stackitcloud · marceljk · Mar 21, 2025 · Mar 21, 2025 · Mar 21, 2025 · Mar 21, 2025
@@ -271,7 +271,7 @@
       <div class="logo m-5">
         <img
           alt="logo"
-          src="https://cdn.apps.01.cf.eu01.stackit.cloud/assets/img/logo_inverted.svg"
+          src="data:image/svg+xml;base64,{{.Logo}}"
         />
       </div>
 

@@ -1,7 +1,8 @@
 package auth
 
 import (
-	"embed"
+	_ "embed"
+	"encoding/base64"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -11,7 +12,6 @@ import (
 	"net/http"
 	"os"
 	"os/exec"
-	"path"
 	"runtime"
 	"strconv"
 	"strings"
@@ -26,22 +26,23 @@ const (
 	defaultWellKnownConfig = "https://accounts.stackit.cloud/.well-known/openid-configuration"
 	defaultCLIClientID     = "stackit-cli-0000-0000-000000000001"
 
-	loginSuccessPath        = "/login-successful"
-	stackitLandingPage      = "https://www.stackit.de"
-	htmlTemplatesPath       = "templates"
-	loginSuccessfulHTMLFile = "login-successful.html"
+	loginSuccessPath = "/login-successful"
 
 	// The IDP doesn't support wildcards for the port,
 	// so we configure a range of ports from 8000 to 8020
 	defaultPort         = 8000
 	configuredPortRange = 20
 )
 
-//go:embed templates/*
-var htmlContent embed.FS
+//go:embed templates/login-successful.html
+var htmlTemplateContent string
 
-type User struct {
+//go:embed templates/stackit_nav_logo_light.svg
+var logoSvgContent []byte
+
+type InputValues struct {
 	Email string
+	Logo  string
 }
 
 type apiClient interface {
@@ -215,18 +216,19 @@ func AuthorizeUser(p *print.Printer, isReauthentication bool) error {
 			errServer = fmt.Errorf("read user email: %w", err)
 		}
 
-		user := User{
+		input := InputValues{
 			Email: email,
+			Logo:  base64Encode(logoSvgContent),
 		}
 
 		// ParseFS expects paths using forward slashes, even on Windows
 		// See: https://github.com/golang/go/issues/44305#issuecomment-780111748
-		htmlTemplate, err := template.ParseFS(htmlContent, path.Join(htmlTemplatesPath, loginSuccessfulHTMLFile))
+		htmlTemplate, err := template.New("loginSuccess").Parse(htmlTemplateContent)
 		if err != nil {
 			errServer = fmt.Errorf("parse html file: %w", err)
 		}
 
-		err = htmlTemplate.Execute(w, user)
+		err = htmlTemplate.Execute(w, input)
 		if err != nil {
 			errServer = fmt.Errorf("render page: %w", err)
 		}
@@ -258,6 +260,13 @@ func AuthorizeUser(p *print.Printer, isReauthentication bool) error {
 	return nil
 }
 
+// base64Encode encodes a []byte to a base64 representation as string
+func base64Encode(message []byte) string {
+	b := make([]byte, base64.StdEncoding.EncodedLen(len(message)))
+	base64.StdEncoding.Encode(b, message)
+	return string(b)
+}
+
 // getUserAccessAndRefreshTokens trades the authorization code retrieved from the first OAuth2 leg for an access token and a refresh token
 func getUserAccessAndRefreshTokens(idpWellKnownConfig *wellKnownConfig, clientID, codeVerifier, authorizationCode, callbackURL string) (accessToken, refreshToken string, err error) {
 	// Set form-encoded data for the POST to the access token endpoint