You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oltu.apache.org by "Keisuke Kato (JIRA)" <ji...@apache.org> on 2018/01/11 12:45:00 UTC
[jira] [Closed] (OLTU-218) [RFC 6750] The resource should respond
with 401 when the access token is invalid
[ https://issues.apache.org/jira/browse/OLTU-218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Keisuke Kato closed OLTU-218.
-----------------------------
Resolution: Invalid
I was wrong about using invalid token.
> [RFC 6750] The resource should respond with 401 when the access token is invalid
> --------------------------------------------------------------------------------
>
> Key: OLTU-218
> URL: https://issues.apache.org/jira/browse/OLTU-218
> Project: Apache Oltu
> Issue Type: Improvement
> Components: oauth2-resourceserver
> Affects Versions: oauth2-1.0.2
> Reporter: Keisuke Kato
> Priority: Minor
>
> According to [RFC 6750 - 3.1. Error Codes|https://tools.ietf.org/html/rfc6750#section-3.1], the following error should SHOULD respond with the HTTP 401 (Unauthorized) status code, I think. What do you think?
> ||Request||Response Status Code Actual||Expected||Response Body Actual||Expected||
> |Invalid token|400|{color:red}401{color}|{"WWW-Authenticate":"Bearer error=\"invalid_token\""}|{"WWW-Authenticate":"Bearer error=\"invalid_token\""}|
> Thanks
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)