20340504470

Committed 18 Dec 2025 02:35PM UTC coverage: 25.206% (+0.3%) from 24.873%

Build # 20340504470

Build Type

push

github

Committed by

web-flow

Commit Message

fix(laravel): allow custom error handler for non-api operations (#7622)

fixes #7466

Run Details

0 of 64 new or added lines in 3 files covered. (0.0%)

2 existing lines in 1 file now uncovered.

14623 of 58013 relevant lines covered (25.21%)

29.48 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/Laravel/Exception/ErrorHandler.php

<?php

/*
 * This file is part of the API Platform project.
 *
 * (c) Kévin Dunglas <dunglas@gmail.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace ApiPlatform\Laravel\Exception;

use ApiPlatform\Laravel\ApiResource\Error;
use ApiPlatform\Laravel\Controller\ApiPlatformController;
use ApiPlatform\Metadata\Exception\InvalidUriVariableException;
use ApiPlatform\Metadata\Exception\ProblemExceptionInterface;
use ApiPlatform\Metadata\Exception\StatusAwareExceptionInterface;
use ApiPlatform\Metadata\HttpOperation;
use ApiPlatform\Metadata\IdentifiersExtractorInterface;
use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface;
use ApiPlatform\Metadata\ResourceClassResolverInterface;
use ApiPlatform\Metadata\Util\ContentNegotiationTrait;
use ApiPlatform\State\Util\OperationRequestInitiatorTrait;
use Illuminate\Auth\Access\AuthorizationException;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Contracts\Container\Container;
use Illuminate\Contracts\Debug\ExceptionHandler;
use Illuminate\Foundation\Exceptions\Handler as ExceptionsHandler;
use Negotiation\Negotiator;
use Symfony\Component\HttpFoundation\Exception\RequestExceptionInterface;
use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface as SymfonyHttpExceptionInterface;
use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;

class ErrorHandler extends ExceptionsHandler
{
    use ContentNegotiationTrait;
    use OperationRequestInitiatorTrait;

    public static mixed $error;

    /**
     * @param array<class-string, int> $exceptionToStatus
     * @param array<string, string[]>  $errorFormats
     */
    public function __construct(
        Container $container,
        ResourceMetadataCollectionFactoryInterface $resourceMetadataCollectionFactory,
        private readonly ApiPlatformController $apiPlatformController,
        private readonly ?IdentifiersExtractorInterface $identifiersExtractor = null,
        private readonly ?ResourceClassResolverInterface $resourceClassResolver = null,
        ?Negotiator $negotiator = null,
        private readonly ?array $exceptionToStatus = null,
        private readonly ?bool $debug = false,
        private readonly ?array $errorFormats = null,
        private readonly ?ExceptionHandler $decorated = null,
    ) {
        $this->resourceMetadataCollectionFactory = $resourceMetadataCollectionFactory;
        $this->negotiator = $negotiator;
        parent::__construct($container);
    }

    public function render($request, \Throwable $exception)
    {
        $apiOperation = $this->initializeOperation($request);

        if (!$apiOperation) {
            // For non-API operations, first check if any renderable callbacks on this
            // ErrorHandler instance can handle the exception (issue #7466).
            $response = $this->renderViaCallbacks($request, $exception);

            if ($response) {
                return $response;
            }

            // If no callbacks handled it, delegate to the decorated handler if available
            // to preserve custom exception handler classes (issue #7058).
            return $this->decorated ? $this->decorated->render($request, $exception) : parent::render($request, $exception);
        }

        $formats = $this->errorFormats ?? ['jsonproblem' => ['application/problem+json']];
        $format = $request->getRequestFormat() ?? $this->getRequestFormat($request, $formats, false);

        if ($this->resourceClassResolver->isResourceClass($exception::class)) {
            $resourceCollection = $this->resourceMetadataCollectionFactory->create($exception::class);

            $operation = null;
            foreach ($resourceCollection as $resource) {
                foreach ($resource->getOperations() as $op) {
                    foreach ($op->getOutputFormats() ?? [] as $key => $value) {
                        if ($key === $format) {
                            $operation = $op;
                            break 3;
                        }
                    }
                }
            }

            // No operation found for the requested format, we take the first available
            if (!$operation) {
                $operation = $resourceCollection->getOperation();
            }
            $errorResource = $exception;
            if ($errorResource instanceof ProblemExceptionInterface && $operation instanceof HttpOperation) {
                $statusCode = $this->getStatusCode($apiOperation, $operation, $exception);
                $operation = $operation->withStatus($statusCode);
                if ($errorResource instanceof StatusAwareExceptionInterface) {
                    $errorResource->setStatus($statusCode);
                }
            }
        } else {
            // Create a generic, rfc7807 compatible error according to the wanted format
            $operation = $this->resourceMetadataCollectionFactory->create(Error::class)->getOperation($this->getFormatOperation($format));
            // status code may be overridden by the exceptionToStatus option
            $statusCode = 500;
            if ($operation instanceof HttpOperation) {
                $statusCode = $this->getStatusCode($apiOperation, $operation, $exception);
                $operation = $operation->withStatus($statusCode);
            }

