align for IA

.env.example

@@ -17,7 +17,7 @@ NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr
 NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1
 NEXT_PUBLIC_IDNOT_CLIENT_ID=default_client_id
 NEXT_PUBLIC_IDNOT_REDIRECT_URI=http://localhost:3000/authorized-client
-NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=http://local.4nkweb.com:3000/authorized-client
+NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=https://lecoffreio.4nkweb.com/authorized-client
 
 # 4NK Configuration
 NEXT_PUBLIC_4NK_URL=http://localhost:3000

Dockerfile

@@ -39,7 +39,7 @@ ENV NEXT_PUBLIC_BACK_API_PROTOCOL=https \
     NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1 \
     NEXT_PUBLIC_IDNOT_CLIENT_ID=default_client_id \
     NEXT_PUBLIC_IDNOT_REDIRECT_URI=http://localhost:3000/authorized-client \
-    NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=http://local.4nkweb.com:3000/authorized-client \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=https://lecoffreio.4nkweb.com/authorized-client \
     NEXT_PUBLIC_4NK_URL=http://localhost:3000 \
     NEXT_PUBLIC_4NK_IFRAME_URL=http://localhost:3000 \
     NEXT_PUBLIC_BACK_BASE=http://localhost:8080 \

Dockerfile.backup_20250923_233404

@@ -0,0 +1,198 @@
+# syntax=docker/dockerfile:1.4
+FROM debian:bookworm-slim AS deps
+WORKDIR /leCoffre-front
+
+# Installation des dépendances de base
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --fix-missing \
+    ca-certificates curl jq git \
+    net-tools iputils-ping dnsutils \
+    netcat-openbsd telnet procps && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Installation de Node.js
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+COPY package.json ./
+COPY package-lock.json ./
+
+# Installation des dépendances
+RUN --mount=type=cache,target=/root/.npm \
+    npm install --no-audit --no-fund
+
+# Configuration pour le développement
+FROM debian:bookworm-slim AS development
+WORKDIR /leCoffre-front
+
+# Installation des dépendances de base
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --fix-missing \
+    ca-certificates curl jq git \
+    net-tools iputils-ping dnsutils \
+    netcat-openbsd telnet procps && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Installation de Node.js
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+COPY --from=deps /leCoffre-front/node_modules ./node_modules
+COPY --from=deps /leCoffre-front/package.json ./package.json
+COPY . .
+
+# Création de l'utilisateur non-root
+RUN useradd -m -u 1000 lecoffreuser && \
+    mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front
+
+USER lecoffreuser
+
+CMD ["npm", "run", "dev"]
+EXPOSE 3000
+
+# --- Build de production
+FROM debian:bookworm-slim AS builder
+WORKDIR /leCoffre-front
+
+# Installation des dépendances de base
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --fix-missing \
+    ca-certificates curl jq git \
+    net-tools iputils-ping dnsutils \
+    netcat-openbsd telnet procps && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Installation de Node.js
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+COPY --from=deps /leCoffre-front/node_modules ./node_modules
+COPY --from=deps /leCoffre-front/package.json ./package.json
+COPY . .
+
+# Arguments/variables d'environnement publics pour le build Next
+ARG NEXT_PUBLIC_BACK_API_PROTOCOL
+ARG NEXT_PUBLIC_BACK_API_HOST
+ARG NEXT_PUBLIC_BACK_API_PORT
+ARG NEXT_PUBLIC_BACK_API_ROOT_URL
+ARG NEXT_PUBLIC_BACK_API_VERSION
+ARG NEXT_PUBLIC_FRONT_APP_HOST
+ARG NEXT_PUBLIC_FRONT_APP_PORT
+ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT
+ARG NEXT_PUBLIC_IDNOT_CLIENT_ID
+ARG NEXT_PUBLIC_IDNOT_BASE_URL
+ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI
+ARG NEXT_PUBLIC_DOCAPOSTE_API_URL
+ARG NEXT_PUBLIC_HOTJAR_SITE_ID
+ARG NEXT_PUBLIC_HOTJAR_VERSION
+ARG NEXT_PUBLIC_4NK_URL
+ARG NEXT_PUBLIC_4NK_IFRAME_URL
+ARG NEXT_PUBLIC_API_URL
+ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID
+ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS
+ARG NEXT_PUBLIC_BACK_BASE
+ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED
+
+ENV NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \
+    NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \
+    NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \
