Get cluster frame to work

Signed-off-by: Sebastian Malton <sebastian@malton.name>

src/common/cluster/cluster.ts

@@ -469,13 +469,11 @@ export class Cluster implements ClusterModel {
      const canI = this.dependencies.createAuthorizationReview(proxyConfig);
      const requestNamespaceListPermissions = this.dependencies.requestNamespaceListPermissionsFor(proxyConfig);
 
-     console.log("before this.isAdmin");
      this.isAdmin = await canI({
        namespace: "kube-system",
        resource: "*",
        verb: "create",
      });
-     console.log("finished this.isAdmin");
      this.isGlobalWatchEnabled = await canI({
        verb: "watch",
        resource: "*",
@@ -528,7 +526,6 @@ export class Cluster implements ClusterModel {
 
       return ClusterStatus.AccessGranted;
     } catch (error) {
-      console.error(error);
       this.dependencies.logger.error(`[CLUSTER]: Failed to connect to "${this.contextName}": ${error}`);
 
       if (isRequestError(error)) {

src/common/cluster/create-authorization-review.injectable.ts

@@ -40,7 +40,7 @@ const createAuthorizationReviewInjectable = getInjectable({
 
           return body.status?.allowed ?? false;
         } catch (error) {
-          logger.error(`[AUTHORIZATION-REVIEW]: failed to create access review: ${error}`, { resourceAttributes });
+          logger.error(`[AUTHORIZATION-REVIEW]: failed to create access review`, { resourceAttributes }, error);
 
           return false;
         }

src/common/cluster/make-api-client.injectable.ts

@@ -25,7 +25,7 @@ const makeApiClientInjectable = getInjectable({
 
       api.addInterceptor((opts) => {
         opts.headers ??= {};
-        opts.headers[lensAuthenticationHeader] = lensAuthenticationHeaderValue;
+        opts.headers[lensAuthenticationHeader] = `Bearer ${lensAuthenticationHeaderValue}`;
       });
 
       return api;

src/common/fetch/lens-authed-fetch.injectable.ts

@@ -3,10 +3,9 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import { Agent } from "https";
 import type { RequestInit, Response } from "node-fetch";
+import lensAuthenticatedAgentInjectable from "../../features/lens-proxy/common/lens-auth-agent.injectable";
 import { lensAuthenticationHeaderValueInjectionToken } from "../auth/header-value";
-import { lensProxyCertificateInjectionToken } from "../certificate/token";
 import { lensAuthenticationHeader } from "../vars/auth-header";
 import fetchModuleInjectable from "./fetch-module.injectable";
 import fetchInjectable from "./fetch.injectable";
@@ -23,7 +22,7 @@ const lensAuthenticatedFetchInjectable = getInjectable({
   id: "lens-authenticated-fetch",
   instantiate: (di): AuthenticatedFetch => {
     const authHeaderValue = di.inject(lensAuthenticationHeaderValueInjectionToken);
-    const lensProxyCertificate = di.inject(lensProxyCertificateInjectionToken);
+    const lensAuthenticatedAgent = di.inject(lensAuthenticatedAgentInjectable);
     const fetch = di.inject(fetchInjectable);
     const { Headers } = di.inject(fetchModuleInjectable);
 
@@ -33,16 +32,13 @@ const lensAuthenticatedFetchInjectable = getInjectable({
         ...rest
       } = init ?? {};
       const headers = new Headers(headersInit);
-      const agent = new Agent({
-        ca: lensProxyCertificate.cert,
-      });
 
