|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* Copyright 2014 SURFnet bv |
|
5
|
|
|
* |
|
6
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
7
|
|
|
* you may not use this file except in compliance with the License. |
|
8
|
|
|
* You may obtain a copy of the License at |
|
9
|
|
|
* |
|
10
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0 |
|
11
|
|
|
* |
|
12
|
|
|
* Unless required by applicable law or agreed to in writing, software |
|
13
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS, |
|
14
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
15
|
|
|
* See the License for the specific language governing permissions and |
|
16
|
|
|
* limitations under the License. |
|
17
|
|
|
*/ |
|
18
|
|
|
|
|
19
|
|
|
namespace Surfnet\StepupBundle\Controller; |
|
20
|
|
|
|
|
21
|
|
|
use DateTime; |
|
22
|
|
|
use Exception; |
|
23
|
|
|
use SAML2\Response\Exception\InvalidResponseException; |
|
24
|
|
|
use SAML2\Response\Exception\PreconditionNotMetException; |
|
25
|
|
|
use Surfnet\SamlBundle\Http\Exception\AuthnFailedSamlResponseException; |
|
26
|
|
|
use Surfnet\SamlBundle\Http\Exception\SignatureValidationFailedException; |
|
27
|
|
|
use Surfnet\SamlBundle\Http\Exception\UnknownServiceProviderException; |
|
28
|
|
|
use Surfnet\SamlBundle\Http\Exception\UnsignedRequestException; |
|
29
|
|
|
use Surfnet\SamlBundle\Http\Exception\UnsupportedSignatureException; |
|
30
|
|
|
use Surfnet\StepupBundle\EventListener\RequestIdRequestResponseListener; |
|
31
|
|
|
use Surfnet\StepupBundle\Exception\Art; |
|
32
|
|
|
use Symfony\Bundle\FrameworkBundle\Controller\Controller as FrameworkController; |
|
33
|
|
|
use Symfony\Component\HttpFoundation\Request; |
|
34
|
|
|
use Symfony\Component\HttpFoundation\Response; |
|
35
|
|
|
use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface; |
|
36
|
|
|
use Symfony\Component\Security\Core\Exception\AccessDeniedException; |
|
37
|
|
|
use Symfony\Component\Security\Core\Exception\AuthenticationException; |
|
38
|
|
|
use Symfony\Component\Translation\TranslatorInterface; |
|
39
|
|
|
|
|
40
|
|
|
/** |
|
41
|
|
|
* @package Surfnet\StepupBundle\Controller |
|
42
|
|
|
* |
|
43
|
|
|
* @SuppressWarnings(PHPMD.CouplingBetweenObjects) Contains extensive mapping for exceptions |
|
44
|
|
|
*/ |
|
45
|
|
|
class ExceptionController extends FrameworkController |
|
|
|
|
|
|
46
|
|
|
{ |
|
47
|
|
|
public function showAction(Request $request, Exception $exception) |
|
48
|
|
|
{ |
|
49
|
|
|
$statusCode = $this->getStatusCode($exception); |
|
50
|
|
|
|
|
51
|
|
|
if ($statusCode == 404) { |
|
52
|
|
|
$template = 'SurfnetStepupBundle:Exception:error404.html.twig'; |
|
53
|
|
|
} else { |
|
54
|
|
|
$template = 'SurfnetStepupBundle:Exception:error.html.twig'; |
|
55
|
|
|
} |
|
56
|
|
|
|
|
57
|
|
|
$response = new Response('', $statusCode); |
|
58
|
|
|
|
|
59
|
|
|
$timestamp = (new DateTime)->format(DateTime::ISO8601); |
|
60
|
|
|
$hostname = $request->getHost(); |
|
61
|
|
|
$requestId = $this->get('surfnet_stepup.request.request_id'); |
|
62
|
|
|
$errorCode = Art::forException($exception); |
|
63
|
|
|
$userAgent = $request->headers->get('User-Agent'); |
|
64
|
|
|
$ipAddress = $request->getClientIp(); |
|
65
|
|
|
|
|
66
|
|
|
return $this->render( |
|
67
|
|
|
$template, |
|
68
|
|
|
[ |
|
69
|
|
|
'timestamp' => $timestamp, |
|
70
|
|
|
'hostname' => $hostname, |
|
71
|
|
|
'request_id' => $requestId->get(), |
|
72
|
|
|
'error_code' => $errorCode, |
|
73
|
|
|
'user_agent' => $userAgent, |
|
74
|
|
|
'ip_address' => $ipAddress, |
|
75
|
|
|
] + $this->getPageTitleAndDescription($exception), |
|
76
|
|
|
$response |
|
77
|
|
|
); |
|
78
|
|
|
} |
|
79
|
|
|
|
|
80
|
|
|
/** |
|
81
|
|
|
* @param Exception $exception |
|
82
|
|
|
* @return int HTTP status code |
|
83
|
|
|
*/ |
|
84
|
|
|
protected function getStatusCode(Exception $exception) |
|
85
|
|
|
{ |
|
86
|
|
|
if ($exception instanceof AuthenticationException || |
