Add route for auth/failure

Author: davezuckerman

app/controllers/auth_controller.rb

@@ -3,6 +3,10 @@
 class AuthController < ApplicationController
   ERR_TICKET_MISMATCH = 'Ticket from callback URL parameter does not match credential from OmniAuth hash'.freeze
 
+  def failure
+    render json: 'Authentication failed', status: :unauthorized
+  end
+
   def callback
     logger.debug({ msg: 'Received omniauth callback', omniauth: auth_hash, params: params.to_unsafe_h })
 

config/routes.rb

@@ -2,6 +2,7 @@
 
   direct(:login) { '/auth/calnet' } # convenience to provide login_url helper
   get '/logout', to: 'auth#logout', as: :logout
+  get '/auth/failure', to: 'auth#failure'
   get '/auth/:provider/callback', to: 'auth#callback', as: :omniauth_callback
 
   scope module: 'preview' do

spec/requests/auth_spec.rb

@@ -47,6 +47,15 @@
     end
   end
 
+  describe 'GET /auth/failure' do
+    it 'returns a JSON authentication failure response' do
+      get '/auth/failure'
+
+      expect(response).to have_http_status(:unauthorized)
+      expect(response.parsed_body).to eq('Authentication failed')
+    end
+  end
+
   # NOTE: In effect we're just testing omniauth-cas here, but with
   #       app-specific configuration and CalNet-specific data, to
   #       be completely sure we know what we're doing