            $errorResource = Error::createFromException($exception, $statusCode);
        }

        /** @var HttpOperation $operation */
        if (!$operation->getProvider()) {
            static::$error = $errorResource;
            $operation = $operation->withProvider([self::class, 'provide']);
        }

        // For our swagger Ui errors
        if ('html' === $format) {
            $operation = $operation->withOutputFormats(['html' => ['text/html']]);
        }

        $identifiers = [];
        try {
            $identifiers = $this->identifiersExtractor?->getIdentifiersFromItem($errorResource, $operation) ?? [];
        } catch (\Exception $e) {
        }

        $normalizationContext = $operation->getNormalizationContext() ?? [];
        if (!($normalizationContext['api_error_resource'] ?? false)) {
            $normalizationContext += ['api_error_resource' => true];
        }

        if (!isset($normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES])) {
            $normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES] = true === $this->debug ? [] : ['originalTrace'];
        }

        $operation = $operation->withNormalizationContext($normalizationContext);

        $dup = $request->duplicate(null, null, []);
        $dup->setMethod('GET');
        $dup->attributes->set('_api_resource_class', $operation->getClass());
        $dup->attributes->set('_api_previous_operation', $apiOperation);
        $dup->attributes->set('_api_operation', $operation);
        $dup->attributes->set('_api_operation_name', $operation->getName());
        $dup->attributes->set('exception', $exception);
        // These are for swagger
        $dup->attributes->set('_api_original_route', $request->attributes->get('_route'));
        $dup->attributes->set('_api_original_uri_variables', $request->attributes->get('_api_uri_variables'));
        $dup->attributes->set('_api_original_route_params', $request->attributes->get('_route_params'));
        $dup->attributes->set('_api_requested_operation', $request->attributes->get('_api_requested_operation'));

        foreach ($identifiers as $name => $value) {
            $dup->attributes->set($name, $value);
        }

        try {
            $response = $this->apiPlatformController->__invoke($dup);

            return $response;
        } catch (\Throwable $e) {
            return $this->decorated ? $this->decorated->render($request, $exception) : parent::render($request, $exception);
        }
    }

    private function getStatusCode(?HttpOperation $apiOperation, ?HttpOperation $errorOperation, \Throwable $exception): int
    {
        $exceptionToStatus = array_merge(
            $apiOperation ? $apiOperation->getExceptionToStatus() ?? [] : [],
            $errorOperation ? $errorOperation->getExceptionToStatus() ?? [] : [],
            $this->exceptionToStatus ?? []
        );

        foreach ($exceptionToStatus as $class => $status) {
            if (is_a($exception::class, $class, true)) {
                return $status;
            }
        }

        if ($exception instanceof AuthenticationException) {
            return 401;
        }

        if ($exception instanceof AuthorizationException) {
            return 403;
        }

        if ($exception instanceof SymfonyHttpExceptionInterface) {
            return $exception->getStatusCode();
        }

        if ($exception instanceof RequestExceptionInterface || $exception instanceof InvalidUriVariableException) {
            return 400;
        }

        // if ($exception instanceof ValidationException) {
        //     return 422;
        // }

        if ($status = $errorOperation?->getStatus()) {
            return $status;
        }

        return 500;
    }

    private function getFormatOperation(?string $format): string
    {
        return match ($format) {
            'json' => '_api_errors_problem',
            'jsonproblem' => '_api_errors_problem',
            'jsonld' => '_api_errors_hydra',
            'jsonapi' => '_api_errors_jsonapi',
            'html' => '_api_errors_problem', // This will be intercepted by the SwaggerUiProvider
            default => '_api_errors_problem',
        };
    }

    public static function provide(): mixed
    {
        if ($data = static::$error) {
            return $data;
        }

        throw new \LogicException(\sprintf('We could not find the thrown exception in the %s.', self::class));
    }
}

