fix(http): init oidc handler if enabled (#1888)

2025-07-25 01:39:13 +00:00 · 2024-12-22 21:59:58 +01:00 · 2024-12-22 21:59:58 +01:00 · b68ae334ca
commit b68ae334ca
parent e0b4e8bbc8
1 changed files with 18 additions and 12 deletions
--- a/internal/http/auth.go
+++ b/internal/http/auth.go
@ -38,20 +38,24 @@ type authHandler struct {
 }

 func newAuthHandler(encoder encoder, log zerolog.Logger, server Server, config *domain.Config, cookieStore *sessions.CookieStore, service authService) *authHandler {
-	oidcHandler, err := auth.NewOIDCHandler(config, log)
-	if err != nil {
-		log.Error().Err(err).Msg("failed to initialize OIDC handler")
-	}
-
-	return &authHandler{
+	h := &authHandler{
 		log:         log,
 		encoder:     encoder,
 		config:      config,
 		service:     service,
 		cookieStore: cookieStore,
 		server:      server,
-		oidcHandler: oidcHandler,
 	}
+
+	if config.OIDCEnabled {
+		oidcHandler, err := auth.NewOIDCHandler(config, log)
+		if err != nil {
+			log.Error().Err(err).Msg("failed to initialize OIDC handler")
+		}
+		h.oidcHandler = oidcHandler
+	}
+
+	return h
 }

 func (h authHandler) Routes(r chi.Router) {
@ -59,11 +63,13 @@ func (h authHandler) Routes(r chi.Router) {
 	r.Post("/onboard", h.onboard)
 	r.Get("/onboard", h.canOnboard)

-	r.Route("/oidc", func(r chi.Router) {
-		r.Use(middleware.ThrottleBacklog(1, 1, time.Second))
-		r.Get("/config", h.getOIDCConfig)
-		r.Get("/callback", h.handleOIDCCallback)
-	})
+	if h.config.OIDCEnabled {
+		r.Route("/oidc", func(r chi.Router) {
+			r.Use(middleware.ThrottleBacklog(1, 1, time.Second))
+			r.Get("/config", h.getOIDCConfig)
+			r.Get("/callback", h.handleOIDCCallback)
+		})
+	}

 	// Group for authenticated routes
 	r.Group(func(r chi.Router) {