Initial commit

2020-04-08 08:56:42 +02:00 · 2020-04-08 08:56:42 +02:00 · 3a84d819ff
commit 3a84d819ff
44 changed files with 1769 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,4 @@
+/release
+/data
+/vendor
+/bin
--- a/45
+++ b/45
@ -0,0 +1,45 @@
+build: vendor
+	CGO_ENABLED=0 go build -mod=vendor -v -o bin/server ./cmd/server
+
+test:
+	go test -v -race ./...
+
+release:
+	@$(SHELL) ./misc/script/release.sh
+
+vendor:
+	go mod vendor
+
+tidy:
+	go mod tidy
+
+watch:
+	modd
+
+lint:
+	golangci-lint run --enable-all
+
+hydra:
+	docker run \
+		--rm -it \
+		--name hydra-passwordless \
+		-e DSN=memory \
+		-e URLS_LOGIN=http://localhost:3000/login \
+		-e URLS_CONSENT=http://localhost:3000/consent \
+		-p 4444:4444 \
+		-p 4445:4445 \
+		oryd/hydra:v1.4.2-alpine \
+		serve all \
+		--dangerous-force-http
+
+create-client:
+	docker exec -it hydra-passwordless \
+		sh -c 'HYDRA_URL=http://localhost:4445 hydra clients create -c http://localhost:3000/test/oauth2/callback'
+
+clean:
+	rm -rf release
+	rm -rf data
+	rm -rf vendor
+	rm -rf bin
+
+.PHONY: lint watch build vendor tidy release
--- a/README.md
+++ b/README.md
@ -0,0 +1,15 @@
+# hydra-passwordless
+
+## Démarrer avec les sources
+
+```
+make build
+```
+
+## FAQ
+
+### Générer une version de distribution
+
+```
+make release
+```
--- a/cmd/server/container.go
+++ b/cmd/server/container.go
@ -0,0 +1,97 @@
+package main
+
+import (
+	"context"
+	"log"
+	"net/http"
+	"time"
+
+	"gitlab.com/wpetit/goweb/template/html"
+
+	"forge.cadoles.com/wpetit/hydra-passwordless/internal/config"
+	"forge.cadoles.com/wpetit/hydra-passwordless/internal/hydra"
+	"forge.cadoles.com/wpetit/hydra-passwordless/oidc"
+	"github.com/gorilla/sessions"
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/service"
+	"gitlab.com/wpetit/goweb/service/build"
+	"gitlab.com/wpetit/goweb/service/session"
+	"gitlab.com/wpetit/goweb/service/template"
+	"gitlab.com/wpetit/goweb/session/gorilla"
+)
+
+func getServiceContainer(conf *config.Config) (*service.Container, error) {
+	// Initialize and configure service container
+	ctn := service.NewContainer()
+
+	ctn.Provide(build.ServiceName, build.ServiceProvider(ProjectVersion, GitRef, BuildDate))
+
+	// Generate random cookie authentication key if none is set
+	if conf.HTTP.CookieAuthenticationKey == "" {
+		log.Println("could not find cookie authentication key. generating one...")
+
+		cookieAuthenticationKey, err := gorilla.GenerateRandomBytes(64)
+		if err != nil {
+			return nil, errors.Wrap(err, "could not generate cookie authentication key")
+		}
+
+		conf.HTTP.CookieAuthenticationKey = string(cookieAuthenticationKey)
+	}
+
+	// Generate random cookie encryption key if none is set
+	if conf.HTTP.CookieEncryptionKey == "" {
+		log.Println("could not find cookie encryption key. generating one...")
+
+		cookieEncryptionKey, err := gorilla.GenerateRandomBytes(32)
+		if err != nil {
+			return nil, errors.Wrap(err, "could not generate cookie encryption key")
+		}
+
+		conf.HTTP.CookieEncryptionKey = string(cookieEncryptionKey)
+	}
+
+	// Create and initialize HTTP session service provider
+	cookieStore := sessions.NewCookieStore(
+		[]byte(conf.HTTP.CookieAuthenticationKey),
+		[]byte(conf.HTTP.CookieEncryptionKey),
+	)
+
+	// Define default cookie options
+	cookieStore.Options = &sessions.Options{
+		Path:     "/",
+		HttpOnly: true,
+		MaxAge:   conf.HTTP.CookieMaxAge,
+		SameSite: http.SameSiteStrictMode,
+	}
+
+	ctn.Provide(
+		session.ServiceName,
+		gorilla.ServiceProvider("hydra-passwordless", cookieStore),
+	)
+
+	// Create and expose template service provider
+	// Create and expose template service provider
+	ctn.Provide(template.ServiceName, html.ServiceProvider(
+		conf.HTTP.TemplateDir,
+	))
+
+	// Create and expose config service provider
+	ctn.Provide(config.ServiceName, config.ServiceProvider(conf))
+
+	if conf.TestApp.Enabled {
+		ctx := context.Background()
+		provider, err := oidc.NewProvider(ctx, conf.TestApp.IssuerURL)
+		if err != nil {
+			return nil, errors.Wrap(err, "could not create oidc provider")
+		}
+
+		ctn.Provide(oidc.ServiceName, oidc.ServiceProvider(
+			oidc.WithCredentials(conf.TestApp.ClientID, conf.TestApp.ClientSecret),
+			oidc.WithProvider(provider),
+		))
+	}
+
+	ctn.Provide(hydra.ServiceName, hydra.ServiceProvider(conf.Hydra.BaseURL, 30*time.Second))
+
+	return ctn, nil
+}
--- a/cmd/server/main.go
+++ b/cmd/server/main.go
@ -0,0 +1,112 @@
+package main
+
+import (
+	"net/http"
+
+	"forge.cadoles.com/wpetit/hydra-passwordless/internal/route"
+	"github.com/go-chi/chi"
+	"github.com/go-chi/chi/middleware"
+	"gitlab.com/wpetit/goweb/middleware/container"
+
+	"flag"
+	"fmt"
+	"log"
+
+	"os"
+
+	"forge.cadoles.com/wpetit/hydra-passwordless/internal/config"
+	"github.com/pkg/errors"
+)
+
+//nolint: gochecknoglobals
+var (
+	configFile = ""
+	workdir    = ""
+	dumpConfig = false
+	version    = false
+)
+
+// nolint: gochecknoglobals
+var (
+	GitRef         = "unknown"
+	ProjectVersion = "unknown"
+	BuildDate      = "unknown"
+)
+
+//nolint: gochecknoinits
+func init() {
+	flag.StringVar(&configFile, "config", configFile, "configuration file")
+	flag.StringVar(&workdir, "workdir", workdir, "working directory")
+	flag.BoolVar(&dumpConfig, "dump-config", dumpConfig, "dump configuration and exit")
+	flag.BoolVar(&version, "version", version, "show version and exit")
+}
+
+func main() {
+	flag.Parse()
+
+	if version {
+		fmt.Printf("%s (%s) - %s\n", ProjectVersion, GitRef, BuildDate)
+
+		os.Exit(0)
+	}
+
+	// Switch to new working directory if defined
+	if workdir != "" {
+		if err := os.Chdir(workdir); err != nil {
+			log.Fatalf("%+v", errors.Wrapf(err, "could not change working directory to '%s'", workdir))
+		}
+	}
+
+	// Load configuration file if defined, use default configuration otherwise
+	var conf *config.Config
+
+	var err error
+
+	if configFile != "" {
