Mercurial > hg > isophonics-drupal-site

diff core/lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php @ 17:129ea1e6d783

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update, including to Drupal core 8.6.10
author Chris Cannam
date Thu, 28 Feb 2019 13:21:36 +0000
parents 4c8ae668cc8c
children af1871eacc83
line wrap: on
line diff
--- a/core/lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php	Tue Jul 10 15:07:59 2018 +0100
+++ b/core/lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php	Thu Feb 28 13:21:36 2019 +0000
@@ -125,6 +125,21 @@
   }
 
   /**
+   * Detect disallowed authentication methods on access denied exceptions.
+   *
+   * @param \Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event
+   */
+  public function _onExceptionAccessDenied(GetResponseForExceptionEvent $event) {
+    if (isset($this->filter) && $event->isMasterRequest()) {
+      $request = $event->getRequest();
+      $exception = $event->getException();
+      if ($exception instanceof AccessDeniedHttpException && $this->authenticationProvider->applies($request) && !$this->filter->appliesToRoutedRequest($request, TRUE)) {
+        $event->setException(new AccessDeniedHttpException('The used authentication method is not allowed on this route.', $exception));
+      }
+    }
+  }
+
+  /**
    * {@inheritdoc}
    */
   public static function getSubscribedEvents() {
@@ -137,6 +152,7 @@
     // Access check must be performed after routing.
     $events[KernelEvents::REQUEST][] = ['onKernelRequestFilterProvider', 31];
     $events[KernelEvents::EXCEPTION][] = ['onExceptionSendChallenge', 75];
+    $events[KernelEvents::EXCEPTION][] = ['_onExceptionAccessDenied', 80];
     return $events;
   }