Simplify DFC authorisation control

I want to add other ways to authenticate for easier testing and possibly
more integrations. It will be easier to just test if we got a user or
not instead of testing pre-conditions to that as well.

engines/dfc_provider/app/controllers/dfc_provider/base_controller.rb

@@ -5,23 +5,14 @@ module DfcProvider
   class BaseController < ActionController::Base
     rescue_from ActiveRecord::RecordNotFound, with: :not_found
 
-    before_action :check_authorization,
-                  :check_user
+    before_action :check_authorization
 
     respond_to :json
 
     private
 
     def check_authorization
-      return if access_token.present?
-
-      head :unprocessable_entity
-    end
-
-    def check_user
-      return if current_user.present?
-
-      head :unauthorized
+      head :unauthorized if current_user.nil?
     end
 
     def check_enterprise

engines/dfc_provider/app/services/dfc_provider/authorization_control.rb

@@ -9,6 +9,8 @@ module DfcProvider
     end
 
     def process
+      return unless @access_token
+
       decode_token
       find_ofn_user
     end

engines/dfc_provider/spec/controllers/dfc_provider/catalog_items_controller_spec.rb

@@ -93,9 +93,9 @@ describe DfcProvider::CatalogItemsController, type: :controller do
     end
 
     context 'without an authorization token' do
-      it 'returns unprocessable_entity head' do
+      it 'returns unauthorized head' do
         api_get :index, enterprise_id: enterprise.id
-        expect(response).to be_unprocessable
+        expect(response).to be_unauthorized
       end
     end
   end