+		conf, err = config.NewFromFile(configFile)
+		if err != nil {
+			log.Fatalf("%+v", errors.Wrapf(err, "could not load config file '%s'", configFile))
+		}
+	} else {
+		if dumpConfig {
+			conf = config.NewDumpDefault()
+		} else {
+			conf = config.NewDefault()
+		}
+
+	}
+
+	// Dump configuration if asked
+	if dumpConfig {
+		if err := config.Dump(conf, os.Stdout); err != nil {
+			log.Fatalf("%+v", errors.Wrap(err, "could not dump config"))
+		}
+
+		os.Exit(0)
+	}
+
+	// Create service container
+	ctn, err := getServiceContainer(conf)
+	if err != nil {
+		log.Fatalf("%+v", errors.Wrap(err, "could not create service container"))
+	}
+
+	r := chi.NewRouter()
+
+	// Define base middlewares
+	r.Use(middleware.Logger)
+	r.Use(middleware.Recoverer)
+
+	// Expose service container on router
+	r.Use(container.ServiceContainer(ctn))
+
+	// Define routes
+	if err := route.Mount(r, conf); err != nil {
+		log.Fatalf("%+v", errors.Wrap(err, "could not mount http routes"))
+	}
+
+	log.Printf("listening on '%s'", conf.HTTP.Address)
+	if err := http.ListenAndServe(conf.HTTP.Address, r); err != nil {
+		log.Fatalf("%+v", errors.Wrapf(err, "could not listen on '%s'", conf.HTTP.Address))
+	}
+}
--- a/cmd/server/public/css/style.css
+++ b/cmd/server/public/css/style.css
@ -0,0 +1,3 @@
+body {
+    background-color: hsla(217, 15%, 95%, 1);
+}
--- a/cmd/server/template/blocks/base.html.tmpl
+++ b/cmd/server/template/blocks/base.html.tmpl
@ -0,0 +1,19 @@
+{{define "base"}}
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>{{block "title" . -}}{{- end}}</title>
+    {{- block "head_style" . -}}
+    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bulma@0.8.0/css/bulma.min.css" />
+    <link rel="stylesheet" href="/css/style.css" />
+    {{end}}
+    {{- block "head_script" . -}}{{end}}
+  </head>
+  <body>
+  {{- block "body" . -}}{{- end -}}
+  {{- block "body_script" . -}}{{end}}
+  </body>
+</html>
+{{end}}
--- a/cmd/server/template/blocks/flash.html.tmpl
+++ b/cmd/server/template/blocks/flash.html.tmpl
@ -0,0 +1,23 @@
+{{define "flash"}}
+  <div class="flash has-margin-top-small has-margin-bottom-small">
+    {{- range .Flashes -}}
+      {{- if eq .Type "error" -}}
+        {{template "flash_message" map "Title" "Erreur" "MessageClass" "is-danger" "Message" .Message }}
+      {{- else if eq .Type "warn" -}}
+        {{template "flash_message" map "Title" "Attention" "MessageClass" "is-warning" "Message" .Message }}
+      {{- else if eq .Type "success" -}}
+        {{template "flash_message" map "Title" "Succès" "MessageClass" "is-success" "Message" .Message }}
+      {{- else -}}
+        {{template "flash_message" map "Title" "Information" "MessageClass" "is-info" "Message" .Message }}
+      {{- end -}}
+    {{- end -}}
+  </div>
+{{end}}
+
+{{define "flash_message" -}}
+  <div class="message {{.MessageClass}}">
+    <div class="message-body">
+      <span class="has-text-weight-bold">{{.Title}}</span> {{.Message}}
+    </div>
+  </div>
+{{- end}}
--- a/cmd/server/template/blocks/footer.html.tmpl
+++ b/cmd/server/template/blocks/footer.html.tmpl
@ -0,0 +1,7 @@
+{{define "footer"}}
+<p class="has-margin-top-small has-text-right is-size-7 has-text-grey">
+  Version: {{ .BuildInfo.ProjectVersion }} - 
+  Réf.: {{ .BuildInfo.GitRef }} - 
+  Date de construction: {{ .BuildInfo.BuildDate }}
+</p>
+{{end}}
--- a/cmd/server/template/blocks/header.html.tmpl
+++ b/cmd/server/template/blocks/header.html.tmpl
@ -0,0 +1,11 @@
+{{define "header"}}
+<div class="columns is-mobile">
+  <div class="column is-4-tablet is-8-mobile">
+    <div class="columns is-mobile is-gapless">
+      <div class="column is-narrow">
+        <h1 class="is-size-3 title"><a href="/" rel="Homepage" class="has-text-black">Your project</a></h1>
+      </div>
+    </div>
+  </div>
+</div>
+{{end}}
--- a/cmd/server/template/layouts/consent.html.tmpl
+++ b/cmd/server/template/layouts/consent.html.tmpl
@ -0,0 +1,9 @@
+{{define "title"}}Consent{{end}}
+{{define "body"}}
+<section class="home is-fullheight section">
+  <div class="container">
+    
+  </div>
+</section>
+{{end}}
+{{template "base" .}}
--- a/cmd/server/template/layouts/email_sent.html.tmpl
+++ b/cmd/server/template/layouts/email_sent.html.tmpl
@ -0,0 +1,20 @@
+{{define "title"}}Connexion{{end}}
+{{define "body"}}
+<section class="hero is-fullheight">
+    <div class="hero-body">
+        <div class="container">
+            <div class="columns">
+                <div class="column is-4 is-offset-4">
+                    <div class="message is-success">
+                        <div class="message-body">
+                            <p class="title is-size-4">Un message a été envoyé à votre adresse courriel.</p>
+                            <p>Celui ci contient un lien qui vous permettra de vous connecter à l'application.</p>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</section>
+{{end}}
+{{template "base" .}}
--- a/cmd/server/template/layouts/home.html.tmpl
+++ b/cmd/server/template/layouts/home.html.tmpl
@ -0,0 +1,11 @@
+{{define "title"}}Accueil{{end}}
+{{define "body"}}
+<section class="home is-fullheight section">
+  <div class="container">
+    {{template "header" .}}
+    <h1>Bienvenue !</h1>
+    {{template "footer" .}}
+  </div>
+</section>
+{{end}}
+{{template "base" .}}
--- a/cmd/server/template/layouts/login.html.tmpl
+++ b/cmd/server/template/layouts/login.html.tmpl
@ -0,0 +1,33 @@
+{{define "title"}}Connexion{{end}}
+{{define "body"}}
+<section class="hero is-fullheight">
+    <div class="hero-body">
+        <div class="container has-text-centered">
+            <div class="columns">
+                <div class="column is-4 is-offset-4">
+                    <p class="has-text-black title">
+                        Connexion
+                    </p>
+                    <p class="has-text-black subtitle">
+                        Veuillez entrer votre adresse courriel.
