diff --git a/src/LucaDegasperi/OAuth2Server/Filters/OAuthFilter.php b/src/LucaDegasperi/OAuth2Server/Filters/OAuthFilter.php index fd40dfcf..dcee9df9 100644 --- a/src/LucaDegasperi/OAuth2Server/Filters/OAuthFilter.php +++ b/src/LucaDegasperi/OAuth2Server/Filters/OAuthFilter.php @@ -21,10 +21,10 @@ public function filter() ResourceServer::isValid(Config::get('lucadegasperi/oauth2-server-laravel::oauth2.http_headers_only')); } catch (\League\OAuth2\Server\Exception\InvalidAccessTokenException $e) { return Response::json(array( - 'status' => 403, - 'error' => 'forbidden', + 'status' => 401, + 'error' => 'unauthorized', 'error_message' => $e->getMessage(), - ), 403); + ), 401); } if (func_num_args() > 2) { diff --git a/tests/OAuthFilterTest.php b/tests/OAuthFilterTest.php index e8907d94..eb8c7958 100644 --- a/tests/OAuthFilterTest.php +++ b/tests/OAuthFilterTest.php @@ -26,7 +26,7 @@ public function test_invalid_filter_with_no_scope() $response = $this->getFilter()->filter('', ''); $this->assertTrue($response instanceof Illuminate\Http\JsonResponse); - $this->assertTrue($response->isForbidden()); + $this->assertEquals('401', $response->getStatusCode()); }