Oauth2 Pre-step payment wrong error response treatment

[valb3r]

When using the latest Xs2a-Sandbox: https://github.com/adorsys/XS2A-Sandbox/releases/tag/4.8 and xs2a-adapter v0.1.8 OAuth2-prestep Payment raises the following exception:

de.adorsys.xs2a.adapter.api.exception.ErrorResponseException: {"tppMessages":[{"category":"ERROR","code":"UNAUTHORIZED","text":"Please retrieve token first from http://localhost:20015/oauth/authorization-server"}]}

This is a regression compared to adapter v0.0.9 and Sandbox v3.7 (it could be Sandbox issue as well). In older versions adapter v0.0.9 raised an exception with the error TOKEN_INVALID that was a clear OAuth2 error. Note that AIS in Pre-step works fine

Expectance: To have TOKEN_INVALID instead of UNAUTHORIZED as it was before in errorCode

[dashkok]

Hello Valentyn, This message is sent from XS2A core (connector) side, no Sandbox or Adapter. errorCode couldn't be TOKEN_INVALID since there is no token in the request. In specification, there is no specific appropriate message code for the case when the token is absent during oauth pre-step authorisation. According to Specification section 4.13.3, "In cases, where no message code is defined for an HTTP response code in Section 14.11, the additional error information is not used, since the messageCode is a mandatory subfield. In this case, the HTTP code gives sufficient information about the error situation." We consider that ASPSP might send the additional information for the TPP notification, as well as only HTTP code 401 Unauthorized. Please use the latest version of Sandbox 4.9 (5.8 develop).