From 4cfa6a09c6f6692f5513ff6e31f261a020d07068 Mon Sep 17 00:00:00 2001
From: Satya Boora <sboora@users.noreply.github.com>
Date: Tue, 10 Apr 2018 12:33:02 -0700
Subject: Use AuthenticationFailedRejection to send 401 back to the client
 (#151)

---
 src/main/scala/xyz/driver/core/rest/auth/AuthProvider.scala | 6 +++---
 src/test/scala/xyz/driver/core/AuthTest.scala               | 3 ++-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/main/scala/xyz/driver/core/rest/auth/AuthProvider.scala b/src/main/scala/xyz/driver/core/rest/auth/AuthProvider.scala
index 5ed98cc..82edcc7 100644
--- a/src/main/scala/xyz/driver/core/rest/auth/AuthProvider.scala
+++ b/src/main/scala/xyz/driver/core/rest/auth/AuthProvider.scala
@@ -53,9 +53,9 @@ abstract class AuthProvider[U <: User](val authorization: Authorization[U], log:
           s"User ${authCtx.authenticatedUser} does not have the required permissions: ${permissions.mkString(", ")}")
         reject(AuthenticationFailedRejection(CredentialsRejected, challenge))
       case Success(None) =>
-        log.warn(
-          s"Wasn't able to find authenticated user for the token provided to verify ${permissions.mkString(", ")}")
-        reject(ValidationRejection(s"Wasn't able to find authenticated user for the token provided"))
+        val challenge = HttpChallenges.basic("Failed to authenticate user")
+        log.warn(s"Failed to authenticate user to verify ${permissions.mkString(", ")}")
+        reject(AuthenticationFailedRejection(CredentialsRejected, challenge))
       case Failure(t) =>
         log.warn(s"Wasn't able to verify token for authenticated user to verify ${permissions.mkString(", ")}", t)
         reject(ValidationRejection(s"Wasn't able to verify token for authenticated user", Some(t)))
diff --git a/src/test/scala/xyz/driver/core/AuthTest.scala b/src/test/scala/xyz/driver/core/AuthTest.scala
index 6e5862a..a7707aa 100644
--- a/src/test/scala/xyz/driver/core/AuthTest.scala
+++ b/src/test/scala/xyz/driver/core/AuthTest.scala
@@ -79,7 +79,8 @@ class AuthTest extends FlatSpec with Matchers with ScalatestRouteTest {
       } ~>
       check {
         // handled shouldBe false
-        rejections should contain(ValidationRejection("Wasn't able to find authenticated user for the token provided"))
+        val challenge = HttpChallenges.basic("Failed to authenticate user")
+        rejections should contain(AuthenticationFailedRejection(CredentialsRejected, challenge))
       }
   }
 
-- 
cgit v1.2.3