+                    </p>
+                    <div class="box">
+                        <form action="/login" method="POST">
+                            <div class="field">
+                                <div class="control">
+                                    <input class="input is-large" type="email"
+                                        id="email"
+                                        name="email" placeholder="john.doe@email.com" />
+                                </div>
+                            </div>
+                            {{ .csrfField }}
+                            <button type="submit" class="button is-link is-medium is-block is-fullwidth">Envoyer</button>
+                        </form>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</section>
+{{end}}
+{{template "base" .}}
--- a/go.mod
+++ b/go.mod
@ -0,0 +1,21 @@
+module forge.cadoles.com/wpetit/hydra-passwordless
+
+go 1.14
+
+require (
+	github.com/coreos/go-oidc v2.2.1+incompatible
+	github.com/davecgh/go-spew v1.1.1
+	github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5
+	github.com/go-chi/chi v4.1.0+incompatible
+	github.com/gorilla/csrf v1.6.2
+	github.com/gorilla/sessions v1.2.0
+	github.com/pkg/errors v0.9.1
+	github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect
+	gitlab.com/wpetit/goweb v0.0.0-20200317131025-42aba649c833
+	golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45
+	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
+	gopkg.in/dgrijalva/jwt-go.v3 v3.2.0 // indirect
+	gopkg.in/mail.v2 v2.3.1
+	gopkg.in/square/go-jose.v2 v2.4.1 // indirect
+	gopkg.in/yaml.v2 v2.2.8
+)
--- a/go.sum
+++ b/go.sum
@ -0,0 +1,245 @@
+cdr.dev/slog v1.3.0/go.mod h1:C5OL99WyuOK8YHZdYY57dAPN1jK2WJlCdq2VP6xeQns=
+cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
+cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
+cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
+cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
+cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
+cloud.google.com/go v0.49.0/go.mod h1:hGvAdzcWNbyuxS3nWhD7H2cIJxjRRTRLQVB0bdputVY=
+cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
+cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
+cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
+cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
+dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
+github.com/GeertJohan/go.incremental v1.0.0/go.mod h1:6fAjUhbVuX1KcMD3c8TEgVUqmo4seqhv0i0kdATSkM0=
+github.com/GeertJohan/go.rice v1.0.0/go.mod h1:eH6gbSOAUv07dQuZVnBmoDP8mgsM1rtixis4Tib9if0=
+github.com/akavel/rsrc v0.8.0/go.mod h1:uLoCtb9J+EyAqh+26kdrTgmzRBFPGOolLWKpdxkKq+c=
+github.com/alecthomas/assert v0.0.0-20170929043011-405dbfeb8e38/go.mod h1:r7bzyVFMNntcxPZXK3/+KdruV1H5KSlyVY0gc+NgInI=
+github.com/alecthomas/chroma v0.7.0/go.mod h1:1U/PfCsTALWWYHDnsIQkxEBM0+6LLe0v8+RSVMOwxeY=
+github.com/alecthomas/colour v0.0.0-20160524082231-60882d9e2721/go.mod h1:QO9JBoKquHd+jz9nshCh40fOfO+JzsoXy8qTHF68zU0=
+github.com/alecthomas/kong v0.1.17-0.20190424132513-439c674f7ae0/go.mod h1:+inYUSluD+p4L8KdviBSgzcqEjUQOfC5fQDRFuc36lI=
+github.com/alecthomas/kong v0.2.1-0.20190708041108-0548c6b1afae/go.mod h1:+inYUSluD+p4L8KdviBSgzcqEjUQOfC5fQDRFuc36lI=
+github.com/alecthomas/kong-hcl v0.1.8-0.20190615233001-b21fea9723c8/go.mod h1:MRgZdU3vrFd05IQ89AxUZ0aYdF39BYoNFa324SodPCA=
+github.com/alecthomas/repr v0.0.0-20180818092828-117648cd9897/go.mod h1:xTS7Pm1pD1mvyM075QCDSRqH6qRLXylzS24ZTpRiSzQ=
+github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/coreos/go-oidc v2.2.1+incompatible h1:mh48q/BqXqgjVHpy2ZY7WnWAbenxRjsz9N1i1YxjHAk=
+github.com/coreos/go-oidc v2.2.1+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc=
+github.com/daaku/go.zipexe v1.0.0/go.mod h1:z8IiR6TsVLEYKwXAoE/I+8ys/sDkgTzSL0CLnGVd57E=
+github.com/danwakefield/fnmatch v0.0.0-20160403171240-cbb64ac3d964/go.mod h1:Xd9hchkHSWYkEqJwUGisez3G1QY8Ryz0sdWrLPMGjLk=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5 h1:RAV05c0xOkJ3dZGS0JFybxFKZ2WMLabgx3uXnd7rpGs=
+github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5/go.mod h1:GgB8SF9nRG+GqaDtLcwJZsQFhcogVCJ79j4EdT0c2V4=
+github.com/dlclark/regexp2 v1.1.6/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc=
+github.com/dlclark/regexp2 v1.2.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc=
+github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
+github.com/go-chi/chi v1.0.0 h1:s/kv1cTXfivYjdKJdyUzNGyAWZ/2t7duW1gKn5ivu+c=
+github.com/go-chi/chi v4.0.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ=
+github.com/go-chi/chi v4.1.0+incompatible h1:ETj3cggsVIY2Xao5ExCu6YhEh5MD6JTfcBzS37R260w=
+github.com/go-chi/chi v4.1.0+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ=
+github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
+github.com/go-playground/locales v0.12.1/go.mod h1:IUMDtCfWo/w/mtMfIE/IG2K+Ey3ygWanZIBtBW0W2TM=
+github.com/go-playground/universal-translator v0.16.0/go.mod h1:1AnU7NaIRDWWzGEKwgtJRd2xk99HeFyHw3yid4rvQIY=
+github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20191027212112-611e8accdfc9/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
+github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.3.2-0.20191216170541-340f1ebe299e/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
+github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
+github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
+github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
+github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
+github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
+github.com/gorilla/csrf v1.6.0/go.mod h1:7tSf8kmjNYr7IWDCYhd3U8Ck34iQ/Yw5CJu7bAkHEGI=
+github.com/gorilla/csrf v1.6.2 h1:QqQ/OWwuFp4jMKgBFAzJVW3FMULdyUW7JoM4pEWuqKg=
+github.com/gorilla/csrf v1.6.2/go.mod h1:7tSf8kmjNYr7IWDCYhd3U8Ck34iQ/Yw5CJu7bAkHEGI=
+github.com/gorilla/handlers v1.4.1/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ=
+github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
+github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
+github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
+github.com/gorilla/sessions v1.2.0 h1:S7P+1Hm5V/AT9cjEcUD5uDaQSX0OE577aCXgoaKpYbQ=
+github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
+github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
+github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
+github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
+github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
+github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/leodido/go-urn v1.1.0/go.mod h1:+cyI34gQWZcE1eQU7NVgKkkzdXDQHr1dBMtdAPozLkw=
+github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
+github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
+github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
+github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE=
+github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
