From 86e92aaf1a3b2996aeeb10113d8f33677c2298fc Mon Sep 17 00:00:00 2001 From: Romain Caire <supercairos@users.noreply.github.com> Date: Sun, 31 Mar 2024 16:47:38 +0200 Subject: [PATCH] fix: wrong error code returned in case of inactive token (#3441) Signed-off-by: Romain Caire <super.cairos@gmail.com> --- server/introspectionhandler.go | 2 +- server/introspectionhandler_test.go | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/server/introspectionhandler.go b/server/introspectionhandler.go index a33f20bd..f0d1f807 100644 --- a/server/introspectionhandler.go +++ b/server/introspectionhandler.go @@ -340,7 +340,7 @@ func introspectInactiveErr(w http.ResponseWriter) { w.Header().Set("Cache-Control", "no-store") w.Header().Set("Pragma", "no-cache") w.Header().Set("Content-Type", "application/json") - w.WriteHeader(401) + w.WriteHeader(200) json.NewEncoder(w).Encode(struct { Active bool `json:"active"` }{Active: false}) diff --git a/server/introspectionhandler_test.go b/server/introspectionhandler_test.go index 07504c4e..2b17c2e9 100644 --- a/server/introspectionhandler_test.go +++ b/server/introspectionhandler_test.go @@ -300,7 +300,7 @@ func TestHandleIntrospect(t *testing.T) { testName: "Access Token: wrong", token: "fake-token", response: inactiveResponse, - responseStatusCode: 401, + responseStatusCode: 200, }, // Refresh token tests { @@ -313,13 +313,13 @@ func TestHandleIntrospect(t *testing.T) { testName: "Refresh Token: expired", token: expiredRefreshToken, response: inactiveResponse, - responseStatusCode: 401, + responseStatusCode: 200, }, { testName: "Refresh Token: active => false (wrong)", token: "fake-token", response: inactiveResponse, - responseStatusCode: 401, + responseStatusCode: 200, }, } @@ -380,7 +380,7 @@ func TestIntrospectErrHelper(t *testing.T) { { testName: "Inactive Token", err: newIntrospectInactiveTokenError(), - resStatusCode: http.StatusUnauthorized, + resStatusCode: http.StatusOK, resBody: "{\"active\":false}\n", }, { -- GitLab