ego icon indicating copy to clipboard operation
ego copied to clipboard
verified publisher icon overture-stack

check_api_key operation is not returning 401 error code in expired apiKeys

Open leoraba opened this issue 2 years ago • 0 comments

Description

Operation POST /o/check_api_key is expected to check if an apiKey is valid or not. It should return an error whenever an apiKey is not valid or is expired.

Expected Behaviour

Returns a 401 Unauthorized when using an expired apiKey

Actual Behaviour

returns a 200 OK with exp field 0 e.g. { "user_name": "[email protected]", "client_id": "song", **"exp": 0**, "scope": [ "song.READ", "song.WRITE" ] }

leoraba avatar Aug 04 '23 19:08 leoraba