feat: Add local server for debug

Author: sGeeK44

README.md

@@ -1,2 +1,128 @@
-# traefik-auth-middleware
-Keycloak gatekeeper middleware for traefik
+# Traefik Auth Middleware
+
+This repository contains a Traefik middleware for authentication via Keycloak, with a **local debug server** to test it outside of Traefik.
+
+---
+
+## Structure
+
+```
+traefik-auth-middleware/
+|── auth_test.go   # Unit tests
+├── auth.go        # Middleware code
+├── go.mod
+└── debug/
+    └── main.go    # Local debug server
+```
+
+* `auth.go` → middleware used by Traefik.
+* `debug/main.go` → minimal HTTP server to test the middleware and view Keycloak responses.
+
+---
+
+## Dev setup
+
+Install tools and dev dependencies
+
+```bash
+mise install
+mise run install_yaegi
+```
+
+### Run tests
+
+```bash
+mise run test
+```
+
+### Format and lint the code
+
+```bash
+mise run format
+mise run lint
+```
+
+## Running the debug server
+
+1. Run the server:
+
+```bash
+go run debug/.
+```
+
+2. The server listens on port `8080`.
+
+---
+
+## Testing the middleware
+
+Using `curl`:
+
+```bash
+curl "http://localhost:8080?shop_name=test&api_key=secret"
+```
+
+### Example response on success:
+
+```json
+{
+  "message": "OK - middleware passed",
+  "token": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI..."
+}
+```
+
+If the request is malformed or authentication fails, the middleware returns an appropriate HTTP status code and an error message.
+
+---
+
+## Logs
+
+The middleware outputs JSON logs to standard output:
+
+```json
+{
+  "level": "INFO",
+  "message": "Traefik-auth-middleware - Fetching auth token success for shop: test",
+  "plugin_name": "sw-auth-plugin"
+}
+```
+
+These logs allow you to track:
+
+* The incoming request and its parameters
+* The HTTP request to Keycloak
+* Authentication success or failure
+
+---
+
+## Notes
+
+* `main.go` is **only used for local debugging**.
+* When using Traefik, running this server is not necessary.
+* IAM variables must be configured in the Traefik config or via `CreateConfig()` for debugging.
+
+---
+
+## Debugging points
+
+1. Ensure that the **query params** (`shop_name` and `api_key`) are present.
+2. Check that the **JSON logs** show the HTTP request to Keycloak and the `status code`.
+3. Using the debug server, you can directly see the Keycloak response in the HTTP response.
+
+---
+
+## Complete debug output example
+
+```
+Middleware debug server started on :8080
+{"level":"INFO","message":"Traefik-auth-middleware - Fetching auth token success for shop: test","plugin_name":"sw-auth-plugin"}
+```
+
+HTTP Response:
+
+```json
+{
+  "message": "OK - middleware passed",
+  "token": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI..."
+}
+```

auth.go

@@ -12,13 +12,13 @@ import (
 )
 
 type Config struct {
-	IAM map[string]string
-	httpClient             *http.Client
+	IAM        map[string]string
+	httpClient *http.Client
 }
 
 func CreateConfig() *Config {
 	return &Config{
-		IAM: make(map[string]string),
+		IAM:        make(map[string]string),
 		httpClient: http.DefaultClient,
 	}
 }
@@ -89,6 +89,7 @@ func (cerbereConfig *Cerbere) ServeHTTP(rw http.ResponseWriter, req *http.Reques
 	if authResponse.StatusCode != http.StatusOK {
 		cerbereConfig.logInfo(fmt.Sprintf("Fetching auth token failed: %d", authResponse.StatusCode))
 		http.Error(rw, "Forbidden", authResponse.StatusCode)
+
 		return
 	}
 	body, err := io.ReadAll(authResponse.Body)

auth_test.go

@@ -108,7 +108,6 @@ func TestFailWithIamReturnUnauthorized(t *testing.T) {
 
 	handler.ServeHTTP(recorder, req)
 	response := recorder.Result()
-	
 	if response.StatusCode != http.StatusUnauthorized {
 		t.Errorf("Expected status code 401, got %d", recorder.Code)
 	}

debug/main.go

@@ -0,0 +1,59 @@
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"net/http"
+	"time"
+
+	middleware "github.com/ZeroGachis/traefik-auth-middleware" //nolint:depguard
+)
+
+func main() {
+	// Crée la config avec valeurs par défaut
+	config := middleware.CreateConfig()
+	config.IAM = map[string]string{
+		"ClientId":               "devices",
+		"Url":                    "https://auth.smartway-stage.tech/auth/realms/smartway/protocol/openid-connect/token",
+		"UserQueryParamName":     "shop_name",
+		"PasswordQueryParamName": "api_key",
+	}
+
+	// Wrap un handler simple pour tester
+	handler, err := middleware.New(
+		context.Background(),
+		http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			token := r.Header.Get("Authorization")
+			resp := map[string]string{
+				"message": "OK - middleware passed",
+				"token":   token,
+			}
+
+			w.Header().Set("Content-Type", "application/json")
+
+			if err := json.NewEncoder(w).Encode(resp); err != nil {
+				http.Error(w, "Failed to encode JSON", http.StatusInternalServerError)
+
+				return
+			}
+		}),
+		config,
+		"sw-auth-plugin",
+	)
+	if err != nil {
+		panic(err)
+	}
+
+	// Lance un serveur local pour debug
+	println("Middleware debug server started on :8080")
+	server := &http.Server{
+		Addr:         ":8080",
+		Handler:      handler,
+		ReadTimeout:  10 * time.Second,
+		WriteTimeout: 10 * time.Second,
+		IdleTimeout:  10 * time.Second,
+	}
+	if err := server.ListenAndServe(); err != nil && err != http.ErrServerClosed {
+		println("Server failed:", err)
+	}
+}