From cf604402885a91f9fa7cefa715fcfb0ee573701f Mon Sep 17 00:00:00 2001 From: Alejandro Celaya Date: Mon, 29 Aug 2016 12:43:02 +0200 Subject: [PATCH] Fixed possible PHP errors being missed while checking REST auth --- .../src/Middleware/CheckAuthenticationMiddleware.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/module/Rest/src/Middleware/CheckAuthenticationMiddleware.php b/module/Rest/src/Middleware/CheckAuthenticationMiddleware.php index 53f6cbe9..5b18ea31 100644 --- a/module/Rest/src/Middleware/CheckAuthenticationMiddleware.php +++ b/module/Rest/src/Middleware/CheckAuthenticationMiddleware.php @@ -13,6 +13,7 @@ use Shlinkio\Shlink\Rest\Util\RestUtils; use Zend\Diactoros\Response\JsonResponse; use Zend\Expressive\Router\RouteResult; use Zend\I18n\Translator\TranslatorInterface; +use Zend\Stdlib\ErrorHandler; use Zend\Stratigility\MiddlewareInterface; class CheckAuthenticationMiddleware implements MiddlewareInterface @@ -117,9 +118,11 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface } try { + ErrorHandler::start(); if (! $this->jwtService->verify($jwt)) { return $this->createTokenErrorResponse(); } + ErrorHandler::stop(true); // Update the token expiration and continue to next middleware $jwt = $this->jwtService->refresh($jwt); @@ -131,6 +134,14 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface } catch (AuthenticationException $e) { $this->logger->warning('Tried to access API with an invalid JWT.' . PHP_EOL . $e); return $this->createTokenErrorResponse(); + } catch (\Exception $e) { + $this->logger->warning('Unexpected error occurred.' . PHP_EOL . $e); + return $this->createTokenErrorResponse(); + } catch (\Throwable $e) { + $this->logger->warning('Unexpected error occurred.' . PHP_EOL . $e); + return $this->createTokenErrorResponse(); + } finally { + ErrorHandler::clean(); } }