-      headers.set(lensAuthenticationHeader, authHeaderValue);
+      headers.set(lensAuthenticationHeader, `Bearer ${authHeaderValue}`);
 
       return fetch(url, {
         headers,
         ...rest,
-        agent,
+        agent: lensAuthenticatedAgent,
       });
     };
   },

src/common/k8s-api/api-base-configs.ts

@@ -1,14 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import { getInjectionToken } from "@ogre-tools/injectable";
-
-export const apiBaseServerAddressInjectionToken = getInjectionToken<string>({
-  id: "api-base-config-server-address-token",
-});
-
-export const apiBaseHostHeaderInjectionToken = getInjectionToken<string>({
-  id: "api-base-host-header-token",
-});

src/common/k8s-api/api-base.injectable.ts

@@ -4,12 +4,14 @@
  */
 import { getInjectable } from "@ogre-tools/injectable";
 import { lensAuthenticationHeaderValueInjectionToken } from "../auth/header-value";
+import lensProxyPortInjectable from "../../features/lens-proxy/common/port.injectable";
 import { apiPrefix } from "../vars";
-import { lensAuthenticationHeader } from "../vars/auth-header";
+import { lensAuthenticationHeader, lensClusterIdHeader } from "../vars/auth-header";
 import isDebuggingInjectable from "../vars/is-debugging.injectable";
 import isDevelopmentInjectable from "../vars/is-development.injectable";
-import { apiBaseHostHeaderInjectionToken, apiBaseServerAddressInjectionToken } from "./api-base-configs";
 import createJsonApiInjectable from "./create-json-api.injectable";
+import lensAuthenticatedAgentInjectable from "../../features/lens-proxy/common/lens-auth-agent.injectable";
+import { currentClusterIdInjectionToken } from "../../features/cluster/cluster-id/common/current-token";
 
 const apiBaseInjectable = getInjectable({
   id: "api-base",
@@ -17,19 +19,26 @@ const apiBaseInjectable = getInjectable({
     const createJsonApi = di.inject(createJsonApiInjectable);
     const isDebugging = di.inject(isDebuggingInjectable);
     const isDevelopment = di.inject(isDevelopmentInjectable);
-    const serverAddress = di.inject(apiBaseServerAddressInjectionToken);
-    const hostHeaderValue = di.inject(apiBaseHostHeaderInjectionToken);
+    const lensProxyPort = di.inject(lensProxyPortInjectable);
     const lensAuthenticationHeaderValue = di.inject(lensAuthenticationHeaderValueInjectionToken);
+    const lensAuthenticatedAgent = di.inject(lensAuthenticatedAgentInjectable);
+    const currentClusterId = di.inject(currentClusterIdInjectionToken);
+
+    const headers = new Headers();
+
+    headers.set(lensAuthenticationHeader, `Bearer ${lensAuthenticationHeaderValue}`);
+
+    if (currentClusterId) {
+      headers.set(lensClusterIdHeader, currentClusterId);
+    }
 
     return createJsonApi({
-      serverAddress,
+      serverAddress: `https://127.0.0.1:${lensProxyPort.get()}`,
       apiBase: apiPrefix,
       debug: isDevelopment || isDebugging,
     }, {
-      headers: {
-        "Host": hostHeaderValue,
-        [lensAuthenticationHeader]: lensAuthenticationHeaderValue,
-      },
+      headers,
+      agent: lensAuthenticatedAgent,
     });
   },
 });

src/common/k8s-api/create-kube-json-api-for-cluster.injectable.ts

@@ -3,10 +3,11 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
+import lensProxyPortInjectable from "../../features/lens-proxy/common/port.injectable";
+import { lensAuthenticationHeaderValueInjectionToken } from "../auth/header-value";
 import { apiKubePrefix } from "../vars";
-import { lensClusterIdHeader } from "../vars/auth-header";
+import { lensAuthenticationHeader, lensClusterIdHeader } from "../vars/auth-header";
 import isDebuggingInjectable from "../vars/is-debugging.injectable";
-import { apiBaseServerAddressInjectionToken } from "./api-base-configs";
 import createKubeJsonApiInjectable from "./create-kube-json-api.injectable";
 import type { KubeJsonApi } from "./kube-json-api";
 
