diff --git a/apps/id.saladeaula.digital/app/routes/authorize.ts b/apps/id.saladeaula.digital/app/routes/authorize.ts index 2c026ba..0cbf627 100644 --- a/apps/id.saladeaula.digital/app/routes/authorize.ts +++ b/apps/id.saladeaula.digital/app/routes/authorize.ts @@ -1,5 +1,6 @@ import type { Route } from './+types' +import { redirect } from 'react-router' import { parse } from 'cookie' export async function loader({ request, context }: Route.LoaderArgs) { @@ -19,47 +20,31 @@ export async function loader({ request, context }: Route.LoaderArgs) { }) } - try { - const r = await fetch(issuerUrl.toString(), { - method: 'GET', - headers: new Headers([ - ['Content-Type', 'application/json'], - ['Cookie', request.headers.get('Cookie') as string] - ]), - redirect: 'manual' + const r = await fetch(issuerUrl.toString(), { + method: 'GET', + headers: new Headers([ + ['Content-Type', 'application/json'], + ['Cookie', request.headers.get('Cookie') as string] + ]), + redirect: 'manual' + }) + + if (r.status === 302) { + return new Response(await r.text(), { + status: r.status, + headers: r.headers }) - - if (r.status === 302) { - return new Response(await r.text(), { - status: r.status, - headers: r.headers - }) - } - - console.log('Authorize response', { - json: await r.json(), - headers: r.headers, - status: r.status - }) - - // Deny authorization if user lacks scopes requested by client - if (r.status === 302) { - return new Response(null, { - status: r.status, - headers: { - Location: new URL('/deny', url.origin).toString() - } - }) - } - - return new Response(null, { - status: 302, - headers: { - Location: loginUrl.toString() - } - }) - } catch (error) { - console.error(error) - return new Response(null, { status: 500 }) } + + // Deny authorization if user lacks scopes requested by client + if (r.status === 403) { + throw redirect(new URL('/deny', url.origin).toString()) + } + + return new Response(null, { + status: 302, + headers: { + Location: loginUrl.toString() + } + }) }