From 15f859d562c599b9e52fdfceeb4e29d803fa1b84 Mon Sep 17 00:00:00 2001
From: Kagami Sascha Rosylight <saschanaz@outlook.com>
Date: Thu, 15 Jun 2023 22:06:19 +0200
Subject: [PATCH] Return 403 from permission error

---
 packages/backend/src/server/oauth/OAuth2ProviderService.ts | 1 +
 packages/backend/test/e2e/oauth.ts                         | 3 +--
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/backend/src/server/oauth/OAuth2ProviderService.ts b/packages/backend/src/server/oauth/OAuth2ProviderService.ts
index c2a57adb3c..58b2c9afa2 100644
--- a/packages/backend/src/server/oauth/OAuth2ProviderService.ts
+++ b/packages/backend/src/server/oauth/OAuth2ProviderService.ts
@@ -84,6 +84,7 @@ interface ClientInformation {
 	name: string;
 }
 
+// https://indieauth.spec.indieweb.org/#client-information-discovery
 async function discoverClientInformation(httpRequestService: HttpRequestService, id: string): Promise<ClientInformation> {
 	try {
 		const res = await httpRequestService.send(id);
diff --git a/packages/backend/test/e2e/oauth.ts b/packages/backend/test/e2e/oauth.ts
index a9bdfae770..5cd4135fca 100644
--- a/packages/backend/test/e2e/oauth.ts
+++ b/packages/backend/test/e2e/oauth.ts
@@ -553,8 +553,7 @@ describe('OAuth', () => {
 				},
 				body: JSON.stringify({ text: 'test' }),
 			});
-			// XXX: PERMISSION_DENIED is not using kind: 'permission' and gives 400 instead of 403
-			assert.strictEqual(createResponse.status, 400);
+			assert.strictEqual(createResponse.status, 403);
 		});
 	});