chore: update documentation related to proxy authentication

The new API introduced in TBX 2.7, and HTTP proxy authentication works flawlessly. However,
SOCKS5 proxy authentication does not appear to be properly supported in the current TBX
implementation.

While users can configure a SOCKS5 proxy with basic authentication, Toolbox fails to
authenticate successfully. Coder uses OkHttp as the HTTP client, which in turn delegates
SOCKS5 authentication to the JVM (java.net.SocksSocketImpl). We can configure a java.net
.Authenticator with the credentials exposed by the new TBX API. However, since the
Authenticator is set globally, doing so would affect all plugins — including TBX itself —
which may not be desirable.

Author: fioan89

CHANGELOG.md

@@ -4,7 +4,8 @@
 
 ### Added
 
-- support for basic proxy authentication
+- support for basic authentication for HTTP/HTTPS proxy
+- support for Toolbox 2.7 release
 
 ### Changed
 

README.md

@@ -110,7 +110,7 @@ experience, it’s recommended to ensure the workspace is running prior to initi
 
 ## Configuring and Testing workspace polling with HTTP & SOCKS5 Proxy
 
-This section explains how to set up a local proxy (without authentication which is not yet supported) and verify that
+This section explains how to set up a local proxy and verify that
 the plugin’s REST client works correctly when routed through it.
 
 We’ll use [mitmproxy](https://mitmproxy.org/) for this — it can act as both an HTTP and SOCKS5 proxy with SSL
@@ -134,6 +134,12 @@ mitmproxy can do HTTP and SOCKS5 proxying. To configure one or the other:
 2. Navigate to `Options -> Edit Options`
 3. Update the `Mode` field to `regular` in order to activate HTTP/HTTPS or to `socks5`
 4. Proxy authentication can be enabled by updating the `proxyauth` to `username:password`
+5. Alternatively you can run the following commands:
+
+```bash
+mitmweb --ssl-insecure --set stream_large_bodies="10m" --mode regular --proxyauth proxyUsername:proxyPassword
+mitmweb --ssl-insecure --set stream_large_bodies="10m" --mode socks5
+```
 
 ### Configure Proxy in Toolbox
 
@@ -144,6 +150,10 @@ mitmproxy can do HTTP and SOCKS5 proxying. To configure one or the other:
 5. Before authenticating to the Coder deployment we need to tell the plugin where can we find mitmproxy
    certificates. In Coder's Settings page, set the `TLS CA path` to `~/.mitmproxy/mitmproxy-ca-cert.pem`
 
+> ⚠️ Note: Coder Toolbox plugin handles only HTTP/HTTPS proxy authentication.
+> SOCKS5 proxy authentication is currently not supported due to limitations
+> described in: https://youtrack.jetbrains.com/issue/TBX-14532/Missing-proxy-authentication-settings#focus=Comments-27-12265861.0-0
+
 ## Debugging and Reporting issues
 
 Enabling debug logging is essential for diagnosing issues with the Toolbox plugin, especially when SSH

src/main/kotlin/com/coder/toolbox/sdk/CoderRestClient.kt

@@ -80,6 +80,9 @@ open class CoderRestClient(
             builder.proxySelector(context.proxySettings.getProxySelector()!!)
         }
 
+        // Note: This handles only HTTP/HTTPS proxy authentication.
+        // SOCKS5 proxy authentication is currently not supported due to limitations described in:
+        // https://youtrack.jetbrains.com/issue/TBX-14532/Missing-proxy-authentication-settings#focus=Comments-27-12265861.0-0
         builder.proxyAuthenticator { _, response ->
             val proxyAuth = context.proxySettings.getProxyAuth()
             if (proxyAuth == null || proxyAuth !is ProxyAuth.Basic) {