diff --git a/server/introspectionhandler.go b/server/introspectionhandler.go index a33f20bd9bccafd2fb6bd214d0582702ce1be4ae..f0d1f807cace513772fc44847c52b0507148a0b8 100644 --- a/server/introspectionhandler.go +++ b/server/introspectionhandler.go @@ -340,7 +340,7 @@ func introspectInactiveErr(w http.ResponseWriter) { w.Header().Set("Cache-Control", "no-store") w.Header().Set("Pragma", "no-cache") w.Header().Set("Content-Type", "application/json") - w.WriteHeader(401) + w.WriteHeader(200) json.NewEncoder(w).Encode(struct { Active bool `json:"active"` }{Active: false}) diff --git a/server/introspectionhandler_test.go b/server/introspectionhandler_test.go index 07504c4e60dd68e2ab3d80c7307d63582003446f..2b17c2e9f520f4c0a6d870d76cc875815923cb51 100644 --- a/server/introspectionhandler_test.go +++ b/server/introspectionhandler_test.go @@ -300,7 +300,7 @@ func TestHandleIntrospect(t *testing.T) { testName: "Access Token: wrong", token: "fake-token", response: inactiveResponse, - responseStatusCode: 401, + responseStatusCode: 200, }, // Refresh token tests { @@ -313,13 +313,13 @@ func TestHandleIntrospect(t *testing.T) { testName: "Refresh Token: expired", token: expiredRefreshToken, response: inactiveResponse, - responseStatusCode: 401, + responseStatusCode: 200, }, { testName: "Refresh Token: active => false (wrong)", token: "fake-token", response: inactiveResponse, - responseStatusCode: 401, + responseStatusCode: 200, }, } @@ -380,7 +380,7 @@ func TestIntrospectErrHelper(t *testing.T) { { testName: "Inactive Token", err: newIntrospectInactiveTokenError(), - resStatusCode: http.StatusUnauthorized, + resStatusCode: http.StatusOK, resBody: "{\"active\":false}\n", }, {