implémentaiton hydra-dispatcher

.env

@@ -25,7 +25,7 @@ DB_USER="lasql"
 DB_PASSWORD="lasql"
 
 ISSUER_URL="http://localhost:8000"
-BASE_URL='http://localhost:8080'
+BASE_URL='http://localhost:8083'
 # connexion hydra
 HYDRA_ADMIN_BASE_URL='http://hydra:4445'
 APP_LOCALES="fr,en"
@@ -43,7 +43,7 @@ ALTCHA_DEBUG=false
 ALTCHA_WORKERS=8
 ALTCHA_DELAY=100
 ALTCHA_MOCK_ERROR=false
-ALTCHA_ENABLED=true
+ALTCHA_ENABLED=false
 
 ENABLED_2FA=true
-URL_2FA=http://localhost:8070/2fa
+URL_2FA=http://localhost:8084/2fa

compose.yml

@@ -1,4 +1,26 @@
 services:
+  hydra-dispatcher:
+    image: reg.cadoles.com/cadoles/hydra-dispatcher-standalone:2025.9.2-develop.1152.3cd1c49
+    ports:
+      - 8082:80
+    environment:
+      - APP_ENV=prod
+      - APP_DEBUG=false
+      - PHP_FPM_MEMORY_LIMIT=256m
+      - CADDY_HTTP_PORT=80
+      - HYDRA_ADMIN_BASE_URL=http://hydra:4445
+      - HYDRA_BASE_URL=http://hydra:4444
+      - HYDRA_REWRITE_ISSUER=yes
+      - HYDRA_ORIGINAL_ISSUER=http://localhost:8081
+      - HYDRA_NEW_ISSUER=http://localhost:8082
+      - DEFAULT_LOCALE=fr
+      - DISABLE_APP_AUTO_SELECT=false
+      - APP_LOCALES=fr,en
+      - HYDRA_ADMIN_AUTHORIZED_HOSTS=10.0.0.0/8,172.16.0.0/12,172.19.0.0/12,192.168.0.0/16
+      - REDIS_DSN=redis://redis:6379
+      - TRUSTED_PROXIES=REMOTE_ADDR
+    volumes:
+      - ./misc/compose/dispatcher/:/app/config/hydra/
   hydra-sql:
     build:
       context: .
@@ -12,7 +34,7 @@ services:
         - http_proxy=${http_proxy}
         - https_proxy=${https_proxy}
     ports:
-      - 8082:8071
+      - 8083:8071
     tmpfs:
       - /var/www/var/logs:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
       - /var/www/var/cache:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
@@ -22,6 +44,7 @@ services:
       - hydra
     depends_on:
       - redis
+      - hydra-dispatcher
     extra_hosts:
       - "localhost:127.0.0.1"
       - "localhost:host-gateway"
@@ -48,10 +71,10 @@ services:
       - APP_ENV=dev
       - PHP_FPM_MEMORY_LIMIT=128m
       - APP_LOCALES=fr,en
-      - HYDRA_ADMIN_BASE_URL=http://hydra:4445
+      - HYDRA_ADMIN_BASE_URL=http://hydra-dispatcher
       - TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR,localhost
       - ISSUER_URL=http://localhost:8000
-      - BASE_URL=http://localhost:8082
+      - BASE_URL=http://localhost:8083
       - DB_USER=lasql
       - DB_PASSWORD=lasql
       - DEFAULT_LOCALE=fr
@@ -59,6 +82,8 @@ services:
       - HASH_ALGO_LEGACY="sha256"
       - SECURITY_PATTERN=password,salt,pepper
       - CADDY_HTTP_PORT=8071
+      - ENABLED_2FA=true
+      - URL_2FA=http://localhost:8084/2fa
   oidc-test:
     image: bornholm/oidc-test:v0.0.0-1-g936a77e
     environment:
@@ -84,8 +109,8 @@ services:
       - HYDRA_ALLOW_INSECURE=yes
       - HYDRA_URLS_SELF_ISSUER=http://localhost:8081/
       - HYDRA_URLS_LOGOUT=http://localhost:8082/logout
-      - HYDRA_URLS_LOGIN=http://localhost:8082/
+      - HYDRA_URLS_LOGIN=http://localhost:8082/login
-      - HYDRA_URLS_CONSENT=http://localhost:8082/connect/consent
+      - HYDRA_URLS_CONSENT=http://localhost:8082/consent
       - HYDRA_URLS_ERROR=http://localhost:8082/error
       - HYDRA_LEVEL=debug
       - HYDRA_DSN=postgres://lasql:lasql@postgres:5432/hydra
@@ -103,7 +128,7 @@ services:
           "wget",
           "--spider",
           "-q",
-          "http://127.0.0.1:4444/.well-known/openid-configuration",
+          "http://localhost:4444/.well-known/openid-configuration",
         ]
       interval: 10s
       timeout: 10s
@@ -166,20 +191,21 @@ services:
       environment:
         - APP_ENV=dev
         - APP_DEBUG=1  # Pour mode debug en dev
+        - CADDY_GLOBAL_OPTIONS=debug # Activer le mode debug
       ports:
-        - "8070:80"  # Mappe le port 80 du conteneur sur 8081 de l'hôte
+        - "8084:80"  # Mappe le port 80 du conteneur sur 8081 de l'hôte
       depends_on:
         - postgres  # Si tu utilises la DB partagée
-  pgweb:
+  # pgweb:
-    container_name: pgweb
+  #   container_name: pgweb
-    restart: always
+  #   restart: always
-    image: sosedoff/pgweb
+  #   image: sosedoff/pgweb
-    ports: 
+  #   ports: 
-      - "8095:8081" 
+  #     - "8085:8081" 
-    environment:
+  #   environment:
-      - PGWEB_DATABASE_URL=postgres://lasql:lasql@postgres:5432/lasql?sslmode=disable
+  #     - PGWEB_DATABASE_URL=postgres://lasql:lasql@postgres:5432/lasql?sslmode=disable
-    depends_on:
+  #   depends_on:
-      - postgres
+  #     - postgres
 volumes:
   postgres:
   mariadb:

misc/compose/dispatcher/example.yml

@@ -0,0 +1,33 @@
+hydra:
+  apps:
+    - id: hydra-sql
+      title: 
+        fr: Hydra Sql
+        en: Hydra Sql En
+      description: 
+        fr: Authentification via adresse courriel
+        en: Authentication by email address
+      icon_url: http://placehold.jp/84x123.png
+      login_url: http://localhost:8083/login
+      consent_url: http://localhost:8083/consent
+      options: 
+        text_libre:
+          fr: "Connexion avec mot de passe"
+          en: "Login with password"
+      logout_url: http://localhost:8083/logout
+      attributes_rewrite_configuration:
+        mail:
+          replace: email
+          rules:
+            - "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null"
+  webhook:
+    enabled: false
+    api_url: http://hydra-dispatcher/test
+    api_key: ~
+    api_method: POST
+  webhook_post_login:
+    enabled: false
+    api_url: http://hydra-dispatcher/test
+    api_key: ~
+    api_method: POST
+  connected_user_redirect_url: '/'

src/Controller/MainController.php

@@ -75,7 +75,7 @@ class MainController extends AbstractController
     }
 
     #[Route('/connect/consent', name: 'app_consent')]
-    public function consent(Request $request): RedirectResponse
+    public function consent(Request $request): Response
     {
         return $this->hydra->handleConsentRequest($request);
     }