public function AuthenticationSubscriber::onExceptionSendChallenge

public AuthenticationSubscriber::onExceptionSendChallenge(GetResponseForExceptionEvent $event)

Respond with a challenge on access denied exceptions if appropriate.

On a 403 (access denied), if there are no credentials on the request, some authentication methods (e.g. basic auth) require that a challenge is sent to the client.

Parameters

\Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event: The exception event.

File

core/lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php, line 114

Class

AuthenticationSubscriber
Authentication subscriber.

Namespace

Drupal\Core\EventSubscriber

Code

public function onExceptionSendChallenge(GetResponseForExceptionEvent $event) {
  if (isset($this->challengeProvider) && $event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
    $request = $event->getRequest();
    $exception = $event->getException();
    if ($exception instanceof AccessDeniedHttpException && !$this->authenticationProvider->applies($request) && (!isset($this->filter) || $this->filter->appliesToRoutedRequest($request, FALSE))) {
      $challenge_exception = $this->challengeProvider->challengeException($request, $exception);
      if ($challenge_exception) {
        $event->setException($challenge_exception);
      }
    }
  }
}

© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!lib!Drupal!Core!EventSubscriber!AuthenticationSubscriber.php/function/AuthenticationSubscriber::onExceptionSendChallenge/8.1.x