-
Stan Hu authored
When the API is called with a revoked or invalid token, the error handler did not properly return a `Rack::Response`, causing Grape to throw an error in the middleware. Instead of a 4xx error code, the client would receive a 500 error. We fix this by recreating the Rack::Response after the `Rack::OAuth2::Server::Abstract::Error#finish` call. The `yield` is intercepted by the superclass, so the API handler never got it. Relates to https://gitlab.com/gitlab-com/gl-infra/production/-/issues/2363
866e1518