WriteOAuth2Error writes an OAuth2-compliant error response per RFC 6749. This should be used for all OAuth2 endpoints (/oauth2/*) to ensure compliance.
(ctx context.Context, rw http.ResponseWriter, status int, errorCode codersdk.OAuth2ErrorCode, description string)
| 513 | // WriteOAuth2Error writes an OAuth2-compliant error response per RFC 6749. |
| 514 | // This should be used for all OAuth2 endpoints (/oauth2/*) to ensure compliance. |
| 515 | func WriteOAuth2Error(ctx context.Context, rw http.ResponseWriter, status int, errorCode codersdk.OAuth2ErrorCode, description string) { |
| 516 | // RFC 6749 §5.2: invalid_client SHOULD use 401 and MUST include a |
| 517 | // WWW-Authenticate response header. |
| 518 | if status == http.StatusUnauthorized && errorCode == codersdk.OAuth2ErrorCodeInvalidClient { |
| 519 | rw.Header().Set("WWW-Authenticate", `Basic realm="coder"`) |
| 520 | } |
| 521 | |
| 522 | Write(ctx, rw, status, codersdk.OAuth2Error{ |
| 523 | Error: errorCode, |
| 524 | ErrorDescription: description, |
| 525 | }) |
| 526 | } |
no test coverage detected