From 66001f0a6c59079de0e43d3118dbe36140b21fcf Mon Sep 17 00:00:00 2001
From: Javier Sánchez Parra <jsanchez@soleta.eu>
Date: Tue, 9 Jul 2019 13:26:20 +0200
Subject: #915 returns 401 when incorrect authentication happens

ogAdmServer REST API now meets the starndar RFC 7235 when incorrect auth
happens.

og_client_not_authorized() now sends "401 Unauthorized" and
"WWW-Authenticate" instead of 404.
---
 sources/ogAdmServer.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'sources/ogAdmServer.cpp')

diff --git a/sources/ogAdmServer.cpp b/sources/ogAdmServer.cpp
index 1a55554..91765af 100644
--- a/sources/ogAdmServer.cpp
+++ b/sources/ogAdmServer.cpp
@@ -3929,7 +3929,9 @@ static int og_client_not_found(struct og_client *cli)
 
 static int og_client_not_authorized(struct og_client *cli)
 {
-	char buf[] = "HTTP/1.1 404 Unauthorized\r\nContent-Length: 0\r\n\r\n";
+	char buf[] = "HTTP/1.1 401 Unauthorized\r\n"
+		     "WWW-Authenticate: Basic\r\n"
+		     "Content-Length: 0\r\n\r\n";
 
 	send(og_client_socket(cli), buf, strlen(buf), 0);
 
-- 
cgit v1.2.3-18-g5258