/**
  *
  * @param string         $message
  * @param integer        $code
  * @param Exception|null $previous
  * @param array          $scopes
  * @param string         $realmName
  */
 public function __construct($message = '', $code = 403, Exception $previous = null, $scopes = [], $realmName = 'API')
 {
     if (empty($message)) {
         $message = $this->getMessageKey();
     }
     parent::__construct($message, $code, $previous);
     $this->scopes = $scopes;
     $this->statusCode = $code;
     $this->errorCode = 'insufficient_scope';
     $this->realmName = $realmName;
 }
 private function handleAccessDeniedException(GetResponseForExceptionEvent $event, AccessDeniedException $exception)
 {
     $event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));
     $token = $this->context->getToken();
     if (!$this->authenticationTrustResolver->isFullFledged($token)) {
         if (null !== $this->logger) {
             $this->logger->debug(sprintf('Access is denied (user is not fully authenticated) by "%s" at line %s; redirecting to authentication entry point', $exception->getFile(), $exception->getLine()));
         }
         try {
             $insufficientAuthenticationException = new InsufficientAuthenticationException('Full authentication is required to access this resource.', 0, $exception);
             $insufficientAuthenticationException->setToken($token);
             $event->setResponse($this->startAuthentication($event->getRequest(), $insufficientAuthenticationException));
         } catch (\Exception $e) {
             $event->setException($e);
         }
         return;
     }
     if (null !== $this->logger) {
         $this->logger->debug(sprintf('Access is denied (and user is neither anonymous, nor remember-me) by "%s" at line %s', $exception->getFile(), $exception->getLine()));
     }
     try {
         if (null !== $this->accessDeniedHandler) {
             $response = $this->accessDeniedHandler->handle($event->getRequest(), $exception);
             if ($response instanceof Response) {
                 $event->setResponse($response);
             }
         } elseif (null !== $this->errorPage) {
             $subRequest = $this->httpUtils->createRequest($event->getRequest(), $this->errorPage);
             $subRequest->attributes->set(Security::ACCESS_DENIED_ERROR, $exception);
             $event->setResponse($event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true));
         }
     } catch (\Exception $e) {
         if (null !== $this->logger) {
             $this->logger->error(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage()));
         }
         $event->setException(new \RuntimeException('Exception thrown when handling an exception.', 0, $e));
     }
 }
 /**
  * Handles security related exceptions.
  *
  * @param GetResponseForExceptionEvent $event An GetResponseForExceptionEvent instance
  */
 public function onKernelException(GetResponseForExceptionEvent $event)
 {
     // we need to remove ourselves as the exception listener can be
     // different depending on the Request
     $event->getDispatcher()->removeListener(KernelEvents::EXCEPTION, array($this, 'onKernelException'));
     $exception = $event->getException();
     $request = $event->getRequest();
     // determine the actual cause for the exception
     while (null !== ($previous = $exception->getPrevious())) {
         $exception = $previous;
     }
     if ($exception instanceof AuthenticationException) {
         if (null !== $this->logger) {
             $this->logger->info(sprintf('Authentication exception occurred; redirecting to authentication entry point (%s)', $exception->getMessage()));
         }
         try {
             $response = $this->startAuthentication($request, $exception);
         } catch (\Exception $e) {
             $event->setException($e);
             return;
         }
     } elseif ($exception instanceof AccessDeniedException) {
         $event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));
         $token = $this->context->getToken();
         if (!$this->authenticationTrustResolver->isFullFledged($token)) {
             if (null !== $this->logger) {
                 $this->logger->debug(sprintf('Access is denied (user is not fully authenticated) by "%s" at line %s; redirecting to authentication entry point', $exception->getFile(), $exception->getLine()));
             }
             try {
                 $insufficientAuthenticationException = new InsufficientAuthenticationException('Full authentication is required to access this resource.', 0, $exception);
                 $insufficientAuthenticationException->setToken($token);
                 $response = $this->startAuthentication($request, $insufficientAuthenticationException);
             } catch (\Exception $e) {
                 $event->setException($e);
                 return;
             }
         } else {
             if (null !== $this->logger) {
                 $this->logger->debug(sprintf('Access is denied (and user is neither anonymous, nor remember-me) by "%s" at line %s', $exception->getFile(), $exception->getLine()));
             }
             try {
                 if (null !== $this->accessDeniedHandler) {
                     $response = $this->accessDeniedHandler->handle($request, $exception);
                     if (!$response instanceof Response) {
                         return;
                     }
                 } elseif (null !== $this->errorPage) {
                     $subRequest = $this->httpUtils->createRequest($request, $this->errorPage);
                     $subRequest->attributes->set(SecurityContextInterface::ACCESS_DENIED_ERROR, $exception);
                     $response = $event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true);
                 } else {
                     return;
                 }
             } catch (\Exception $e) {
                 if (null !== $this->logger) {
                     $this->logger->error(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage()));
                 }
                 $event->setException(new \RuntimeException('Exception thrown when handling an exception.', 0, $e));
                 return;
             }
         }
     } elseif ($exception instanceof LogoutException) {
         if (null !== $this->logger) {
             $this->logger->info(sprintf('Logout exception occurred; wrapping with AccessDeniedHttpException (%s)', $exception->getMessage()));
         }
         return;
     } else {
         return;
     }
     $event->setResponse($response);
 }