chore: move app proxying code to workspaceapps pkg (#6998)

* chore: move app proxying code to workspaceapps pkg

Moves path-app, subdomain-app and reconnecting PTY proxying to the new
workspaceapps.WorkspaceAppServer struct. This is in preparation for
external workspace proxies.

Updates app logout flow to avoid redirecting to coder-logout.${app_host}
on logout. Instead, all subdomain app tokens owned by the logging-out
user will be deleted every time you logout for simplicity sake.

Tests will remain in their original package, pending being moved to an
apptest package (or similar).

Co-authored-by: Steven Masley <stevenmasley@coder.com>

coderd/workspaceapps/db_test.go

@@ -263,7 +263,7 @@ func Test_ResolveRequest(t *testing.T) {
 					require.Equal(t, codersdk.DevURLSignedAppTokenCookie, cookie.Name)
 					require.Equal(t, req.BasePath, cookie.Path)
 
-					parsedToken, err := workspaceapps.ParseToken(api.AppSigningKey, cookie.Value)
+					parsedToken, err := api.AppSecurityKey.VerifySignedToken(cookie.Value)
 					require.NoError(t, err)
 					// normalize expiry
 					require.WithinDuration(t, token.Expiry, parsedToken.Expiry, 2*time.Second)
@@ -482,7 +482,7 @@ func Test_ResolveRequest(t *testing.T) {
 			AgentID:     agentID,
 			AppURL:      appURL,
 		}
-		badTokenStr, err := workspaceapps.GenerateToken(api.AppSigningKey, badToken)
+		badTokenStr, err := api.AppSecurityKey.SignToken(badToken)
 		require.NoError(t, err)
 
 		req := workspaceapps.Request{
@@ -518,7 +518,7 @@ func Test_ResolveRequest(t *testing.T) {
 		require.Len(t, cookies, 1)
 		require.Equal(t, cookies[0].Name, codersdk.DevURLSignedAppTokenCookie)
 		require.NotEqual(t, cookies[0].Value, badTokenStr)
-		parsedToken, err := workspaceapps.ParseToken(api.AppSigningKey, cookies[0].Value)
+		parsedToken, err := api.AppSecurityKey.VerifySignedToken(cookies[0].Value)
 		require.NoError(t, err)
 		require.Equal(t, appNameOwner, parsedToken.AppSlugOrPort)
 	})