diff --git a/bascule/basculehttp/constructor.go b/bascule/basculehttp/constructor.go index a30b64e..b004172 100644 --- a/bascule/basculehttp/constructor.go +++ b/bascule/basculehttp/constructor.go @@ -58,7 +58,7 @@ func (c *constructor) decorate(next http.Handler) http.Handler { if err != nil { logger.Log(level.Key(), level.ErrorValue(), bascule.ErrorKey, err.Error(), "key", key, "auth", authorization[i+1:]) - WriteResponse(response, http.StatusUnauthorized, err) + WriteResponse(response, http.StatusForbidden, err) return } diff --git a/bascule/basculehttp/constructor_test.go b/bascule/basculehttp/constructor_test.go index 94bbae8..f87b90c 100644 --- a/bascule/basculehttp/constructor_test.go +++ b/bascule/basculehttp/constructor_test.go @@ -65,7 +65,7 @@ func TestConstructor(t *testing.T) { constructor: c, requestHeaderKey: testHeader, requestHeaderValue: "Basic AFJDK", - expectedStatusCode: http.StatusUnauthorized, + expectedStatusCode: http.StatusForbidden, }, } for _, tc := range tests { diff --git a/bascule/basculehttp/enforcer.go b/bascule/basculehttp/enforcer.go index d0627b2..7be09ab 100644 --- a/bascule/basculehttp/enforcer.go +++ b/bascule/basculehttp/enforcer.go @@ -64,7 +64,7 @@ func (e *enforcer) decorate(next http.Handler) http.Handler { } } logger.Log(append(emperror.Context(err), level.Key(), level.ErrorValue(), bascule.ErrorKey, errs)...) - WriteResponse(response, http.StatusUnauthorized, err) + WriteResponse(response, http.StatusForbidden, err) return } } diff --git a/bascule/basculehttp/enforcer_test.go b/bascule/basculehttp/enforcer_test.go index 37a2f9c..eeec86f 100644 --- a/bascule/basculehttp/enforcer_test.go +++ b/bascule/basculehttp/enforcer_test.go @@ -64,7 +64,7 @@ func TestEnforcer(t *testing.T) { Authorization: "jwt", Token: bascule.NewToken("", "", bascule.Attributes{}), }, - expectedStatusCode: http.StatusUnauthorized, + expectedStatusCode: http.StatusForbidden, }, } for _, tc := range tests {