[ https://issues.apache.org/jira/browse/OLTU-218?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Keisuke Kato closed OLTU-218.
-----------------------------
Resolution: Invalid
I was wrong about using invalid token.
> [RFC 6750] The resource should respond with 401 when the access token is invalid
> --------------------------------------------------------------------------------
>
> Key: OLTU-218
> URL: https://issues.apache.org/jira/browse/OLTU-218
> Project: Apache Oltu
> Issue Type: Improvement
> Components: oauth2-resourceserver
> Affects Versions: oauth2-1.0.2
> Reporter: Keisuke Kato
> Priority: Minor
>
> According to [RFC 6750 - 3.1. Error Codes|https://tools.ietf.org/html/rfc6750#section-3.1],
the following error should SHOULD respond with the HTTP 401 (Unauthorized) status code, I
think. What do you think?
> ||Request||Response Status Code Actual||Expected||Response Body Actual||Expected||
> |Invalid token|400|{color:red}401{color}|{"WWW-Authenticate":"Bearer error=\"invalid_token\""}|{"WWW-Authenticate":"Bearer
error=\"invalid_token\""}|
> Thanks
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
|