@@ -17,15 +18,18 @@ const createKubeJsonApiForClusterInjectable = getInjectable({
   instantiate: (di): CreateKubeJsonApiForCluster => {
     const createKubeJsonApi = di.inject(createKubeJsonApiInjectable);
     const isDebugging = di.inject(isDebuggingInjectable);
+    const lensProxyPort = di.inject(lensProxyPortInjectable);
+    const lensAuthenticationHeaderValue = di.inject(lensAuthenticationHeaderValueInjectionToken);
 
     return (clusterId) => createKubeJsonApi(
       {
-        serverAddress: di.inject(apiBaseServerAddressInjectionToken),
+        serverAddress: `https://127.0.0.1:${lensProxyPort.get()}`,
         apiBase: apiKubePrefix,
         debug: isDebugging,
       },
       {
         headers: {
+          [lensAuthenticationHeader]: `Bearer ${lensAuthenticationHeaderValue}`,
           [lensClusterIdHeader]: clusterId,
         },
       },

src/common/k8s-api/window-location.global-override-for-injectable.ts

@@ -1,12 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-
-import { getGlobalOverride } from "../test-utils/get-global-override";
-import windowLocationInjectable from "./window-location.injectable";
-
-export default getGlobalOverride(windowLocationInjectable, () => ({
-  host: "localhost",
-  port: "12345",
-}));

src/common/k8s-api/window-location.injectable.ts

@@ -1,17 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-import { getInjectable } from "@ogre-tools/injectable";
-
-const windowLocationInjectable = getInjectable({
-  id: "window-location",
-  instantiate: () => {
-    const { host, port } = window.location;
-
-    return { host, port };
-  },
-  causesSideEffects: true,
-});
-
-export default windowLocationInjectable;

src/common/utils/request-app-version.injectable.ts

@@ -3,7 +3,7 @@
  * Licensed under MIT License. See LICENSE in root directory for more information.
  */
 import { getInjectable } from "@ogre-tools/injectable";
-import lensProxyPortInjectable from "../../main/lens-proxy/lens-proxy-port.injectable";
+import lensProxyPortInjectable from "../../features/lens-proxy/common/port.injectable";
 import lensAuthenticatedFetchInjectable from "../fetch/lens-authed-fetch.injectable";
 
 const requestAppVersionInjectable = getInjectable({

src/features/cluster/cluster-id/common/current-token.ts

@@ -0,0 +1,11 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+
+import { getInjectionToken } from "@ogre-tools/injectable";
+import type { ClusterId } from "../../../../common/cluster-types";
+
+export const currentClusterIdInjectionToken = getInjectionToken<ClusterId | undefined>({
+  id: "current-cluster-id-token",
+});

src/features/cluster/cluster-id/main/current.injectable.ts

@@ -0,0 +1,14 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+import { getInjectable } from "@ogre-tools/injectable";
+import { currentClusterIdInjectionToken } from "../common/current-token";
+
+const currentClusterIdInjectable = getInjectable({
+  id: "current-cluster-id",
+  instantiate: () => undefined,
+  injectionToken: currentClusterIdInjectionToken,
+});
+
+export default currentClusterIdInjectable;

src/features/cluster/cluster-id/renderer/current.injectable.ts

@@ -0,0 +1,15 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+import { getInjectable } from "@ogre-tools/injectable";
+import hostedClusterIdInjectable from "../../../../renderer/cluster-frame-context/hosted-cluster-id.injectable";
+import { currentClusterIdInjectionToken } from "../common/current-token";
+
+const currentClusterIdInjectable = getInjectable({
+  id: "current-cluster-id",
+  instantiate: (di) => di.inject(hostedClusterIdInjectable),
+  injectionToken: currentClusterIdInjectionToken,
+});
+
+export default currentClusterIdInjectable;

src/features/lens-proxy/common/lens-auth-agent.injectable.ts

@@ -0,0 +1,20 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+import { getInjectable } from "@ogre-tools/injectable";
+import { Agent } from "https";
+import { lensProxyCertificateInjectionToken } from "../../../common/certificate/token";
+
+const lensAuthenticatedAgentInjectable = getInjectable({
+  id: "lens-authenticated-agent",
+  instantiate: (di) => {
+    const lensProxyCertificate = di.inject(lensProxyCertificateInjectionToken);
+
+    return new Agent({
+      ca: lensProxyCertificate.cert,
+    });
+  },
+});
+
+export default lensAuthenticatedAgentInjectable;

