Same name and namespace in other branches
  1. 8.9.x core/lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php \Drupal\Core\EventSubscriber\AuthenticationSubscriber::onExceptionSendChallenge()
  2. 9 core/lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php \Drupal\Core\EventSubscriber\AuthenticationSubscriber::onExceptionSendChallenge()

Respond with a challenge on access denied exceptions if appropriate.

On a 403 (access denied), if there are no credentials on the request, some authentication methods (e.g. basic auth) require that a challenge is sent to the client.

Parameters

\Symfony\Component\HttpKernel\Event\ExceptionEvent $event: The exception event.

File

core/lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php, line 111

Class

AuthenticationSubscriber
Authentication subscriber.

Namespace

Drupal\Core\EventSubscriber

Code

public function onExceptionSendChallenge(ExceptionEvent $event) {
  if (isset($this->challengeProvider) && $event
    ->isMainRequest()) {
    $request = $event
      ->getRequest();
    $exception = $event
      ->getThrowable();
    if ($exception instanceof AccessDeniedHttpException && !$this->authenticationProvider
      ->applies($request) && (!isset($this->filter) || $this->filter
      ->appliesToRoutedRequest($request, FALSE))) {
      $challenge_exception = $this->challengeProvider
        ->challengeException($request, $exception);
      if ($challenge_exception) {
        $event
          ->setThrowable($challenge_exception);
      }
    }
  }
}