Move challenge http status code logic

See: 3ea67df373/registry/handlers/app.go (L498)

Per the comment on line 498, this moves the logic of setting the http
status code into the serveJSON func, leaving the auth.Challenge.ServeHTTP()
func to just set the auth challenge header.

Signed-off-by: Doug Davis <dug@us.ibm.com>

registry/handlers/app.go

@@ -495,16 +495,7 @@ func (app *App) authorized(w http.ResponseWriter, r *http.Request, context *Cont
 	if err != nil {
 		switch err := err.(type) {
 		case auth.Challenge:
-			// NOTE(duglin):
-			// Since err.ServeHTTP will set the HTTP status code for us
-			// we need to set the content-type here.  The serveJSON
-			// func will try to do it but it'll be too late at that point.
-			// I would have have preferred to just have the auth.Challenge
-			// ServerHTTP func just add the WWW-Authenticate header and let
-			// serveJSON set the HTTP status code and content-type but I wasn't
-			// sure if that's an ok design change. STEVVOOE ?
-			w.Header().Set("Content-Type", "application/json; charset=utf-8")
-
+			// Add the appropriate WWW-Auth header
 			err.ServeHTTP(w, r)
 
 			var errs errcode.Errors