+    NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \
+    NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \
+    NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \
+    NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \
+    NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \
+    NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \
+    NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI} \
+    NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \
+    NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \
+    NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \
+    NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \
+    NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL} \
+    NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \
+    NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \
+    NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS} \
+    NEXT_PUBLIC_BACK_BASE=${NEXT_PUBLIC_BACK_BASE} \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=${NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED}
+
+RUN --mount=type=cache,target=/leCoffre-front/.next/cache npm run build
+
+# --- Image d'exécution "ext"
+FROM debian:bookworm-slim AS ext
+WORKDIR /leCoffre-front
+
+# Installation des dépendances de base
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --fix-missing \
+    ca-certificates curl jq git \
+    net-tools iputils-ping dnsutils \
+    netcat-openbsd telnet procps && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Installation de Node.js
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Re-déclarer les ARG pour l'étape runtime et les exposer en ENV
+ARG NEXT_PUBLIC_BACK_API_PROTOCOL
+ARG NEXT_PUBLIC_BACK_API_HOST
+ARG NEXT_PUBLIC_BACK_API_PORT
+ARG NEXT_PUBLIC_BACK_API_ROOT_URL
+ARG NEXT_PUBLIC_BACK_API_VERSION
+ARG NEXT_PUBLIC_FRONT_APP_HOST
+ARG NEXT_PUBLIC_FRONT_APP_PORT
+ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT
+ARG NEXT_PUBLIC_IDNOT_CLIENT_ID
+ARG NEXT_PUBLIC_IDNOT_BASE_URL
+ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI
+ARG NEXT_PUBLIC_DOCAPOSTE_API_URL
+ARG NEXT_PUBLIC_HOTJAR_SITE_ID
+ARG NEXT_PUBLIC_HOTJAR_VERSION
+ARG NEXT_PUBLIC_4NK_URL
+ARG NEXT_PUBLIC_4NK_IFRAME_URL
+ARG NEXT_PUBLIC_API_URL
+ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID
+ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS
+ARG NEXT_PUBLIC_BACK_BASE
+ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED
+
+ENV NODE_ENV=production \
+    PORT=3000 \
+    NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \
+    NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \
+    NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \
+    NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \
+    NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \
+    NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \
+    NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \
+    NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \
+    NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \
+    NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI} \
+    NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \
+    NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \
+    NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \
+    NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \
+    NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL} \
+    NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \
+    NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \
+    NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS} \
+    NEXT_PUBLIC_BACK_BASE=${NEXT_PUBLIC_BACK_BASE} \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=${NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED}
+
+# Next.js standalone runtime (output: 'standalone')
+COPY --from=builder /leCoffre-front/.next/standalone ./
+COPY --from=builder /leCoffre-front/.next/static ./.next/static
+COPY --from=builder /leCoffre-front/public ./public
+
+# Création de l'utilisateur non-root
+RUN useradd -m -u 1000 lecoffreuser && \
+    mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front
+USER lecoffreuser
+
+EXPOSE 3000
+CMD ["node", "server.js"]

