Return Unauthorized statuscode in RejectInfo

Description

Currently, when an unauthorized (no token present) request is presented to AuthenticationHandler.handleSecurity, it returns an invalid_request status code. It is better to return some form of unauthorized status code. Besides the string statusCode that is now part of RejectInfo, it would also be good to have an HTTP status code available (which can then be used in RejectInfo::applyTo as well).

PR forthcoming.

Activity

Show:
Jan Willem Janssen
December 1, 2017, 9:58 AM

PR is merged with some modifications to avoid major version bumps in the API package.

Fixed

Assignee

Unassigned

Reporter

Sander Mak