TUN-3581: Tunnels can be run by name using only --credentials-file, no

origin cert necessary.

connection/connection.go

@@ -22,9 +22,23 @@ type Config struct {
 }
 
 type NamedTunnelConfig struct {
-	Auth   pogs.TunnelAuth
-	ID     uuid.UUID
-	Client pogs.ClientInfo
+	Credentials Credentials
+	Client      pogs.ClientInfo
+}
+
+// Credentials are stored in the credentials file and contain all info needed to run a tunnel.
+type Credentials struct {
+	AccountTag   string
+	TunnelSecret []byte
+	TunnelID     uuid.UUID
+	TunnelName   string
+}
+
+func (c *Credentials) Auth() pogs.TunnelAuth {
+	return pogs.TunnelAuth{
+		AccountTag:   c.AccountTag,
+		TunnelSecret: c.TunnelSecret,
+	}
 }
 
 type ClassicTunnelConfig struct {

connection/protocol.go

@@ -165,7 +165,7 @@ func NewProtocolSelector(protocolFlag string, namedTunnel *NamedTunnelConfig, fe
 	if protocolFlag != autoSelectFlag {
 		return nil, fmt.Errorf("Unknown protocol %s, %s", protocolFlag, AvailableProtocolFlagMessage)
 	}
-	threshold := switchThreshold(namedTunnel.Auth.AccountTag)
+	threshold := switchThreshold(namedTunnel.Credentials.AccountTag)
 	if threshold < http2Percentage {
 		return newAutoProtocolSelector(HTTP2, threshold, fetchFunc, ttl, logger), nil
 	}

connection/protocol_test.go

@@ -6,7 +6,6 @@ import (
 	"time"
 
 	"github.com/cloudflare/cloudflared/logger"
-	"github.com/cloudflare/cloudflared/tunnelrpc/pogs"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -16,7 +15,7 @@ const (
 
 var (
 	testNamedTunnelConfig = &NamedTunnelConfig{
-		Auth: pogs.TunnelAuth{
+		Credentials: Credentials{
 			AccountTag: "testAccountTag",
 		},
 	}

connection/rpc.go

@@ -92,8 +92,8 @@ func (rsc *registrationServerClient) RegisterConnection(
 ) error {
 	conn, err := rsc.client.RegisterConnection(
 		ctx,
-		config.Auth,
-		config.ID,
+		config.Credentials.Auth(),
+		config.Credentials.TunnelID,
 		connIndex,
 		options,
 	)