control/controlclient: delete unused Client.Login Oauth2Token field

Updates #12172 (then need to update other repos)

Change-Id: I439f65e0119b09e00da2ef5c7a4f002f93558578
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

control/controlclient/auto.go

@@ -26,9 +26,8 @@
 
 type LoginGoal struct {
 	_     structs.Incomparable
-	token *tailcfg.Oauth2Token // oauth token to use when logging in
+	flags LoginFlags // flags to use when logging in
-	flags LoginFlags           // flags to use when logging in
+	url   string     // auth url that needs to be visited
-	url   string               // auth url that needs to be visited
 }
 
 var _ Client = (*Auto)(nil)
@@ -338,7 +337,7 @@ func (c *Auto) authRoutine() {
 			url, err = c.direct.WaitLoginURL(ctx, goal.url)
 			f = "WaitLoginURL"
 		} else {
-			url, err = c.direct.TryLogin(ctx, goal.token, goal.flags)
+			url, err = c.direct.TryLogin(ctx, goal.flags)
 			f = "TryLogin"
 		}
 		if err != nil {
@@ -612,8 +611,8 @@ func (c *Auto) sendStatus(who string, err error, url string, nm *netmap.NetworkM
 	})
 }
 
-func (c *Auto) Login(t *tailcfg.Oauth2Token, flags LoginFlags) {
+func (c *Auto) Login(flags LoginFlags) {
-	c.logf("client.Login(%v, %v)", t != nil, flags)
+	c.logf("client.Login(%v)", flags)
 
 	c.mu.Lock()
 	defer c.mu.Unlock()
@@ -625,7 +624,6 @@ func (c *Auto) Login(t *tailcfg.Oauth2Token, flags LoginFlags) {
 	}
 	c.wantLoggedIn = true
 	c.loginGoal = &LoginGoal{
-		token: t,
 		flags: flags,
 	}
 	c.cancelMapCtxLocked()

control/controlclient/client.go

@@ -45,7 +45,7 @@ type Client interface {
 	// LoginFinished flag (on success) or an auth URL (if further
 	// interaction is needed). It merely sets the process in motion,
 	// and doesn't wait for it to complete.
-	Login(*tailcfg.Oauth2Token, LoginFlags)
+	Login(LoginFlags)
 	// Logout starts a synchronous logout process. It doesn't return
 	// until the logout operation has been completed.
 	Logout(context.Context) error

control/controlclient/direct.go

@@ -401,12 +401,12 @@ func (c *Direct) TryLogout(ctx context.Context) error {
 	return err
 }
 
-func (c *Direct) TryLogin(ctx context.Context, t *tailcfg.Oauth2Token, flags LoginFlags) (url string, err error) {
+func (c *Direct) TryLogin(ctx context.Context, flags LoginFlags) (url string, err error) {
 	if strings.Contains(c.serverURL, "controlplane.tailscale.com") && envknob.Bool("TS_PANIC_IF_HIT_MAIN_CONTROL") {
 		panic(fmt.Sprintf("[unexpected] controlclient: TryLogin called on %s; tainted=%v", c.serverURL, c.panicOnUse))
 	}
-	c.logf("[v1] direct.TryLogin(token=%v, flags=%v)", t != nil, flags)
+	c.logf("[v1] direct.TryLogin(flags=%v)", flags)
-	return c.doLoginOrRegen(ctx, loginOpt{Token: t, Flags: flags})
+	return c.doLoginOrRegen(ctx, loginOpt{Flags: flags})
 }
 
 // WaitLoginURL sits in a long poll waiting for the user to authenticate at url.
@@ -441,7 +441,6 @@ func (c *Direct) SetExpirySooner(ctx context.Context, expiry time.Time) error {
 }
 
 type loginOpt struct {
-	Token  *tailcfg.Oauth2Token
 	Flags  LoginFlags
 	Regen  bool // generate a new nodekey, can be overridden in doLogin
 	URL    string
@@ -610,10 +609,9 @@ func (c *Direct) doLogin(ctx context.Context, opt loginOpt) (mustRegen bool, new
 	c.logf("RegisterReq: onode=%v node=%v fup=%v nks=%v",
 		request.OldNodeKey.ShortString(),
 		request.NodeKey.ShortString(), opt.URL != "", len(nodeKeySignature) > 0)
-	if opt.Token != nil || authKey != "" {
+	if authKey != "" {
 		request.Auth = &tailcfg.RegisterResponseAuth{
-			Oauth2Token: opt.Token,
+			AuthKey: authKey,
-			AuthKey:     authKey,
 		}
 	}
 	err = signRegisterRequest(&request, c.serverURL, c.serverLegacyKey, machinePrivKey.Public())

ipn/ipnlocal/local.go

@@ -1842,7 +1842,7 @@ func (b *LocalBackend) Start(opts ipn.Options) error {
 		// Without this, the state machine transitions to "NeedsLogin" implying
 		// that user interaction is required, which is not the case and can
 		// regress tsnet.Server restarts.
-		cc.Login(nil, controlclient.LoginDefault)
+		cc.Login(controlclient.LoginDefault)
 	}
 	b.stateMachineLockedOnEntry(unlock)
 
@@ -2825,7 +2825,7 @@ func (b *LocalBackend) StartLoginInteractive(ctx context.Context) error {
 	if url != "" && timeSinceAuthURLCreated < ((7*24*time.Hour)-(1*time.Hour)) {
 		b.popBrowserAuthNow()
 	} else {
-		cc.Login(nil, b.loginFlags|controlclient.LoginInteractive)
+		cc.Login(b.loginFlags | controlclient.LoginInteractive)
 	}
 	return nil
 }
@@ -3339,7 +3339,7 @@ func (b *LocalBackend) setPrefsLockedOnEntry(newp *ipn.Prefs, unlock unlockOnce)
 
 	if !oldp.WantRunning() && newp.WantRunning {
 		b.logf("transitioning to running; doing Login...")
-		cc.Login(nil, controlclient.LoginDefault)
+		cc.Login(controlclient.LoginDefault)
 	}
 
 	if oldp.WantRunning() != newp.WantRunning {

ipn/ipnlocal/state_test.go

@@ -198,8 +198,8 @@ func (cc *mockControl) Shutdown() {
 // Login starts a login process. Note that in this mock, we don't automatically
 // generate notifications about the progress of the login operation. You have to
 // call send() as required by the test.
-func (cc *mockControl) Login(t *tailcfg.Oauth2Token, flags controlclient.LoginFlags) {
+func (cc *mockControl) Login(flags controlclient.LoginFlags) {
-	cc.logf("Login token=%v flags=%v", t, flags)
+	cc.logf("Login flags=%v", flags)
 	cc.called("Login")
 	newKeys := cc.populateKeys()
 
@@ -265,7 +265,7 @@ func (b *LocalBackend) nonInteractiveLoginForStateTest() {
 	cc := b.cc
 	b.mu.Unlock()
 
-	cc.Login(nil, b.loginFlags|controlclient.LoginInteractive)
+	cc.Login(b.loginFlags | controlclient.LoginInteractive)
 }
 
 // A very precise test of the sequence of function calls generated by

tailcfg/tailcfg.go

@@ -1082,7 +1082,7 @@ type RegisterResponseAuth struct {
 
 	// At most one of Oauth2Token or AuthKey is set.
 
-	Oauth2Token *Oauth2Token `json:",omitempty"`
+	Oauth2Token *Oauth2Token `json:",omitempty"` // used by pre-1.66 Android only
 	AuthKey     string       `json:",omitempty"`
 }