Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
3.0.0-milestone1, 2.7.8, 3.0.0-milestone2
-
None
-
Unknown
Description
Currently when I use non existing client_id on call I get response:
Response Code: 400
{ "error": "invalid_request", "error_description": "Client ID is invalid", "error_uri": null }
But by RFC it should be returned error=invalid_client
http://tools.ietf.org/html/rfc6749#section-5.2
Error is generated in that method:
org.apache.cxf.rs.security.oauth2.services.AccessTokenService.getClient(String)