commit f1a373ffb176e79bfe5d495fd3f1341c30fe6292
parent add4a4f3ccaf8276faad72dac17db97415fd0c9e
Author: Christian Grothoff <grothoff@gnunet.org>
Date: Thu, 9 Jul 2026 21:05:10 +0200
fix WWW-Authenticate header
Diffstat:
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/challenger/challenger-httpd_common.c b/src/challenger/challenger-httpd_common.c
@@ -169,11 +169,19 @@ CH_reply_with_oauth_error (
GNUNET_JSON_pack_string ("detail",
detail))));
if (MHD_HTTP_UNAUTHORIZED == http_status)
+ {
+ char *www_auth;
+
+ GNUNET_asprintf (&www_auth,
+ "Bearer error=\"%s\"",
+ oauth_error);
GNUNET_break (MHD_YES ==
MHD_add_response_header (
resp,
"WWW-Authenticate",
- "Bearer, error=\"invalid_token\""));
+ www_auth));
+ GNUNET_free (www_auth);
+ }
mret = MHD_queue_response (connection,
http_status,
resp);
diff --git a/src/challenger/challenger-httpd_token.c b/src/challenger/challenger-httpd_token.c
@@ -355,7 +355,6 @@ CH_handler_token (struct CH_HandlerContext *hc,
return MHD_NO;
case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
GNUNET_break_op (0);
- /* FIXME: RFC 6749 $5.2 mandates adding WWW-Authenticate header */
return CH_reply_with_oauth_error (
hc->connection,
MHD_HTTP_UNAUTHORIZED,
@@ -370,7 +369,6 @@ CH_handler_token (struct CH_HandlerContext *hc,
bc->redirect_uri)) )
{
GNUNET_break_op (0);
- /* FIXME: RFC 6749 $5.2 mandates adding WWW-Authenticate header */
return CH_reply_with_oauth_error (
hc->connection,
MHD_HTTP_UNAUTHORIZED,