Merge pull request #614 from sennetconsortium/maxsibilla/issue-610

Updating logic to redirect to logout

src/routes/auth/__init__.py

@@ -14,11 +14,11 @@
 # Redirect users from react app login page to Globus auth login widget then redirect back
 @auth_blueprint.route('/login')
 def login():
-    return _login(redirect_uri=current_app.config['GLOBUS_CLIENT_APP_URI'], inciting_url='/login')
+    return _login(redirect_uri=current_app.config['GLOBUS_CLIENT_APP_URI'], redirect_failure_uri='logout')
 
 @auth_blueprint.route('/data-ingest-board-login')
 def data_ingest_login():
-    return _login(redirect_uri=current_app.config['DATA_INGEST_BOARD_APP_URI'], key='ingest_board_tokens', inciting_url='data-ingest-board-logout')
+    return _login(redirect_uri=current_app.config['DATA_INGEST_BOARD_APP_URI'], key='ingest_board_tokens', redirect_failure_uri='data-ingest-board-logout')
 
 
 @auth_blueprint.route('/logout')
@@ -45,7 +45,7 @@ def get_auth_header() -> dict:
     token = auth_helper_instance.getAuthorizationTokens(request.headers)
     return get_auth_header_dict(token)
 
-def _login(redirect_uri, key = 'tokens', inciting_url = '/login'):
+def _login(redirect_uri, key = 'tokens', redirect_failure_uri = 'logout'):
     #redirect_uri = url_for('login', _external=True)
     _redirect_uri = current_app.config['FLASK_APP_BASE_URI'] + request.path.replace('/', '')
 
@@ -70,8 +70,8 @@ def _login(redirect_uri, key = 'tokens', inciting_url = '/login'):
             token_response = confidential_app_auth_client.oauth2_exchange_code_for_tokens(auth_code)
         except AuthAPIError as e:
             logger.error(e)
-            # The exchange for token for a code has failed so start the process again
-            return redirect(inciting_url)
+            # The exchange for token for a code has failed so logout and have the user start from scratch
+            return redirect(redirect_failure_uri)
 
         # Get all Bearer tokens
         auth_token = token_response.by_resource_server['auth.globus.org']['access_token']