Check if user is authorized to access an application before authenticating him

src/controllers/openid_controller.rs

@@ -111,7 +111,11 @@ pub async fn authorize(user: CurrentUser, query: web::Query<AuthorizeQuery>,
         (_, _) => None
     };
 
-    // TODO : Check if user is authorized to access the application
+    // Check if user is authorized to access the application
+    if !user.can_access_app(&client.id) {
+        return error_redirect(&query, "invalid_request",
+                              "User is not authorized to access this application!");
+    }
 
     // Save all authentication information in memory
     let session = Session {