From fdcee854c53f7f35e69cbdb01bce8158a172175e Mon Sep 17 00:00:00 2001
From: Benjamin Armintor <armintor@gmail.com>
Date: Fri, 17 Jan 2025 13:40:51 -0500
Subject: [PATCH] IIIF Auth2 requires probe responses to have HTTP status 200,
 regardless of effective status in the response DLC-1177

---
 app/controllers/concerns/iiif/authz/v2/bytestreams.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/controllers/concerns/iiif/authz/v2/bytestreams.rb b/app/controllers/concerns/iiif/authz/v2/bytestreams.rb
index 7727950a..5172864f 100644
--- a/app/controllers/concerns/iiif/authz/v2/bytestreams.rb
+++ b/app/controllers/concerns/iiif/authz/v2/bytestreams.rb
@@ -56,8 +56,8 @@ def probe
     probe_response = Iiif::Authz::V2::ProbeService::Response.new(
       document: @document, bytestream_id: params[:bytestream_id], ability_helper: self, route_helper: self,
       remote_ip: remote_ip, authorization: request.headers['Authorization']).to_h
-    response_status = (probe_response[:status].to_i < 400) ? 200 : probe_response[:status].to_i
-    render json: probe_response, status: response_status
+    # IIIF Auth2 requires probe responses to have HTTP status 200, regardless of effective status in the response
+    render json: probe_response, status: 200
   end
 
   # IIIF Authorization 2.0 Access Service