-
-
Notifications
You must be signed in to change notification settings - Fork 51
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove the handle_error() method from authentication servers.
This creates a new AuthenticationException exception to transport authentication errors, including headers and status code, from the authenticate() method instead of using a handle_error() method. If the current request is a REST request, the Authentication provider will convert the exception to an error instead of allowing the exception to bubble up.
- Loading branch information
1 parent
c0822c0
commit 870d8ab
Showing
7 changed files
with
172 additions
and
123 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,136 @@ | ||
<?php | ||
/** | ||
* Authentication exception. | ||
* | ||
* @package SatisPress | ||
* @license GPL-2.0-or-later | ||
* @since 0.4.0 | ||
*/ | ||
|
||
declare ( strict_types = 1 ); | ||
|
||
namespace SatisPress\Exception; | ||
|
||
use SatisPress\Package; | ||
use SatisPress\Release; | ||
use Throwable; | ||
use WP_Http as HTTP; | ||
|
||
/** | ||
* Authentication exception class. | ||
* | ||
* @since 0.4.0 | ||
*/ | ||
class AuthenticationException extends HttpException { | ||
/** | ||
* Error code. | ||
* | ||
* @var string | ||
*/ | ||
protected $code = ''; | ||
|
||
/** | ||
* Response headers. | ||
* | ||
* @var array | ||
*/ | ||
protected $headers; | ||
|
||
/** | ||
* Constructor. | ||
* | ||
* @since 0.4.0 | ||
* | ||
* @param string $code Exception code. | ||
* @param string $message Message. | ||
* @param int $status_code Optional. HTTP status code. Defaults to 500. | ||
* @param array $headers Optional. Response headers. | ||
* @param Throwable $previous Optional. Previous exception. | ||
*/ | ||
public function __construct( | ||
string $code, | ||
string $message, | ||
int $status_code = HTTP::INTERNAL_SERVER_ERROR, | ||
array $headers = [], | ||
Throwable $previous = null | ||
) { | ||
$this->code = $code; | ||
$this->headers = $headers; | ||
|
||
parent::__construct( $message, $status_code, 0, $previous ); | ||
} | ||
|
||
/** | ||
* Create an exception for requests that require authentication. | ||
* | ||
* @since 0.4.0. | ||
* | ||
* @param array $headers Response headers. | ||
* @param string $code Optional. The Exception code. | ||
* @param Throwable $previous Optional. The previous throwable used for the exception chaining. | ||
* @return HTTPException | ||
*/ | ||
public static function forAuthenticationRequired( | ||
array $headers = [], | ||
string $code = 'invalid_request', | ||
Throwable $previous = null | ||
): HttpException { | ||
$headers = $headers ?: [ 'WWW-Authenticate' => 'Basic realm="SatisPress"' ]; | ||
$message = 'Authentication is required for this resource.'; | ||
|
||
return new static( $code, $message, HTTP::UNAUTHORIZED, $headers, $previous ); | ||
} | ||
|
||
/** | ||
* Create an exception for invalid credentials. | ||
* | ||
* @since 0.4.0. | ||
* | ||
* @param array $headers Response headers. | ||
* @param string $code Optional. The Exception code. | ||
* @param Throwable $previous Optional. The previous throwable used for the exception chaining. | ||
* @return HTTPException | ||
*/ | ||
public static function forInvalidCredentials( | ||
array $headers = [], | ||
string $code = 'invalid_credentials', | ||
Throwable $previous = null | ||
): HttpException { | ||
$headers = $headers ?: [ 'WWW-Authenticate' => 'Basic realm="SatisPress"' ]; | ||
$message = 'Invalid credentials.'; | ||
|
||
return new static( $code, $message, HTTP::UNAUTHORIZED, $headers, $previous ); | ||
} | ||
|
||
/** | ||
* Create an exception for a missing authorization header. | ||
* | ||
* @since 0.4.0. | ||
* | ||
* @param array $headers Response headers. | ||
* @param string $code Optional. The Exception code. | ||
* @param Throwable $previous Optional. The previous throwable used for the exception chaining. | ||
* @return HTTPException | ||
*/ | ||
public static function forMissingAuthorizationHeader( | ||
array $headers = [], | ||
string $code = 'invalid_credentials', | ||
Throwable $previous = null | ||
): HttpException { | ||
$headers = $headers ?: [ 'WWW-Authenticate' => 'Basic realm="SatisPress"' ]; | ||
$message = 'Missing authorization header.'; | ||
|
||
return new static( $code, $message, HTTP::UNAUTHORIZED, $headers, $previous ); | ||
} | ||
|
||
/** | ||
* Retrieve the response headers. | ||
* | ||
* @since 0.4.0 | ||
* | ||
* @return array Map of header name to header value. | ||
*/ | ||
public function getHeaders(): array { | ||
return $this->headers; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.