Refactor def handle_omniauth

aaronskiba · aaronskiba · commit d1a485d537f2 · 2025-04-22T13:17:57.000-06:00
This change maintains the functionality of `def handle_omniauth(scheme)` while making the code more maintainable and addressing its disabled rubocop offences.

The private methods `def handle_omniauth_for_signed_in_user(user, scheme)` and  `def handle_omniauth_for_signed_out_user(user, scheme)` have been created to handle the omniauth logic for signed in vs signed out users respectively. This change is simply a refactor and maintains the pre-existing code logic.
diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb
@@ -22,8 +22,6 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
     #
     # scheme - The IdentifierScheme for the provider
     #
-    # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
-    # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
     def handle_omniauth(scheme)
       user = if request.env['omniauth.auth'].nil?
                User.from_omniauth(request.env)
@@ -33,59 +31,66 @@ def handle_omniauth(scheme)
 
       # If the user isn't logged in
       if current_user.nil?
-        # If the uid didn't have a match in the system send them to register
-        if user.nil?
-          session["devise.#{scheme.name.downcase}_data"] = request.env['omniauth.auth']
-          redirect_to new_user_registration_url
+        handle_omniauth_for_signed_out_user(user, scheme)
+      # The user is already logged in and just registering the uid with us
+      else
+        handle_omniauth_for_signed_in_user(user, scheme)
+      end
+    end
+
+    def failure
+      redirect_to root_path
+    end
 
-        # Otherwise sign them in
-        elsif scheme.name == 'shibboleth'
-          # Until ORCID becomes supported as a login method
+    private
 
-          # (see app/models/concerns/email_confirmation_handler.rb)
-          return if confirmation_instructions_missing_and_handled?(user)
+    def handle_omniauth_for_signed_in_user(user, scheme)
+      # If the user could not be found by that uid then attach it to their record
+      if user.nil?
+        if Identifier.create(identifier_scheme: scheme,
+                             value: request.env['omniauth.auth'].uid,
+                             attrs: request.env['omniauth.auth'],
+                             identifiable: current_user)
+          flash[:notice] =
+            format(_('Your account has been successfully linked to %{scheme}.'),
+                   scheme: scheme.description)
 
-          set_flash_message(:notice, :success, kind: scheme.description) if is_navigational_format?
-          sign_in_and_redirect user, event: :authentication
         else
-          flash[:notice] = _('Successfully signed in')
-          redirect_to new_user_registration_url
+          flash[:alert] = format(_('Unable to link your account to %{scheme}.'),
+                                 scheme: scheme.description)
         end
 
-      # The user is already logged in and just registering the uid with us
-      else
-        # If the user could not be found by that uid then attach it to their record
-        if user.nil?
-          if Identifier.create(identifier_scheme: scheme,
-                               value: request.env['omniauth.auth'].uid,
-                               attrs: request.env['omniauth.auth'],
-                               identifiable: current_user)
-            flash[:notice] =
-              format(_('Your account has been successfully linked to %{scheme}.'),
-                     scheme: scheme.description)
+      elsif user.id != current_user.id
+        # If a user was found but does NOT match the current user then the identifier has
+        # already been attached to another account (likely the user has 2 accounts)
+        # rubocop:disable Layout/LineLength
+        flash[:alert] = _("The current #{scheme.description} iD has been already linked to a user with email #{identifier.user.email}")
+        # rubocop:enable Layout/LineLength
+      end
 
-          else
-            flash[:alert] = format(_('Unable to link your account to %{scheme}.'),
-                                   scheme: scheme.description)
-          end
+      # Redirect to the User Profile page
+      redirect_to edit_user_registration_path
+    end
 
-        elsif user.id != current_user.id
-          # If a user was found but does NOT match the current user then the identifier has
-          # already been attached to another account (likely the user has 2 accounts)
-          # rubocop:disable Layout/LineLength
-          flash[:alert] = _("The current #{scheme.description} iD has been already linked to a user with email #{identifier.user.email}")
-          # rubocop:enable Layout/LineLength
-        end
+    def handle_omniauth_for_signed_out_user(user, scheme)
+      # If the uid didn't have a match in the system send them to register
+      if user.nil?
+        session["devise.#{scheme.name.downcase}_data"] = request.env['omniauth.auth']
+        redirect_to new_user_registration_url
 
-        # Redirect to the User Profile page
-        redirect_to edit_user_registration_path
-      end
-    end
-    # rubocop:enable Metrics/AbcSize, Metrics/MethodLength
-    # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
+      # Otherwise sign them in
+      elsif scheme.name == 'shibboleth'
+        # Until ORCID becomes supported as a login method
 
-    def failure
-      redirect_to root_path
+        # (see app/models/concerns/email_confirmation_handler.rb)
+        return if confirmation_instructions_missing_and_handled?(user)
+
+        set_flash_message(:notice, :success, kind: scheme.description) if is_navigational_format?
+        sign_in_and_redirect user, event: :authentication
+      else
+        flash[:notice] = _('Successfully signed in')
+        redirect_to new_user_registration_url
+      end
     end
   end
 end