src/features/lens-proxy/common/port-channel.ts

@@ -0,0 +1,10 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+
+import type { RequestChannel } from "../../../common/utils/channel/request-channel-listener-injection-token";
+
+export const lensProxyPortChannel: RequestChannel<void, number> = {
+  id: "lens-proxy-port",
+};

src/features/lens-proxy/main/port-handler.injectable.ts

@@ -0,0 +1,19 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+
+import { getRequestChannelListenerInjectable } from "../../../main/utils/channel/channel-listeners/listener-tokens";
+import { lensProxyPortChannel } from "../common/port-channel";
+import lensProxyPortInjectable from "../common/port.injectable";
+
+const lensProxyPortListener = getRequestChannelListenerInjectable({
+  channel: lensProxyPortChannel,
+  handler: (di) => {
+    const lensProxyPort = di.inject(lensProxyPortInjectable);
+
+    return () => lensProxyPort.get();
+  },
+});
+
+export default lensProxyPortListener;

src/features/lens-proxy/renderer/init.injectable.ts

@@ -0,0 +1,25 @@
+/**
+ * Copyright (c) OpenLens Authors. All rights reserved.
+ * Licensed under MIT License. See LICENSE in root directory for more information.
+ */
+import { getInjectable } from "@ogre-tools/injectable";
+import { beforeFrameStartsFirstInjectionToken } from "../../../renderer/before-frame-starts/tokens";
+import requestFromChannelInjectable from "../../../renderer/utils/channel/request-from-channel.injectable";
+import { lensProxyPortChannel } from "../common/port-channel";
+import lensProxyPortInjectable from "../common/port.injectable";
+
+const initLensProxyPortInjectable = getInjectable({
+  id: "init-lens-proxy-port",
+  instantiate: (di) => ({
+    id: "init-lens-proxy-port",
+    run: async () => {
+      const lensProxyPort = di.inject(lensProxyPortInjectable);
+      const requestFromChannel = di.inject(requestFromChannelInjectable);
+
+      lensProxyPort.set(await requestFromChannel(lensProxyPortChannel));
+    },
+  }),
+  injectionToken: beforeFrameStartsFirstInjectionToken,
+});
+
+export default initLensProxyPortInjectable;

src/main/__test__/kubeconfig-manager.test.ts

@@ -30,7 +30,7 @@ import removePathInjectable from "../../common/fs/remove.injectable";
 import pathExistsSyncInjectable from "../../common/fs/path-exists-sync.injectable";
 import readJsonSyncInjectable from "../../common/fs/read-json-sync.injectable";
 import writeJsonSyncInjectable from "../../common/fs/write-json-sync.injectable";
-import lensProxyPortInjectable from "../lens-proxy/lens-proxy-port.injectable";
+import lensProxyPortInjectable from "../../features/lens-proxy/common/port.injectable";
 
 const clusterServerUrl = "https://192.168.64.3:8443";
 

src/main/k8s-request.injectable.ts

@@ -5,7 +5,7 @@
 import { apiKubePrefix } from "../common/vars";
 import type { Cluster } from "../common/cluster/cluster";
 import { getInjectable } from "@ogre-tools/injectable";
-import lensProxyPortInjectable from "./lens-proxy/lens-proxy-port.injectable";
+import lensProxyPortInjectable from "../features/lens-proxy/common/port.injectable";
 import type { AuthenticatedRequestInit } from "../common/fetch/lens-authed-fetch.injectable";
 import lensAuthenticatedFetchInjectable from "../common/fetch/lens-authed-fetch.injectable";
 import nodeFetchModuleInjectable from "../common/fetch/fetch-module.injectable";
@@ -35,8 +35,6 @@ const k8sRequestInjectable = getInjectable({
       if (200 <= response.status && response.status < 300) {
         const body = await response.text();
 
