BerkeleyLibrary · davezuckerman · Apr 1, 2026 · Apr 1, 2026 · Apr 1, 2026 · Apr 1, 2026
diff --git a/app/controllers/fees_controller.rb b/app/controllers/fees_controller.rb
@@ -1,6 +1,7 @@
 require 'jwt'
 
 class FeesController < ApplicationController
+
   # This will be needed for transaction_complete since Paypal will hit that
   protect_from_forgery with: :null_session
 
@@ -9,6 +10,8 @@ def index
     decoded_token = JWT.decode @jwt, nil, false
     @alma_id = decoded_token.first['userName']
     @fees = FeesPayment.new(alma_id: @alma_id)
+  rescue ActionController::ParameterMissing
+    redirect_to 'https://www.lib.berkeley.edu/find/borrow-renew?section=pay-fees', allow_other_host: true
   rescue JWT::DecodeError
     redirect_to(action: :transaction_error)
   end

diff --git a/spec/request/fees_request_spec.rb b/spec/request/fees_request_spec.rb
@@ -12,9 +12,9 @@ def base_url_for(user_id = nil)
     allow(Rails.application.config).to receive(:alma_api_key).and_return(alma_api_key)
   end
 
-  it 'shows a Bad Request error if request has no jwt' do
+  it 'redirects to the fallback URL if there is no jwt' do
     get fees_path
-    expect(response).to have_http_status(:bad_request)
+    expect(response).to redirect_to('https://www.lib.berkeley.edu/find/borrow-renew?section=pay-fees')
   end
 
   it 'redirects to error page if request has a non-existant alma id' do