+github.com/nkovacs/streamquote v0.0.0-20170412213628-49af9bddb229/go.mod h1:0aYXnNPJ8l7uZxf45rWW1a/uME32OF0rhiYGNQ2oF2E=
+github.com/oxtoacart/bpool v0.0.0-20190530202638-03653db5a59c h1:rp5dCmg/yLR3mgFuSOe4oEnDDmGLROTvMragMUXpTQw=
+github.com/oxtoacart/bpool v0.0.0-20190530202638-03653db5a59c/go.mod h1:X07ZCGwUbLaax7L0S3Tw4hpejzu63ZrrQiUe6W0hcy0=
+github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 h1:J9b7z+QKAmPf4YLrFg6oQUotqHQeUNWwkvo7jZp1GLU=
+github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA=
+github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
+github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
+github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
+gitlab.com/wpetit/goweb v0.0.0-20200317131025-42aba649c833 h1:e2HXOwLZOcurBeqA6XwIdXNLZwGN6oXHBhPdhnBrEq8=
+gitlab.com/wpetit/goweb v0.0.0-20200317131025-42aba649c833/go.mod h1:wqXhN3jywegFzw33pEFAEbsXnshFx0nJ+aXTi4pCtIQ=
+go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
+go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
+go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413 h1:ULYEB3JvPRE/IfO+9uO7vKV/xzVTO7XPAwm8xbf4w2g=
+golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
+golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
+golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
+golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
+golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
+golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
+golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
+golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
+golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
+golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553 h1:efeOvDhwQ29Dj3SdAV/MJf8oukgn+8D8WgaCaRMchF8=
+golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0=
+golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181128092732-4ed8d59d0b35/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
+google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
+google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
+google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
+google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
+google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
+google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.6.1 h1:QzqyMA1tlu6CgqCDUtU9V+ZKhLFT2dkJuANu5QaxI3I=
+google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
+google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
+google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
+google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
+google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
+google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
+google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
+gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc h1:2gGKlE2+asNV9m7xrywl36YYNnBG5ZQ0r/BOOxqPpmk=
+gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod h1:m7x9LTH6d71AHyAX77c9yqWCCa3UKHcVEj9y7hAtKDk=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/dgrijalva/jwt-go.v3 v3.2.0 h1:N46iQqOtHry7Hxzb9PGrP68oovQmj7EhudNoKHvbOvI=
+gopkg.in/dgrijalva/jwt-go.v3 v3.2.0/go.mod h1:hdNXC2Z9yC029rvsQ/on2ZNQ44Z2XToVhpXXbR+J05A=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE=
+gopkg.in/go-playground/validator.v9 v9.29.1/go.mod h1:+c9/zcJMFNgbLvly1L1V+PpxWdVbfP1avr/N00E2vyQ=
+gopkg.in/mail.v2 v2.3.1 h1:WYFn/oANrAGP2C0dcV6/pbkPzv8yGzqTjPmTeO7qoXk=
+gopkg.in/mail.v2 v2.3.1/go.mod h1:htwXN1Qh09vZJ1NVKxQqHPBaCBbzKhp5GzuJEA4VJWw=
+gopkg.in/square/go-jose.v2 v2.4.1 h1:H0TmLt7/KmzlrDOpa1F+zr0Tk90PbJYBfsVUmRLrf9Y=
+gopkg.in/square/go-jose.v2 v2.4.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
+gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
+rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
--- a/internal/config/config.go
+++ b/internal/config/config.go
@ -0,0 +1,104 @@
+package config
+
+import (
+	"io"
+	"io/ioutil"
+	"time"
+
+	"github.com/pkg/errors"
+
+	"gopkg.in/yaml.v2"
+)
+
+type Config struct {
+	HTTP    HTTPConfig    `yaml:"http"`
+	TestApp TestAppConfig `yaml:"testApp"`
+	SMTP    SMTPConfig    `yaml:"smtp"`
+	Hydra   HydraConfig   `yaml:"hydra"`
+}
+
+// NewFromFile retrieves the configuration from the given file
+func NewFromFile(filepath string) (*Config, error) {
+	config := NewDefault()
+
+	data, err := ioutil.ReadFile(filepath)
+	if err != nil {
+		return nil, errors.Wrapf(err, "could not read file '%s'", filepath)
+	}
+
+	if err := yaml.Unmarshal(data, config); err != nil {
+		return nil, errors.Wrapf(err, "could not unmarshal configuration")
+	}
+
+	return config, nil
+}
+
+type HTTPConfig struct {
+	Address                 string `yaml:"address"`
+	CookieAuthenticationKey string `yaml:"cookieAuthenticationKey"`
+	CookieEncryptionKey     string `yaml:"cookieEncryptionKey"`
+	CookieMaxAge            int    `yaml:"cookieMaxAge"`
+	TemplateDir             string `yaml:"templateDir"`
+	PublicDir               string `yaml:"publicDir"`
+}
+
+type TestAppConfig struct {
+	Enabled      bool   `yaml:"enabled"`
+	ClientID     string `yaml:"clientId"`
+	ClientSecret string `yaml:"clientSecret"`
+	IssuerURL    string `ymal:"issuerUrl"`
+	RedirectURL  string `yaml:"redirectUrl"`
+}
+
+type SMTPConfig struct {
+	Host               string `yaml:"host"`
+	Port               int    `yaml:"port"`
+	UseStartTLS        bool   `yaml:"useStartTLS"`
+	User               string `yaml:"user"`
+	Password           string `yaml:"password"`
+	InsecureSkipVerify bool   `yaml:"insecureSkipVerify"`
+}
+
+type HydraConfig struct {
+	BaseURL string `yaml:"baseURL"`
+}
+
+func NewDumpDefault() *Config {
+	config := NewDefault()
+	return config
+}
+
+func NewDefault() *Config {
+	return &Config{
+		HTTP: HTTPConfig{
+			Address:                 ":3000",
+			CookieAuthenticationKey: "",
+			CookieEncryptionKey:     "",
+			CookieMaxAge:            int((time.Hour * 1).Seconds()), // 1 hour
+			TemplateDir:             "template",
+			PublicDir:               "public",
+		},
+		TestApp: TestAppConfig{
+			Enabled:     false,
+			IssuerURL:   "http://localhost:4444/",
+			RedirectURL: "http://localhost:3000/test/oauth2/callback",
+		},
+		SMTP: SMTPConfig{},
+		Hydra: HydraConfig{
+			BaseURL: "http://localhost:4444/",
+		},
+	}
+}
+
+func Dump(config *Config, w io.Writer) error {
+	data, err := yaml.Marshal(config)
+	if err != nil {
+		return errors.Wrap(err, "could not dump config")
+	}
+
+	if _, err := w.Write(data); err != nil {
+		return err
+	}
+
+	return nil
+}
--- a/internal/config/provider.go
+++ b/internal/config/provider.go
@ -0,0 +1,9 @@
+package config
+
+import "gitlab.com/wpetit/goweb/service"
+
+func ServiceProvider(config *Config) service.Provider {
+	return func(ctn *service.Container) (interface{}, error) {
+		return config, nil
+	}
+}
--- a/internal/config/service.go
+++ b/internal/config/service.go
@ -0,0 +1,33 @@
+package config
+
+import (
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/service"
+)
+
