summaryrefslogtreecommitdiffstats
path: root/Http
diff options
context:
space:
mode:
Diffstat (limited to 'Http')
-rw-r--r--Http/Firewall/ExceptionListener.php133
1 files changed, 58 insertions, 75 deletions
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php
index b2aaa04..e7e2989 100644
--- a/Http/Firewall/ExceptionListener.php
+++ b/Http/Firewall/ExceptionListener.php
@@ -81,100 +81,83 @@ class ExceptionListener
$event->getDispatcher()->removeListener(KernelEvents::EXCEPTION, array($this, 'onKernelException'));
$exception = $event->getException();
- $request = $event->getRequest();
-
- while (null !== $exception) {
+ do {
if ($exception instanceof AuthenticationException) {
- if (null !== $this->logger) {
- $this->logger->info(sprintf('Authentication exception occurred; redirecting to authentication entry point (%s)', $exception->getMessage()));
- }
-
- try {
- $response = $this->startAuthentication($request, $exception);
-
- break;
- } catch (\Exception $e) {
- $event->setException($e);
-
- return;
- }
+ return $this->handleAuthenticationException($event, $exception);
+ } elseif ($exception instanceof AccessDeniedException) {
+ return $this->handleAccessDeniedException($event, $exception);
+ } elseif ($exception instanceof LogoutException) {
+ return $this->handleLogoutException($event, $exception);
}
+ } while (null !== $exception = $exception->getPrevious());
+ }
- if ($exception instanceof AccessDeniedException) {
- $event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));
-
- $token = $this->context->getToken();
- if (!$this->authenticationTrustResolver->isFullFledged($token)) {
- if (null !== $this->logger) {
- $this->logger->debug(sprintf('Access is denied (user is not fully authenticated) by "%s" at line %s; redirecting to authentication entry point', $exception->getFile(), $exception->getLine()));
- }
-
- try {
- $insufficientAuthenticationException = new InsufficientAuthenticationException('Full authentication is required to access this resource.', 0, $exception);
- $insufficientAuthenticationException->setToken($token);
- $response = $this->startAuthentication($request, $insufficientAuthenticationException);
-
- break;
- } catch (\Exception $e) {
- $event->setException($e);
-
- return;
- }
- } else {
- if (null !== $this->logger) {
- $this->logger->debug(sprintf('Access is denied (and user is neither anonymous, nor remember-me) by "%s" at line %s', $exception->getFile(), $exception->getLine()));
- }
-
- try {
- if (null !== $this->accessDeniedHandler) {
- $response = $this->accessDeniedHandler->handle($request, $exception);
-
- if (!$response instanceof Response) {
- return;
- }
+ private function handleAuthenticationException(GetResponseForExceptionEvent $event, AuthenticationException $exception)
+ {
+ if (null !== $this->logger) {
+ $this->logger->info(sprintf('Authentication exception occurred; redirecting to authentication entry point (%s)', $exception->getMessage()));
+ }
- break;
- }
+ try {
+ $event->setResponse($this->startAuthentication($event->getRequest(), $exception));
+ } catch (\Exception $e) {
+ $event->setException($e);
+ }
+ }
- if (null !== $this->errorPage) {
- $subRequest = $this->httpUtils->createRequest($request, $this->errorPage);
- $subRequest->attributes->set(SecurityContextInterface::ACCESS_DENIED_ERROR, $exception);
+ private function handleAccessDeniedException(GetResponseForExceptionEvent $event, AccessDeniedException $exception)
+ {
+ $event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));
- $response = $event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true);
+ $token = $this->context->getToken();
+ if (!$this->authenticationTrustResolver->isFullFledged($token)) {
+ if (null !== $this->logger) {
+ $this->logger->debug(sprintf('Access is denied (user is not fully authenticated) by "%s" at line %s; redirecting to authentication entry point', $exception->getFile(), $exception->getLine()));
+ }
- break;
- }
+ try {
+ $insufficientAuthenticationException = new InsufficientAuthenticationException('Full authentication is required to access this resource.', 0, $exception);
+ $insufficientAuthenticationException->setToken($token);
- return;
+ $event->setResponse($this->startAuthentication($event->getRequest(), $insufficientAuthenticationException));
+ } catch (\Exception $e) {
+ $event->setException($e);
+ }
- } catch (\Exception $e) {
- if (null !== $this->logger) {
- $this->logger->error(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage()));
- }
+ return;
+ }
- $event->setException(new \RuntimeException('Exception thrown when handling an exception.', 0, $e));
+ if (null !== $this->logger) {
+ $this->logger->debug(sprintf('Access is denied (and user is neither anonymous, nor remember-me) by "%s" at line %s', $exception->getFile(), $exception->getLine()));
+ }
- return;
- }
- }
- }
+ try {
+ if (null !== $this->accessDeniedHandler) {
+ $response = $this->accessDeniedHandler->handle($event->getRequest(), $exception);
- if ($exception instanceof LogoutException) {
- if (null !== $this->logger) {
- $this->logger->info(sprintf('Logout exception occurred; wrapping with AccessDeniedHttpException (%s)', $exception->getMessage()));
+ if ($response instanceof Response) {
+ $event->setResponse($response);
}
+ } elseif (null !== $this->errorPage) {
+ $subRequest = $this->httpUtils->createRequest($event->getRequest(), $this->errorPage);
+ $subRequest->attributes->set(SecurityContextInterface::ACCESS_DENIED_ERROR, $exception);
- return;
+ $event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true));
}
-
- if (null === $exception->getPrevious()) {
- return;
+ } catch (\Exception $e) {
+ if (null !== $this->logger) {
+ $this->logger->error(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage()));
}
- $exception = $exception->getPrevious();
+ $event->setException(new \RuntimeException('Exception thrown when handling an exception.', 0, $e));
}
+ }
- $event->setResponse($response);
+ private function handleLogoutException(GetResponseForExceptionEvent $event, LogoutException $exception)
+ {
+ if (null !== $this->logger) {
+ $this->logger->info(sprintf('Logout exception occurred; wrapping with AccessDeniedHttpException (%s)', $exception->getMessage()));
+ }
}
/**
generated by cgit v1.1 at 2025-05-18 07:41:47 +0000