From 695f5cae6be3171528ff8398af64bd47c112bb88 Mon Sep 17 00:00:00 2001
From: Jan Dittberner <jandd@cacert.org>
Date: Mon, 22 Aug 2022 18:50:59 +0200
Subject: [PATCH] Use embed.fs for self-contained build

---
 .gitignore                                       |  3 +++
 Makefile                                         | 16 +++++++++++++---
 cmd/idp.go                                       |  5 +++--
 handlers/consent.go                              |  9 +++++++--
 handlers/error.go                                | 15 ++++++---------
 handlers/login.go                                |  7 +++++--
 {templates => ui/templates}/base.gohtml          |  2 +-
 .../templates}/client_certificate.gohtml         |  0
 {templates => ui/templates}/consent.gohtml       |  0
 {templates => ui/templates}/errors.gohtml        |  0
 .../no_email_in_client_certificate.gohtml        |  0
 ui/ui.go                                         |  9 +++++++++
 12 files changed, 47 insertions(+), 19 deletions(-)
 rename {templates => ui/templates}/base.gohtml (93%)
 rename {templates => ui/templates}/client_certificate.gohtml (100%)
 rename {templates => ui/templates}/consent.gohtml (100%)
 rename {templates => ui/templates}/errors.gohtml (100%)
 rename {templates => ui/templates}/no_email_in_client_certificate.gohtml (100%)
 create mode 100644 ui/ui.go

diff --git a/.gitignore b/.gitignore
index 47ce09a..68b78d9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,8 @@
 .idea/
 /cacert-idp
 /static
+/ui/css/
+/ui/images/
+/ui/js/
 certs/
 idp.toml
diff --git a/Makefile b/Makefile
index 05260d2..110b397 100644
--- a/Makefile
+++ b/Makefile
@@ -1,9 +1,19 @@
 GOFILES = $(wildcard */*.go)
-TEMPLATES = $(wildcard templates/*.gohtml)
+TEMPLATES = $(wildcard ui/templates/*.gohtml)
 TRANSLATIONS = $(wildcard active.*.toml)
+RESOURCES = ui/css ui/images ui/js
 
 all: cacert-idp
 
+ui/css: ../cacert_resources/static/css
+	cp -r ../cacert_resources/static/css ui/
+
+ui/js: ../cacert_resources/static/js
+	cp -r ../cacert_resources/static/js ui/
+
+ui/images: ../cacert_resources/static/images
+	cp -r ../cacert_resources/static/images ui/
+
 go.sum: go.mod
 	go mod tidy
 
@@ -15,11 +25,11 @@ translations: $(TRANSLATIONS) $(GOFILES)
 		goi18n merge active.*.toml translate.*.toml; \
 	fi
 
-cacert-idp: go.sum $(GOFILES) $(TEMPLATES) translations
+cacert-idp: go.sum $(GOFILES) $(TEMPLATES) translations $(RESOURCES)
 	CGO_ENABLED=0 go build -o $@ ./cmd/idp.go
 
 clean:
-	rm -f cacert-idp
+	rm -rf cacert-idp ui/css ui/js ui/images
 
 .PHONY: all translations clean
 
diff --git a/cmd/idp.go b/cmd/idp.go
index 791672c..8e9d4a0 100644
--- a/cmd/idp.go
+++ b/cmd/idp.go
@@ -31,6 +31,7 @@ import (
 	"sync/atomic"
 	"time"
 
+	"git.cacert.org/oidc_idp/ui"
 	"github.com/go-openapi/runtime/client"
 	"github.com/gorilla/csrf"
 	"github.com/knadh/koanf"
@@ -103,7 +104,7 @@ func main() {
 	logoutHandler := handlers.NewLogoutHandler(handlerContext, logger)
 	logoutSuccessHandler := handlers.NewLogoutSuccessHandler()
 	errorHandler := handlers.NewErrorHandler()
-	staticFiles := http.FileServer(http.Dir("static"))
+	staticFiles := http.FileServer(http.FS(ui.Static))
 
 	router := http.NewServeMux()
 	router.Handle("/login", loginHandler)
@@ -140,7 +141,7 @@ func main() {
 	errorMiddleware, err := handlers.ErrorHandling(
 		ctx,
 		logger,
-		"templates",
+		ui.Templates,
 	)
 	if err != nil {
 		logger.Fatalf("could not initialize request error handling: %v", err)
diff --git a/handlers/consent.go b/handlers/consent.go
index 135dc3d..2182340 100644
--- a/handlers/consent.go
+++ b/handlers/consent.go
@@ -27,6 +27,7 @@ import (
 	"time"
 
 	commonModels "git.cacert.org/oidc_idp/models"
+	"git.cacert.org/oidc_idp/ui"
 	"github.com/go-playground/form/v4"
 	"github.com/gorilla/csrf"
 	"github.com/lestrrat-go/jwx/jwt/openid"
@@ -430,8 +431,12 @@ func (h *consentHandler) GetUserInfoFromClientCertificate(r *http.Request, subje
 }
 
