Improve #[InjectUser] to throw authentication errors

[oprypkhantc]

#[InjectUser] can be improved further to throw a MissingAuthorizationException when a user is not authenticated, to avoid adding #[Logged] when user is required anyway, i.e.:

#[Query]
public function someQuery(
    #[InjectUser] User $user, // <-- here a user is required (because the type isn't nullable), so it doesn't make sense to fail with a 500 internal error when a query isn't annotated with #[Logged]
): void {}

Obviously this should not apply to nullable or optional parameters:

#[Query]
public function someQuery(
    #[InjectUser] ?User $user, // <-- user is not required, so it's assumed to be optional
    #[InjectUser] User $user2 = new User(), // same here, it has a default value so it's assumed optional
): void {}

This improvement will be easy to implement:

• add a $optional = $parameter->isOptional() || $parameter->getType()?->allowsNull(); check in InjectUserParameterHandler
• add a check to throw an exception if a user is missing in InjectUserParameter

I'll PR this improvement if it's desirable. Thoughts?

[Lappihuan]

sounds good, i'd probably not rely on it to replace logged but we manage that in our custom middleware anyway.