use FORBIDDEN, never UNAUTHORIZED

src/include/taler_error_codes.h

@@ -929,7 +929,7 @@ enum TALER_ErrorCode
   /**
    * The given coin signature is invalid for the request.
    * This response is provided with an
-   * HTTP status code of MHD_HTTP_UNAUTHORIZED.
+   * HTTP status code of MHD_HTTP_FORBIDDEN.
    */
   TALER_EC_PAYBACK_SIGNATURE_INVALID = 1851,
 
@@ -1905,7 +1905,7 @@ enum TALER_ErrorCode
    * The signature provided in the "Sync-Signature" header
    * does not match the account, old or new Etags.
    * This response is provided with HTTP status code
-   * MHD_HTTP_UNAUTHORIZED.
+   * MHD_HTTP_FORBIDDEN.
    */
   TALER_EC_SYNC_INVALID_SIGNATURE = 6007,
 

src/lib/test_exchange_api_twisted.c

@@ -16,9 +16,8 @@
   License along with TALER; see the file COPYING.  If not, see
   <http://www.gnu.org/licenses/>
 */
-
 /**
- * @file exchange/test_exchange_api_twister.c
+ * @file exchange/test_exchange_api_twisted.c
  * @brief testcase to test exchange's HTTP API interface
  * @author Marcello Stanisci
  * @author Sree Harsha Totakura <sreeharsha@totakura.in>
@@ -262,7 +261,7 @@ run (void *cls,
 
     TALER_TESTING_cmd_refund
       ("refund-bad-sig",
-      MHD_HTTP_UNAUTHORIZED,
+      MHD_HTTP_FORBIDDEN,
       "EUR:5",
       "EUR:0.01",
       "deposit-refund-1"),