Wrong bearer token returns HTML result

scaphold-io / scaphold-issues

Post issues that you find on Scaphold here. Post anything about the platform, docs, boilerplates, etc... Happy Scapholding!

3 stars 0 forks source link

Wrong bearer token returns HTML result #29

Open martinheidegger opened 7 years ago

martinheidegger commented 7 years ago

Both the management and regular graphql endpoints return HTML code if the bearer token is incorrect. It should always return JSON code on an error on the endpoint:

curl -H "Content-type: application/json" -H "Authorization: Bearer X" -d '{"query":"query { checkHealth { healthy } }"}' https://us-west-2.api.scaphold.io/management

vning93 commented 7 years ago

Looks like it's just if the incorrect Authorization header is there. If there's no auth header, then it does return JSON. If you have an incorrect token, then you must send it without an Authorization header.

martinheidegger commented 7 years ago

Yes, it works if the Authorization header is missing. However: I would like to process the error (in case the authorization is wrong) with on a JSON basis and not a HTML response. (it breaks my graphql library: showing a JSON error...)