API call to retrieve information of wrong token returns error "400" instead of "401"
Summary
According to the Doorkeeper documentation linked in Retrieve the token information, if we put an incorrect token, the error response should be "401".
But, the error is "400"
Related ZenDesk ticket (GitLab internal): https://gitlab.zendesk.com/agent/tickets/254819
Steps to reproduce
- Use the commend
curl -v 'https://gitlab.com/oauth/token/info?access_token=ANYTHING'
Example Project
What is the current bug behavior?
Gitlab returns the error HTTP/2 400
What is the expected correct behavior?
Gitlab should return the error HTTP/2 401
Relevant logs and/or screenshots
Output of checks
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of: `sudo gitlab-rake gitlab:env:info`) (For installations from source run and paste the output of: `sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
Results of GitLab application Check
Expand for output related to the GitLab application check
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true
)(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true
)(we will only investigate if the tests are passing)