Have latest Doorkeeper return 401 for unauthorized (reinstate old behaviour)

In the upgrade docs there's a note about the default response status moving from 401 to 400 (https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions#api-changes-2).

This is going to break my clients until we can get them to upgrade (/handle both cases in the short term).

How can I reinstate the 401 response until such a time as my clients can update?

Thanks!

Solution

You can check the changes made in https://github.com/doorkeeper-gem/doorkeeper/pull/1202/files and try to patch Doorkeeper::OAuth::ErrorResponse to return status you need. Then when you would be ready to migrate - just remove the patch. All you need is to overrida status method. Also check InvalidTokenResponse class, maybe you need to patch it too.

There is no built-in option to switch status code in DOorkeeper so you can only patch its' internals.

Exchanging a google idToken for local openId token c#
Curl error 60, SSL certificate issue: self signed certificate in certificate chain
Keycloak + SPA as client (Vue) + Spring Cloud Gateway as resource server + Spring Boot Microservices
oAuth: How to integrate Twitter and LinkedIn in the same app?
How can I download a single raw file from a private github repo using the command line?
How do you access the result structure returned with cfoauth?
SSO not working in iOS when using AWS Cognito and Azure AD
In JWT Authentication in .NET 7, how can a "validated" token be "missing"?
Use CakePHP Http Client with Magento2 rest API search criteria
GitLab OAuth access token validity
How to get access Token from Amadesu API on Python
Difficulty setting up Oauth, Error (400): invalid_scope
Microsoft OAuth authorization code flow CORS
Allowing Cognito non verified users to sign in?
How to start using OAuth in Silverlight
Getting invalid_scope when attempting to obtain a refresh token via the Google API
OAuth2AuthenticationException: [invalid_client] when try sign in with Apple in Spring Boot application
JWT (Json Web Token) Audience "aud" versus Client_Id - What's the difference?
Relationship between Google Identity Services - Sign In with Google and User Authorization for Google APIs
How to list all contacts of email without the Oauth API?
Why Both Web and Android Client IDs needed for Google authn using Supabase on Flutter?
Keycloak - Assign a client scope to user with a specific role
Endless troubles with next-auth v4 and FacebookProvider
Is there any way to check if oauth token is expired or not?
How can an Accelo Web Application determine the 'staff ID' of the logged-in user?
Why is my user anonymous after logging in by OAuth2 with Spring Boot?
"Could not authenticate you." -error when using Twitter OAuth
ID token and access token handling
How to logout using OAuth2 Facebook client flow?
Error: ErrImagePull : failed to fetch oauth token: unexpected status: 403 Forbidden while creating kubernetes deployment on Google Cloud