Return authorization URL response on authorize call, return BadReques…

[feordin]

Forward errors from authorization URL to caller, and return BadRequest error on missing params

Description

Updated authorize route in proxy to return the result from the redirect. For other errors with missing params, return a BadRequest result.

Related issues

Addresses [issue AB#68689].

Testing

Unit test created and run

[hansenms]

I am not convinced that we need to add src/Microsoft.Health.Fhir.Api.UnitTests/Controllers/openid-configuration.json, could we not just in the test provide the https://login.microsoftonline.com/common endpoint as authority and the controller would pull the openid-configuration as normal?

[brandonpollett]

I am not convinced that we need to add src/Microsoft.Health.Fhir.Api.UnitTests/Controllers/openid-configuration.json, could we not just in the test provide the https://login.microsoftonline.com/common endpoint as authority and the controller would pull the openid-configuration as normal?

I think that would make it more of an integration test. We may be able to just mock out the returned configuration instead of adding it.

[feordin]

I am not convinced that we need to add src/Microsoft.Health.Fhir.Api.UnitTests/Controllers/openid-configuration.json, could we not just in the test provide the https://login.microsoftonline.com/common endpoint as authority and the controller would pull the openid-configuration as normal?

I think that would make it more of an integration test. We may be able to just mock out the returned configuration instead of adding it.

As Brandon said, I was trying to avoid having the test call out to any external resources by adding the file. As it is now, the file is used as the mock response which the HttpClient sends back. It was just a long enough string it seemed easier to place it in a separate file rather than embed it as a string in the C# file.