+const ServiceName service.Name = "config"
+
+// From retrieves the config service in the given container
+func From(container *service.Container) (*Config, error) {
+	service, err := container.Service(ServiceName)
+	if err != nil {
+		return nil, errors.Wrapf(err, "error while retrieving '%s' service", ServiceName)
+	}
+
+	srv, ok := service.(*Config)
+	if !ok {
+		return nil, errors.Errorf("retrieved service is not a valid '%s' service", ServiceName)
+	}
+
+	return srv, nil
+}
+
+// Must retrieves the config service in the given container or panic otherwise
+func Must(container *service.Container) *Config {
+	srv, err := From(container)
+	if err != nil {
+		panic(err)
+	}
+
+	return srv
+}
--- a/internal/hydra/client.go
+++ b/internal/hydra/client.go
@ -0,0 +1,61 @@
+package hydra
+
+import (
+	"net/http"
+	"time"
+)
+
+type Client struct {
+	baseURL string
+	http    *http.Client
+}
+
+func (c *Client) LoginRequest(challenge string) (*LoginResponse, error) {
+	return nil, nil
+}
+
+func (c *Client) Accept(challenge string) (*AcceptResponse, error) {
+	return nil, nil
+}
+
+func (c *Client) RejectRequest(challenge string) (*RejectResponse, error) {
+	return nil, nil
+}
+
+func (c *Client) LogoutRequest(challenge string) (*LogoutResponse, error) {
+	return nil, nil
+}
+
+func (c *Client) ConsentRequest(challenge string) (*ConsentResponse, error) {
+	return nil, nil
+}
+
+func (c *Client) LoginChallenge(r *http.Request) (string, error) {
+	return c.challenge(r, "login_challenge")
+}
+
+func (c *Client) ConsentChallenge(r *http.Request) (string, error) {
+	return c.challenge(r, "consent_challenge")
+}
+
+func (c *Client) LogoutChallenge(r *http.Request) (string, error) {
+	return c.challenge(r, "logout_challenge")
+}
+
+func (c *Client) challenge(r *http.Request, name string) (string, error) {
+	challenge := r.URL.Query().Get(name)
+	if challenge == "" {
+		return "", ErrChallengeNotFound
+	}
+
+	return challenge, nil
+}
+
+func NewClient(baseURL string, httpTimeout time.Duration) *Client {
+	return &Client{
+		baseURL: baseURL,
+		http: &http.Client{
+			Timeout: 30 * time.Second,
+		},
+	}
+}
--- a/internal/hydra/error.go
+++ b/internal/hydra/error.go
@ -0,0 +1,7 @@
+package hydra
+
+import "errors"
+
+var (
+	ErrChallengeNotFound = errors.New("challenge not found")
+)
--- a/internal/hydra/provider.go
+++ b/internal/hydra/provider.go
@ -0,0 +1,15 @@
+package hydra
+
+import (
+	"time"
+
+	"gitlab.com/wpetit/goweb/service"
+)
+
+func ServiceProvider(baseURL string, httpTimeout time.Duration) service.Provider {
+	client := NewClient(baseURL, httpTimeout)
+
+	return func(ctn *service.Container) (interface{}, error) {
+		return client, nil
+	}
+}
--- a/internal/hydra/response.go
+++ b/internal/hydra/response.go
@ -0,0 +1,16 @@
+package hydra
+
+type LoginResponse struct {
+}
+
+type AcceptResponse struct {
+}
+
+type RejectResponse struct {
+}
+
+type LogoutResponse struct {
+}
+
+type ConsentResponse struct {
+}
--- a/internal/hydra/service.go
+++ b/internal/hydra/service.go
@ -0,0 +1,33 @@
+package hydra
+
+import (
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/service"
+)
+
+const ServiceName service.Name = "hydra"
+
+// From retrieves the hydra service in the given container
+func From(container *service.Container) (*Client, error) {
+	service, err := container.Service(ServiceName)
+	if err != nil {
+		return nil, errors.Wrapf(err, "error while retrieving '%s' service", ServiceName)
+	}
+
+	srv, ok := service.(*Client)
+	if !ok {
+		return nil, errors.Errorf("retrieved service is not a valid '%s' service", ServiceName)
+	}
+
+	return srv, nil
+}
+
+// Must retrieves the hydra service in the given container or panic otherwise
+func Must(container *service.Container) *Client {
+	srv, err := From(container)
+	if err != nil {
+		panic(err)
+	}
+
+	return srv
+}
--- a/internal/mail/mailer.go
+++ b/internal/mail/mailer.go
@ -0,0 +1,19 @@
+package mail
+
+type Option struct {
+	Host               string
+	Port               int
+	User               string
+	Password           string
+	InsecureSkipVerify bool
+}
+
+type OptionFunc func(*Option)
+
+type Mailer struct {
+	opt *Option
+}
+
+func NewMailer(funcs ...OptionFunc) *Mailer {
+	return &Mailer{}
+}
--- a/internal/mail/provider.go
+++ b/internal/mail/provider.go
@ -0,0 +1,11 @@
+package mail
+
+import "gitlab.com/wpetit/goweb/service"
+
+func ServiceProvider(opts ...OptionFunc) service.Provider {
+	mailer := NewMailer(opts...)
+
+	return func(ctn *service.Container) (interface{}, error) {
+		return mailer, nil
+	}
+}
--- a/internal/mail/send.go
+++ b/internal/mail/send.go
@ -0,0 +1,138 @@
+package mail
+
+import (
+	"crypto/tls"
+
+	"github.com/pkg/errors"
+	gomail "gopkg.in/mail.v2"
+)
+
+type SendFunc func(*SendOption)
+
+type SendOption struct {
+	Charset           string
+	AddressHeaders    []AddressHeader
+	Headers           []Header
+	Body              Body
+	AlternativeBodies []Body
+}
+
+type AddressHeader struct {
+	Field   string
+	Address string
+	Name    string
+}
+
+type Header struct {
+	Field  string
+	Values []string
+}
+
+type Body struct {
+	Type        string
+	Content     string
+	PartSetting gomail.PartSetting
+}
+
+func WithCharset(charset string) func(*SendOption) {
+	return func(opt *SendOption) {
+		opt.Charset = charset
+	}
+}
+
+func WithFrom(address string, name string) func(*SendOption) {
+	return WithAddressHeader("From", address, name)
+}
+
+func WithAddressHeader(field, address, name string) func(*SendOption) {
+	return func(opt *SendOption) {
+		opt.AddressHeaders = append(opt.AddressHeaders, AddressHeader{field, address, name})
+	}
+}
+
+func WithHeader(field string, values ...string) func(*SendOption) {
+	return func(opt *SendOption) {
+		opt.Headers = append(opt.Headers, Header{field, values})
+	}
+}
+
+func WithBody(contentType string, content string, setting gomail.PartSetting) func(*SendOption) {
+	return func(opt *SendOption) {
+		opt.Body = Body{contentType, content, setting}
+	}
+}
+
+func WithAlternativeBody(contentType string, content string, setting gomail.PartSetting) func(*SendOption) {
+	return func(opt *SendOption) {
+		opt.AlternativeBodies = append(opt.AlternativeBodies, Body{contentType, content, setting})
+	}
+}
+
+func (m *Mailer) Send(funcs ...SendFunc) error {
+	opt := &SendOption{
+		Charset: "UTF-8",
+		Body: Body{
+			Type:        "text/plain",
+			Content:     "",
+			PartSetting: gomail.SetPartEncoding(gomail.Unencoded),
+		},
+		AddressHeaders:    make([]AddressHeader, 0),
+		Headers:           make([]Header, 0),
+		AlternativeBodies: make([]Body, 0),
+	}
+
+	for _, f := range funcs {
+		f(opt)
+	}
+
+	conn, err := m.openConnection()
+	if err != nil {
+		return errors.Wrap(err, "could not open connection")
+	}
+
+	defer conn.Close()
+
+	message := gomail.NewMessage(gomail.SetCharset(opt.Charset))
+
+	for _, h := range opt.AddressHeaders {
+		message.SetAddressHeader(h.Field, h.Address, h.Name)
+	}
+
+	for _, h := range opt.Headers {
+		message.SetHeader(h.Field, h.Values...)
