10489217303

Committed 21 Aug 2024 11:45AM UTC coverage: 5.352% (-1.7%) from 7.035%

Build # 10489217303

Build Type

push

github

Committed by

web-flow

Commit Message

fix(laravel): do not normalize exception originalTrace (#6533)

Run Details

0 of 6 new or added lines in 1 file covered. (0.0%)

7100 existing lines in 228 files now uncovered.

8666 of 161932 relevant lines covered (5.35%)

7.6 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/Laravel/Exception/ErrorHandler.php

<?php

/*
 * This file is part of the API Platform project.
 *
 * (c) Kévin Dunglas <dunglas@gmail.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace ApiPlatform\Laravel\Exception;

use ApiPlatform\Laravel\ApiResource\Error;
use ApiPlatform\Laravel\Controller\ApiPlatformController;
use ApiPlatform\Metadata\Exception\ProblemExceptionInterface;
use ApiPlatform\Metadata\Exception\StatusAwareExceptionInterface;
use ApiPlatform\Metadata\HttpOperation;
use ApiPlatform\Metadata\IdentifiersExtractorInterface;
use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface;
use ApiPlatform\Metadata\ResourceClassResolverInterface;
use ApiPlatform\Metadata\Util\ContentNegotiationTrait;
use ApiPlatform\State\Util\OperationRequestInitiatorTrait;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Contracts\Container\Container;
use Illuminate\Foundation\Exceptions\Handler as ExceptionsHandler;
use Illuminate\Http\Request;
use Negotiation\Negotiator;
use Symfony\Component\HttpFoundation\Exception\RequestExceptionInterface;
use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface as SymfonyHttpExceptionInterface;
use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;

class ErrorHandler extends ExceptionsHandler
{
    use ContentNegotiationTrait;
    use OperationRequestInitiatorTrait;
    public static mixed $error;

    public function __construct(
        Container $container,
        ResourceMetadataCollectionFactoryInterface $resourceMetadataCollectionFactory,
        private readonly ApiPlatformController $apiPlatformController,
        private readonly ?IdentifiersExtractorInterface $identifiersExtractor = null,
        private readonly ?ResourceClassResolverInterface $resourceClassResolver = null,
        ?Negotiator $negotiator = null
    ) {
        $this->resourceMetadataCollectionFactory = $resourceMetadataCollectionFactory;
        $this->negotiator = $negotiator;
        // calls register
        parent::__construct($container);
        $this->register();
    }

    public function register(): void
    {
        $this->renderable(function (\Throwable $exception, Request $request) {
            $apiOperation = $this->initializeOperation($request);
            if (!$apiOperation) {
                return null;
            }

            $formats = config('api-platform.error_formats') ?? ['jsonproblem' => ['application/problem+json']];
            $format = $request->getRequestFormat() ?? $this->getRequestFormat($request, $formats, false);

            if ($this->resourceClassResolver->isResourceClass($exception::class)) {
                $resourceCollection = $this->resourceMetadataCollectionFactory->create($exception::class);

                $operation = null;
                foreach ($resourceCollection as $resource) {
                    foreach ($resource->getOperations() as $op) {
                        foreach ($op->getOutputFormats() as $key => $value) {
                            if ($key === $format) {
                                $operation = $op;
                                break 3;
                            }
                        }
                    }
                }

                // No operation found for the requested format, we take the first available
                if (!$operation) {
                    $operation = $resourceCollection->getOperation();
                }
                $errorResource = $exception;
                if ($errorResource instanceof ProblemExceptionInterface && $operation instanceof HttpOperation) {
                    $statusCode = $this->getStatusCode($apiOperation, $operation, $exception);
                    $operation = $operation->withStatus($statusCode);
                    if ($errorResource instanceof StatusAwareExceptionInterface) {
                        $errorResource->setStatus($statusCode);
                    }
                }
            } else {
                // Create a generic, rfc7807 compatible error according to the wanted format
                $operation = $this->resourceMetadataCollectionFactory->create(Error::class)->getOperation($this->getFormatOperation($format));
                // status code may be overriden by the exceptionToStatus option
                $statusCode = 500;
                if ($operation instanceof HttpOperation) {
                    $statusCode = $this->getStatusCode($apiOperation, $operation, $exception);
                    $operation = $operation->withStatus($statusCode);
                }

