Handle HTTP/HTTPS protocol depending on dev env or not

oidc-provider/endpoints_auth.go

@@ -50,7 +50,7 @@ func (op *OIDCHandler) AuthEndpoint(w http.ResponseWriter, r *http.Request) {
 
 		sessionData := &openid.DefaultSession{
 			Claims: &jwt.IDTokenClaims{
-				Issuer:      fmt.Sprintf("http://%s/%s", r.Host, namespace),
+				Issuer:      fmt.Sprintf("%s://%s/%s", op.Protocol, r.Host, namespace),
 				Subject:     account.ID,
 				Audience:    []string{},
 				ExpiresAt:   time.Now().Add(time.Hour * 30),

oidc-provider/endpoints_wellknown.go

@@ -14,7 +14,8 @@ func (op *OIDCHandler) WellKnownOIDCEndpoint(w http.ResponseWriter, r *http.Requ
 	var (
 		host      = r.Host
 		namespace = mux.Vars(r)["namespace"]
-		issuer    = fmt.Sprintf("http://%s/%s", host, namespace)
+		protocol  = op.Protocol
+		issuer    = fmt.Sprintf("%s://%s/%s", protocol, host, namespace)
 	)
 
 	response := map[string]any{

oidc-provider/oidc-provider.go

@@ -45,6 +45,7 @@ type OIDCHandler struct {
 	NamespaceProviders map[string]fosite.OAuth2Provider
 	config             OIDCConfig
 	handler            handlers.MobilityAccountsHandler
+	Protocol           string //HTTP (dev env) or HTTPS
 	PrivateKey         *rsa.PrivateKey
 }
 
@@ -66,10 +67,16 @@ func NewOIDCHandler(h handlers.MobilityAccountsHandler, storage storage.Storage,
 		providers[c.Namespace] = np
 	}
 
+	protocol := "https"
+	if config.GetBool("dev_env") {
+		protocol = "http"
+	}
+
 	return &OIDCHandler{
 		config:             oidc_config,
 		handler:            h,
 		NamespaceProviders: providers,
+		Protocol:           protocol,
 		PrivateKey:         privateKey,
 	}
 }

oidc-provider/templates/parcoursmob/auth.html

@@ -2,7 +2,7 @@
 <html class="h-full bg-gray-50">
     <head>
         <title>PARCOURSMOB - Identification</title>
-        <link rel="stylesheet" href="http://localhost:9000/public/css/main.css" />
+        <link rel="stylesheet" href="https://spie06.parcoursmob.fr/public/css/main.css" />
     </head>
     <body class="h-full">
         <form method="post">