From 448ee700c8dab870223161347154f7e0b49e6f83 Mon Sep 17 00:00:00 2001
From: Darko Luketic <info@icod.de>
Date: Tue, 16 Nov 2021 15:55:07 +0100
Subject: [PATCH] cleaned up logic

---
 gin.go | 31 +++++++++----------------------
 1 file changed, 9 insertions(+), 22 deletions(-)

diff --git a/gin.go b/gin.go
index 86acb22..287129f 100644
--- a/gin.go
+++ b/gin.go
@@ -24,12 +24,11 @@ func onError(c *gin.Context, errorHandler options.ErrorHandler, statusCode int,
 	c.AbortWithStatusJSON(statusCode, gin.H{"error": err.Error()})
 }
 
+// toGinHandler creates a gin.HandlerFunc so the stdlib handler can be used as a gin middleware.
 func toGinHandler(parseToken oidc.ParseTokenFunc, setters ...options.Option) gin.HandlerFunc {
 	opts := options.New(setters...)
 
 	return func(c *gin.Context) {
-		var errorTypes []ginerror.Error
-
 		ctx := c.Request.Context()
 
 		tokenString, err := oidc.GetTokenString(c.Request.Header.Get, opts.TokenString)
@@ -38,41 +37,29 @@ func toGinHandler(parseToken oidc.ParseTokenFunc, setters ...options.Option) gin
 				onError(c, opts.ErrorHandler, http.StatusBadRequest, options.GetTokenErrorDescription, err)
 				return
 			} else {
-				errorTypes = append(errorTypes, ginerror.Error{
+				c.Set(string(opts.ErrorsContextKeyName), ginerror.Error{
 					Description: string(options.GetTokenErrorDescription),
 					Error:       err,
 				})
+
+				c.Next()
+				return
 			}
 		}
 
 		token, err := parseToken(ctx, tokenString)
 		if err != nil {
-			if !opts.Permissive {
-				onError(c, opts.ErrorHandler, http.StatusUnauthorized, options.ParseTokenErrorDescription, err)
-				return
-			} else {
-				errorTypes = append(errorTypes, ginerror.Error{
-					Description: string(options.ParseTokenErrorDescription),
-					Error:       err,
-				})
-			}
+			onError(c, opts.ErrorHandler, http.StatusUnauthorized, options.ParseTokenErrorDescription, err)
+			return
 		}
 
 		tokenClaims, err := token.AsMap(ctx)
 		if err != nil {
-			if !opts.Permissive {
-				onError(c, opts.ErrorHandler, http.StatusUnauthorized, options.ConvertTokenErrorDescription, err)
-				return
-			} else {
-				errorTypes = append(errorTypes, ginerror.Error{
-					Description: string(options.ConvertTokenErrorDescription),
-					Error:       err,
-				})
-			}
+			onError(c, opts.ErrorHandler, http.StatusUnauthorized, options.ConvertTokenErrorDescription, err)
+			return
 		}
 
 		c.Set(string(opts.ClaimsContextKeyName), tokenClaims)
-		c.Set(string(opts.ErrorsContextKeyName), errorTypes)
 
 		c.Next()
 	}