THREESCALE-11441 only validate oidc setting if authentication method is set to oidc

[tkan145]

What

Fix https://issues.redhat.com/browse/THREESCALE-11441

Verification steps

• Checkout this branch
• Build APIcast image

make runtime-image IMAGE_NAME=apicast-test

• Get into dev-environment

cd dev-environments/plain-http-upstream

• Modify apicast-config.json as follow

diff --git a/dev-environments/plain-http-upstream/apicast-config.json b/dev-environments/plain-http-upstream/apicast-config.json
index ff944273..405498c6 100644                                                                                                 
--- a/dev-environments/plain-http-upstream/apicast-config.json                                                                  
+++ b/dev-environments/plain-http-upstream/apicast-config.json                                                                  
@@ -5,6 +5,7 @@                                                                                                                 
       "backend_version": "1",                                                                                                  
       "proxy": {                                                                                                               
         "hosts": ["get.example.com"],                                                                                          
+        "oidc_issuer_endpoint": "https://3scale-test:foo@rhsso.test/auth/realms/3scale", 
+        "authentication_method": "1", 
         "api_backend": "http://example.com/get",                                                                               
         "backend": {                                                                                                           
           "endpoint": "http://backend:80", 

and docker-compose

diff --git a/dev-environments/plain-http-upstream/docker-compose.yml b/dev-environments/plain-http-upstream/docker-compose.yml
index ebf84ebc..0563effa 100644                                                                                               
--- a/dev-environments/plain-http-upstream/docker-compose.yml                                                                 
+++ b/dev-environments/plain-http-upstream/docker-compose.yml                                                                 
@@ -10,11 +10,11 @@ services:                                                                                                 
     - two.upstream                                                                                                           
     environment:                                                                                                             
       THREESCALE_CONFIG_FILE: /tmp/config.json                                                                               
-      THREESCALE_DEPLOYMENT_ENV: staging                                                                                     
-      APICAST_CONFIGURATION_LOADER: lazy                                                                                     
+      THREESCALE_DEPLOYMENT_ENV: production                                                                                  
+      APICAST_CONFIGURATION_LOADER: boot                                                                                     
       APICAST_WORKERS: 1                                                                                                     
       APICAST_LOG_LEVEL: debug                                                                                               
-      APICAST_CONFIGURATION_CACHE: "0"                                                                                       
+      APICAST_CONFIGURATION_CACHE: "300"                                                                                     
     expose:                                                                                                                  
       - "8080"                                                                                                               
       - "8090"  

• Start APIcast with latest image first,

make gateway IMAGE_NAME=quay.io/3scale/apicast:latest

the gateway should output the following

gateway-1  | 2026/01/30 00:13:53 [debug] 23#23: *2 [lua] http.lua:86: connect(): connected to  ip:172.19.0.2 host: keycloak port: 8080 ok: nil err: connection refused                                           
gateway-1  | 2026/01/30 00:13:53 [error] 23#23: *2 [lua] discovery.lua:113: openid_configuration(): failed to get OIDC Provider from http://oidc-issuer-for-3scale:oidc-issuer-for-3scale-secret@keycloak:8080/re
alms/basic/.well-known/openid-configuration status: 0 body: nil, context: ngx.timer                                                                                                                              
gateway-1  | 2026/01/30 00:13:53 [notice] 23#23: gracefully shutting down                                                                                                                                        
gateway-1  | 2026/01/30 00:13:53 [notice] 23#23: exiting                                                                                                                                                         

• Stop the gateway

CTRL-C

• Start the gateway again with new image

make  gateway IMAGE_NAME=apicast-test

Check the log again and you should not see the same error