API: Requests to Org with incorrect token return empty array #24439
Description
Description
I have repos under organization that I am accessing via API.
If I provide the correct token via AuthorizationHeaderToken or AccessToken, and make a call to [/users/{username}/repos] I get list of repos that are not marked private. This is expected behavior and is fine.
But, if I put in an incorrect token in either AutorizationHeaderToken or AccessToken and make the same call, I get an empty array in the body. Instead I am expecting some kind of error message.
With incorrect username/password combination I get the correct error message with code 401 - Error: Unauthorized :
{
"message": "user does not exist [uid: 2, name: test, keyid: 0]",
"url": "https://dev.testsrv.com/api/swagger"
}
With incorrect token, I should expect an unauthorized error.
Gitea Version
1.19.1
Can you reproduce the bug on the Gitea demo site?
No
Log Gist
No response
Screenshots
No response
Git Version
No response
Operating System
ubuntu
How are you running Gitea?
On ubuntu desktop, private installation.
Database
None
Metadata
Metadata
Assignees
Type
Projects
Milestone
Relationships
Participants
Activity
Fix the error message when the token is incorrect (go-gitea#24439)
Fix the error message when the token is incorrect (#25701)
Fix the error message when the token is incorrect (go-gitea#25701)
Fix the error message when the token is incorrect (go-gitea#25701)
Fix the error message when the token is incorrect (#25701) (#25834)
Fix the error message when the token is incorrect (#25701) (#25836)
Fix the error message when the token is incorrect (go-gitea#25701) (g…