You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Make a GET request to /oauth/authorize?client_id=badclient
Expected behavior
Response should be something like
{"error": "The authorization server does not support this response type.",// potentially more metadata:"error_type": "unsupported_response_type","status": 401}
Actual behavior
We get just raw text back, despite the response header Content-Type: application/json:
The authorization server does not support this response type.
Here is a well-formed JSON response from a successful request:
Steps to reproduce
master
(presentlyv5.0.0.rc1
)api_only
/oauth/authorize?client_id=badclient
Expected behavior
Response should be something like
Actual behavior
We get just raw text back, despite the response header
Content-Type: application/json
:Here is a well-formed JSON response from a successful request:
The issue appears to be
doorkeeper/app/controllers/doorkeeper/authorizations_controller.rb
Lines 34 to 41 in bf36149
Proposed solution
Prefix the error with a
error
key. Not sure if there is already an existing pattern elsewhere. If so, we should adopt that pattern.The text was updated successfully, but these errors were encountered: