search

djoos / EscapeWSSEAuthenticationBundle

Symfony bundle to implement WSSE authentication
http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html
137 stars 59 forks source link

Use twig to render 401 template? #70

Closed bkosborne closed 9 years ago

bkosborne commented 9 years ago

I'm trying to use a unified response body for any 4xx or 5xx errors in an API that uses this bundle for authentication. Something like this:

{
  "error": {
    "http_status_code": 401,
    "message": "Unauthorized"
  }
}

When there is an authentication error (like a malformed WSSE header or incorrect header), then this bundle just returns a basic response with the code set to 401 and some WSSE authenticate headers.

I've been looking thru the Security component trying to figure out how all this works - It looks normally when there's an AuthenticationException, the user is typically redirected to some failure page (or the login page) and a message is saved to the session explaining the error.

So I'm not sure in any normal circumstance Symfony actually returns a 401 page and template.

Has anyone been able to get a template for 401s?

xocasdashdash commented 9 years ago

I think what you're looking for is here: https://github.com/escapestudios/EscapeWSSEAuthenticationBundle/blob/master/Security/Http/EntryPoint/EntryPoint.php you would need to implement your own entry point service and configure it

djoos commented 9 years ago

Hi @bkosborne,

@xocasdashdash is right. The good news is it should be easy to implement your own EntryPoint; have a look at https://github.com/escapestudios/EscapeWSSEAuthenticationBundle/blob/master/README.md#specify-custom-authentication-classes. Just set authentication_entry_point_class to your Authentication Entry Point class.

Hope this helps!

Kind regards, David