public function createResponse(ApiProblem $apiProblem)
{
$data = $apiProblem->toArray();
$response = new JsonResponse($data, $apiProblem->getStatusCode());
$response->headers->set('Content-Type', 'application/problem+json');
return $response;
}
protected function throwApiProblemValidationException(FormInterface $form)
{
$errors = $this->getErrorsFromForm($form);
$apiProblem = new ApiProblem(400, ApiProblem::TYPE_VALIDATION_ERROR);
$apiProblem->set('errors', $errors);
throw new ApiProblemException($apiProblem);
}
public function onKernelException(GetResponseForExceptionEvent $event)
{
// only reply to /api URLs
if (strpos($event->getRequest()->getPathInfo(), '/api') !== 0) {
return;
}
$e = $event->getException();
$statusCode = $e instanceof HttpExceptionInterface ? $e->getStatusCode() : 500;
// allow 500 errors to be thrown
if ($this->debug && $statusCode >= 500) {
return;
}
if ($e instanceof ApiProblemException) {
$apiProblem = $e->getApiProblem();
} else {
$apiProblem = new ApiProblem($statusCode);
/*
* If it's an HttpException message (e.g. for 404, 403),
* we'll say as a rule that the exception message is safe
* for the client. Otherwise, it could be some sensitive
* low-level exception, which should *not* be exposed
*/
if ($e instanceof HttpExceptionInterface) {
$apiProblem->set('detail', $e->getMessage());
}
}
$response = $this->responseFactory->createResponse($apiProblem);
$event->setResponse($response);
}
public function __construct(ApiProblem $apiProblem, \Exception $previous = null, array $headers = array(), $code = null)
{
$this->apiProblem = $apiProblem;
$statusCode = $apiProblem->getStatusCode();
$message = $apiProblem->getTitle();
parent::__construct($statusCode, $message, $previous, $headers, $code);
}
public function start(Request $request, AuthenticationException $authException = null)
{
$apiProblem = new ApiProblem(Response::HTTP_UNAUTHORIZED);
$message = $authException ? $authException->getMessageKey() : 'Missing credentials';
$apiProblem->set('detail', $message);
return $this->responseFactory->createResponse($apiProblem);
}
public function onKernelException(GetResponseForExceptionEvent $event)
{
$exception = $event->getException();
$statusCode = $exception instanceof HttpExceptionInterface ? $exception->getStatusCode() : Response::HTTP_INTERNAL_SERVER_ERROR;
// Allow HTTP 500 on ongoing exception to be handled by symfony when running in debug mode
if ($this->debug && $statusCode >= Response::HTTP_INTERNAL_SERVER_ERROR) {
return;
}
if ($exception instanceof ApiProblemException) {
$apiProblem = $exception->getApiProblem();
} else {
$apiProblem = new ApiProblem($statusCode);
/**
* @see https://tools.ietf.org/html/draft-ietf-appsawg-http-problem-03#section-3.1
*
* If it is an HttpException message (e.g. for 404, 403), we'll say as a rule that the exception message is
* safe for the client. Otherwise, it could be some sensitive low-level exception, which should *not* be
* exposed
*/
if ($exception instanceof HttpExceptionInterface) {
$apiProblem->set('detail', $exception->getMessage());
}
}
$response = $this->responseFactory->createResponse($apiProblem);
$event->setResponse($response);
}
public function createResponse(ApiProblem $apiProblem)
{
$data = $apiProblem->toArray();
/**
* Provide an url for the error documentation
* @see: https://tools.ietf.org/html/draft-ietf-appsawg-http-problem-03#section-3
*/
if ($data['type'] != 'about:blank') {
$data['type'] = 'http://localhost:8000/docs/errors#' . $data['type'];
}
$response = new JsonResponse($data, $apiProblem->getStatusCode());
$response->headers->set('Content-Type', ApiProblem::CONTENT_TYPE);
return $response;
}
/**
* @param Form $form
* @return Response
*/
protected function throwApiProblemValidationException(Form $form)
{
$apiProblem = new ApiProblem(Response::HTTP_BAD_REQUEST, ApiProblem::TYPE_VALIDATION_ERROR);
$apiProblem->set('errors', $this->getErrorsFromForm($form));
throw new ApiProblemException($apiProblem);
}
