From 8e916a830d5e7de0767ae3b7abf85ada619d2759 Mon Sep 17 00:00:00 2001 From: Ersun Warncke Date: Tue, 14 May 2019 05:27:45 -0400 Subject: [PATCH] Revert "Revert "fix auth error response and use 401 for malformed header"" This reverts commit 5d25af9026159b0c1e0a53f0d1fd0d9c685b40ee. GitOrigin-RevId: d5cc2fd2e7a676cad637717d77d1a69a7fe6453c --- .../Features/Authentication/AuthenticationController.coffee | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee index 1086a2d634..de29316df5 100644 --- a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee +++ b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee @@ -194,10 +194,12 @@ module.exports = AuthenticationController = response = new Oauth2Server.Response(res) Oauth2Server.server.authenticate request, response, {}, (err, token) -> if err? + # use a 401 status code for malformed header for git-bridge + err.code = 401 if err.code == 400 and err.message == 'Invalid request: malformed authorization header' # fall back to v1 on invalid token return AuthenticationController._requireOauthV1Fallback req, res, next if err.code == 401 - # bubble up all other errors - return next(err) + # send all other errors + return res.status(err.code).json({error: err.name, error_description: err.message}) req.oauth = access_token: token.accessToken req.oauth_token = token