handler/oauth2: Returns request unauthorized error on invalid passwor…

…d credentials (#261) Signed-off-by: Beorn Facchini <beorn@lade.io>
ory · Apr 23, 2018 · cca6af4 · cca6af4
1 parent 0fcdf33
commit cca6af4
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/handler/oauth2/flow_resource_owner.go b/handler/oauth2/flow_resource_owner.go
@@ -58,7 +58,7 @@ func (c *ResourceOwnerPasswordCredentialsGrantHandler) HandleTokenEndpointReques
 	if username == "" || password == "" {
 		return errors.WithStack(fosite.ErrInvalidRequest.WithDebug("Username or password missing"))
 	} else if err := c.ResourceOwnerPasswordCredentialsGrantStorage.Authenticate(ctx, username, password); errors.Cause(err) == fosite.ErrNotFound {
-		return errors.WithStack(fosite.ErrInvalidRequest.WithDebug(err.Error()))
+		return errors.WithStack(fosite.ErrRequestUnauthorized.WithDebug(err.Error()))
 	} else if err != nil {
 		return errors.WithStack(fosite.ErrServerError.WithDebug(err.Error()))
 	}

diff --git a/handler/oauth2/flow_resource_owner_test.go b/handler/oauth2/flow_resource_owner_test.go
@@ -75,7 +75,7 @@ func TestResourceOwnerFlow_HandleTokenEndpointRequest(t *testing.T) {
 
 				store.EXPECT().Authenticate(nil, "peter", "pan").Return(fosite.ErrNotFound)
 			},
-			expectErr: fosite.ErrInvalidRequest,
+			expectErr: fosite.ErrRequestUnauthorized,
 		},
 		{
 			description: "should fail because because error on lookup",