Handle HTTP/HTTPS protocol depending on dev env or not

Dockerfile

@@ -0,0 +1,29 @@
+FROM golang:alpine as builder
+
+ARG ACCESS_TOKEN_USR="nothing"
+ARG ACCESS_TOKEN_PWD="nothing"
+
+RUN apk add --no-cache ca-certificates tzdata
+
+WORKDIR /
+
+# Create a netrc file using the credentials specified using --build-arg
+RUN printf "machine git.coopgo.io\n\
+    login ${ACCESS_TOKEN_USR}\n\
+    password ${ACCESS_TOKEN_PWD}\n"\
+    >> ~/.netrc
+RUN chmod 600 ~/.netrc
+
+COPY . .
+
+RUN go mod download && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o /server
+
+FROM scratch
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
+COPY --from=builder /server /
+COPY --from=builder /oidc-provider/templates /oidc-provider/templates
+
+EXPOSE 8080
+EXPOSE 80
+ENTRYPOINT ["/server"]

oidc-provider/endpoints_auth.go

@@ -50,7 +50,7 @@ func (op *OIDCHandler) AuthEndpoint(w http.ResponseWriter, r *http.Request) {
 
 		sessionData := &openid.DefaultSession{
 			Claims: &jwt.IDTokenClaims{
-				Issuer:      fmt.Sprintf("http://%s/%s", r.Host, namespace),
+				Issuer:      fmt.Sprintf("%s://%s/%s", op.Protocol, r.Host, namespace),
 				Subject:     account.ID,
 				Audience:    []string{},
 				ExpiresAt:   time.Now().Add(time.Hour * 30),

oidc-provider/endpoints_wellknown.go

@@ -14,7 +14,8 @@ func (op *OIDCHandler) WellKnownOIDCEndpoint(w http.ResponseWriter, r *http.Requ
 	var (
 		host      = r.Host
 		namespace = mux.Vars(r)["namespace"]
-		issuer    = fmt.Sprintf("http://%s/%s", host, namespace)
+		protocol  = op.Protocol
+		issuer    = fmt.Sprintf("%s://%s/%s", protocol, host, namespace)
 	)
 
 	response := map[string]any{

oidc-provider/oidc-provider.go

@@ -45,6 +45,7 @@ type OIDCHandler struct {
 	NamespaceProviders map[string]fosite.OAuth2Provider
 	config             OIDCConfig
 	handler            handlers.MobilityAccountsHandler
+	Protocol           string //HTTP (dev env) or HTTPS
 	PrivateKey         *rsa.PrivateKey
 }
 
@@ -66,10 +67,16 @@ func NewOIDCHandler(h handlers.MobilityAccountsHandler, storage storage.Storage,
 		providers[c.Namespace] = np
 	}
 
+	protocol := "https"
+	if config.GetBool("dev_env") {
+		protocol = "http"
+	}
+
 	return &OIDCHandler{
 		config:             oidc_config,
 		handler:            h,
 		NamespaceProviders: providers,
+		Protocol:           protocol,
 		PrivateKey:         privateKey,
 	}
 }

oidc-provider/templates/parcoursmob/auth.html

@@ -2,7 +2,7 @@
 <html class="h-full bg-gray-50">
     <head>
         <title>PARCOURSMOB - Identification</title>
-        <link rel="stylesheet" href="http://localhost:9000/public/css/main.css" />
+        <link rel="stylesheet" href="https://spie06.parcoursmob.fr/public/css/main.css" />
     </head>
     <body class="h-full">
         <form method="post">

storage/etcd.go

@@ -20,10 +20,14 @@ func NewEtcdKVStore(cfg *viper.Viper) (EtcdKVStore, error) {
 	var (
 		endpoints = cfg.GetStringSlice("storage.kv.etcd.endpoints")
 		prefix    = cfg.GetString("storage.kv.etcd.prefix")
+		username  = cfg.GetString("storage.kv.etcd.username")
+		password  = cfg.GetString("storage.kv.etcd.password")
 	)
 
 	cli, err := clientv3.New(clientv3.Config{
 		Endpoints:   endpoints,
+		Username:    username,
+		Password:    password,
 		DialTimeout: 5 * time.Second,
 	})
 	if err != nil {