diff --git a/lib/auth_web/controllers/auth_controller.ex b/lib/auth_web/controllers/auth_controller.ex
index 70e45cdd..874a5258 100644
--- a/lib/auth_web/controllers/auth_controller.ex
+++ b/lib/auth_web/controllers/auth_controller.ex
@@ -57,10 +57,10 @@ defmodule AuthWeb.AuthController do
       true -> # redirect
         case get_client_secret_from_state(state) do
           0 ->
-            IO.inspect("client_secret is 0 (error)")
+            # IO.inspect("client_secret is 0 (error)")
             unauthorized(conn)
           secret ->
-            IO.inspect(secret, label: "secret")
+            # IO.inspect(secret, label: "secret")
             conn
             |> redirect(external: add_jwt_url_param(person, state, secret))
         end
@@ -74,8 +74,10 @@ defmodule AuthWeb.AuthController do
   end
 
   defp unauthorized(conn) do
+    # IO.inspect(conn)
     conn
-    |> put_resp_header("www-authenticate", "Bearer realm=\"Person access\"")
+    # |> put_resp_header("www-authenticate", "Bearer realm=\"Person access\"")
+    |> put_resp_content_type("text/html")
     |> send_resp(401, "invalid client_id")
     |> halt()
   end
diff --git a/test/auth_web/controllers/apikey_controller_test.exs b/test/auth_web/controllers/apikey_controller_test.exs
index c6726e68..c8030065 100644
--- a/test/auth_web/controllers/apikey_controller_test.exs
+++ b/test/auth_web/controllers/apikey_controller_test.exs
@@ -44,6 +44,16 @@ defmodule AuthWeb.ApikeyControllerTest do
       assert decrypted == person_id
     end
 
+    test "decode_decrypt/1 with invalid client_id" do
+      valid_key = AuthWeb.ApikeyController.encrypt_encode(1)
+      person_id = AuthWeb.ApikeyController.decode_decrypt(valid_key)
+      assert person_id == 1
+
+      invalid_key = String.slice(valid_key, 0..-2)
+      error = AuthWeb.ApikeyController.decode_decrypt(invalid_key)
+      assert error == 0
+    end
+
     property "Check a batch of int values can be decoded decode_decrypt/1" do
       check all(int <- integer()) do
         assert decode_decrypt(encrypt_encode(int)) == int
diff --git a/test/auth_web/controllers/auth_controller_test.exs b/test/auth_web/controllers/auth_controller_test.exs
index 793595c9..7b1a16ff 100644
--- a/test/auth_web/controllers/auth_controller_test.exs
+++ b/test/auth_web/controllers/auth_controller_test.exs
@@ -52,14 +52,13 @@ defmodule AuthWeb.AuthControllerTest do
     # assert html_response(conn, 302) =~ "redirected"
   end
 
-  test "decode_decrypt/1 with invalid client_id" do
-    valid_key = AuthWeb.ApikeyController.encrypt_encode(1)
-    person_id = AuthWeb.ApikeyController.decode_decrypt(valid_key)
-    assert person_id == 1
-
-    invalid_key = String.slice(valid_key, 0..-2)
-    error = AuthWeb.ApikeyController.decode_decrypt(invalid_key)
-    assert error == 0
+  test "google_handler/2 with invalid client_id", %{conn: conn} do
+    invalid_key = String.slice(AuthPlug.Token.client_id(), 0..-2)
+    conn = get(conn, "/auth/google/callback",
+      %{code: "234", state: "www.example.com" <>
+      "&client_id=" <> invalid_key })
+    # assert html_response(conn, 200) =~ "google account"
+    assert html_response(conn, 401) =~ "invalid client_id"
   end