-        console.log(body);
-
         return JSON.parse(body);
       }
 

src/main/k8s/api-base-host-header.injectable.ts

@@ -1,19 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-import { getInjectable } from "@ogre-tools/injectable";
-import { apiBaseHostHeaderInjectionToken } from "../../common/k8s-api/api-base-configs";
-import lensProxyPortInjectable from "../lens-proxy/lens-proxy-port.injectable";
-
-const apiBaseHostHeaderInjectable = getInjectable({
-  id: "api-base-host-header",
-  instantiate: (di) => {
-    const lensProxyPort = di.inject(lensProxyPortInjectable);
-
-    return `localhost:${lensProxyPort.get()}`;
-  },
-  injectionToken: apiBaseHostHeaderInjectionToken,
-});
-
-export default apiBaseHostHeaderInjectable;

src/main/k8s/api-base-server-address.injectable.ts

@@ -1,19 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-import { getInjectable } from "@ogre-tools/injectable";
-import { apiBaseServerAddressInjectionToken } from "../../common/k8s-api/api-base-configs";
-import lensProxyPortInjectable from "../lens-proxy/lens-proxy-port.injectable";
-
-const apiBaseServerAddressInjectable = getInjectable({
-  id: "api-base-server-address",
-  instantiate: (di) => {
-    const lensProxyPort = di.inject(lensProxyPortInjectable);
-
-    return `https://127.0.0.1:${lensProxyPort.get()}`;
-  },
-  injectionToken: apiBaseServerAddressInjectionToken,
-});
-
-export default apiBaseServerAddressInjectable;

src/main/kubeconfig-manager/create-kubeconfig-manager.injectable.ts

@@ -8,7 +8,7 @@ import directoryForTempInjectable from "../../common/app-paths/directory-for-tem
 import type { KubeconfigManagerDependencies } from "./kubeconfig-manager";
 import { KubeconfigManager } from "./kubeconfig-manager";
 import loggerInjectable from "../../common/logger.injectable";
-import lensProxyPortInjectable from "../lens-proxy/lens-proxy-port.injectable";
+import lensProxyPortInjectable from "../../features/lens-proxy/common/port.injectable";
 import joinPathsInjectable from "../../common/path/join-paths.injectable";
 import getDirnameOfPathInjectable from "../../common/path/get-dirname.injectable";
 import pathExistsInjectable from "../../common/fs/path-exists.injectable";

src/main/kubeconfig-manager/kubeconfig-manager.ts

@@ -15,7 +15,6 @@ import type { GetDirnameOfPath } from "../../common/path/get-dirname.injectable"
 import type { PathExists } from "../../common/fs/path-exists.injectable";
 import type { RemovePath } from "../../common/fs/remove.injectable";
 import type { WriteFile } from "../../common/fs/write-file.injectable";
-import { lensAuthenticationHeader } from "../../common/vars/auth-header";
 import type { SelfSignedCert } from "selfsigned";
 
 export interface KubeconfigManagerDependencies {
@@ -101,9 +100,6 @@ export class KubeconfigManager {
       `kubeconfig-${id}`,
     );
     const kubeConfig = await cluster.getKubeconfig();
-    const searchParams = new URLSearchParams({
-      [lensAuthenticationHeader]: this.dependencies.authHeaderValue,
-    });
 
     const proxyConfig: PartialDeep<KubeConfig> = {
       currentContext: contextName,
@@ -111,7 +107,7 @@ export class KubeconfigManager {
         {
           name: contextName,
           caData: Buffer.from(this.dependencies.lensProxyCertificate.cert).toString("base64"),
-          server: `https://127.0.0.1:${this.dependencies.lensProxyPort.get()}/${this.cluster.id}?${searchParams}`,
+          server: `https://127.0.0.1:${this.dependencies.lensProxyPort.get()}/${this.cluster.id}`,
           skipTLSVerify: false,
         },
       ],

src/main/lens-proxy/auth-header-value.injectable.ts

@@ -8,7 +8,7 @@ import { lensAuthenticationHeaderValueInjectionToken } from "../../common/auth/h
 
 const authHeaderValueInjectable = getInjectable({
   id: "auth-header-value",
-  instantiate: () => `Bearer ${uuid.v4()}`,
+  instantiate: () => uuid.v4(),
   injectionToken: lensAuthenticationHeaderValueInjectionToken,
 });
 

src/main/lens-proxy/get-cluster-for-request.injectable.ts

@@ -19,8 +19,6 @@ const getClusterForRequestInjectable = getInjectable({
     return (req) => {
       const clusterId = req.headers[lensClusterIdHeader.toLowerCase()];
 