 func NewConsentHandler(ctx context.Context, logger *log.Logger) (*consentHandler, error) {
-	consentTemplate := template.Must(template.ParseFiles(
-		"templates/base.gohtml", "templates/consent.gohtml"))
+	consentTemplate := template.Must(
+		template.ParseFS(
+			ui.Templates,
+			"templates/base.gohtml",
+			"templates/consent.gohtml",
+		))
 
 	return &consentHandler{
 		adminClient:     ctx.Value(CtxAdminClient).(*admin.Client),
diff --git a/handlers/error.go b/handlers/error.go
index 2ce18e3..49a1243 100644
--- a/handlers/error.go
+++ b/handlers/error.go
@@ -21,8 +21,8 @@ import (
 	"context"
 	"fmt"
 	"html/template"
+	"io/fs"
 	"net/http"
-	"path"
 
 	"git.cacert.org/oidc_idp/services"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
@@ -118,14 +118,11 @@ func (w *errorResponseWriter) Write(content []byte) (int, error) {
 	return w.ResponseWriter.Write(content)
 }
 
-func ErrorHandling(
-	handlerContext context.Context,
-	logger *log.Logger,
-	templateBaseDir string,
-) (func(http.Handler) http.Handler, error) {
-	errorTemplates, err := template.ParseFiles(
-		path.Join(templateBaseDir, "base.gohtml"),
-		path.Join(templateBaseDir, "errors.gohtml"),
+func ErrorHandling(handlerContext context.Context, logger *log.Logger, templateFS fs.FS) (func(http.Handler) http.Handler, error) {
+	errorTemplates, err := template.ParseFS(
+		templateFS,
+		"templates/base.gohtml",
+		"templates/errors.gohtml",
 	)
 	if err != nil {
 		return nil, err
diff --git a/handlers/login.go b/handlers/login.go
index 0a30785..0beb221 100644
--- a/handlers/login.go
+++ b/handlers/login.go
@@ -27,6 +27,7 @@ import (
 	"strconv"
 	"time"
 
+	"git.cacert.org/oidc_idp/ui"
 	"github.com/gorilla/csrf"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 	"github.com/ory/hydra-client-go/client/admin"
@@ -237,11 +238,13 @@ func NewLoginHandler(ctx context.Context, logger *log.Logger) (*loginHandler, er
 		context:     ctx,
 		logger:      logger,
 		templates: map[templateName]*template.Template{
-			CertificateLogin: template.Must(template.ParseFiles(
+			CertificateLogin: template.Must(template.ParseFS(
+				ui.Templates,
 				"templates/base.gohtml",
 				"templates/client_certificate.gohtml",
 			)),
-			NoEmailsInClientCertificate: template.Must(template.ParseFiles(
+			NoEmailsInClientCertificate: template.Must(template.ParseFS(
+				ui.Templates,
 				"templates/base.gohtml",
 				"templates/no_email_in_client_certificate.gohtml",
 			)),
diff --git a/templates/base.gohtml b/ui/templates/base.gohtml
similarity index 93%
rename from templates/base.gohtml
rename to ui/templates/base.gohtml
index 1654eb0..9ed1a5d 100644
--- a/templates/base.gohtml
+++ b/ui/templates/base.gohtml
@@ -32,7 +32,7 @@
     </main>
     <footer class="footer mt-auto py-3">
         <div class="container">
-            <span class="text-muted small">© 2020, 2021 <a href="https://www.cacert.org/">CAcert</a></span>
+            <span class="text-muted small">© 2020-2022 <a href="https://www.cacert.org/">CAcert</a></span>
         </div>
     </footer>
     <script type="text/javascript" src="/js/cacert.bundle.js"></script>
diff --git a/templates/client_certificate.gohtml b/ui/templates/client_certificate.gohtml
similarity index 100%
rename from templates/client_certificate.gohtml
rename to ui/templates/client_certificate.gohtml
diff --git a/templates/consent.gohtml b/ui/templates/consent.gohtml
similarity index 100%
rename from templates/consent.gohtml
rename to ui/templates/consent.gohtml
diff --git a/templates/errors.gohtml b/ui/templates/errors.gohtml
similarity index 100%
rename from templates/errors.gohtml
rename to ui/templates/errors.gohtml
diff --git a/templates/no_email_in_client_certificate.gohtml b/ui/templates/no_email_in_client_certificate.gohtml
similarity index 100%
rename from templates/no_email_in_client_certificate.gohtml
rename to ui/templates/no_email_in_client_certificate.gohtml
diff --git a/ui/ui.go b/ui/ui.go
new file mode 100644
index 0000000..4748763
--- /dev/null
+++ b/ui/ui.go
@@ -0,0 +1,9 @@
+package ui
+
+import "embed"
+
+//go:embed templates/*
+var Templates embed.FS
+
+//go:embed css/* js/* images/*
+var Static embed.FS