lib/osso/routes/oauth.rb in osso-0.0.5.pre.eta vs lib/osso/routes/oauth.rb in osso-0.0.5.pre.gamma

@@ -14,24 +14,33 @@
       # of the user who wants to sign in. If the sign in request
       # is valid, the user is redirected to their Identity Provider.
       # Once they complete IdP login, they will be returned to the
       # redirect_uri with an authorization code parameter.
       get '/authorize' do
-        client = find_client(params[:client_id])
-        enterprise = find_account(domain: params[:domain], client_id: client.id)
+        Rack::OAuth2::Server::Authorize.new do |req, _res|
+          client = Models::OauthClient.find_by!(identifier: req.client_id)
+          session[:osso_oauth_redirect_uri] = req.verify_redirect_uri!(client.redirect_uri_values)
+          session[:osso_oauth_state] = params[:state]
+        end.call(env)
 
-        validate_oauth_request(env)
+        enterprise = Models::EnterpriseAccount.
+          includes(:identity_providers).
+          find_by!(domain: params[:domain])
 
         redirect "/auth/saml/#{enterprise.provider.id}" if enterprise.single_provider?
 
-        @providers = enterprise.identity_providers.not_pending
-        erb :multiple_providers if @providers.count > 1
+        @providers = enterprise.identity_providers
+        erb :multiple_providers
 
-        raise Osso::Error::MissingConfiguredIdentityProvider.new(domain: params[:domain])
-      rescue Osso::Error::Base => e
+      rescue Rack::OAuth2::Server::Authorize::BadRequest => e
         @error = e
         erb :error
+      rescue ActiveRecord::RecordNotFound => e
+        @error = e
+        @error = 'No OAuth Client exists for the provided client_id' if e.model == 'Osso::Models::OauthClient'
+        @error = "No Customer exists with the domain #{params[:domain]}" if e.model == 'Osso::Models::EnterpriseAccount'
+        erb :error
       end
 
       # Exchange an authorization code for an access token.
       # In addition to the authorization code, you must include all
       # paramaters required by OAuth spec: redirect_uri, client ID,
@@ -54,34 +63,8 @@
           includes(:user).
           valid.
           find_by_token!(params[:access_token]).
           user
       end
-    end
-
-    private
-
-    def find_account(domain:, client_id:)
-      Models::EnterpriseAccount.
-        includes(:identity_providers).
-        find_by!(domain: domain, oauth_client_id: client_id)
-    rescue ActiveRecord::RecordNotFound
-      raise Osso::Error::NoAccountForOAuthClientError.new(domain: params[:domain])
-    end
-
-    def find_client(identifier)
-      @client ||= Models::OauthClient.find_by!(identifier: identifier)
-    rescue ActiveRecord::RecordNotFound
-      raise Osso::Error::InvalidOAuthClientIdentifier
-    end
-
-    def validate_oauth_request(env)
-      Rack::OAuth2::Server::Authorize.new do |req, _res|
-        client = find_client(req[:client_id])
-        session[:osso_oauth_redirect_uri] = req.verify_redirect_uri!(client.redirect_uri_values)
-        session[:osso_oauth_state] = params[:state]
-      end.call(env)
-    rescue Rack::OAuth2::Server::Authorize::BadRequest
-      raise Osso::Error::InvalidRedirectUri.new(redirect_uri: params[:redirect_uri])
     end
   end
 end