1 files changed, 26 insertions, 9 deletions

diff --git a/app/controllers/google_api/authorizations_controller.rb b/app/controllers/google_api/authorizations_controller.rb
index 76a1c43dfa3..b9c5e87c69c 100644
--- a/app/controllers/google_api/authorizations_controller.rb
+++ b/app/controllers/google_api/authorizations_controller.rb
@@ -8,19 +8,36 @@ module GoogleApi
 
     feature_category :kubernetes_management
 
+    ##
+    # handle the response from google after the user
+    # goes through authentication and authorization process
     def callback
-      token, expires_at = GoogleApi::CloudPlatform::Client
-        .new(nil, callback_google_api_auth_url)
-        .get_token(params[:code])
-
-      session[GoogleApi::CloudPlatform::Client.session_key_for_token] = token
-      session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at] =
-        expires_at.to_s
-
+      redirect_uri = redirect_uri_from_session
+      ##
+      # when  the user declines authorizations
+      # `error` param is returned
+      if params[:error]
+        flash[:alert] = _('Google Cloud authorizations required')
+        redirect_uri = session[:error_uri]
+      ##
+      # on success, the `code` param is returned
+      elsif params[:code]
+        token, expires_at = GoogleApi::CloudPlatform::Client
+          .new(nil, callback_google_api_auth_url)
+          .get_token(params[:code])
+
+        session[GoogleApi::CloudPlatform::Client.session_key_for_token] = token
+        session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at] = expires_at.to_s
+        redirect_uri = redirect_uri_from_session
+      end
+    ##
+    # or google may just timeout
     rescue ::Faraday::TimeoutError, ::Faraday::ConnectionFailed
       flash[:alert] = _('Timeout connecting to the Google API. Please try again.')
+    ##
+    # regardless, we redirect the user appropriately
     ensure
-      redirect_to redirect_uri_from_session
+      redirect_to redirect_uri
     end
 
     private