From db7bc488ee620e4037e1b81dde9d52550242cd1b Mon Sep 17 00:00:00 2001
From: Robin van der Vleuten <robinvdvleuten@gmail.com>
Date: Wed, 23 Sep 2015 19:00:06 +0200
Subject: [PATCH] If the successful response is json why not the failure
 response?

---
 src/Security/TokenAuthenticator.php                 |  7 +++++--
 src/Security/UsernamePasswordAuthenticator.php      |  6 ++++--
 tests/Security/TokenAuthenticatorTest.php           |  4 +++-
 .../Security/UsernamePasswordAuthenticatorTest.php  | 13 +++++++++++++
 4 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/src/Security/TokenAuthenticator.php b/src/Security/TokenAuthenticator.php
index baabe36..c6b2fe3 100644
--- a/src/Security/TokenAuthenticator.php
+++ b/src/Security/TokenAuthenticator.php
@@ -13,8 +13,8 @@
 namespace Antenna\Security;
 
 use Antenna\Coder;
+use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface;
 use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@@ -99,7 +99,10 @@ public function supportsToken(TokenInterface $token, $providerKey)
      */
     public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
     {
-        return new Response($exception->getMessage(), 401, [
+        return new JsonResponse([
+            'code' => 401,
+            'message' => $exception->getMessage(),
+        ], 401, [
             'WWW-Authenticate' => 'Bearer',
         ]);
     }
diff --git a/src/Security/UsernamePasswordAuthenticator.php b/src/Security/UsernamePasswordAuthenticator.php
index cc13638..bab5e25 100644
--- a/src/Security/UsernamePasswordAuthenticator.php
+++ b/src/Security/UsernamePasswordAuthenticator.php
@@ -16,7 +16,6 @@
 use Antenna\WebToken;
 use Antenna\ClaimsAwareInterface;
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
@@ -116,7 +115,10 @@ public function supportsToken(TokenInterface $token, $providerKey)
 
     public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
     {
-        return new Response($exception->getMessage(), 401);
+        return new JsonResponse([
+            'code' => 401,
+            'message' => $exception->getMessage(),
+        ], 401);
     }
 
     public function onAuthenticationSuccess(Request $request, TokenInterface $token)
diff --git a/tests/Security/TokenAuthenticatorTest.php b/tests/Security/TokenAuthenticatorTest.php
index a872ff7..1cb4735 100644
--- a/tests/Security/TokenAuthenticatorTest.php
+++ b/tests/Security/TokenAuthenticatorTest.php
@@ -43,9 +43,11 @@ public function testAuthenticationFailedHandler()
         $request = new Request();
 
         $response = $this->authenticator->onAuthenticationFailure($request, $exception);
+        $decoded = json_decode($response->getContent(), true);
 
         $this->assertEquals(401, $response->getStatusCode());
-        $this->assertEquals('My Custom Message', $response->getContent());
+        $this->assertEquals(401, $decoded['code']);
+        $this->assertEquals($exception->getMessage(), $decoded['message']);
     }
 
     public function testSupportsToken()
diff --git a/tests/Security/UsernamePasswordAuthenticatorTest.php b/tests/Security/UsernamePasswordAuthenticatorTest.php
index e823c32..567c8b4 100644
--- a/tests/Security/UsernamePasswordAuthenticatorTest.php
+++ b/tests/Security/UsernamePasswordAuthenticatorTest.php
@@ -15,10 +15,12 @@
 use Antenna\Coder;
 use Antenna\Security\UsernamePasswordAuthenticator;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
 use Symfony\Component\Security\Core\Encoder\EncoderFactory;
 use Symfony\Component\Security\Core\Encoder\PlaintextPasswordEncoder;
 use Symfony\Component\Security\Core\Encoder\UserPasswordEncoder;
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 use Symfony\Component\Security\Core\User\InMemoryUserProvider;
 use Symfony\Component\Security\Core\User\User;
 use Symfony\Component\Security\Core\User\UserChecker;
@@ -111,6 +113,17 @@ public function testAuthenticateTokenInvalidCredentials() {
         $this->authenticator->authenticateToken($token, $this->userProvider, 'my_provider');
     }
 
+    public function testAuthenticationFailedHandler()
+    {
+        $exception = new BadCredentialsException('The presented password is invalid.');
+
+        $response = $this->authenticator->onAuthenticationFailure(Request::create('/'), $exception);
+        $decoded = json_decode($response->getContent(), true);
+
+        $this->assertEquals(401, $decoded['code']);
+        $this->assertEquals($exception->getMessage(), $decoded['message']);
+    }
+
     public function testSupportsToken()
     {
         $token = new UsernamePasswordToken('my_username', 'my_credential', 'my_provider');