                $errorResource = Error::createFromException($exception, $statusCode);
            }

            /** @var HttpOperation $operation */
            if (!$operation->getProvider()) {
                // TODO: validation
                // static::$error = 'jsonapi' === $format && $errorResource instanceof ConstraintViolationListAwareExceptionInterface ? $errorResource->getConstraintViolationList() : $errorResource;
                static::$error = $errorResource;
                $operation = $operation->withProvider([self::class, 'provide']);
            }

            // For our swagger Ui errors
            if ('html' === $format) {
                $operation = $operation->withOutputFormats(['html' => ['text/html']]);
            }

            $identifiers = [];
            try {
                $identifiers = $this->identifiersExtractor?->getIdentifiersFromItem($errorResource, $operation) ?? [];
            } catch (\Exception $e) {
            }

            $normalizationContext = $operation->getNormalizationContext() ?? [];
            if (!($normalizationContext['api_error_resource'] ?? false)) {
                $normalizationContext += ['api_error_resource' => true];
            }

            if (!isset($normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES])) {
                $normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES] = ['trace', 'file', 'line', 'code', 'message', 'originalTrace'];
            }

            $operation = $operation->withNormalizationContext($normalizationContext);

            $dup = $request->duplicate(null, null, []);
            $dup->setMethod('GET');
            $dup->attributes->set('_api_resource_class', $operation->getClass());
            $dup->attributes->set('_api_previous_operation', $apiOperation);
            $dup->attributes->set('_api_operation', $operation);
            $dup->attributes->set('_api_operation_name', $operation->getName());
            $dup->attributes->remove('exception');
            // These are for swagger
            $dup->attributes->set('_api_original_route', $request->attributes->get('_route'));
            $dup->attributes->set('_api_original_route_params', $request->attributes->get('_route_params'));
            $dup->attributes->set('_api_requested_operation', $request->attributes->get('_api_requested_operation'));

            foreach ($identifiers as $name => $value) {
                $dup->attributes->set($name, $value);
            }

            return $this->apiPlatformController->__invoke($dup);
        });
    }

    private function getStatusCode(?HttpOperation $apiOperation, ?HttpOperation $errorOperation, \Throwable $exception): int
    {
        $exceptionToStatus = array_merge(
            $apiOperation ? $apiOperation->getExceptionToStatus() ?? [] : [],
            $errorOperation ? $errorOperation->getExceptionToStatus() ?? [] : []
        );

        foreach ($exceptionToStatus as $class => $status) {
            if (is_a($exception::class, $class, true)) {
                return $status;
            }
        }

        if ($exception instanceof AuthenticationException) {
            return 401;
        }

        if ($exception instanceof AuthorizationException) {
            return 403;
        }

        if ($exception instanceof SymfonyHttpExceptionInterface) {
            return $exception->getStatusCode();
        }

        if ($exception instanceof SymfonyHttpExceptionInterface) {
            return $exception->getStatusCode();
        }

        if ($exception instanceof RequestExceptionInterface) {
            return 400;
        }

        // if ($exception instanceof ValidationException) {
        //     return 422;
        // }

        if ($status = $errorOperation?->getStatus()) {
            return $status;
        }

        return 500;
    }

    private function getFormatOperation(?string $format): string
    {
        return match ($format) {
            'json' => '_api_errors_problem',
            'jsonproblem' => '_api_errors_problem',
            'jsonld' => '_api_errors_hydra',
            'jsonapi' => '_api_errors_jsonapi',
            'html' => '_api_errors_problem', // This will be intercepted by the SwaggerUiProvider
            default => '_api_errors_problem'
        };
    }

    public static function provide(): mixed
    {
        if ($data = static::$error) {
            return $data;
        }

        throw new \LogicException(\sprintf('We could not find the thrown exception in the %s.', self::class));
    }
}

