Description

The ability to add a #[VerifySignature] above a controller to automatically verify it's signature before executing.

Example

#[VerifySignature] // default behaviour (400/404?)
public function someAction(): Response

#[VerifySignature(statusCode: 401)] // customize the status code
public function someAction(): Response

With #60102, the following behaviour could be added:

#[VerifySignature(throw: true)]
public function someAction(): Response

This would throw a UnsignedUriException|UnverifiedSignedUriException|ExpiredSignedUriException to be caught/handled by an exception listener or converted with framework.exceptions:

framework:
    exceptions:
        Symfony\Component\HttpFoundation\Exception\UnsignedUriException:
            status_code: 404
        Symfony\Component\HttpFoundation\Exception\UnverifiedSignedUriException:
            status_code: 400
        Symfony\Component\HttpFoundation\Exception\ExpiredSignedUriException:
            status_code: 410