Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
100.00% |
2 / 2 |
|
100.00% |
2 / 2 |
CRAP | |
100.00% |
1 / 1 |
| AuthenticationException | |
100.00% |
2 / 2 |
|
100.00% |
2 / 2 |
2 | |
100.00% |
1 / 1 |
| getStatusCode | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| getTitle | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| 1 | <?php |
| 2 | |
| 3 | declare(strict_types=1); |
| 4 | |
| 5 | namespace App\Domain\Exception; |
| 6 | |
| 7 | use RuntimeException; |
| 8 | |
| 9 | /** |
| 10 | * Thrown when authentication is missing, invalid, or expired. |
| 11 | * |
| 12 | * Despite the name "Unauthorized", HTTP 401 is about *authentication* — the |
| 13 | * caller has not proven who they are. For "authenticated but not allowed to |
| 14 | * do this thing" (an authorization failure), use {@see ForbiddenException} |
| 15 | * instead. |
| 16 | * |
| 17 | * Examples: |
| 18 | * - "User not authenticated" |
| 19 | * - "Token expired" |
| 20 | * - "Invalid token" |
| 21 | * - "Refresh token not found" |
| 22 | * |
| 23 | * Maps to HTTP 401 Unauthorized. |
| 24 | */ |
| 25 | final class AuthenticationException extends RuntimeException implements HttpStatusException |
| 26 | { |
| 27 | public function getStatusCode(): int |
| 28 | { |
| 29 | return 401; |
| 30 | } |
| 31 | |
| 32 | public function getTitle(): string |
| 33 | { |
| 34 | return 'Unauthorized'; |
| 35 | } |
| 36 | } |