From 3649d0d84e3891a8c9607566df7880317d6fa463 Mon Sep 17 00:00:00 2001
From: Stavros <steveiliop56@gmail.com>
Date: Mon, 10 Mar 2025 16:22:32 +0200
Subject: [PATCH] fix: allow oauth resource when oauth whitelist is empty

---
 internal/auth/auth.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index 7d03879..7d29e48 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -162,7 +162,10 @@ func (auth *Auth) ResourceAllowed(c *gin.Context, context types.UserContext) (bo
 	// Check if resource is allowed
 	allowed, allowedErr := auth.Docker.ContainerAction(appId, func(labels types.TinyauthLabels) (bool, error) {
 		// If the container has an oauth whitelist, check if the user is in it
-		if context.OAuth && len(labels.OAuthWhitelist) != 0 {
+		if context.OAuth {
+			if len(labels.OAuthWhitelist) == 0 {
+				return true, nil
+			}
 			log.Debug().Msg("Checking OAuth whitelist")
 			if slices.Contains(labels.OAuthWhitelist, context.Username) {
 				return true, nil