From d3de03596113ea62df42b3a19c04dbc856692965 Mon Sep 17 00:00:00 2001
From: Pascal Fischer <pascal@netbird.io>
Date: Sat, 1 Apr 2023 11:04:21 +0200
Subject: [PATCH] error responses always lower case + duplicate error response
 fix

---
 management/server/http/middleware/auth_middleware.go | 8 +++-----
 management/server/http/util/util.go                  | 3 ++-
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/management/server/http/middleware/auth_middleware.go b/management/server/http/middleware/auth_middleware.go
index c3f9361dd..a8c81012a 100644
--- a/management/server/http/middleware/auth_middleware.go
+++ b/management/server/http/middleware/auth_middleware.go
@@ -58,7 +58,7 @@ func (m *AuthMiddleware) Handler(h http.Handler) http.Handler {
 			err := m.CheckJWTFromRequest(w, r)
 			if err != nil {
 				log.Debugf("Error when validating JWT claims: %s", err.Error())
-				util.WriteError(status.Errorf(status.Unauthorized, "Token invalid"), w)
+				util.WriteError(status.Errorf(status.Unauthorized, "token invalid"), w)
 				return
 			}
 			h.ServeHTTP(w, r)
@@ -66,12 +66,12 @@ func (m *AuthMiddleware) Handler(h http.Handler) http.Handler {
 			err := m.CheckPATFromRequest(w, r)
 			if err != nil {
 				log.Debugf("Error when validating PAT claims: %s", err.Error())
-				util.WriteError(status.Errorf(status.Unauthorized, "Token invalid"), w)
+				util.WriteError(status.Errorf(status.Unauthorized, "token invalid"), w)
 				return
 			}
 			h.ServeHTTP(w, r)
 		default:
-			util.WriteError(status.Errorf(status.Unauthorized, "No valid authentication provided"), w)
+			util.WriteError(status.Errorf(status.Unauthorized, "no valid authentication provided"), w)
 			return
 		}
 	})
@@ -115,11 +115,9 @@ func (m *AuthMiddleware) CheckPATFromRequest(w http.ResponseWriter, r *http.Requ
 
 	account, user, pat, err := m.getAccountFromPAT(token)
 	if err != nil {
-		util.WriteError(status.Errorf(status.Unauthorized, "Token invalid"), w)
 		return fmt.Errorf("invalid Token: %w", err)
 	}
 	if time.Now().After(pat.ExpirationDate) {
-		util.WriteError(status.Errorf(status.Unauthorized, "Token expired"), w)
 		return fmt.Errorf("token expired")
 	}
 
diff --git a/management/server/http/util/util.go b/management/server/http/util/util.go
index c40daa1a3..407443251 100644
--- a/management/server/http/util/util.go
+++ b/management/server/http/util/util.go
@@ -5,6 +5,7 @@ import (
 	"errors"
 	"fmt"
 	"net/http"
+	"strings"
 	"time"
 
 	log "github.com/sirupsen/logrus"
@@ -99,7 +100,7 @@ func WriteError(err error, w http.ResponseWriter) {
 			httpStatus = http.StatusUnauthorized
 		default:
 		}
-		msg = err.Error()
+		msg = strings.ToLower(err.Error())
 	} else {
 		unhandledMSG := fmt.Sprintf("got unhandled error code, error: %s", err.Error())
 		log.Error(unhandledMSG)