Currently, OAuth2ErrorAuthenticationFailureHandler always returns 400 Bad Request for all OAuth2 errors. There are some OAuth2 error codes that have clearly more matching http status codes, for example "unauthorized_client" could return a 401 Unauthorized etc.
Currently,
OAuth2ErrorAuthenticationFailureHandler
always returns400 Bad Request
for all OAuth2 errors. There are some OAuth2 error codes that have clearly more matching http status codes, for example"unauthorized_client"
could return a401 Unauthorized
etc.Adresses https://github.com/spring-projects/spring-authorization-server/issues/1636.