code cleaning

internal/api/handler/repo/http_git.go

@@ -62,6 +62,10 @@ func GetInfoRefs(client gitrpc.Interface, repoStore store.RepoStore, authorizer
 				basicAuth(w, accountID)
 				return
 			}
+			if errors.Is(err, apiauth.ErrNotAuthorized) {
+				http.Error(w, err.Error(), http.StatusForbidden)
+				return
+			}
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
@@ -96,6 +100,10 @@ func GetUploadPack(client gitrpc.Interface, urlProvider *url.Provider,
 
 		if err := serviceRPC(w, r, client, urlProvider, repoStore, authorizer, service, false,
 			enum.PermissionRepoView, true); err != nil {
+			if errors.Is(err, apiauth.ErrNotAuthorized) {
+				http.Error(w, err.Error(), http.StatusForbidden)
+				return
+			}
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
@@ -113,7 +121,6 @@ func PostReceivePack(client gitrpc.Interface, urlProvider *url.Provider,
 				basicAuth(w, authError.AccountID)
 				return
 			}
-
 			if errors.Is(err, apiauth.ErrNotAuthorized) {
 				http.Error(w, err.Error(), http.StatusForbidden)
 				return

internal/auth/authn/authenticator.go

@@ -15,7 +15,7 @@ var (
 	// ErrNoAuthData that is returned if the authorizer doesn't find any data in the request that can be used for auth.
 	ErrNoAuthData = errors.New("the request doesn't contain any auth data that can be used by the Authorizer")
 	// ErrNotAcceptedAuthData that is returned if the request is using an auth data that is not accepted by the authorizer.
-	// e.g, don't accept jwt (without allowedURI field) for git clone/pull request.
+	// e.g, don't accept jwt (without allowedResources field) for git clone/pull request.
 	ErrNotAcceptedAuthMethod = errors.New("the request contains auth method that is not accepted by the Authorizer")
 )