public function AccessDeniedSubscriber::onException in SAML Authentication 8.3
Same name and namespace in other branches
- 8.2 src/EventSubscriber/AccessDeniedSubscriber.php \Drupal\samlauth\EventSubscriber\AccessDeniedSubscriber::onException()
- 4.x src/EventSubscriber/AccessDeniedSubscriber.php \Drupal\samlauth\EventSubscriber\AccessDeniedSubscriber::onException()
Redirects users when access is denied.
Parameters
\Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event: The event to process.
File
- src/
EventSubscriber/ AccessDeniedSubscriber.php, line 55
Class
- AccessDeniedSubscriber
- Exception subscriber intercepting various "access denied" situations.
Namespace
Drupal\samlauth\EventSubscriberCode
public function onException(GetResponseForExceptionEvent $event) {
$exception = $event
->getException();
// If our own routes threw a TooManyRequestsHttpException, don't spend time
// redirecting to another page and rendering that. (Rendering would need to
// be done from scratch because the page needs to include includes the
// error message). Just a simple text string should do.
if ($exception instanceof TooManyRequestsHttpException) {
$route_name = $this
->getCurrentRouteName($event);
if (in_array($route_name, self::FLOOD_CONTROL_ROUTES)) {
$event
->setResponse(new Response($exception
->getMessage(), $exception
->getStatusCode()));
}
}
// Authenticated access to /saml/login redirects to the user profile. This
// is done in an event subscriber (rather than just opening up the route
// and returning a redirect response from the controller route) because
// this is what Core does for /user/login too. (Maybe it's a bit faster.
// Maybe it's easier to override.) All our other routes do their
// redirecting inside SamlController because there's more logic behind the
// decision where to route.
if ($exception instanceof AccessDeniedHttpException && $this->account
->isAuthenticated() && $this
->getCurrentRouteName($event) === 'samlauth.saml_controller_login') {
$redirect_url = Url::fromRoute('entity.user.canonical', [
'user' => $this->account
->id(),
], [
'absolute' => TRUE,
]);
$event
->setResponse(new RedirectResponse($redirect_url
->toString()));
}
}