From 418b1230f60530f24e3bd09620d8284e6f96863a Mon Sep 17 00:00:00 2001
From: Mark <mark@openappstack.net>
Date: Tue, 29 Oct 2019 18:32:21 +0100
Subject: [PATCH] Refactor

---
 consent_provider/app.py | 6 ++++--
 consent_provider/db.py  | 5 +++--
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/consent_provider/app.py b/consent_provider/app.py
index 8c1cc28..75125f3 100644
--- a/consent_provider/app.py
+++ b/consent_provider/app.py
@@ -13,7 +13,7 @@ def home():
     hydra = HydraAdmin(HYDRA_ADMIN_URL)
     challenge = request.args.get("consent_challenge")
     if not challenge:
-        abort(400)
+        abort(403)
     consent_request = hydra.consent_request(challenge)
     app_name = consent_request.client["client_name"]
     username = consent_request.subject
@@ -26,7 +26,9 @@ def home():
             grant_access_token_audience=consent_request.requested_access_token_audience,
             session=session,
             ))
-    abort(400)
+    return redirect(consent_request.reject(
+        "Permission denied",
+        error_description="Login request was denied due to missing application permission"))
 
 if __name__ == '__main__':
     app.run()
diff --git a/consent_provider/db.py b/consent_provider/db.py
index 5f9cbe0..1705f33 100644
--- a/consent_provider/db.py
+++ b/consent_provider/db.py
@@ -4,7 +4,8 @@ from graphqlclient import GraphQLClient
 from json import loads
 
 GRAPHQL_URL = environ['GRAPHQL_URL']
-graphql_client = GraphQLClient(GRAPHQL_URL)
+GRAPHQL_CLIENT = GraphQLClient(GRAPHQL_URL)
+
 
 class User():
     def __init__(self, username):
@@ -23,7 +24,7 @@ class User():
                 }}
             }}
             }}}}'''.format(self.username).strip()
-        result = loads(graphql_client.execute(querystring))
+        result = loads(GRAPHQL_CLIENT.execute(querystring))
         if "data" in result:
             data = result["data"]["getUser"]
             self.applications = list(map(lambda x: x["node"]["name"],
-- 
GitLab