-
Notifications
You must be signed in to change notification settings - Fork 31
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add an AccessDeniedHandler (fail) and a controller that allow to repr…
…oduce the issue described in symfony/symfony#25806
- Loading branch information
b-richard
committed
Jan 16, 2018
1 parent
9e61221
commit d13adb1
Showing
7 changed files
with
81 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
<?php | ||
|
||
namespace App\Controller; | ||
|
||
use Symfony\Bundle\FrameworkBundle\Controller\Controller; | ||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method; | ||
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security; | ||
use Symfony\Component\HttpFoundation\JsonResponse; | ||
use Symfony\Component\Routing\Annotation\Route; | ||
|
||
/** | ||
* This class is just here to reproduce the behavior described in this issue: | ||
* https://github.com/symfony/symfony/issues/25806 | ||
*/ | ||
class _FIX_ISSUE_SF_25806_Controller extends Controller | ||
{ | ||
/** | ||
* @Security("is_granted('IS_AUTHENTICATED_FULLY')") | ||
* @Route( | ||
* "/demo/login/json/issue/sf-25806", | ||
* ) | ||
* @Method({"GET"}) | ||
*/ | ||
public function reproductionForIssueSF28506() | ||
{ | ||
return new JsonResponse("data"); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
<?php | ||
|
||
namespace App\Security; | ||
|
||
use Symfony\Component\HttpFoundation\Request; | ||
use Symfony\Component\HttpFoundation\JsonResponse; | ||
|
||
// seen on this documentation https://symfony.com/doc/current/security/access_denied_handler.html | ||
use Symfony\Component\Security\Core\Exception\AccessDeniedException; | ||
use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface; | ||
|
||
// but seems unrelated to json_login system : | ||
use Symfony\Component\Security\Core\Exception\AuthenticationException; | ||
use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; | ||
|
||
/** | ||
* Class AccessDeniedHandler | ||
* | ||
* For Security Component, you need to implement your own AccessDeniedHandler | ||
* | ||
* @package App\Api\Security\Security | ||
*/ | ||
// When i just implement AccessDeniedHandlerInterface as said on the doc, then i got a 500 : | ||
// Type error: Argument 1 passed to Symfony\Component\Security\Http\Authentication\CustomAuthenticationFailureHandler::__construct() must implement interface Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface, instance of App\Security\AccessDeniedHandler given, called in C:\dev\projects\fiducial\sf-flex-encore-vuejs\var\cache\dev\ContainerI18QW6b\getSecurity_Authentication_Listener_Json_VuejsService.php on line 8 | ||
//class AccessDeniedHandler implements AccessDeniedHandlerInterface | ||
class AccessDeniedHandler implements AuthenticationFailureHandlerInterface, AccessDeniedHandlerInterface | ||
{ | ||
public function handle(Request $request, AccessDeniedException $accessDeniedException) | ||
{ | ||
return new JsonResponse($accessDeniedException->getMessage(), 403); | ||
} | ||
|
||
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) | ||
{ | ||
return new JsonResponse($exception->getMessage(), 403); | ||
} | ||
} |