From 78deffb3dfb702a0081c7e7491429365f32dd774 Mon Sep 17 00:00:00 2001
From: Stavros <steveiliop56@gmail.com>
Date: Tue, 2 Sep 2025 01:25:38 +0300
Subject: [PATCH] fix: avoid queries panic

---
 internal/controller/proxy_controller.go  | 26 +++++++++++-------------
 internal/service/oauth_broker_service.go |  4 ++--
 2 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/internal/controller/proxy_controller.go b/internal/controller/proxy_controller.go
index 7be9743..fd25076 100644
--- a/internal/controller/proxy_controller.go
+++ b/internal/controller/proxy_controller.go
@@ -78,7 +78,6 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
 	clientIP := c.ClientIP()
 
 	if controller.auth.IsBypassedIP(labels.IP, clientIP) {
-		c.Header("Authorization", c.Request.Header.Get("Authorization"))
 		controller.setHeaders(c, labels)
 		c.JSON(200, gin.H{
 			"status":  200,
@@ -165,18 +164,18 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
 				Resource: strings.Split(host, ".")[0],
 			})
 
-			if userContext.OAuth {
-				queries.Set("username", userContext.Email)
-			} else {
-				queries.Set("username", userContext.Username)
-			}
-
 			if err != nil {
 				log.Error().Err(err).Msg("Failed to encode unauthorized query")
 				c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/error", controller.config.AppURL))
 				return
 			}
 
+			if userContext.OAuth {
+				queries.Set("username", userContext.Email)
+			} else {
+				queries.Set("username", userContext.Username)
+			}
+
 			c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/unauthorized?%s", controller.config.AppURL, queries.Encode()))
 			return
 		}
@@ -200,24 +199,23 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
 					GroupErr: true,
 				})
 
-				if userContext.OAuth {
-					queries.Set("username", userContext.Email)
-				} else {
-					queries.Set("username", userContext.Username)
-				}
-
 				if err != nil {
 					log.Error().Err(err).Msg("Failed to encode unauthorized query")
 					c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/error", controller.config.AppURL))
 					return
 				}
 
+				if userContext.OAuth {
+					queries.Set("username", userContext.Email)
+				} else {
+					queries.Set("username", userContext.Username)
+				}
+
 				c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/unauthorized?%s", controller.config.AppURL, queries.Encode()))
 				return
 			}
 		}
 
-		c.Header("Authorization", c.Request.Header.Get("Authorization"))
 		c.Header("Remote-User", utils.SanitizeHeader(userContext.Username))
 		c.Header("Remote-Name", utils.SanitizeHeader(userContext.Name))
 		c.Header("Remote-Email", utils.SanitizeHeader(userContext.Email))
diff --git a/internal/service/oauth_broker_service.go b/internal/service/oauth_broker_service.go
index 301dd4e..f9df4f8 100644
--- a/internal/service/oauth_broker_service.go
+++ b/internal/service/oauth_broker_service.go
@@ -46,10 +46,10 @@ func (broker *OAuthBrokerService) Init() error {
 	for name, service := range broker.services {
 		err := service.Init()
 		if err != nil {
-			log.Error().Err(err).Msgf("Failed to initialize OAuth service: %s", name)
+			log.Error().Err(err).Msgf("Failed to initialize OAuth service: %T", name)
 			return err
 		}
-		log.Info().Msgf("Initialized OAuth service: %s", name)
+		log.Info().Msgf("Initialized OAuth service: %T", name)
 	}
 
 	return nil