Fix OAuth2 Error Code

Closes gh-10319
2021-09-28 13:24:51 -06:00 · 2021-09-28 13:24:51 -06:00 · dc95d8d705
parent 31cc0b856e
commit dc95d8d705
2 changed files with 3 additions and 1 deletions
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtTimestampValidator.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtTimestampValidator.java
@ -95,7 +95,7 @@ public final class JwtTimestampValidator implements OAuth2TokenValidator<Jwt> {
 	private OAuth2Error createOAuth2Error(String reason) {
 		logger.debug(reason);
 		return new OAuth2Error(
-				OAuth2ErrorCodes.INVALID_REQUEST,
+				OAuth2ErrorCodes.INVALID_TOKEN,
 				reason,
 				"https://tools.ietf.org/html/rfc6750#section-3.1");
 	}
--- a/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/JwtTimestampValidatorTests.java
+++ b/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/JwtTimestampValidatorTests.java
@ -27,6 +27,7 @@ import java.util.stream.Collectors;
 import org.junit.Test;

 import org.springframework.security.oauth2.core.OAuth2Error;
+import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
 import org.springframework.security.oauth2.core.OAuth2TokenValidatorResult;
 import org.springframework.security.oauth2.jose.jws.JwsAlgorithms;

@ -109,6 +110,7 @@ public class JwtTimestampValidatorTests {
 				result.getErrors().stream().map(OAuth2Error::getDescription).collect(Collectors.toList());

 		assertThat(result.hasErrors()).isTrue();
+		assertThat(result.getErrors().iterator().next().getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_TOKEN);
 		assertThat(messages).contains("Jwt used before " + justOverOneDayFromNow);

 	}