Obscure features are obscure (#52)

https://ruby-doc.org/core-3.1.0/Hash.html#method-i-compact-21

lib/token.rb

@@ -51,7 +51,7 @@ def self.id_token(client, user, scopes, claims, nonce)
       'exp' => now + base_config.dig('id_token', 'expiration'),
       'auth_time' => user.auth_time,
       'nonce' => nonce
-    }.compact!
+    }.compact
     PluginLoader.load_plugins('claim_mapper').each do |mapper|
       token.merge!(mapper.map_to_id_token(client, user, scopes, claims['id_token']))
     end

plugins/api/user_selfservice_v1.rb

@@ -18,9 +18,12 @@
   user_may_read  = !(scopes & ['omejdn:admin', 'omejdn:write', 'omejdn:read']).empty?
   halt 403 unless request.env['REQUEST_METHOD'] == 'GET' ? user_may_read : user_may_write
   @user = User.find_by_id token['sub']
-  @selfservice_config = Config.base_config.dig('plugins', 'api', 'user_selfservice_v1')
+  @selfservice_config = Config.base_config.dig('plugins', 'api', 'user_selfservice_v1') || {
+    'editable_attributes' => [],
+    'allow_deletion' => false,
+    'allow_password_change' => false
+  }
   halt 401 if @user.nil?
-  halt 403 if @selfservice_config.nil?
 rescue StandardError => e
   p e if debug
   halt 401