Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use 401 Unauthorized for bad bearer tokens #3173

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Use 401 Unauthorized for bad bearer tokens #3173

wants to merge 1 commit into from

Conversation

nono
Copy link
Member

@nono nono commented Oct 4, 2021

This is breaking change! We will now use 401 instead of 400 as the HTTP
code for the response when a bearer token in the request is invalid
(expired for example). See RFC 6750.

This is a draft pull request, not to be merged yet, as we want to give time to clients to test it and update their code if needed.

@nono
Use 401 Unauthorized for bad bearer tokens
b9c1a7e 
This is breaking change! We will now use 401 instead of 400 as the HTTP
code for the response when a bearer token in the request is invalid
(expired for example). See RFC 6750.
@nono nono requested a review from Crash-- October 4, 2021 14:45
nono added a commit to cozy/cozy-client-js that referenced this pull request Oct 4, 2021
@nono
fix: Allow 401 errors for expired tokens
ae19c3c 
The stack will change the http code used for expired tokens from 400 to
401. This change will allow cozy-client-js to try refreshing the token
in such cases.

See cozy/cozy-stack#3173
@nono nono mentioned this pull request Oct 4, 2021
Merged
nono added a commit to cozy/cozy-client that referenced this pull request Oct 4, 2021
@nono
fix: Allow 401 errors for expired tokens
a111c61 
The stack will change the http code used for expired tokens from 400 to
401. This change will allow cozy-client to try refreshing the token in
such cases.

See cozy/cozy-stack#3173
@nono nono mentioned this pull request Oct 4, 2021
Merged
nono added a commit to cozy/cozy-client that referenced this pull request Oct 25, 2021
@nono
fix: Allow 401 errors for expired tokens
cdd785d 
The stack will change the http code used for expired tokens from 400 to
401. This change will allow cozy-client to try refreshing the token in
such cases.

See cozy/cozy-stack#3173
nono added a commit to cozy/cozy-client-js that referenced this pull request Oct 25, 2021
@nono
fix: Allow 401 errors for expired tokens
a2936b5 
The stack will change the http code used for expired tokens from 400 to
401. This change will allow cozy-client-js to try refreshing the token
in such cases.

See cozy/cozy-stack#3173
@Crash-- Crash-- mentioned this pull request Nov 30, 2021
Merged
@nono
Copy link
Member Author

nono commented Sep 19, 2022

@Crash-- ping, what is the status for this PR?

@nono
Copy link
Member Author

nono commented Nov 14, 2022

Ping @Crash--

1 similar comment
@nono
Copy link
Member Author

nono commented Mar 5, 2024

Ping @Crash--

@Crash--
Copy link
Contributor

Crash-- commented Nov 8, 2024

I think we can merge this one now :trollface:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Crash-- Crash-- Awaiting requested review from Crash--

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nono @Crash--