I'm implementing Oauth2 in SpringBoot RestFul API. Everything is working fine except when I use the wrong password getting error response:
Status : 400Bad Request
{
"error": "invalid_grant",
"error_description": "Bad credentials"
}
But I'm excepting like this:
Status : 401 Unauthorized
{
"error": "unauthorized",
"error_description": "Invalid username/password combination"
}
A 401 status would be returned if your authorization credentials are incorrect. This would be your basic auth username and password (in Postman Authorization tab), which appears were unchanged.
A 400 status is returned because the validation of the request's body parameters (username, password) fails to find a match. (ie. Bad credentials were supplied.) It's like other requests where a required parameter is not submitted or formatted correctly. Your request passes the oauth server's basic authorization for the login endpoint. It would be confusing and incorrect if both scenarios returned a 401 status.400 status
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.