1	<?php
2
3	/*
4	* This file is part of the API Platform project.
5	*
6	* (c) Kévin Dunglas <dunglas@gmail.com>
7	*
8	* For the full copyright and license information, please view the LICENSE
9	* file that was distributed with this source code.
10	*/
11
12	declare(strict_types=1);
13
14	namespace ApiPlatform\Laravel\Exception;
15
16	use ApiPlatform\Laravel\ApiResource\Error;
17	use ApiPlatform\Laravel\Controller\ApiPlatformController;
18	use ApiPlatform\Metadata\Exception\InvalidUriVariableException;
19	use ApiPlatform\Metadata\Exception\ProblemExceptionInterface;
20	use ApiPlatform\Metadata\Exception\StatusAwareExceptionInterface;
21	use ApiPlatform\Metadata\HttpOperation;
22	use ApiPlatform\Metadata\IdentifiersExtractorInterface;
23	use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface;
24	use ApiPlatform\Metadata\ResourceClassResolverInterface;
25	use ApiPlatform\Metadata\Util\ContentNegotiationTrait;
26	use ApiPlatform\State\Util\OperationRequestInitiatorTrait;
27	use Illuminate\Auth\Access\AuthorizationException;
28	use Illuminate\Auth\AuthenticationException;
29	use Illuminate\Contracts\Container\Container;
30	use Illuminate\Contracts\Debug\ExceptionHandler;
31	use Illuminate\Foundation\Exceptions\Handler as ExceptionsHandler;
32	use Negotiation\Negotiator;
33	use Symfony\Component\HttpFoundation\Exception\RequestExceptionInterface;
34	use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface as SymfonyHttpExceptionInterface;
35	use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;
36
37	class ErrorHandler extends ExceptionsHandler
38	{
39	use ContentNegotiationTrait;
40	use OperationRequestInitiatorTrait;
41
42	public static mixed $error;
43
44	/**
45	* @param array<class-string, int> $exceptionToStatus
46	* @param array<string, string[]> $errorFormats
47	*/
48	public function __construct(
49	Container $container,
50	ResourceMetadataCollectionFactoryInterface $resourceMetadataCollectionFactory,
51	private readonly ApiPlatformController $apiPlatformController,
52	private readonly ?IdentifiersExtractorInterface $identifiersExtractor = null,
53	private readonly ?ResourceClassResolverInterface $resourceClassResolver = null,
54	?Negotiator $negotiator = null,
55	private readonly ?array $exceptionToStatus = null,
56	private readonly ?bool $debug = false,
57	private readonly ?array $errorFormats = null,
58	private readonly ?ExceptionHandler $decorated = null,
59	) {
60	$this->resourceMetadataCollectionFactory = $resourceMetadataCollectionFactory;	×
61	$this->negotiator = $negotiator;	×
62	parent::__construct($container);	×
63	}
64
65	public function render($request, \Throwable $exception)
66	{
67	$apiOperation = $this->initializeOperation($request);	×
68
69	if (!$apiOperation) {	×
70	// For non-API operations, first check if any renderable callbacks on this
71	// ErrorHandler instance can handle the exception (issue #7466).
NEW 72	$response = $this->renderViaCallbacks($request, $exception);	×
73
NEW 74	if ($response) {	×
NEW 75	return $response;	×
76	}
77
78	// If no callbacks handled it, delegate to the decorated handler if available
79	// to preserve custom exception handler classes (issue #7058).
UNCOV 80	return $this->decorated ? $this->decorated->render($request, $exception) : parent::render($request, $exception);	×
81	}
82
83	$formats = $this->errorFormats ?? ['jsonproblem' => ['application/problem+json']];	×
84	$format = $request->getRequestFormat() ?? $this->getRequestFormat($request, $formats, false);	×
85
86	if ($this->resourceClassResolver->isResourceClass($exception::class)) {	×
87	$resourceCollection = $this->resourceMetadataCollectionFactory->create($exception::class);	×
88
89	$operation = null;	×
90	foreach ($resourceCollection as $resource) {	×
91	foreach ($resource->getOperations() as $op) {	×
92	foreach ($op->getOutputFormats() ?? [] as $key => $value) {	×
93	if ($key === $format) {	×
94	$operation = $op;	×
95	break 3;	×
96	}
97	}
98	}
99	}
100
101	// No operation found for the requested format, we take the first available
102	if (!$operation) {	×
103	$operation = $resourceCollection->getOperation();	×
104	}
105	$errorResource = $exception;	×
106	if ($errorResource instanceof ProblemExceptionInterface && $operation instanceof HttpOperation) {	×
107	$statusCode = $this->getStatusCode($apiOperation, $operation, $exception);	×
108	$operation = $operation->withStatus($statusCode);	×
109	if ($errorResource instanceof StatusAwareExceptionInterface) {	×
110	$errorResource->setStatus($statusCode);	×
111	}
112	}
113	} else {
114	// Create a generic, rfc7807 compatible error according to the wanted format
