From 79bf741bd7fe492301aa51f20f3fff98192500e8 Mon Sep 17 00:00:00 2001
From: Stuart Heap <sheap13@gmail.com>
Date: Wed, 23 Feb 2022 16:58:02 +0100
Subject: [PATCH] don't panic

---
 src/api/identity.rs | 42 ++++++++++++++++++++++++------------------
 1 file changed, 24 insertions(+), 18 deletions(-)

diff --git a/src/api/identity.rs b/src/api/identity.rs
index d4ffdfed..f041216c 100644
--- a/src/api/identity.rs
+++ b/src/api/identity.rs
@@ -632,29 +632,35 @@ fn _check_is_some<T>(value: &Option<T>, msg: &str) -> EmptyResult {
 #[allow(unreachable_code)]
 fn prevalidate(domainHint: String, conn: DbConn) -> JsonResult {
     let empty_result = json!({});
-    let organization = Organization::find_by_identifier(&domainHint, &conn).unwrap();
-    let sso_config = SsoConfig::find_by_org(&organization.uuid, &conn);
-    match sso_config {
-        Some(sso_config) => {
-            if !sso_config.use_sso {
-                return err_code!("SSO Not allowed for organization", Status::BadRequest.code);
+    match Organization::find_by_identifier(&domainHint, &conn) {
+        Some(organization) => {
+            let sso_config = SsoConfig::find_by_org(&organization.uuid, &conn);
+            match sso_config {
+                Some(sso_config) => {
+                    if !sso_config.use_sso {
+                        return err_code!("SSO Not allowed for organization", Status::BadRequest.code);
+                    }
+                    if sso_config.authority.is_none()
+                        || sso_config.client_id.is_none()
+                        || sso_config.client_secret.is_none() {
+                        return err_code!("Organization is incorrectly configured for SSO", Status::BadRequest.code);
+                    }
+                },
+                None => {
+                    return err_code!("Unable to find sso config", Status::BadRequest.code);
+                },
             }
-            if sso_config.authority.is_none()
-                || sso_config.client_id.is_none()
-                || sso_config.client_secret.is_none() {
-                return err_code!("Organization is incorrectly configured for SSO", Status::BadRequest.code);
+
+            if domainHint == "" {
+                return err_code!("No Organization Identifier Provided", Status::BadRequest.code);
             }
+
+            Ok(Json(empty_result))
         },
         None => {
-            return err_code!("Unable to find sso config", Status::BadRequest.code);
-        },
-    }
-
-    if domainHint == "" {
-        return err_code!("No Organization Identifier Provided", Status::BadRequest.code);
+            return err_code!("No matching organization found", Status::BadRequest.code);
+        }
     }
-
-    Ok(Json(empty_result))
 }
 
 use openidconnect::core::{