From ae4a5fc870c7f6dcd772bf75844909d7ddf07aca Mon Sep 17 00:00:00 2001
From: Wesley Willians <wesleywillians@gmail.com>
Date: Tue, 15 Sep 2015 18:09:25 -0300
Subject: [PATCH] - Changing from 'expired_token' to 'invalid_token' even token
 has expired. Following http://tools.ietf.org/html/rfc6750#section-6.2.2

---
 src/OAuth2/Controller/ResourceController.php      | 2 +-
 test/OAuth2/Controller/ResourceControllerTest.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/OAuth2/Controller/ResourceController.php b/src/OAuth2/Controller/ResourceController.php
index e8588188f..3cfaaaf12 100644
--- a/src/OAuth2/Controller/ResourceController.php
+++ b/src/OAuth2/Controller/ResourceController.php
@@ -83,7 +83,7 @@ public function getAccessTokenData(RequestInterface $request, ResponseInterface
             } elseif (!isset($token["expires"]) || !isset($token["client_id"])) {
                 $response->setError(401, 'malformed_token', 'Malformed token (missing "expires")');
             } elseif (time() > $token["expires"]) {
-                $response->setError(401, 'expired_token', 'The access token provided has expired');
+                $response->setError(401, 'invalid_token', 'The access token provided has expired');
             } else {
                 return $token;
             }
diff --git a/test/OAuth2/Controller/ResourceControllerTest.php b/test/OAuth2/Controller/ResourceControllerTest.php
index ee6d96ff8..ca602939a 100644
--- a/test/OAuth2/Controller/ResourceControllerTest.php
+++ b/test/OAuth2/Controller/ResourceControllerTest.php
@@ -100,7 +100,7 @@ public function testExpiredToken()
         $this->assertFalse($allow);
 
         $this->assertEquals($response->getStatusCode(), 401);
-        $this->assertEquals($response->getParameter('error'), 'expired_token');
+        $this->assertEquals($response->getParameter('error'), 'invalid_token');
         $this->assertEquals($response->getParameter('error_description'), 'The access token provided has expired');
     }