-      console.log(clusterId);
-
       if (typeof clusterId === "string") {
         return getClusterById(clusterId);
       }

src/main/lens-proxy/lens-proxy.injectable.ts

@@ -8,7 +8,7 @@ import { kubeApiUpgradeRequest } from "./proxy-functions";
 import routeRequestInjectable from "../router/route-request.injectable";
 import httpProxy from "http-proxy";
 import shellApiRequestInjectable from "./proxy-functions/shell-api-request/shell-api-request.injectable";
-import lensProxyPortInjectable from "./lens-proxy-port.injectable";
+import lensProxyPortInjectable from "../../features/lens-proxy/common/port.injectable";
 import contentSecurityPolicyInjectable from "../../common/vars/content-security-policy.injectable";
 import emitAppEventInjectable from "../../common/app-event-bus/emit-event.injectable";
 import loggerInjectable from "../../common/logger.injectable";

src/main/lens-proxy/lens-proxy.ts

@@ -90,7 +90,7 @@ export class LensProxy {
         const cluster = this.dependencies.getClusterForRequest(req);
         const url = new URL(req.url, "https://localhost");
 
-        if (url.searchParams.get(lensAuthenticationHeader) !== this.dependencies.authHeaderValue) {
+        if (url.searchParams.get(lensAuthenticationHeader) !== `Bearer ${this.dependencies.authHeaderValue}`) {
           this.dependencies.logger.warn(`[LENS-PROXY]: Request from url=${req.url} missing authentication`);
           socket.destroy();
 
@@ -260,8 +260,6 @@ export class LensProxy {
   protected async handleRequest(req: ServerIncomingMessage, res: http.ServerResponse) {
     const cluster = this.dependencies.getClusterForRequest(req);
 
-    console.log(cluster?.id, req.url, req.headers);
-
     const writeServerResponse = writeServerResponseFor(res);
 
     if (cluster) {
@@ -270,7 +268,7 @@ export class LensProxy {
       if (proxyTarget) {
         const authHeader = req.headers[lensAuthenticationHeader.toLowerCase()];
 
-        if (authHeader !== this.dependencies.authHeaderValue) {
+        if (authHeader !== `Bearer ${this.dependencies.authHeaderValue}`) {
           writeServerResponse(contentTypes.txt.resultMapper({
             statusCode: 401,
             response: "Missing authorization",

src/main/router/create-handler-for-route.injectable.ts

@@ -18,7 +18,7 @@ const createHandlerForRouteInjectable = getInjectable({
   id: "create-handler-for-route",
   instantiate: (di): CreateHandlerForRoute => {
     const logger = di.inject(loggerInjectable);
-    const authHeaderValue = di.inject(authHeaderValueInjectable);
+    const authHeaderValue = `Bearer ${di.inject(authHeaderValueInjectable)}`;
 
     return (route) => async (request, response) => {
       const writeServerResponse = writeServerResponseFor(response);

src/renderer/components/test-utils/get-application-builder.tsx

@@ -35,7 +35,7 @@ import { overrideChannels } from "../../../test-utils/channel-fakes/override-cha
 import assert from "assert";
 import { openMenu } from "react-select-event";
 import userEvent from "@testing-library/user-event";
-import lensProxyPortInjectable from "../../../main/lens-proxy/lens-proxy-port.injectable";
+import lensProxyPortInjectable from "../../../features/lens-proxy/common/port.injectable";
 import type { Route } from "../../../common/front-end-routing/front-end-route-injection-token";
 import type { NavigateToRouteOptions } from "../../../common/front-end-routing/navigate-to-route-injection-token";
 import { navigateToRouteInjectionToken } from "../../../common/front-end-routing/navigate-to-route-injection-token";

