Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit b02c16a

Browse filesBrowse files
weaverryanweaverryan
committed
feature #3565 added information on AuthenticationFailureHandlerInterface (samsamm777)
This PR was submitted for the master branch but it was merged into the 2.4 branch instead (closes #3565). Discussion ---------- added information on AuthenticationFailureHandlerInterface The Api Keys documentation made no mention of the AuthenticationFailureHandlerInterface which is required to correctly display Authentication Failure responses. Without it, authentication failures will result in a 500 response. I've made mention to the interface and given an example implementation. http://symfony.com/doc/current/cookbook/security/api_key_authentication.html#cookbook-security-api-key-config ``` Doc fix? yes New docs? no Applies to: 2.4 Fixed tickets: none found ``` Commits ------- 066bccb fixed typo db8e01a recommendations by xabbuh 3366dfc fixed authentication failed header 21e3536 fixed line wrapping e4f5c6e added information on AuthenticationFailureHandlerInterface in api keys docs
2 parents d6a17e7 + e915162 commit b02c16a
Copy full SHA for b02c16a

File tree

Expand file treeCollapse file tree

2 files changed

+29
-0
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+29
-0
lines changed

‎.gitignore

Copy file name to clipboard
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
.DS_Store

‎cookbook/security/api_key_authentication.rst

Copy file name to clipboardExpand all lines: cookbook/security/api_key_authentication.rst
+28Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -210,6 +210,34 @@ exception in ``refreshUser()``.
210210
If you *do* want to store authentication data in the session so that
211211
the key doesn't need to be sent on every request, see :ref:`cookbook-security-api-key-session`.
212212

213+
Handling Authentication Failure
214+
-------------------------------
215+
216+
In order for your ``ApiKeyAuthentication`` to correctly display a 403
217+
http status when either bad credentials or authentication fails you will
218+
need to implement the :class:`Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface` on your
219+
Authenticator. This will provide a method ``onAuthenticationFailure`` which
220+
you can use to create an error ``Response``.
221+
222+
// src/Acme/HelloBundle/Security/ApiKeyAuthenticator.php
223+
namespace Acme\HelloBundle\Security;
224+
225+
use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface;
226+
use Symfony\Component\Security\Core\Exception\AuthenticationException;
227+
use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
228+
use Symfony\Component\HttpFoundation\Response;
229+
use Symfony\Component\HttpFoundation\Request;
230+
231+
class ApiKeyAuthenticator implements SimplePreAuthenticatorInterface, AuthenticationFailureHandlerInterface
232+
{
233+
//...
234+
235+
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
236+
{
237+
return new Response("Authentication Failed.", 403);
238+
}
239+
}
240+
213241
.. _cookbook-security-api-key-config:
214242

215243
Configuration

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.