More adjustments of OIDC

Just silence some internal errors when invalid OIDC requests come in.
aces · Aug 13, 2024 · 2d713fd · 2d713fd
1 parent c91bd0a
commit 2d713fd
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 11 deletions.
diff --git a/BrainPortal/app/controllers/nh_sessions_controller.rb b/BrainPortal/app/controllers/nh_sessions_controller.rb
@@ -139,12 +139,12 @@ def orcid #:nodoc:
   # a user's identity.
   def nh_oidc
     code  = params[:code].presence.try(:strip)
-    state = params[:state].presence || 'wrong'
+    state = params[:state].presence
 
     # Some initial simple validations
-    oidc      = OidcConfig.find_by_state(state) if state
+    oidc = OidcConfig.find_by_state(state) if state
     if !code || !oidc || state != oidc_current_state(oidc)
-      cb_error "#{oidc.name} session is out of sync with CBRAIN"
+      cb_error "#{oidc&.name || 'OIDC'} session is out of sync with CBRAIN"
     end
 
     # Query an OpenID provider; this returns all the info we need at the same time.
@@ -195,9 +195,8 @@ def nh_oidc
     redirect_to signin_path
   rescue => ex
     clean_bt = Rails.backtrace_cleaner.clean(ex.backtrace || [])
-    oidc   ||= OidcConfig.new.tap { |oidc| oidc.name = 'OIDC' }
-    Rails.logger.error "#{oidc.name} auth failed: #{ex.class} #{ex.message} at #{clean_bt[0]}"
-    flash[:error] = "The #{oidc.name} authentication failed"
+    Rails.logger.error "#{oidc&.name || 'OIDC'} auth failed: #{ex.class} #{ex.message} at #{clean_bt[0]}"
+    flash[:error] = "The #{oidc&.name || 'OIDC'} authentication failed"
     redirect_to signin_path
   end
 

diff --git a/BrainPortal/app/controllers/sessions_controller.rb b/BrainPortal/app/controllers/sessions_controller.rb
@@ -148,12 +148,12 @@ def destroy #:nodoc:
   # a user's identity.
   def oidc
     code      = params[:code].presence.try(:strip)
-    state     = params[:state].presence || 'wrong'
+    state     = params[:state].presence
 
     # Some initial simple validations
     oidc      = OidcConfig.find_by_state(state) if state
     if !code || !oidc || state != oidc_current_state(oidc)
-      cb_error "#{oidc.name} session is out of sync with CBRAIN"
+      cb_error "#{oidc&.name || 'OIDC'} session is out of sync with CBRAIN"
     end
 
     # Query OpenID provider; this returns all the info we need at the same time.
@@ -204,9 +204,8 @@ def oidc
     redirect_to new_session_path
   rescue => ex
     clean_bt = Rails.backtrace_cleaner.clean(ex.backtrace || [])
-    oidc   ||= OidcConfig.new.tap { |oidc| oidc.name = 'OIDC' }
-    Rails.logger.error "#{oidc.name} auth failed: #{ex.class} #{ex.message} at #{clean_bt[0]}"
-    flash[:error] = "The #{oidc.name} authentication failed"
+    Rails.logger.error "#{oidc&.name || 'OIDC'} auth failed: #{ex.class} #{ex.message} at #{clean_bt[0]}"
+    flash[:error] = "The #{oidc&.name || 'OIDC'} authentication failed"
     redirect_to new_session_path
   end