AuthenticationSubscriber::onExceptionSendChallenge

public AuthenticationSubscriber::onExceptionSendChallenge(GetResponseForExceptionEvent $event)

Respond with a challenge on access denied exceptions if appropriate.

On a 403 (access denied), if there are no credentials on the request, some authentication methods (e.g. basic auth) require that a challenge is sent to the client.

Parameters

\Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event: The exception event.

File

core/lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php, line 114

Class

AuthenticationSubscriber: Authentication subscriber.

Namespace

Drupal\Core\EventSubscriber

Code

public function onExceptionSendChallenge(GetResponseForExceptionEvent $event) {
  if (isset($this->challengeProvider) && $event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
    $request = $event->getRequest();
    $exception = $event->getException();
    if ($exception instanceof AccessDeniedHttpException && !$this->authenticationProvider->applies($request) && (!isset($this->filter) || $this->filter->appliesToRoutedRequest($request, FALSE))) {
      $challenge_exception = $this->challengeProvider->challengeException($request, $exception);
      if ($challenge_exception) {
        $event->setException($challenge_exception);
      }
    }
  }
}

Links:

https://api.drupal.org/api/drupal/core%21lib%21Drupal%21Core%21EventSubscriber%21AuthenticationSubscriber.php/function/AuthenticationSubscriber%3A%3AonExceptionSendChallenge/8.2.x

doc_Drupal

2016-10-29 08:45:15

Comments