search

pedrosalpr / laravel-api-problem

The objective of this package is to facilitate error outputs from API requests in accordance with the RFC 9457 standard.
MIT License
5 stars 1 forks source link

[Bug]: AuthenticationException: Laravels authentication exception doesn't set it's status code to 401, resulting in laravel-api-problem defaulting it to 500. #6

Open JeremyM1985 opened 4 weeks ago

JeremyM1985 commented 4 weeks ago

What happened?

For what ever reason Laravel's AuthenticationException does not set the exception status code to 401 (defaults 0).

Only when the exception is handled in vendor/laravel/framework/src/Illuminate/Foundation/Exceptions/Handler.php:716 does it grab the get the exception message and return 401 via json response.

laravel-api-problem intercepts the AuthenticationException and the getStatusCode method only sees status code 0, resulting in 500 error for authentication exception.

Expected result would be 401 regardless of status code 0 for an AuthenticationException.

How to reproduce the bug

Use fortify, navigate to an an endpoint that requires authentication will being unauthenticated.

Package Version

Laravel 11

PHP Version

0.03

Laravel Version

11

Which operating systems does with happen with?

Windows

Notes

No response

JeremyM1985 commented 4 weeks ago

Just wanted to add that AuthorizationException deliberately adds status code 0 which would also throw 500 internal server error instead of expected 403.

Didn't check other exceptions.