⚙️ refactor: Only register OpenID Strategy if Config Succeeded (#9094)

* fix: register openId the strategy if setupOpenId succeeded * chore: linting and update imports * refactor: extract OpenID configuration into a separate function --------- Co-authored-by: Denis <denis.sheremetov@gmail.com>
2025-09-22 06:00:56 +02:00 · 2025-08-16 14:49:03 -04:00 · 2025-08-16 14:49:03 -04:00 · 8bcdc041b2
commit 8bcdc041b2
parent 9b6395d955
1 changed files with 36 additions and 21 deletions
--- a/api/server/socialLogins.js
+++ b/api/server/socialLogins.js
@ -1,19 +1,48 @@
 const passport = require('passport');
 const session = require('express-session');
+const { isEnabled } = require('@librechat/api');
+const { logger } = require('@librechat/data-schemas');
+const { CacheKeys } = require('librechat-data-provider');
 const {
+  openIdJwtLogin,
+  facebookLogin,
+  discordLogin,
  setupOpenId,
  googleLogin,
  githubLogin,
-  discordLogin,
-  facebookLogin,
  appleLogin,
  setupSaml,
-  openIdJwtLogin,
 } = require('~/strategies');
-const { isEnabled } = require('~/server/utils');
-const { logger } = require('~/config');
 const { getLogStores } = require('~/cache');
-const { CacheKeys } = require('librechat-data-provider');
+
+/**
+ * Configures OpenID Connect for the application.
+ * @param {Express.Application} app - The Express application instance.
+ * @returns {Promise<void>}
+ */
+async function configureOpenId(app) {
+  logger.info('Configuring OpenID Connect...');
+  const sessionOptions = {
+    secret: process.env.OPENID_SESSION_SECRET,
+    resave: false,
+    saveUninitialized: false,
+    store: getLogStores(CacheKeys.OPENID_SESSION),
+  };
+  app.use(session(sessionOptions));
+  app.use(passport.session());
+
+  const config = await setupOpenId();
+  if (!config) {
+    logger.error('OpenID Connect configuration failed - strategy not registered.');
+    return;
+  }
+
+  if (isEnabled(process.env.OPENID_REUSE_TOKENS)) {
+    logger.info('OpenID token reuse is enabled.');
+    passport.use('openidJwt', openIdJwtLogin(config));
+  }
+  logger.info('OpenID Connect configured successfully.');
+}

 /**
 *
@ -44,21 +73,7 @@ const configureSocialLogins = async (app) => {
    process.env.OPENID_SCOPE &&
    process.env.OPENID_SESSION_SECRET
  ) {
-    logger.info('Configuring OpenID Connect...');
-    const sessionOptions = {
-      secret: process.env.OPENID_SESSION_SECRET,
-      resave: false,
-      saveUninitialized: false,
-      store: getLogStores(CacheKeys.OPENID_SESSION),
-    };
-    app.use(session(sessionOptions));
-    app.use(passport.session());
-    const config = await setupOpenId();
-    if (isEnabled(process.env.OPENID_REUSE_TOKENS)) {
-      logger.info('OpenID token reuse is enabled.');
-      passport.use('openidJwt', openIdJwtLogin(config));
-    }
-    logger.info('OpenID Connect configured.');
+    await configureOpenId(app);
  }
  if (
    process.env.SAML_ENTRY_POINT &&