Handle HTTP/HTTPS protocol depending on dev env or not

2022-11-07 01:35:06 +01:00 · 2022-11-07 01:35:06 +01:00 · e2ff98094b
parent 356bfc6a86
commit e2ff98094b
6 changed files with 44 additions and 3 deletions
--- a/29
+++ b/29
@ -0,0 +1,29 @@
+FROM golang:alpine as builder
+
+ARG ACCESS_TOKEN_USR="nothing"
+ARG ACCESS_TOKEN_PWD="nothing"
+
+RUN apk add --no-cache ca-certificates tzdata
+
+WORKDIR /
+
+# Create a netrc file using the credentials specified using --build-arg
+RUN printf "machine git.coopgo.io\n\
+    login ${ACCESS_TOKEN_USR}\n\
+    password ${ACCESS_TOKEN_PWD}\n"\
+    >> ~/.netrc
+RUN chmod 600 ~/.netrc
+
+COPY . .
+
+RUN go mod download && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o /server
+
+FROM scratch
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
+COPY --from=builder /server /
+COPY --from=builder /oidc-provider/templates /oidc-provider/templates
+
+EXPOSE 8080
+EXPOSE 80
+ENTRYPOINT ["/server"]
--- a/oidc-provider/endpoints_auth.go
+++ b/oidc-provider/endpoints_auth.go
@ -50,7 +50,7 @@ func (op *OIDCHandler) AuthEndpoint(w http.ResponseWriter, r *http.Request) {

 		sessionData := &openid.DefaultSession{
 			Claims: &jwt.IDTokenClaims{
-				Issuer:      fmt.Sprintf("http://%s/%s", r.Host, namespace),
+				Issuer:      fmt.Sprintf("%s://%s/%s", op.Protocol, r.Host, namespace),
 				Subject:     account.ID,
 				Audience:    []string{},
 				ExpiresAt:   time.Now().Add(time.Hour * 30),
--- a/oidc-provider/endpoints_wellknown.go
+++ b/oidc-provider/endpoints_wellknown.go
@ -14,7 +14,8 @@ func (op *OIDCHandler) WellKnownOIDCEndpoint(w http.ResponseWriter, r *http.Requ
 	var (
 		host      = r.Host
 		namespace = mux.Vars(r)["namespace"]
-		issuer    = fmt.Sprintf("http://%s/%s", host, namespace)
+		protocol  = op.Protocol
+		issuer    = fmt.Sprintf("%s://%s/%s", protocol, host, namespace)
 	)

 	response := map[string]any{
--- a/oidc-provider/oidc-provider.go
+++ b/oidc-provider/oidc-provider.go
@ -45,6 +45,7 @@ type OIDCHandler struct {
 	NamespaceProviders map[string]fosite.OAuth2Provider
 	config             OIDCConfig
 	handler            handlers.MobilityAccountsHandler
+	Protocol           string //HTTP (dev env) or HTTPS
 	PrivateKey         *rsa.PrivateKey
 }

@ -66,10 +67,16 @@ func NewOIDCHandler(h handlers.MobilityAccountsHandler, storage storage.Storage,
 		providers[c.Namespace] = np
 	}

+	protocol := "https"
+	if config.GetBool("dev_env") {
+		protocol = "http"
+	}
+
 	return &OIDCHandler{
 		config:             oidc_config,
 		handler:            h,
 		NamespaceProviders: providers,
+		Protocol:           protocol,
 		PrivateKey:         privateKey,
 	}
 }
--- a/oidc-provider/templates/parcoursmob/auth.html
+++ b/oidc-provider/templates/parcoursmob/auth.html
@ -2,7 +2,7 @@
 <html class="h-full bg-gray-50">
    <head>
        <title>PARCOURSMOB - Identification</title>
-        <link rel="stylesheet" href="http://localhost:9000/public/css/main.css" />
+        <link rel="stylesheet" href="https://spie06.parcoursmob.fr/public/css/main.css" />
    </head>
    <body class="h-full">
        <form method="post">
--- a/storage/etcd.go
+++ b/storage/etcd.go
@ -20,10 +20,14 @@ func NewEtcdKVStore(cfg *viper.Viper) (EtcdKVStore, error) {
 	var (
 		endpoints = cfg.GetStringSlice("storage.kv.etcd.endpoints")
 		prefix    = cfg.GetString("storage.kv.etcd.prefix")
+		username  = cfg.GetString("storage.kv.etcd.username")
+		password  = cfg.GetString("storage.kv.etcd.password")
 	)

 	cli, err := clientv3.New(clientv3.Config{
 		Endpoints:   endpoints,
+		Username:    username,
+		Password:    password,
 		DialTimeout: 5 * time.Second,
 	})
 	if err != nil {