1	<?php
2
3	/*
4	* This file is part of the API Platform project.
5	*
6	* (c) Kévin Dunglas <dunglas@gmail.com>
7	*
8	* For the full copyright and license information, please view the LICENSE
9	* file that was distributed with this source code.
10	*/
11
12	declare(strict_types=1);
13
14	namespace ApiPlatform\Laravel\Exception;
15
16	use ApiPlatform\Laravel\ApiResource\Error;
17	use ApiPlatform\Laravel\Controller\ApiPlatformController;
18	use ApiPlatform\Metadata\Exception\ProblemExceptionInterface;
19	use ApiPlatform\Metadata\Exception\StatusAwareExceptionInterface;
20	use ApiPlatform\Metadata\HttpOperation;
21	use ApiPlatform\Metadata\IdentifiersExtractorInterface;
22	use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface;
23	use ApiPlatform\Metadata\ResourceClassResolverInterface;
24	use ApiPlatform\Metadata\Util\ContentNegotiationTrait;
25	use ApiPlatform\State\Util\OperationRequestInitiatorTrait;
26	use Illuminate\Auth\Access\AuthorizationException;
27	use Illuminate\Auth\AuthenticationException;
28	use Illuminate\Contracts\Container\Container;
29	use Illuminate\Foundation\Exceptions\Handler as ExceptionsHandler;
30	use Illuminate\Http\Request;
31	use Negotiation\Negotiator;
32	use Symfony\Component\HttpFoundation\Exception\RequestExceptionInterface;
33	use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface as SymfonyHttpExceptionInterface;
34	use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;
35
36	class ErrorHandler extends ExceptionsHandler
37	{
38	use ContentNegotiationTrait;
39	use OperationRequestInitiatorTrait;
40	public static mixed $error;
41
42	public function __construct(
43	Container $container,
44	ResourceMetadataCollectionFactoryInterface $resourceMetadataCollectionFactory,
45	private readonly ApiPlatformController $apiPlatformController,
46	private readonly ?IdentifiersExtractorInterface $identifiersExtractor = null,
47	private readonly ?ResourceClassResolverInterface $resourceClassResolver = null,
48	?Negotiator $negotiator = null
49	) {
50	$this->resourceMetadataCollectionFactory = $resourceMetadataCollectionFactory;	×
51	$this->negotiator = $negotiator;	×
52	// calls register
53	parent::__construct($container);	×
54	$this->register();	×
55	}
56
57	public function register(): void
58	{
59	$this->renderable(function (\Throwable $exception, Request $request) {	×
60	$apiOperation = $this->initializeOperation($request);	×
61	if (!$apiOperation) {	×
62	return null;	×
63	}
64
65	$formats = config('api-platform.error_formats') ?? ['jsonproblem' => ['application/problem+json']];	×
66	$format = $request->getRequestFormat() ?? $this->getRequestFormat($request, $formats, false);	×
67
68	if ($this->resourceClassResolver->isResourceClass($exception::class)) {	×
69	$resourceCollection = $this->resourceMetadataCollectionFactory->create($exception::class);	×
70
71	$operation = null;	×
72	foreach ($resourceCollection as $resource) {	×
73	foreach ($resource->getOperations() as $op) {	×
74	foreach ($op->getOutputFormats() as $key => $value) {	×
75	if ($key === $format) {	×
76	$operation = $op;	×
77	break 3;	×
78	}
79	}
80	}
81	}
82
83	// No operation found for the requested format, we take the first available
84	if (!$operation) {	×
85	$operation = $resourceCollection->getOperation();	×
86	}
87	$errorResource = $exception;	×
88	if ($errorResource instanceof ProblemExceptionInterface && $operation instanceof HttpOperation) {	×
89	$statusCode = $this->getStatusCode($apiOperation, $operation, $exception);	×
90	$operation = $operation->withStatus($statusCode);	×
91	if ($errorResource instanceof StatusAwareExceptionInterface) {	×
92	$errorResource->setStatus($statusCode);	×
93	}
94	}
95	} else {
96	// Create a generic, rfc7807 compatible error according to the wanted format
97	$operation = $this->resourceMetadataCollectionFactory->create(Error::class)->getOperation($this->getFormatOperation($format));	×
98	// status code may be overriden by the exceptionToStatus option
99	$statusCode = 500;	×
100	if ($operation instanceof HttpOperation) {	×
101	$statusCode = $this->getStatusCode($apiOperation, $operation, $exception);	×
102	$operation = $operation->withStatus($statusCode);	×
103	}
104
