[OAuth] return HTTP 401 if things go wrong
/oauth/token
should return HTTP 401
with error code instead of HTTP 500
if parameters are invalid (testcase: old version Cuckoo+ redirect users to OAuth authorize page without properly encoding client_id
, resulting padding characters missed in client_id
, and after authorized it POST
to /oauth/token
with complete client_id
that is not being authorized [and also improperly processed code
], and pleroma returns HTTP 500
instead of HTTP 401
with error
code unauthorized_client
or server_error
)