src/renderer/k8s/api-base-host-header.injectable.ts

@@ -1,15 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-import { getInjectable } from "@ogre-tools/injectable";
-import { apiBaseHostHeaderInjectionToken } from "../../common/k8s-api/api-base-configs";
-import windowLocationInjectable from "../../common/k8s-api/window-location.injectable";
-
-const apiBaseHostHeaderInjectable = getInjectable({
-  id: "api-base-host-header",
-  instantiate: (di) => di.inject(windowLocationInjectable).host,
-  injectionToken: apiBaseHostHeaderInjectionToken,
-});
-
-export default apiBaseHostHeaderInjectable;

src/renderer/k8s/api-base-server-address.injectable.ts

@@ -1,19 +0,0 @@
-/**
- * Copyright (c) OpenLens Authors. All rights reserved.
- * Licensed under MIT License. See LICENSE in root directory for more information.
- */
-import { getInjectable } from "@ogre-tools/injectable";
-import { apiBaseServerAddressInjectionToken } from "../../common/k8s-api/api-base-configs";
-import windowLocationInjectable from "../../common/k8s-api/window-location.injectable";
-
-const apiBaseServerAddressInjectable = getInjectable({
-  id: "api-base-server-address",
-  instantiate: (di) => {
-    const { port } = di.inject(windowLocationInjectable);
-
-    return `https://127.0.0.1:${port}`;
-  },
-  injectionToken: apiBaseServerAddressInjectionToken,
-});
-
-export default apiBaseServerAddressInjectable;

src/renderer/k8s/api-kube.injectable.ts

@@ -10,10 +10,11 @@ import { storesAndApisCanBeCreatedInjectionToken } from "../../common/k8s-api/st
 import createKubeJsonApiInjectable from "../../common/k8s-api/create-kube-json-api.injectable";
 import isDevelopmentInjectable from "../../common/vars/is-development.injectable";
 import showErrorNotificationInjectable from "../components/notifications/show-error-notification.injectable";
-import windowLocationInjectable from "../../common/k8s-api/window-location.injectable";
 import { lensAuthenticationHeaderValueInjectionToken } from "../../common/auth/header-value";
 import { lensAuthenticationHeader, lensClusterIdHeader } from "../../common/vars/auth-header";
 import hostedClusterIdInjectable from "../cluster-frame-context/hosted-cluster-id.injectable";
+import lensProxyPortInjectable from "../../features/lens-proxy/common/port.injectable";
+import lensAuthenticatedAgentInjectable from "../../features/lens-proxy/common/lens-auth-agent.injectable";
 
 const apiKubeInjectable = getInjectable({
   id: "api-kube",
@@ -22,22 +23,23 @@ const apiKubeInjectable = getInjectable({
     const createKubeJsonApi = di.inject(createKubeJsonApiInjectable);
     const isDevelopment = di.inject(isDevelopmentInjectable);
     const showErrorNotification = di.inject(showErrorNotificationInjectable);
-    const { port, host } = di.inject(windowLocationInjectable);
     const lensAuthenticationHeaderValue = di.inject(lensAuthenticationHeaderValueInjectionToken);
     const hostedClusterId = di.inject(hostedClusterIdInjectable);
+    const lensProxyPort = di.inject(lensProxyPortInjectable);
+    const lensAuthenticatedAgent = di.inject(lensAuthenticatedAgentInjectable);
 
     assert(hostedClusterId);
 
     const apiKube = createKubeJsonApi({
-      serverAddress: `https://127.0.0.1:${port}`,
+      serverAddress: `https://127.0.0.1:${lensProxyPort.get()}`,
       apiBase: apiKubePrefix,
       debug: isDevelopment,
     }, {
       headers: {
-        "Host": host,
-        [lensAuthenticationHeader]: lensAuthenticationHeaderValue,
+        [lensAuthenticationHeader]: `Bearer ${lensAuthenticationHeaderValue}`,
         [lensClusterIdHeader]: hostedClusterId,
       },
+      agent: lensAuthenticatedAgent,
     });
 
     apiKube.onError.addListener((error, res) => {