From 5b279cc9ccc0be04c758b7081e11bbb6ae095290 Mon Sep 17 00:00:00 2001
From: "hardy.mansen@unibet.com" <mazone@gmail.com>
Date: Thu, 26 Nov 2015 20:28:12 +0100
Subject: [PATCH] rfc6750 compability

---
 nginx-jwt.lua | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/nginx-jwt.lua b/nginx-jwt.lua
index ee088d3..5609147 100644
--- a/nginx-jwt.lua
+++ b/nginx-jwt.lua
@@ -113,8 +113,8 @@ function M.auth(claim_specs)
             ngx.log(ngx.WARN, "User did not satisfy claim: ".. blocking_claim)
             
             -- https://tools.ietf.org/html/rfc6750#section-3.1
-            if claim == "scope" then
-                ngx.header["WWW-Authenticate"] = 'Bearer error="insufficient_scope",' .. claim .. '=' .. spec
+            if blocking_claim == "scope" then
+                ngx.header["WWW-Authenticate"] = 'Bearer error="insufficient_scope",' .. blocking_claim .. '=' .. blocking_spec
                 ngx.exit(ngx.HTTP_FORBIDDEN)
             end
             ngx.exit(ngx.HTTP_UNAUTHORIZED)