105	$errorResource = Error::createFromException($exception, $statusCode);	×
106	}
107
108	/** @var HttpOperation $operation */
109	if (!$operation->getProvider()) {	×
110	// TODO: validation
111	// static::$error = 'jsonapi' === $format && $errorResource instanceof ConstraintViolationListAwareExceptionInterface ? $errorResource->getConstraintViolationList() : $errorResource;
112	static::$error = $errorResource;	×
113	$operation = $operation->withProvider([self::class, 'provide']);	×
114	}
115
116	// For our swagger Ui errors
117	if ('html' === $format) {	×
118	$operation = $operation->withOutputFormats(['html' => ['text/html']]);	×
119	}
120
121	$identifiers = [];	×
122	try {
123	$identifiers = $this->identifiersExtractor?->getIdentifiersFromItem($errorResource, $operation) ?? [];	×
124	} catch (\Exception $e) {	×
125	}
126
NEW 127	$normalizationContext = $operation->getNormalizationContext() ?? [];	×
NEW 128	if (!($normalizationContext['api_error_resource'] ?? false)) {	×
NEW 129	$normalizationContext += ['api_error_resource' => true];	×
130	}
131
NEW 132	if (!isset($normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES])) {	×
NEW 133	$normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES] = ['trace', 'file', 'line', 'code', 'message', 'originalTrace'];	×
134	}
135
NEW 136	$operation = $operation->withNormalizationContext($normalizationContext);	×
137
138	$dup = $request->duplicate(null, null, []);	×
139	$dup->setMethod('GET');	×
140	$dup->attributes->set('_api_resource_class', $operation->getClass());	×
141	$dup->attributes->set('_api_previous_operation', $apiOperation);	×
142	$dup->attributes->set('_api_operation', $operation);	×
143	$dup->attributes->set('_api_operation_name', $operation->getName());	×
144	$dup->attributes->remove('exception');	×
145	// These are for swagger
146	$dup->attributes->set('_api_original_route', $request->attributes->get('_route'));	×
147	$dup->attributes->set('_api_original_route_params', $request->attributes->get('_route_params'));	×
148	$dup->attributes->set('_api_requested_operation', $request->attributes->get('_api_requested_operation'));	×
149
150	foreach ($identifiers as $name => $value) {	×
151	$dup->attributes->set($name, $value);	×
152	}
153
154	return $this->apiPlatformController->__invoke($dup);	×
155	});	×
156	}
157
158	private function getStatusCode(?HttpOperation $apiOperation, ?HttpOperation $errorOperation, \Throwable $exception): int
159	{
160	$exceptionToStatus = array_merge(	×
161	$apiOperation ? $apiOperation->getExceptionToStatus() ?? [] : [],	×
162	$errorOperation ? $errorOperation->getExceptionToStatus() ?? [] : []	×
163	);	×
164
165	foreach ($exceptionToStatus as $class => $status) {	×
166	if (is_a($exception::class, $class, true)) {	×
167	return $status;	×
168	}
169	}
170
171	if ($exception instanceof AuthenticationException) {	×
172	return 401;	×
173	}
174
175	if ($exception instanceof AuthorizationException) {	×
176	return 403;	×
177	}
178
179	if ($exception instanceof SymfonyHttpExceptionInterface) {	×
180	return $exception->getStatusCode();	×
181	}
182
183	if ($exception instanceof SymfonyHttpExceptionInterface) {	×
184	return $exception->getStatusCode();	×
185	}
186
187	if ($exception instanceof RequestExceptionInterface) {	×
188	return 400;	×
189	}
190
191	// if ($exception instanceof ValidationException) {
192	// return 422;
193	// }
194
195	if ($status = $errorOperation?->getStatus()) {	×
196	return $status;	×
197	}
198
199	return 500;	×
200	}
201
202	private function getFormatOperation(?string $format): string
203	{
204	return match ($format) {	×
205	'json' => '_api_errors_problem',	×
206	'jsonproblem' => '_api_errors_problem',	×
207	'jsonld' => '_api_errors_hydra',	×
208	'jsonapi' => '_api_errors_jsonapi',	×
209	'html' => '_api_errors_problem', // This will be intercepted by the SwaggerUiProvider	×
210	default => '_api_errors_problem'	×
211	};	×
212	}
213
214	public static function provide(): mixed
215	{
216	if ($data = static::$error) {	×
217	return $data;	×
218	}
219
220	throw new \LogicException(\sprintf('We could not find the thrown exception in the %s.', self::class));	×
221	}
222	}

api-platform / core / 10489217303

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous