Commit a33414e5 authored by xjm's avatar xjm

Issue #2472371 by Dom., pfrenssen: Exception shown on 401 Unauthorized

parent f82428c7
......@@ -16,6 +16,7 @@
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
/**
* Exception subscriber for handling core default HTML error pages.
......@@ -75,6 +76,16 @@ protected function getHandledFormats() {
return ['html'];
}
/**
* Handles a 401 error for HTML.
*
* @param \Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event
* The event to process.
*/
public function on401(GetResponseForExceptionEvent $event) {
$this->makeSubrequest($event, Url::fromRoute('system.401')->toString(), Response::HTTP_UNAUTHORIZED);
}
/**
* Handles a 403 error for HTML.
*
......@@ -107,6 +118,7 @@ public function on404(GetResponseForExceptionEvent $event) {
*/
protected function makeSubrequest(GetResponseForExceptionEvent $event, $url, $status_code) {
$request = $event->getRequest();
$exception = $event->getException();
if (!($url && $url[0] == '/')) {
$url = $request->getBasePath() . '/' . $url;
......@@ -136,6 +148,12 @@ protected function makeSubrequest(GetResponseForExceptionEvent $event, $url, $st
$response = $this->httpKernel->handle($sub_request, HttpKernelInterface::SUB_REQUEST);
$response->setStatusCode($status_code);
// Persist any special HTTP headers that were set on the exception.
if ($exception instanceof HttpExceptionInterface) {
$response->headers->add($exception->getHeaders());
}
$event->setResponse($response);
}
catch (\Exception $e) {
......
......@@ -153,6 +153,30 @@ function testLocale() {
$this->curlClose();
}
/**
* Tests if a comprehensive message is displayed when the route is denied.
*/
function testUnauthorizedErrorMessage() {
$account = $this->drupalCreateUser();
$url = Url::fromRoute('router_test.11');
// Case when no credentials are passed.
$this->drupalGet($url);
$this->assertResponse('401', 'The user is blocked when no credentials are passed.');
$this->assertNoText('Exception', "No raw exception is displayed on the page.");
$this->assertText('Please log in to access this page.', "A user friendly access unauthorized message is displayed.");
// Case when empty credentials are passed.
$this->basicAuthGet($url, NULL, NULL);
$this->assertResponse('403', 'The user is blocked when empty credentials are passed.');
$this->assertText('Access denied', "A user friendly access denied message is displayed");
// Case when wrong credentials are passed.
$this->basicAuthGet($url, $account->getUsername(), $this->randomMachineName());
$this->assertResponse('403', 'The user is blocked when wrong credentials are passed.');
$this->assertText('Access denied', "A user friendly access denied message is displayed");
}
/**
* Does HTTP basic auth request.
*
......
......@@ -14,11 +14,23 @@
*/
class Http4xxController extends ControllerBase {
/**
* The default 401 content.
*
* @return array
* A render array containing the message to display for 401 pages.
*/
public function on401() {
return [
'#markup' => $this->t('Please log in to access this page.'),
];
}
/**
* The default 403 content.
*
* @return array
* A render array containing the message to display for 404 pages.
* A render array containing the message to display for 404 pages.
*/
public function on403() {
return [
......@@ -30,7 +42,7 @@ public function on403() {
* The default 404 content.
*
* @return array
* A render array containing the message to display for 404 pages.
* A render array containing the message to display for 404 pages.
*/
public function on404() {
return [
......
......@@ -7,6 +7,14 @@ system.ajax:
requirements:
_access: 'TRUE'
system.401:
path: '/system/401'
defaults:
_controller: '\Drupal\system\Controller\Http4xxController:on401'
_title: 'Unauthorized'
requirements:
_access: 'TRUE'
system.403:
path: '/system/403'
defaults:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment