RESTful API is sending 400 for invalid tokens (should send 401)
Bug #751895 reported by
Natalia Bidart
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu One Servers |
Fix Released
|
High
|
Vincenzo Di Somma |
Bug Description
When sending a request with bad tokens, we're getting:
(400L, 'Invalid access token: hGTbRxOcMCaQqRH
As per the spec, we should send 401.
visibility: | private → public |
Changed in ubuntuone-servers: | |
status: | Triaged → In Progress |
Changed in ubuntuone-servers: | |
status: | In Progress → Fix Committed |
Changed in ubuntuone-servers: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
As per http:// tools.ietf. org/html/ rfc5849:
The server SHOULD return a 400 (Bad Request) status code when
receiving a request with unsupported parameters, an unsupported
signature method, missing parameters, or duplicated protocol
parameters. The server SHOULD return a 401 (Unauthorized) status
code when receiving a request with invalid client credentials, an
invalid or expired token, an invalid signature, or an invalid or used
nonce.