+	}
+
+	message.SetBody(opt.Body.Type, opt.Body.Content, opt.Body.PartSetting)
+
+	for _, b := range opt.AlternativeBodies {
+		message.AddAlternative(b.Type, b.Content, b.PartSetting)
+	}
+
+	if err := gomail.Send(conn, message); err != nil {
+		return errors.Wrap(err, "could not send message")
+	}
+
+	return nil
+}
+
+func (m *Mailer) openConnection() (gomail.SendCloser, error) {
+	dialer := gomail.NewDialer(
+		m.opt.Host,
+		m.opt.Port,
+		m.opt.User,
+		m.opt.Password,
+	)
+
+	if m.opt.InsecureSkipVerify {
+		dialer.TLSConfig = &tls.Config{
+			InsecureSkipVerify: true,
+		}
+	}
+
+	conn, err := dialer.Dial()
+	if err != nil {
+		return nil, errors.Wrap(err, "could not dial smtp server")
+	}
+
+	return conn, nil
+}
--- a/internal/mail/service.go
+++ b/internal/mail/service.go
@ -0,0 +1,33 @@
+package mail
+
+import (
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/service"
+)
+
+const ServiceName service.Name = "mail"
+
+// From retrieves the mail service in the given container
+func From(container *service.Container) (*Mailer, error) {
+	service, err := container.Service(ServiceName)
+	if err != nil {
+		return nil, errors.Wrapf(err, "error while retrieving '%s' service", ServiceName)
+	}
+
+	srv, ok := service.(*Mailer)
+	if !ok {
+		return nil, errors.Errorf("retrieved service is not a valid '%s' service", ServiceName)
+	}
+
+	return srv, nil
+}
+
+// Must retrieves the mail service in the given container or panic otherwise
+func Must(container *service.Container) *Mailer {
+	srv, err := From(container)
+	if err != nil {
+		panic(err)
+	}
+
+	return srv
+}
--- a/internal/route/consent.go
+++ b/internal/route/consent.go
@ -0,0 +1,20 @@
+package route
+
+import (
+	"net/http"
+
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/middleware/container"
+	"gitlab.com/wpetit/goweb/service/template"
+)
+
+func serveConsentPage(w http.ResponseWriter, r *http.Request) {
+	ctn := container.Must(r.Context())
+	tmpl := template.Must(ctn)
+
+	data := extendTemplateData(w, r, template.Data{})
+
+	if err := tmpl.RenderPage(w, "consent.html.tmpl", data); err != nil {
+		panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
+	}
+}
--- a/internal/route/helper.go
+++ b/internal/route/helper.go
@ -0,0 +1,24 @@
+package route
+
+import (
+	"net/http"
+
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/middleware/container"
+	"gitlab.com/wpetit/goweb/service/template"
+	"gitlab.com/wpetit/goweb/template/html"
+)
+
+func extendTemplateData(w http.ResponseWriter, r *http.Request, data template.Data) template.Data {
+	ctn := container.Must(r.Context())
+	data, err := template.Extend(data,
+		html.WithFlashes(w, r, ctn),
+		template.WithBuildInfo(w, r, ctn),
+	)
+
+	if err != nil {
+		panic(errors.Wrap(err, "could not extend template data"))
+	}
+
+	return data
+}
--- a/internal/route/home.go
+++ b/internal/route/home.go
@ -0,0 +1,20 @@
+package route
+
+import (
+	"net/http"
+
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/middleware/container"
+	"gitlab.com/wpetit/goweb/service/template"
+)
+
+func serveHomePage(w http.ResponseWriter, r *http.Request) {
+	ctn := container.Must(r.Context())
+	tmpl := template.Must(ctn)
+
+	data := extendTemplateData(w, r, template.Data{})
+
+	if err := tmpl.RenderPage(w, "home.html.tmpl", data); err != nil {
+		panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
+	}
+}
--- a/internal/route/login.go
+++ b/internal/route/login.go
@ -0,0 +1,57 @@
+package route
+
+import (
+	"net/http"
+
+	"github.com/davecgh/go-spew/spew"
+
+	"forge.cadoles.com/wpetit/hydra-passwordless/internal/hydra"
+	"github.com/gorilla/csrf"
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/middleware/container"
+	"gitlab.com/wpetit/goweb/service/template"
+)
+
+func serveLoginPage(w http.ResponseWriter, r *http.Request) {
+	ctn := container.Must(r.Context())
+	hydr := hydra.Must(ctn)
+
+	challenge, err := hydr.LoginChallenge(r)
+	if err != nil {
+		if err == hydra.ErrChallengeNotFound {
+			http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
+
+			return
+		}
+
+		panic(errors.Wrap(err, "could not retrieve login challenge"))
+	}
+
+	res, err := hydr.LoginRequest(challenge)
+	if err != nil {
+		panic(errors.Wrap(err, "could not retrieve hydra login response"))
+	}
+
+	spew.Dump(res)
+
+	tmpl := template.Must(ctn)
+
+	data := extendTemplateData(w, r, template.Data{
+		csrf.TemplateTag: csrf.TemplateField(r),
+	})
+
+	if err := tmpl.RenderPage(w, "login.html.tmpl", data); err != nil {
+		panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
+	}
+}
+
+func handleLoginForm(w http.ResponseWriter, r *http.Request) {
+	ctn := container.Must(r.Context())
+	tmpl := template.Must(ctn)
+
+	data := extendTemplateData(w, r, template.Data{})
+
+	if err := tmpl.RenderPage(w, "email_sent.html.tmpl", data); err != nil {
+		panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
+	}
+}
--- a/internal/route/logout.go
+++ b/internal/route/logout.go
@ -0,0 +1,9 @@
+package route
+
+import (
+	"net/http"
+)
+
+func serveLogoutPage(w http.ResponseWriter, r *http.Request) {
+
+}
--- a/internal/route/mount.go
+++ b/internal/route/mount.go
@ -0,0 +1,52 @@
+package route
+
+import (
+	"log"
+
+	"forge.cadoles.com/wpetit/hydra-passwordless/internal/config"
+	"forge.cadoles.com/wpetit/hydra-passwordless/oidc"
+
+	"github.com/go-chi/chi"
+	"github.com/gorilla/csrf"
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/session/gorilla"
+	"gitlab.com/wpetit/goweb/static"
+)
+
+func Mount(r *chi.Mux, config *config.Config) error {
+	csrfSecret, err := gorilla.GenerateRandomBytes(32)
+	if err != nil {
+		return errors.Wrap(err, "could not generate CSRF secret")
+	}
+
+	csrfMiddleware := csrf.Protect(
+		csrfSecret,
+		csrf.Secure(false),
+	)
+
+	r.Group(func(r chi.Router) {
+		r.Use(csrfMiddleware)
+
+		r.Get("/login", serveLoginPage)
+		r.Post("/login", handleLoginForm)
+		r.Get("/logout", serveLogoutPage)
+		r.Get("/consent", serveConsentPage)
+	})
+
+	if config.TestApp.Enabled {
+		log.Println("test app enabled")
+
+		r.Route("/test", func(r chi.Router) {
+			r.Group(func(r chi.Router) {
+				r.Use(oidc.Middleware)
+
+				r.Get("/", serveTestAppHomePage)
