lib/gds-sso/controller_methods.rb in gds-sso-1.1.0 vs lib/gds-sso/controller_methods.rb in gds-sso-1.1.1

@@ -24,17 +24,18 @@
       end
 
       def require_signin_permission!
         authorise_user!(GDS::SSO::Config.default_scope, 'signin')
       rescue PermissionDeniedException
-        headers["X-Slimmer-Skip"] = "1" # If slimmer used, without this you would see a generic 400 error page
+        skip_slimmer
         render "authorisations/cant_signin", layout: "unauthorised", status: :forbidden
       end
 
       def authenticate_user!
         if current_user && current_user.remotely_signed_out?
           message = "You have been remotely signed out."
+          skip_slimmer
           render "authorisations/unauthorised", layout: "unauthorised", status: :forbidden, locals: { message: message }
         end
         warden.authenticate!
       end
 
@@ -50,9 +51,14 @@
         warden.log_out
       end
 
       def warden
         request.env['warden']
+      end
+
+      def skip_slimmer
+        # If slimmer used, without this you would see a generic 400 error page
+        headers["X-Slimmer-Skip"] = "1"
       end
     end
   end
 end