Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Symfony FOSRestBundle redirecting to login on 401 Exceptions since upgrade #1848

Closed
fabienchn-zz opened this issue Jan 19, 2018 · 9 comments
Closed

Symfony FOSRestBundle redirecting to login on 401 Exceptions since upgrade #1848

fabienchn-zz opened this issue Jan 19, 2018 · 9 comments

Comments

@fabienchn-zz
Copy link

fabienchn-zz commented Jan 19, 2018
edited
Loading

I upgraded my FOSRestBundle from version 1.* to 2.*

And since this upgrade many of my tests are failing because all expected 401 responses have been switched to 302 responses (redirections to the login page).

I know many people had this issue but didn't find any fix that works on my project.

Here is what I currently have:

config.yml:

fos_rest:
    unauthorized_challenge: "xxxBasic realm=\"Foo Area\""
        access_denied_listener:
            json: true
        exception:
            enabled: true
            exception_controller: 'AppBundle\Controller\ExceptionController::showAction'

ExceptionController:

class ExceptionController
{
    public function showAction(\Exception $exception): JsonResponse
    {
        dump($exception->getCode());
        // nothing is dumped which means that it doesn't even get here.
        // but when I run a test that is expecting a 404 exception it is dumped.
        // So the 401 is redirected before getting here 

        return new JsonResponse(['message', $exception->getMessage()], $exception->getCode);
    }
}

I'm on Symfony3.2

Any Ideas ?
@miholeus
Copy link

I think it does not relate to the bundle. You should look at the problem in your tests..

@fabienchn-zz
Copy link
Author

Tests are fine and there is no reason why they should fail if they didn't just before the update. The only thing that changed on this regard is the FOSRestBundle upgrade...

@fabienchn-zz
Copy link
Author

Does anyone know a nice bundle for RestApis like FOS but that works then ?

@enricog84
Copy link
Contributor

@FabulousCo
I had a similiar issue with the unauthorized_challenge stopped being used and the basic authentication popping up, I think it is related to #1692 .
What I did was creating an own exception listener and setting its priority to 3 (after FOSRest/AccessDeniedListener and before Symfonys firewall ExceptionListener).

Example config:

    acme.api.event_listener.exception_listener:   
        parent: fos_rest.exception_listener    
        tags:   
            - { name: kernel.event_listener, event: kernel.exception, method: onKernelException, priority: 3}

@xabbuh
Copy link
Member

xabbuh commented Jan 24, 2018

@FabulousCo Can you please check if your issue is the same as #1538 and thus would be fixed by #1692?

@fabienchn-zz
Copy link
Author

@enricog84's answer helped but with a higher priority.

It's sad that we have to build a custom ExceptionListener to prevent redirection on requests to the REST API since it's supposed to be the default behavior...

@xabbuh
Copy link
Member

xabbuh commented Jan 26, 2018

Thanks for the confirmation. This at least means, that the decoration approach we favour will probably solve our issues.

@fnagel
Copy link

fnagel commented Jun 5, 2018

Is there a more complete example for a workaround for this?

@fnagel
Copy link

fnagel commented Jul 7, 2020

This has been fixed in 9e10690 (tested in 2.8.1)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@fnagel @miholeus @xabbuh @enricog84 @fabienchn-zz