115	$operation = $this->resourceMetadataCollectionFactory->create(Error::class)->getOperation($this->getFormatOperation($format));	×
116	// status code may be overridden by the exceptionToStatus option
117	$statusCode = 500;	×
118	if ($operation instanceof HttpOperation) {	×
119	$statusCode = $this->getStatusCode($apiOperation, $operation, $exception);	×
120	$operation = $operation->withStatus($statusCode);	×
121	}
122
123	$errorResource = Error::createFromException($exception, $statusCode);	×
124	}
125
126	/** @var HttpOperation $operation */
127	if (!$operation->getProvider()) {	×
128	static::$error = $errorResource;	×
129	$operation = $operation->withProvider([self::class, 'provide']);	×
130	}
131
132	// For our swagger Ui errors
133	if ('html' === $format) {	×
134	$operation = $operation->withOutputFormats(['html' => ['text/html']]);	×
135	}
136
137	$identifiers = [];	×
138	try {
139	$identifiers = $this->identifiersExtractor?->getIdentifiersFromItem($errorResource, $operation) ?? [];	×
140	} catch (\Exception $e) {	×
141	}
142
143	$normalizationContext = $operation->getNormalizationContext() ?? [];	×
144	if (!($normalizationContext['api_error_resource'] ?? false)) {	×
145	$normalizationContext += ['api_error_resource' => true];	×
146	}
147
148	if (!isset($normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES])) {	×
149	$normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES] = true === $this->debug ? [] : ['originalTrace'];	×
150	}
151
152	$operation = $operation->withNormalizationContext($normalizationContext);	×
153
154	$dup = $request->duplicate(null, null, []);	×
155	$dup->setMethod('GET');	×
156	$dup->attributes->set('_api_resource_class', $operation->getClass());	×
157	$dup->attributes->set('_api_previous_operation', $apiOperation);	×
158	$dup->attributes->set('_api_operation', $operation);	×
159	$dup->attributes->set('_api_operation_name', $operation->getName());	×
160	$dup->attributes->set('exception', $exception);	×
161	// These are for swagger
162	$dup->attributes->set('_api_original_route', $request->attributes->get('_route'));	×
163	$dup->attributes->set('_api_original_uri_variables', $request->attributes->get('_api_uri_variables'));	×
164	$dup->attributes->set('_api_original_route_params', $request->attributes->get('_route_params'));	×
165	$dup->attributes->set('_api_requested_operation', $request->attributes->get('_api_requested_operation'));	×
166
167	foreach ($identifiers as $name => $value) {	×
168	$dup->attributes->set($name, $value);	×
169	}
170
171	try {
172	$response = $this->apiPlatformController->__invoke($dup);	×
173
UNCOV 174	return $response;	×
175	} catch (\Throwable $e) {	×
176	return $this->decorated ? $this->decorated->render($request, $exception) : parent::render($request, $exception);	×
177	}
178	}
179
180	private function getStatusCode(?HttpOperation $apiOperation, ?HttpOperation $errorOperation, \Throwable $exception): int
181	{
182	$exceptionToStatus = array_merge(	×
183	$apiOperation ? $apiOperation->getExceptionToStatus() ?? [] : [],	×
184	$errorOperation ? $errorOperation->getExceptionToStatus() ?? [] : [],	×
185	$this->exceptionToStatus ?? []	×
186	);	×
187
188	foreach ($exceptionToStatus as $class => $status) {	×
189	if (is_a($exception::class, $class, true)) {	×
190	return $status;	×
191	}
192	}
193
194	if ($exception instanceof AuthenticationException) {	×
195	return 401;	×
196	}
197
198	if ($exception instanceof AuthorizationException) {	×
199	return 403;	×
200	}
201
202	if ($exception instanceof SymfonyHttpExceptionInterface) {	×
203	return $exception->getStatusCode();	×
204	}
205
206	if ($exception instanceof RequestExceptionInterface \|\| $exception instanceof InvalidUriVariableException) {	×
207	return 400;	×
208	}
209
210	// if ($exception instanceof ValidationException) {
211	// return 422;
212	// }
213
214	if ($status = $errorOperation?->getStatus()) {	×
215	return $status;	×
216	}
217
218	return 500;	×
219	}
220
221	private function getFormatOperation(?string $format): string
222	{
223	return match ($format) {	×
224	'json' => '_api_errors_problem',	×
225	'jsonproblem' => '_api_errors_problem',	×
226	'jsonld' => '_api_errors_hydra',	×
227	'jsonapi' => '_api_errors_jsonapi',	×
228	'html' => '_api_errors_problem', // This will be intercepted by the SwaggerUiProvider	×
229	default => '_api_errors_problem',	×
230	};	×
231	}
232
233	public static function provide(): mixed
234	{
235	if ($data = static::$error) {	×
236	return $data;	×
237	}
238
239	throw new \LogicException(\sprintf('We could not find the thrown exception in the %s.', self::class));	×
240	}
241	}

api-platform / core / 20340504470

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous