Allow insecure HTTP for OIDC only in local in development mode

handlers/api/oidc.go

@@ -23,6 +23,8 @@ func (h APIHandler) OAuth2Callback(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	fmt.Println(rawIDToken)
+
 	_, err = h.idp.TokenVerifier.Verify(context.Background(), rawIDToken)
 	if err != nil {
 		fmt.Println("not able to verify token")

handlers/application/application.go

@@ -10,7 +10,7 @@ import (
 	cache "git.coopgo.io/coopgo-apps/parcoursmob/utils/storage"
 	"git.coopgo.io/coopgo-platform/emailing"
 	"git.coopgo.io/coopgo-platform/groups-management/storage"
-	"github.com/coreos/go-oidc"
+	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/spf13/viper"
 )
 

handlers/application/vehicles-management.go

@@ -17,7 +17,7 @@ import (
 	"git.coopgo.io/coopgo-platform/groups-management/storage"
 	mobilityaccounts "git.coopgo.io/coopgo-platform/mobility-accounts/grpcapi"
 	mobilityaccountsstorage "git.coopgo.io/coopgo-platform/mobility-accounts/storage"
-	"github.com/coreos/go-oidc"
+	"github.com/coreos/go-oidc/v3/oidc" 
 	"github.com/google/uuid"
 	"github.com/gorilla/mux"
 	"google.golang.org/protobuf/types/known/structpb"