Skip to content

Commit

Permalink
bug #28801 Convert InsufficientAuthenticationException to HttpExcepti…
Browse files Browse the repository at this point in the history 
…on with 401 status code (vincentchalamon)

This PR was merged into the 2.8 branch.

Discussion
----------

Convert InsufficientAuthenticationException to HttpException with 401 status code

| Q             | A
| ------------- | ---
| Branch?       | 2.8
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed ticket | #8467
| License       | MIT

I was trying to implement the `json_login` authentication and test it with an API Platform project. When I call a secured endpoint without authentication, an InsufficientAuthenticationException is thrown with a 500 status code instead of a 401.

After some researches with @dunglas, there is no default `entrypoint` on the security firewall. As one already exists for `form_login` in the FormLoginFactory, this component might need a default one to convert this 500 exception to a correct 401 HTTP error.

This fixes #25806 (comment).

Commits
-------

4503ac8 Convert InsufficientAuthenticationException to HttpException
  • Loading branch information
@fabpot
fabpot committed Oct 17, 2018
2 parents 5145084 + 4503ac8 commit 8322494
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 8 deletions.
3 changes: 2 additions & 1 deletion src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\HttpKernel\Exception\HttpException;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
Expand Down Expand Up @@ -171,7 +172,7 @@ private function handleLogoutException(LogoutException $exception)
private function startAuthentication(Request $request, AuthenticationException $authException)
{
if (null === $this->authenticationEntryPoint) {
throw $authException;
throw new HttpException(Response::HTTP_UNAUTHORIZED, $authException->getMessage(), $authException, array(), $authException->getCode());
}

if (null !== $this->logger) {
Expand Down
15 changes: 8 additions & 7 deletions src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
use Symfony\Component\HttpKernel\Exception\HttpException;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
Expand All @@ -30,15 +31,15 @@ class ExceptionListenerTest extends TestCase
/**
* @dataProvider getAuthenticationExceptionProvider
*/
public function testAuthenticationExceptionWithoutEntryPoint(\Exception $exception, \Exception $eventException = null)
public function testAuthenticationExceptionWithoutEntryPoint(\Exception $exception, \Exception $eventException)
{
$event = $this->createEvent($exception);

$listener = $this->createExceptionListener();
$listener->onKernelException($event);

$this->assertNull($event->getResponse());
$this->assertSame(null === $eventException ? $exception : $eventException, $event->getException());
$this->assertEquals($eventException, $event->getException());
}

/**
Expand All @@ -58,11 +59,11 @@ public function testAuthenticationExceptionWithEntryPoint(\Exception $exception,
public function getAuthenticationExceptionProvider()
{
return array(
array(new AuthenticationException()),
array(new \LogicException('random', 0, $e = new AuthenticationException()), $e),
array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AuthenticationException())), $e),
array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AccessDeniedException())), $e),
array(new AuthenticationException('random', 0, new \LogicException())),
array($e = new AuthenticationException(), new HttpException(Response::HTTP_UNAUTHORIZED, '', $e, array(), 0)),
array(new \LogicException('random', 0, $e = new AuthenticationException()), new HttpException(Response::HTTP_UNAUTHORIZED, '', $e, array(), 0)),
array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AuthenticationException())), new HttpException(Response::HTTP_UNAUTHORIZED, 'embed', $e, array(), 0)),
array(new \LogicException('random', 0, $e = new AuthenticationException('embed', 0, new AccessDeniedException())), new HttpException(Response::HTTP_UNAUTHORIZED, 'embed', $e, array(), 0)),
array($e = new AuthenticationException('random', 0, new \LogicException()), new HttpException(Response::HTTP_UNAUTHORIZED, 'random', $e, array(), 0)),
);
}

Expand Down

0 comments on commit 8322494

Please sign in to comment.