fix: ensure oidc service is configured before performing any actions

internal/controller/oidc_controller.go

@@ -97,6 +97,11 @@ func (controller *OIDCController) GetClientInfo(c *gin.Context) {
 }
 
 func (controller *OIDCController) Authorize(c *gin.Context) {
+	if !controller.oidc.IsConfigured() {
+		controller.authorizeError(c, errors.New("err_oidc_not_configured"), "OIDC not configured", "This instance is not configured for OIDC", "", "", "")
+		return
+	}
+
 	userContext, err := utils.GetContext(c)
 
 	if err != nil {
@@ -177,6 +182,14 @@ func (controller *OIDCController) Authorize(c *gin.Context) {
 }
 
 func (controller *OIDCController) Token(c *gin.Context) {
+	if !controller.oidc.IsConfigured() {
+		tlog.App.Warn().Msg("OIDC not configured")
+		c.JSON(404, gin.H{
+			"error": "not_found",
+		})
+		return
+	}
+
 	var req TokenRequest
 
 	err := c.Bind(&req)
@@ -306,6 +319,14 @@ func (controller *OIDCController) Token(c *gin.Context) {
 }
 
 func (controller *OIDCController) Userinfo(c *gin.Context) {
+	if !controller.oidc.IsConfigured() {
+		tlog.App.Warn().Msg("OIDC not configured")
+		c.JSON(404, gin.H{
+			"error": "not_found",
+		})
+		return
+	}
+
 	authorization := c.GetHeader("Authorization")
 
 	tokenType, token, ok := strings.Cut(authorization, " ")

internal/service/oidc_service.go

@@ -98,9 +98,16 @@ func NewOIDCService(config OIDCServiceConfig, queries *repository.Queries) *OIDC
 	}
 }
 
-// TODO: A cleanup routine is needed to clean up expired tokens/code/userinfo
+func (service *OIDCService) IsConfigured() bool {
+	return len(service.config.Clients) > 0
+}
 
 func (service *OIDCService) Init() error {
+	// If not configured, skip init
+	if !service.IsConfigured() {
+		return nil
+	}
+
 	// Ensure issuer is https
 	uissuer, err := url.Parse(service.config.Issuer)
 
@@ -207,6 +214,7 @@ func (service *OIDCService) Init() error {
 		}
 		client.ClientSecretFile = ""
 		service.clients[id] = client
+		tlog.App.Info().Str("id", client.ID).Msg("Registered OIDC client")
 	}
 
 	return nil