Dockerfile.original

@@ -0,0 +1,198 @@
+# syntax=docker/dockerfile:1.4
+FROM debian:bookworm-slim AS deps
+WORKDIR /leCoffre-front
+
+# Installation des dépendances de base
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --fix-missing \
+    ca-certificates curl jq git \
+    net-tools iputils-ping dnsutils \
+    netcat-openbsd telnet procps && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Installation de Node.js
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+COPY package.json ./
+COPY package-lock.json ./
+
+# Installation des dépendances
+RUN --mount=type=cache,target=/root/.npm \
+    npm install --no-audit --no-fund
+
+# Configuration pour le développement
+FROM debian:bookworm-slim AS development
+WORKDIR /leCoffre-front
+
+# Installation des dépendances de base
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --fix-missing \
+    ca-certificates curl jq git \
+    net-tools iputils-ping dnsutils \
+    netcat-openbsd telnet procps && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Installation de Node.js
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+COPY --from=deps /leCoffre-front/node_modules ./node_modules
+COPY --from=deps /leCoffre-front/package.json ./package.json
+COPY . .
+
+# Création de l'utilisateur non-root
+RUN useradd -m -u 1000 lecoffreuser && \
+    mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front
+
+USER lecoffreuser
+
+CMD ["npm", "run", "dev"]
+EXPOSE 3000
+
+# --- Build de production
+FROM debian:bookworm-slim AS builder
+WORKDIR /leCoffre-front
+
+# Installation des dépendances de base
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --fix-missing \
+    ca-certificates curl jq git \
+    net-tools iputils-ping dnsutils \
+    netcat-openbsd telnet procps && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Installation de Node.js
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+COPY --from=deps /leCoffre-front/node_modules ./node_modules
+COPY --from=deps /leCoffre-front/package.json ./package.json
+COPY . .
+
+# Arguments/variables d'environnement publics pour le build Next
+ARG NEXT_PUBLIC_BACK_API_PROTOCOL
+ARG NEXT_PUBLIC_BACK_API_HOST
+ARG NEXT_PUBLIC_BACK_API_PORT
+ARG NEXT_PUBLIC_BACK_API_ROOT_URL
+ARG NEXT_PUBLIC_BACK_API_VERSION
+ARG NEXT_PUBLIC_FRONT_APP_HOST
+ARG NEXT_PUBLIC_FRONT_APP_PORT
+ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT
+ARG NEXT_PUBLIC_IDNOT_CLIENT_ID
+ARG NEXT_PUBLIC_IDNOT_BASE_URL
+ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI
+ARG NEXT_PUBLIC_DOCAPOSTE_API_URL
+ARG NEXT_PUBLIC_HOTJAR_SITE_ID
+ARG NEXT_PUBLIC_HOTJAR_VERSION
+ARG NEXT_PUBLIC_4NK_URL
+ARG NEXT_PUBLIC_4NK_IFRAME_URL
+ARG NEXT_PUBLIC_API_URL
+ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID
+ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS
+ARG NEXT_PUBLIC_BACK_BASE
+ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED
+
+ENV NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \
+    NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \
+    NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \
+    NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \
+    NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \
+    NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \
+    NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \
+    NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \
+    NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \
+    NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI} \
+    NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \
+    NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \
+    NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \
+    NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \
+    NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL} \
+    NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \
+    NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \
+    NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS} \
+    NEXT_PUBLIC_BACK_BASE=${NEXT_PUBLIC_BACK_BASE} \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=${NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED}
+
+RUN --mount=type=cache,target=/leCoffre-front/.next/cache npm run build
+
+# --- Image d'exécution "ext"
+FROM debian:bookworm-slim AS ext
+WORKDIR /leCoffre-front
+
+# Installation des dépendances de base
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --fix-missing \
+    ca-certificates curl jq git \
+    net-tools iputils-ping dnsutils \
+    netcat-openbsd telnet procps && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Installation de Node.js
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Re-déclarer les ARG pour l'étape runtime et les exposer en ENV
+ARG NEXT_PUBLIC_BACK_API_PROTOCOL
+ARG NEXT_PUBLIC_BACK_API_HOST
+ARG NEXT_PUBLIC_BACK_API_PORT
+ARG NEXT_PUBLIC_BACK_API_ROOT_URL
+ARG NEXT_PUBLIC_BACK_API_VERSION
+ARG NEXT_PUBLIC_FRONT_APP_HOST
+ARG NEXT_PUBLIC_FRONT_APP_PORT
+ARG NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT
+ARG NEXT_PUBLIC_IDNOT_CLIENT_ID
+ARG NEXT_PUBLIC_IDNOT_BASE_URL
+ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI
+ARG NEXT_PUBLIC_DOCAPOSTE_API_URL
+ARG NEXT_PUBLIC_HOTJAR_SITE_ID
+ARG NEXT_PUBLIC_HOTJAR_VERSION
+ARG NEXT_PUBLIC_4NK_URL
+ARG NEXT_PUBLIC_4NK_IFRAME_URL
+ARG NEXT_PUBLIC_API_URL
+ARG NEXT_PUBLIC_DEFAULT_VALIDATOR_ID
+ARG NEXT_PUBLIC_DEFAULT_STORAGE_URLS
+ARG NEXT_PUBLIC_BACK_BASE
+ARG NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED
+
+ENV NODE_ENV=production \
+    PORT=3000 \
+    NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL} \
+    NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST} \
+    NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT} \
+    NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL} \
+    NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION} \
+    NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST} \
+    NEXT_PUBLIC_FRONT_APP_PORT=${NEXT_PUBLIC_FRONT_APP_PORT} \
+    NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT} \
+    NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID} \
+    NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL} \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI} \
+    NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL} \
+    NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID} \
+    NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION} \
+    NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL} \
+    NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL} \
+    NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} \
+    NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID} \
+    NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS} \
+    NEXT_PUBLIC_BACK_BASE=${NEXT_PUBLIC_BACK_BASE} \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=${NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED}
+
+# Next.js standalone runtime (output: 'standalone')
+COPY --from=builder /leCoffre-front/.next/standalone ./
+COPY --from=builder /leCoffre-front/.next/static ./.next/static
+COPY --from=builder /leCoffre-front/public ./public
+
+# Création de l'utilisateur non-root
+RUN useradd -m -u 1000 lecoffreuser && \
+    mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front
+USER lecoffreuser
+
+EXPOSE 3000
+CMD ["node", "server.js"]

Dockerfile.runtime

@@ -0,0 +1,60 @@
+# Dockerfile optimisé pour la CI - variables injectées au runtime
+FROM docker.io/library/debian:bookworm-slim
+
+# Installation des dépendances système
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --fix-missing \
+    ca-certificates curl jq git \
+    net-tools iputils-ping dnsutils \
+    netcat-openbsd telnet procps && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Installation de Node.js
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+WORKDIR /leCoffre-front
+
+# Copie des fichiers de dépendances
+COPY package.json package-lock.json ./
+RUN npm install --no-audit --no-fund
+
+# Copie du code source
+COPY . .
+
+# Build avec des variables d'environnement par défaut (surchargées au runtime)
+RUN NEXT_PUBLIC_BACK_API_PROTOCOL=${NEXT_PUBLIC_BACK_API_PROTOCOL:-https} \
+    NEXT_PUBLIC_BACK_API_HOST=${NEXT_PUBLIC_BACK_API_HOST:-localhost} \
+    NEXT_PUBLIC_BACK_API_PORT=${NEXT_PUBLIC_BACK_API_PORT:-443} \
+    NEXT_PUBLIC_BACK_API_ROOT_URL=${NEXT_PUBLIC_BACK_API_ROOT_URL:-/api} \
+    NEXT_PUBLIC_BACK_API_VERSION=${NEXT_PUBLIC_BACK_API_VERSION:-v1} \
+    NEXT_PUBLIC_FRONT_APP_HOST=${NEXT_PUBLIC_FRONT_APP_HOST:-http://localhost:3000} \
+    NEXT_PUBLIC_IDNOT_BASE_URL=${NEXT_PUBLIC_IDNOT_BASE_URL:-https://qual-connexion.idnot.fr} \
+    NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=${NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT:-/IdPOAuth2/authorize/idnot_idp_v1} \
+    NEXT_PUBLIC_IDNOT_CLIENT_ID=${NEXT_PUBLIC_IDNOT_CLIENT_ID:-default_client_id} \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI=${NEXT_PUBLIC_IDNOT_REDIRECT_URI:-http://localhost:3000/authorized-client} \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=${NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED:-https://lecoffreio.4nkweb.com/authorized-client} \
+    NEXT_PUBLIC_4NK_URL=${NEXT_PUBLIC_4NK_URL:-http://localhost:3000} \
+    NEXT_PUBLIC_4NK_IFRAME_URL=${NEXT_PUBLIC_4NK_IFRAME_URL:-http://localhost:3000} \
+    NEXT_PUBLIC_BACK_BASE=${NEXT_PUBLIC_BACK_BASE:-http://localhost:8080} \
+    NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL:-http://localhost:8080/api} \
+    NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=${NEXT_PUBLIC_DEFAULT_VALIDATOR_ID:-default_validator_id} \
+    NEXT_PUBLIC_DEFAULT_STORAGE_URLS=${NEXT_PUBLIC_DEFAULT_STORAGE_URLS:-http://localhost:8080/storage} \
+    NEXT_PUBLIC_DOCAPOSTE_API_URL=${NEXT_PUBLIC_DOCAPOSTE_API_URL:-} \
+    NEXT_PUBLIC_HOTJAR_SITE_ID=${NEXT_PUBLIC_HOTJAR_SITE_ID:-} \
+    NEXT_PUBLIC_HOTJAR_VERSION=${NEXT_PUBLIC_HOTJAR_VERSION:-} \
+    npm run build
+
+# Configuration runtime
+EXPOSE 8080
+ENV NODE_ENV=production
+ENV PORT=8080
+
+# Utilisateur non-root
+RUN useradd -m -u 1000 lecoffreuser && \
+    mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front
+
+USER lecoffreuser
+
+CMD ["node", "server.js"]

Dockerfile.simple

@@ -0,0 +1,66 @@
+# Dockerfile optimisé pour la CI - build générique, variables au runtime
+FROM docker.io/library/debian:bookworm-slim
+
+# Installation des dépendances système
+RUN apt-get update && apt-get upgrade -y && \
+    apt-get install -y --fix-missing \
+    ca-certificates curl jq git \
+    net-tools iputils-ping dnsutils \
+    netcat-openbsd telnet procps && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Installation de Node.js
+RUN curl -fsSL https://deb.nodesource.com/setup_19.x | bash - && \
+    apt-get install -y nodejs && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+WORKDIR /leCoffre-front
+
+# Copie des fichiers de dépendances
+COPY package.json package-lock.json ./
+RUN npm install --no-audit --no-fund
+
+# Copie du code source
+COPY . .
+
+# Build avec des variables génériques (surchargées au runtime)
+ENV NEXT_PUBLIC_BACK_API_PROTOCOL=https \
+    NEXT_PUBLIC_BACK_API_HOST=localhost \
+    NEXT_PUBLIC_BACK_API_PORT=443 \
+    NEXT_PUBLIC_BACK_API_ROOT_URL=/api \
+    NEXT_PUBLIC_BACK_API_VERSION=v1 \
+    NEXT_PUBLIC_FRONT_APP_HOST=http://localhost:3000 \
+    NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr \
+    NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1 \
+    NEXT_PUBLIC_IDNOT_CLIENT_ID=default_client_id \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI=http://localhost:3000/authorized-client \
+    NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED=https://lecoffreio.4nkweb.com/authorized-client \
+    NEXT_PUBLIC_4NK_URL=http://localhost:3000 \
+    NEXT_PUBLIC_4NK_IFRAME_URL=http://localhost:3000 \
+    NEXT_PUBLIC_BACK_BASE=http://localhost:8080 \
+    NEXT_PUBLIC_API_URL=http://localhost:8080/api \
+    NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=default_validator_id \
+    NEXT_PUBLIC_DEFAULT_STORAGE_URLS=http://localhost:8080/storage \
+    NEXT_PUBLIC_DOCAPOSTE_API_URL= \
+    NEXT_PUBLIC_HOTJAR_SITE_ID= \
+    NEXT_PUBLIC_HOTJAR_VERSION=
+
+RUN npm run build
+
+# Configuration runtime
+EXPOSE 8080
+ENV NODE_ENV=production
+ENV PORT=8080
+
+# Copie du script de démarrage et permissions
+COPY start-runtime.js ./
+RUN chmod +x start-runtime.js
+
+# Utilisateur non-root
+RUN useradd -m -u 1000 lecoffreuser && \
+    mkdir -p /leCoffre-front && chown -R lecoffreuser:lecoffreuser /leCoffre-front
+
+USER lecoffreuser
+
+# Utiliser le script de démarrage qui injecte les variables au runtime
+CMD ["node", "start-runtime.js"]

