POST /releases should return 4xx with bad credentials instead of 5xx

Question

POST /releases should return 4xx with bad credentials instead of 5xx

Closed this issue a year ago · 1 comments

When using the API, when I provide my Github username and expired PAT to POST https://api.spring.io/projects/spring-ldap/releases

I receive a 500 error like this:

{
"timestamp": "2023-04-25T20:24:56.931+00:00",
"status": 500,
"error": "Internal Server Error",
"path": "/projects/spring-ldap/releases"
}
I think it would be more informative if that were a 401 instead if the creds are expired and a 403 if the creds are valid, but insufficient to perform the action.

Answer 1 · 2023-04-28T18:46:12.000Z

In case of creds not being sufficient, a 403 is already returned. This happens because the github API returns a 404 membership not found, which results in the admin role not being granted and causes a 403.