From 5144e96e2cc6de8e85f550f419975975b4b64fab Mon Sep 17 00:00:00 2001
From: Teoh Han Hui <teohhanhui@gmail.com>
Date: Fri, 28 Aug 2015 05:30:33 +0000
Subject: [PATCH] Add WWW-Authenticate response header on 401

---
 Security/Firewall/JWTListener.php          | 1 +
 Security/Http/EntryPoint/JWTEntryPoint.php | 5 ++++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/Security/Firewall/JWTListener.php b/Security/Firewall/JWTListener.php
index 2adebe16..7d436beb 100644
--- a/Security/Firewall/JWTListener.php
+++ b/Security/Firewall/JWTListener.php
@@ -83,6 +83,7 @@ public function handle(GetResponseEvent $event)
 
             $response = new Response();
             $response->setStatusCode(401);
+            $response->headers->set('WWW-Authenticate', 'Bearer');
             $event->setResponse($response);
         }
     }
diff --git a/Security/Http/EntryPoint/JWTEntryPoint.php b/Security/Http/EntryPoint/JWTEntryPoint.php
index ea29b542..33bba7c5 100644
--- a/Security/Http/EntryPoint/JWTEntryPoint.php
+++ b/Security/Http/EntryPoint/JWTEntryPoint.php
@@ -26,6 +26,9 @@ public function start(Request $request, AuthenticationException $authException =
             'message' => 'Invalid credentials',
         );
 
-        return new JsonResponse($data, $statusCode);
+        $response = new JsonResponse($data, $statusCode);
+        $response->headers->set('WWW-Authenticate', 'Bearer');
+
+        return $response;
     }
 }