src/front/Api/Auth/IdNot/index.ts

@@ -54,7 +54,7 @@ export default class Auth extends BaseApiService {
 			}
 
 			// 2) Build the IdNot authorization URL with fixed redirect_uri and the signed state
-			const fixedRedirect = variables.IDNOT_REDIRECT_URI_FIXED || 'http://local.4nkweb.com:3000/authorized-client';
+			const fixedRedirect = variables.IDNOT_REDIRECT_URI_FIXED || 'https://lecoffreio.4nkweb.com/authorized-client';
 			const authorizeBase = `${variables.IDNOT_BASE_URL}${variables.IDNOT_AUTHORIZE_ENDPOINT}`;
             const scopeParam = encodeURIComponent('openid profile');
             const authorizeUrl = `${authorizeBase}?client_id=${encodeURIComponent(variables.IDNOT_CLIENT_ID)}&redirect_uri=${encodeURIComponent(fixedRedirect)}&scope=${scopeParam}&response_type=code&state=${encodeURIComponent(state)}`;

src/front/Components/Layouts/Login/StepEmail/index.tsx

@@ -70,7 +70,7 @@ export default function StepEmail(props: IProps) {
 				console.warn('[IDNOT] Backend returned empty state');
 				return;
 			}
-			const fixedRedirect = variables.IDNOT_REDIRECT_URI_FIXED || 'http://local.4nkweb.com:3000/authorized-client';
+			const fixedRedirect = variables.IDNOT_REDIRECT_URI_FIXED || 'https://lecoffreio.4nkweb.com/authorized-client';
 			const authorizeBase = `${variables.IDNOT_BASE_URL}${variables.IDNOT_AUTHORIZE_ENDPOINT}`;
             const scopeParam = encodeURIComponent('openid profile');
             const authorizeUrl = `${authorizeBase}?client_id=${encodeURIComponent(variables.IDNOT_CLIENT_ID)}&redirect_uri=${encodeURIComponent(fixedRedirect)}&scope=${scopeParam}&response_type=code&state=${encodeURIComponent(state)}`;

start-runtime.js

@@ -16,7 +16,7 @@ const defaultEnv = {
   NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT: '/IdPOAuth2/authorize/idnot_idp_v1',
   NEXT_PUBLIC_IDNOT_CLIENT_ID: 'default_client_id',
   NEXT_PUBLIC_IDNOT_REDIRECT_URI: 'http://localhost:3000/authorized-client',
-  NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED: 'http://local.4nkweb.com:3000/authorized-client',
+  NEXT_PUBLIC_IDNOT_REDIRECT_URI_FIXED: 'https://lecoffreio.4nkweb.com/authorized-client',
   NEXT_PUBLIC_4NK_URL: 'http://localhost:3000',
   NEXT_PUBLIC_4NK_IFRAME_URL: 'http://localhost:3000',
   NEXT_PUBLIC_BACK_BASE: 'http://localhost:8080',