Bug 958464 - Report cause of 401 error from token server. r=ckarlof

services/common/tests/unit/test_tokenserverclient.js

@@ -335,15 +335,15 @@ add_test(function test_400_response() {
   });
 });
 
-add_test(function test_401_response() {
+add_test(function test_401_with_error_cause() {
-  _("Ensure HTTP 401 is converted to invalid-credentials.");
+  _("Ensure 401 cause is specified in body.status");
 
   let server = httpd_setup({
     "/1.0/foo/1.0": function(request, response) {
       response.setStatusLine(request.httpVersion, 401, "Unauthorized");
       response.setHeader("Content-Type", "application/json; charset=utf-8");
 
-      let body = "{}"; // Actual content may not be used.
+      let body = JSON.stringify({status: "no-soup-for-you"});
       response.bodyOutputStream.write(body, body.length);
     }
   });
@@ -354,7 +354,7 @@ add_test(function test_401_response() {
     do_check_neq(null, error);
     do_check_eq("TokenServerClientServerError", error.name);
     do_check_neq(null, error.response);
-    do_check_eq(error.cause, "invalid-credentials");
+    do_check_eq(error.cause, "no-soup-for-you");
 
     server.stop(run_next_test);
   });

services/common/tokenserverclient.js

@@ -326,8 +326,10 @@ TokenServerClient.prototype = {
         error.message = "Malformed request.";
         error.cause = "malformed-request";
       } else if (response.status == 401) {
+        // Cause can be invalid-credentials, invalid-timestamp, or
+        // invalid-generation.
         error.message = "Authentication failed.";
-        error.cause = "invalid-credentials";
+        error.cause = result.status;
       }
 
       // 403 should represent a "condition acceptance needed" response.