+			})
+		})
+	}
+
+	notFoundHandler := r.NotFoundHandler()
+	r.Get("/*", static.Dir(config.HTTP.PublicDir, "", notFoundHandler))
+
+	return nil
+}
--- a/internal/route/test_app.go
+++ b/internal/route/test_app.go
@ -0,0 +1,23 @@
+package route
+
+import (
+	"log"
+	"net/http"
+
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/middleware/container"
+	"gitlab.com/wpetit/goweb/service/template"
+)
+
+func serveTestAppHomePage(w http.ResponseWriter, r *http.Request) {
+	ctn := container.Must(r.Context())
+	tmpl := template.Must(ctn)
+
+	data := extendTemplateData(w, r, template.Data{})
+
+	log.Println("rendering test app home")
+
+	if err := tmpl.RenderPage(w, "home.html.tmpl", data); err != nil {
+		panic(errors.Wrapf(err, "could not render '%s' page", r.URL.Path))
+	}
+}
--- a/misc/script/release.sh
+++ b/misc/script/release.sh
@ -0,0 +1,123 @@
+#!/bin/bash
+
+set -eo pipefail
+
+OS_TARGETS=(linux)
+ARCH_TARGETS=${ARCH_TARGETS:-amd64 arm 386}
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
+PROJECT_DIR="$DIR/../.."
+
+function build {
+
+  local name=$1
+  local srcdir=$2
+  local os=$3
+  local arch=$4
+
+  local dirname="$name-$os-$arch"
+  local destdir="$PROJECT_DIR/release/$dirname"
+
+  rm -rf "$destdir"
+  mkdir -p "$destdir"
+
+  echo "building $dirname..."
+
+  CGO_ENABLED=0 GOOS="$os" GOARCH="$arch" go build \
+    -mod=vendor \
+    -ldflags="-s -w -X 'main.GitRef=$(current_commit_ref)' -X 'main.ProjectVersion=$(current_version)' -X 'main.BuildDate=$(current_date)'" \
+    -gcflags=-trimpath="${PWD}" \
+    -asmflags=-trimpath="${PWD}" \
+    -o "$destdir/bin/$name" \
+    "$srcdir"
+
+  if [ ! -z "$(which upx)" ]; then
+    upx --best "$destdir/bin/$name"
+  fi
+
+}
+
+function current_date {
+  date '+%Y-%m-%d %H:%M'
+}
+
+function current_commit_ref {
+  git log -n 1 --pretty="format:%h"
+}
+
+function current_version {
+  local latest_tag=$(git describe --abbrev=0 2>/dev/null)
+  echo ${latest_tag:-0.0.0}
+}
+
+function copy {
+
+  local name=$1
+  local os=$2
+  local arch=$3
+  local src=$4
+  local dest=$5
+
+  local dirname="$name-$os-$arch"
+  local destdir="$PROJECT_DIR/release/$dirname"
+
+  echo "copying '$src' to '$destdir/$dest'..."
+
+  mkdir -p "$(dirname $destdir/$dest)"
+
+  cp -rfL $src "$destdir/$dest"
+
+}
+
+function dump_default_conf {
+  # Generate and copy configuration file
+  local command=$1
+  local os=$2
+  local arch=$3
+  local tmp_conf=$(mktemp)
+
+  go run "$PROJECT_DIR/cmd/$command" -dump-config > "$tmp_conf"
+  copy "$command" $os $arch "$tmp_conf" "$command.yml"
+  rm -f "$tmp_conf"
+}
+
+function compress {
+
+  local name=$1
+  local os=$2
+  local arch=$3
+
+  local dirname="$name-$os-$arch"
+  local destdir="$PROJECT_DIR/release/$dirname"
+
+  echo "compressing $dirname..."
+  tar -czf "$destdir.tar.gz" -C "$destdir/../" "$dirname"
+}
+
+function release_server {
+
+  local os=$1
+  local arch=$2
+  
+  build 'server' "$PROJECT_DIR/cmd/server" $os $arch
+
+  dump_default_conf 'server' $os $arch
+  
+  copy 'server' $os $arch "$PROJECT_DIR/README.md" "README.md"
+  copy 'server' $os $arch "$PROJECT_DIR/cmd/server/public" "public"
+  copy 'server' $os $arch "$PROJECT_DIR/cmd/server/template" "template"
+
+  compress 'server' $os $arch
+
+}
+
+function main {
+
+  for os in ${OS_TARGETS[@]}; do
+    for arch in ${ARCH_TARGETS[@]}; do
+      release_server $os $arch
+    done
+  done
+}
+
+main
--- a/misc/systemd/server.service
+++ b/misc/systemd/server.service
@ -0,0 +1,11 @@
+[Unit]
+Description=hydra-passwordless
+After=network-online.target
+
+[Service]
+Type=simple
+ExecStart=/usr/local/bin/server -workdir /usr/local/share/server -config /etc/server/config.yml
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
--- a/modd.conf
+++ b/modd.conf
@ -0,0 +1,13 @@
+**/*.go
+!**/*_test.go
+data/config.yml
+cmd/server/template/**/*
+modd.conf {
+  prep: make build
+  prep: [ -e data/config.yml ] || ( mkdir -p data && bin/server -dump-config > data/config.yml )
+  daemon: bin/server -workdir "./cmd/server" -config ../../data/config.yml
+}
+
+**/*.go {
+  prep: make test
+}
--- a/oidc/client.go
+++ b/oidc/client.go
@ -0,0 +1,101 @@
+package oidc
+
+import (
+	"net/http"
+
+	"github.com/coreos/go-oidc"
+	"github.com/dchest/uniuri"
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/middleware/container"
+	"gitlab.com/wpetit/goweb/service/session"
+	"golang.org/x/oauth2"
+)
+
+type Client struct {
+	oauth2   *oauth2.Config
+	provider *oidc.Provider
+	verifier *oidc.IDTokenVerifier
+}
+
+func (c *Client) Verifier() *oidc.IDTokenVerifier {
+	return c.verifier
+}
+
+func (c *Client) Provider() *oidc.Provider {
+	return c.provider
+}
+
+func (c *Client) Redirect(w http.ResponseWriter, r *http.Request) {
+	ctn := container.Must(r.Context())
+
+	sess, err := session.Must(ctn).Get(w, r)
+	if err != nil {
+		panic(errors.Wrap(err, "could not retrieve session"))
+	}
+
+	state := uniuri.New()
+
+	sess.Set(SessionOIDCStateKey, state)
+
+	if err := sess.Save(w, r); err != nil {
+		panic(errors.Wrap(err, "could not save session"))
+	}
+
+	http.Redirect(w, r, c.oauth2.AuthCodeURL(state), http.StatusFound)
+}
+
+func (c *Client) Validate(w http.ResponseWriter, r *http.Request) (*oidc.IDToken, error) {
+	ctx := r.Context()
+	ctn := container.Must(ctx)
+
+	sess, err := session.Must(ctn).Get(w, r)
+	if err != nil {
+		return nil, errors.Wrap(err, "could not retrieve session")
+	}
+
+	state, ok := sess.Get(SessionOIDCStateKey).(string)
+	if !ok {
+		return nil, errors.New("invalid state")
+	}
+
+	if r.URL.Query().Get("state") != state {
+		return nil, errors.New("state mismatch")
+	}
+
+	code := r.URL.Query().Get("code")
+
+	token, err := c.oauth2.Exchange(ctx, code)
+	if err != nil {
+		return nil, errors.Wrap(err, "could not exchange token")
+	}
+
+	rawIDToken, ok := token.Extra("id_token").(string)
+	if !ok {
+		return nil, errors.New("could not find id token")
+	}
+
+	idToken, err := c.verifier.Verify(ctx, rawIDToken)
+	if err != nil {
+		return nil, errors.Wrap(err, "could not verify id token")
+	}
+
+	return idToken, nil
+}
+
+func NewClient(opts ...OptionFunc) *Client {
+	opt := fromDefault(opts...)
