remove_file(&html_file) {
-    info!("Failed to remove {}: {}", html_file.display(), err);
-  }
-
-  Ok(())
-}
-
-async fn feed_auth_data_gui(auth_data: &str) -> anyhow::Result<()> {
-  info!("Feeding auth data to the GUI");
-  let service_endpoint = http_endpoint().await?;
-
-  reqwest::Client::default()
-    .post(format!("{}/auth-data", service_endpoint))
-    .body(auth_data.to_string())
-    .send()
-    .await?
-    .error_for_status()?;
-
   Ok(())
 }
 
 async fn feed_auth_data_cli(auth_data: &str) -> anyhow::Result<()> {
   info!("Feeding auth data to the CLI");
 
-  let port_file = temp_dir().join("gpcallback.port");
+  let port_file = temp_dir().join(GP_CALLBACK_PORT_FILENAME);
   let port = tokio::fs::read_to_string(port_file).await?;
   let mut stream = tokio::net::TcpStream::connect(format!("127.0.0.1:{}", port.trim())).await?;