|
|
|
|
|
|
87
|
|
|
$exception instanceof InvalidResponseException) { |
|
88
|
|
|
return Response::HTTP_UNAUTHORIZED; |
|
89
|
|
|
} |
|
90
|
|
|
|
|
91
|
|
|
if ($exception instanceof AccessDeniedException || |
|
|
|
|
|
|
92
|
|
|
$exception instanceof PreconditionNotMetException) { |
|
93
|
|
|
return Response::HTTP_FORBIDDEN; |
|
94
|
|
|
} |
|
95
|
|
|
|
|
96
|
|
|
if ($exception instanceof HttpExceptionInterface) { |
|
97
|
|
|
return $exception->getStatusCode(); |
|
98
|
|
|
} |
|
99
|
|
|
|
|
100
|
|
|
// Unknown exceptions are server errors! |
|
101
|
|
|
return 500; |
|
102
|
|
|
} |
|
103
|
|
|
|
|
104
|
|
|
/** |
|
105
|
|
|
* @param Exception $exception |
|
106
|
|
|
* @return array View parameters 'title' and 'description' |
|
107
|
|
|
*/ |
|
108
|
|
|
protected function getPageTitleAndDescription(Exception $exception) |
|
109
|
|
|
{ |
|
110
|
|
|
$translator = $this->getTranslator(); |
|
111
|
|
|
|
|
112
|
|
|
if ($exception instanceof SignatureValidationFailedException) { |
|
113
|
|
|
$title = $translator->trans('stepup.error.signature_validation_failed.title'); |
|
114
|
|
|
$description = $translator->trans('stepup.error.signature_validation_failed.description'); |
|
115
|
|
|
|
|
116
|
|
|
} elseif ($exception instanceof UnsignedRequestException) { |
|
117
|
|
|
$title = $translator->trans('stepup.error.unsigned_request.title'); |
|
118
|
|
|
$description = $translator->trans('stepup.error.unsigned_request.description'); |
|
119
|
|
|
|
|
120
|
|
|
} elseif ($exception instanceof UnsupportedSignatureException) { |
|
121
|
|
|
$title = $translator->trans('stepup.error.unsupported_signature.title'); |
|
122
|
|
|
$description = $translator->trans('stepup.error.unsupported_signature.description'); |
|
123
|
|
|
|
|
124
|
|
|
} elseif ($exception instanceof UnknownServiceProviderException) { |
|
125
|
|
|
$title = $translator->trans('stepup.error.unknown_service_provider.title'); |
|
126
|
|
|
$description = $exception->getMessage(); |
|
127
|
|
|
|
|
128
|
|
|
} elseif ($exception instanceof AuthnFailedSamlResponseException) { |
|
129
|
|
|
$title = $translator->trans('stepup.error.authn_failed.title'); |
|
130
|
|
|
$description = $translator->trans('stepup.error.authn_failed.description'); |
|
131
|
|
|
|
|
132
|
|
|
} elseif ($exception instanceof PreconditionNotMetException) { |
|
133
|
|
|
$title = $translator->trans('stepup.error.precondition_not_met.title'); |
|
134
|
|
|
$description = $translator->trans('stepup.error.precondition_not_met.description'); |
|
135
|
|
|
|
|
136
|
|
|
} elseif ($exception instanceof InvalidResponseException) { |
|
137
|
|
|
$title = $translator->trans('stepup.error.authentication_error.title'); |
|
138
|
|
|
$description = $translator->trans('stepup.error.authentication_error.description'); |
|
139
|
|
|
} elseif ($exception instanceof AuthenticationException) { |
|
|
|
|
|
|
140
|
|
|
$title = $translator->trans('stepup.error.authentication_error.title'); |
|
141
|
|
|
$description = $translator->trans('stepup.error.authentication_error.description'); |
|
142
|
|
|
} else { |
|
143
|
|
|
$title = $translator->trans('stepup.error.generic_error.title'); |
|
144
|
|
|
$description = $translator->trans('stepup.error.generic_error.description'); |
|
145
|
|
|
} |
|
146
|
|
|
|
|
147
|
|
|
return [ |
|
148
|
|
|
'title' => $title, |
|
149
|
|
|
'description' => $description, |
|
150
|
|
|
]; |
|
151
|
|
|
} |
|
152
|
|
|
|
|
153
|
|
|
/** |
|
154
|
|
|
* @return TranslatorInterface |
|
155
|
|
|
*/ |
|
156
|
|
|
protected function getTranslator() |
|
157
|
|
|
{ |
|
158
|
|
|
return $this->get('translator'); |
|
159
|
|
|
} |
|
160
|
|
|
} |
|
161
|
|
|
|
OpenConext /
Stepup-bundle
Joris Steyn
Reinier Kip
Loading history...
This class, trait or interface has been deprecated. The supplier of the file has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the type will be removed from the class and what other constant to use instead.