+
+	oauth2 := &oauth2.Config{
+		ClientID:     opt.ClientID,
+		ClientSecret: opt.ClientSecret,
+		Endpoint:     opt.Provider.Endpoint(),
+		RedirectURL:  opt.RedirectURL,
+		Scopes:       opt.Scopes,
+	}
+
+	verifier := opt.Provider.Verifier(&oidc.Config{
+		ClientID: opt.ClientID,
+	})
+
+	return &Client{oauth2, opt.Provider, verifier}
+}
--- a/oidc/middleware.go
+++ b/oidc/middleware.go
@ -0,0 +1,52 @@
+package oidc
+
+import (
+	"log"
+	"net/http"
+
+	"github.com/coreos/go-oidc"
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/middleware/container"
+	"gitlab.com/wpetit/goweb/service/session"
+)
+
+const (
+	SessionOIDCTokenKey = "oidc-token"
+	SessionOIDCStateKey = "oidc-state"
+)
+
+func Middleware(next http.Handler) http.Handler {
+	fn := func(w http.ResponseWriter, r *http.Request) {
+		if _, err := IDToken(w, r); err != nil {
+			ctn := container.Must(r.Context())
+
+			log.Println("retrieving oidc client")
+
+			client := Must(ctn)
+
+			client.Redirect(w, r)
+
+			return
+		}
+
+		next.ServeHTTP(w, r)
+	}
+
+	return http.HandlerFunc(fn)
+}
+
+func IDToken(w http.ResponseWriter, r *http.Request) (*oidc.IDToken, error) {
+	ctn := container.Must(r.Context())
+
+	sess, err := session.Must(ctn).Get(w, r)
+	if err != nil {
+		return nil, errors.Wrap(err, "could not retrieve session")
+	}
+
+	idToken, ok := sess.Get(SessionOIDCTokenKey).(*oidc.IDToken)
+	if !ok || idToken == nil {
+		return nil, errors.New("invalid id token")
+	}
+
+	return idToken, nil
+}
--- a/oidc/option.go
+++ b/oidc/option.go
@ -0,0 +1,52 @@
+package oidc
+
+import (
+	"context"
+
+	"github.com/coreos/go-oidc"
+)
+
+type OptionFunc func(*Option)
+
+type Option struct {
+	Provider     *oidc.Provider
+	ClientID     string
+	ClientSecret string
+	RedirectURL  string
+	Scopes       []string
+}
+
+func WithCredentials(clientID, clientSecret string) OptionFunc {
+	return func(opt *Option) {
+		opt.ClientID = clientID
+		opt.ClientSecret = clientSecret
+	}
+}
+
+func WithScopes(scopes ...string) OptionFunc {
+	return func(opt *Option) {
+		opt.Scopes = scopes
+	}
+}
+
+func NewProvider(ctx context.Context, issuer string) (*oidc.Provider, error) {
+	return oidc.NewProvider(ctx, issuer)
+}
+
+func WithProvider(provider *oidc.Provider) OptionFunc {
+	return func(opt *Option) {
+		opt.Provider = provider
+	}
+}
+
+func fromDefault(funcs ...OptionFunc) *Option {
+	opt := &Option{
+		Scopes: []string{oidc.ScopeOpenID},
+	}
+
+	for _, f := range funcs {
+		f(opt)
+	}
+
+	return opt
+}
--- a/oidc/provider.go
+++ b/oidc/provider.go
@ -0,0 +1,11 @@
+package oidc
+
+import "gitlab.com/wpetit/goweb/service"
+
+func ServiceProvider(opts ...OptionFunc) service.Provider {
+	client := NewClient(opts...)
+
+	return func(ctn *service.Container) (interface{}, error) {
+		return client, nil
+	}
+}
--- a/oidc/service.go
+++ b/oidc/service.go
@ -0,0 +1,33 @@
+package oidc
+
+import (
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/service"
+)
+
+const ServiceName service.Name = "oidc"
+
+// From retrieves the oidc service in the given container
+func From(container *service.Container) (*Client, error) {
+	service, err := container.Service(ServiceName)
+	if err != nil {
+		return nil, errors.Wrapf(err, "error while retrieving '%s' service", ServiceName)
+	}
+
+	srv, ok := service.(*Client)
+	if !ok {
+		return nil, errors.Errorf("retrieved service is not a valid '%s' service", ServiceName)
+	}
+
+	return srv, nil
+}
+
+// Must retrieves the oidc service in the given container or panic otherwise
+func Must(container *service.Container) *Client {
+	srv, err := From(container)
+	if err != nil {
+		panic(err)
+	}
+
+	return srv
+}
--- a/scaffold.yml
+++ b/scaffold.yml
@ -0,0 +1,14 @@
+version: 1
+vars:
+  - type: string
+    name: ProjectName
+    description: Project Name
+    constraints:
+      - rule: Input == ""
+        message: The project name cannot be empty.
+  - type: string
+    name: ProjectNamespace
+    description: The Go module namespace
+    constraints:
+      - rule: Input == ""
+        message: The module namespace cannot be empty.