From 15f859d562c599b9e52fdfceeb4e29d803fa1b84 Mon Sep 17 00:00:00 2001 From: Kagami Sascha Rosylight Date: Thu, 15 Jun 2023 22:06:19 +0200 Subject: [PATCH] Return 403 from permission error --- packages/backend/src/server/oauth/OAuth2ProviderService.ts | 1 + packages/backend/test/e2e/oauth.ts | 3 +-- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/backend/src/server/oauth/OAuth2ProviderService.ts b/packages/backend/src/server/oauth/OAuth2ProviderService.ts index c2a57adb3..58b2c9afa 100644 --- a/packages/backend/src/server/oauth/OAuth2ProviderService.ts +++ b/packages/backend/src/server/oauth/OAuth2ProviderService.ts @@ -84,6 +84,7 @@ interface ClientInformation { name: string; } +// https://indieauth.spec.indieweb.org/#client-information-discovery async function discoverClientInformation(httpRequestService: HttpRequestService, id: string): Promise { try { const res = await httpRequestService.send(id); diff --git a/packages/backend/test/e2e/oauth.ts b/packages/backend/test/e2e/oauth.ts index a9bdfae77..5cd4135fc 100644 --- a/packages/backend/test/e2e/oauth.ts +++ b/packages/backend/test/e2e/oauth.ts @@ -553,8 +553,7 @@ describe('OAuth', () => { }, body: JSON.stringify({ text: 'test' }), }); - // XXX: PERMISSION_DENIED is not using kind: 'permission' and gives 400 instead of 403 - assert.strictEqual(createResponse.status, 400); + assert.strictEqual(createResponse.status, 403); }); });