EGO : All Admin access api's should not return HTTP 400 when api key is not provided or invalid and should return HTTP 401
Description
EGO : All Admin access api's should not return HTTP 400 when api key is not provided or invalid and should return HTTP 401. Also invalid jwt should return 401, valid jwt but wrong credentials (ie. not admin) should return 403
Expected Behaviour
All Admin access api's in ego should return HTTP 401 Unauthorized when api key is not provided or is invalid.
Actual Behaviour
All Admin access api's in ego is returning HTTP 400 Bad Request when an api key is not provided or is invalid.
EGO : All Admin access api's should not return HTTP 400 when api key is not provided or invalid and should return HTTP 401
Description
EGO : All Admin access api's should not return HTTP 400 when api key is not provided or invalid and should return HTTP 401. Also invalid jwt should return 401, valid jwt but wrong credentials (ie. not admin) should return 403
Expected Behaviour
All Admin access api's in ego should return HTTP 401 Unauthorized when api key is not provided or is invalid.
Actual Behaviour
All Admin access api's in ego is returning HTTP 400 Bad Request when an api key is not provided or is invalid.
Sample response { "timestamp": "2023-05-26T14:32:48.744+0000", "status": 400, "error": "Bad Request", "path": "/visa" }
Possible Fix
Need to compare with older ego version to check the difference in changes done during Spring version upgrade for OAuth2SecurityRequestResolver
Steps to Reproduce