Allow tls certificates skipping

cmd/server/container.go

@@ -2,6 +2,8 @@ package main
 
 import (
 	"context"
+	"crypto/tls"
+	"net/http"
 
 	"gitlab.com/wpetit/goweb/logger"
 	"gitlab.com/wpetit/goweb/template/html"
@@ -65,6 +67,20 @@ func getServiceContainer(ctx context.Context, conf *config.Config) (*service.Con
 		conf.HTTP.TemplateDir,
 	))
 
+	defaultHTTPTransport, ok := http.DefaultTransport.(*http.Transport)
+	if ok {
+		if defaultHTTPTransport.TLSClientConfig == nil {
+			defaultHTTPTransport.TLSClientConfig = &tls.Config{}
+		}
+
+		defaultHTTPTransport.TLSClientConfig.InsecureSkipVerify = conf.OIDC.InsecureSkipVerify
+	} else {
+		logger.Fatal(
+			ctx,
+			"could not configure default http client",
+		)
+	}
+
 	// Create and expose config service provider
 	ctn.Provide(config.ServiceName, config.ServiceProvider(conf))
 

internal/config/config.go

@@ -49,9 +49,10 @@ type HTTPConfig struct {
 type OIDCConfig struct {
 	ClientID              string `yaml:"clientId"  env:"OIDC_CLIENT_ID"`
 	ClientSecret          string `yaml:"clientSecret"  env:"OIDC_CLIENT_SECRET"`
-	IssuerURL             string `ymal:"issuerUrl"  env:"OIDC_ISSUER_URL"`
+	IssuerURL             string `yaml:"issuerUrl"  env:"OIDC_ISSUER_URL"`
 	RedirectURL           string `yaml:"redirectUrl"  env:"OIDC_REDIRECT_URL"`
 	PostLogoutRedirectURL string `yaml:"postLogoutRedirectURL"  env:"OIDC_POST_LOGOUT_REDIRECT_URL"`
+	InsecureSkipVerify    bool   `ymal:"insecureSkipVerify" env:"OIDC_INSECURE_SKIP_VERIFY"`
 }
 
 type LogConfig struct {
@@ -84,6 +85,7 @@ func NewDefault() *Config {
 			IssuerURL:             "http://localhost:4444/",
 			RedirectURL:           "http://localhost:3002/oauth2/callback",
 			PostLogoutRedirectURL: "http://localhost:3002",
+			InsecureSkipVerify:    false,
 		},
 	}
 }