Fix/device login

[aaperis]

Related issue(s) and PR(s)
This PR closes #329.

Description

The reason why sda-cli login didnot seem to work is because it tried to connect to a /token that was behind a basic authentication method.

As a public app, sda-cli cannot leverage traditional methods to authenticate to the /token endpoint of LS-AAI.

• To mitigate this issue, this PR adds to the device flow a PKCE flow so that the sda-cli can connect securely to LS-AAI token endpoints that do not require authentication through sending secrets.

• Additionally, a mock-oidc server configured for device-flow and sda-auth configured only for serving the /info endpoint are added to the docker-compose.yml of the local dev environment for local testing. These additions can be the starting point for work in
  Add tests for cases when sda-cli calls the /info endpoint of sda-auth  #314
  and
  Add tests for login module #252.

• along the way go was updated to 1.21 (crypt4gh v1.8.11 required this)

How to test
Configure an OIDC service with device flow enabled, token_authentication_method=none and PKCE enabled with method=S256.

OR locally:
under /testing folder run:

export TAG=v0.2.103 && docker compose --profile login up auth oidc --build --force-recreate

and from another terminal:

go build .
./sda-cli login http://localhost:8080

and after the login succeeds ls .sda-cli-session .

[pahatz]

Looks good!

[jbygdell]

Looks reasonable, some comments and questions though.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 52.66%. Comparing base (8ebbad2) to head (e7a1214).

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #344   +/-   ##
=======================================
  Coverage   52.66%   52.66%           
=======================================
  Files           9        9           
  Lines        1183     1183           
=======================================
  Hits          623      623           
  Misses        481      481           
  Partials       79       79           

Flag	Coverage Δ
unittests	52.66% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[nanjiangshu]

It works great when I tested locally with the instructions provided!
I have one minor comment though
When the URL has a trailing character /, which may happen when a user copies the URL from the address bar, the error message reported is not meaningful. For example,
running the command

./sda-cli login https://login.test.bp.nbis.se/

will return
Error: invalid character 'N' looking for beginning of value

One can either sanitize the trailing / from the URL or provide a more understandable error message.

[MalinAhlberg]

Looks good!
I left one minor question/comment. Also, I needed to run go mod tidy before being able to run go build.

[kostas-kou]

I agree with Malin's comment. Easier to debug when one is logging their own error messages as well

[pontus]

(see comments, but I don't object to merging.)

[aaperis]

It works great when I tested locally with the instructions provided! I have one minor comment though When the URL has a trailing character /, which may happen when a user copies the URL from the address bar, the error message reported is not meaningful. For example, running the command

./sda-cli login https://login.test.bp.nbis.se/

will return Error: invalid character 'N' looking for beginning of value

One can either sanitize the trailing / from the URL or provide a more understandable error message.

fixed

[aaperis]

Apparently merge_queue expects two tests for golang 1.20 to finish but these are now run as 1.21 , It seems that I don't have enough access to modify the relevant repository settings, at least atm.