fix(key-auth) more accurate response when no key

From Kong#2502
pianoflu · May 5, 2017 · 491cbb4 · 491cbb4
1 parent d3e9071
commit 491cbb4
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 4 deletions.
diff --git a/kong/plugins/key-auth/handler.lua b/kong/plugins/key-auth/handler.lua
@@ -114,8 +114,7 @@ local function do_authentication(conf)
   -- this request is missing an API key, HTTP 401
   if not key then
     ngx.header["WWW-Authenticate"] = _realm
-    return false, {status = 401, message = "No API key found in headers"
-                                          .." or querystring"}
+    return false, { status = 401, message = "No API key found in request" }
   end
 
   -- retrieve our consumer linked to this API key

diff --git a/spec/03-plugins/10-key-auth/02-access_spec.lua b/spec/03-plugins/10-key-auth/02-access_spec.lua
@@ -113,7 +113,7 @@ describe("Plugin: key-auth (access)", function()
       })
       local body = assert.res_status(401, res)
       local json = cjson.decode(body)
-      assert.same({ message = "No API key found in headers or querystring" }, json)
+      assert.same({ message = "No API key found in request" }, json)
     end)
     it("returns WWW-Authenticate header on missing credentials", function()
       local res = assert(client:send {
@@ -222,7 +222,7 @@ describe("Plugin: key-auth (access)", function()
       })
       local body = assert.res_status(401, res)
       local json = cjson.decode(body)
-      assert.same({ message = "No API key found in headers or querystring" }, json)
+      assert.same({ message = "No API key found in request" }, json)
     end)
   end)