You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@oltu.apache.org by "Keisuke Kato (JIRA)" <ji...@apache.org> on 2018/01/11 12:45:00 UTC

[jira] [Closed] (OLTU-218) [RFC 6750] The resource should respond with 401 when the access token is invalid

     [ https://issues.apache.org/jira/browse/OLTU-218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Keisuke Kato closed OLTU-218.
-----------------------------
    Resolution: Invalid

I was wrong about using invalid token.

> [RFC 6750] The resource should respond with 401 when the access token is invalid
> --------------------------------------------------------------------------------
>
>                 Key: OLTU-218
>                 URL: https://issues.apache.org/jira/browse/OLTU-218
>             Project: Apache Oltu
>          Issue Type: Improvement
>          Components: oauth2-resourceserver
>    Affects Versions: oauth2-1.0.2
>            Reporter: Keisuke Kato
>            Priority: Minor
>
> According to [RFC 6750 - 3.1. Error Codes|https://tools.ietf.org/html/rfc6750#section-3.1], the following error should SHOULD respond with the HTTP 401 (Unauthorized) status code, I think. What do you think?
> ||Request||Response Status Code Actual||Expected||Response Body Actual||Expected||
> |Invalid token|400|{color:red}401{color}|{"WWW-Authenticate":"Bearer error=\"invalid_token\""}|{"WWW-Authenticate":"Bearer error=\"invalid_token\""}|
> Thanks



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)