From cb9f319e1187c47cf22d2f77d1b5e785f14a98ff Mon Sep 17 00:00:00 2001
From: Neil Alexander <neilalexander@users.noreply.github.com>
Date: Fri, 18 Dec 2020 14:36:43 +0000
Subject: [PATCH] Return unauthorised instead of forbidden

---
 clientapi/routing/register.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/clientapi/routing/register.go b/clientapi/routing/register.go
index c0fceaef7..820c74846 100644
--- a/clientapi/routing/register.go
+++ b/clientapi/routing/register.go
@@ -590,7 +590,10 @@ func handleRegistrationFlow(
 	// TODO: email / msisdn auth types.
 	accessToken, accessTokenErr := auth.ExtractAccessToken(req)
 	if accessTokenErr != nil {
-		return util.MessageResponse(http.StatusForbidden, "Access token error: "+accessTokenErr.Error())
+		return util.JSONResponse{
+			Code: http.StatusUnauthorized,
+			JSON: jsonerror.MissingToken(accessTokenErr.Error()),
+		}
 	}
 
 	// Appservices are special and are not affected by disabled