fix: errors bc with rfc_7807_compliant_errors false (#5974)

* fix: errors bc with rfc_7807_compliant_errors false

Author: soyuka

.github/workflows/ci.yml

@@ -204,7 +204,7 @@ jobs:
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
-          php-version: latest
+          php-version: ${{ matrix.php }}
           tools: pecl, composer
           extensions: intl, bcmath, curl, openssl, mbstring, pdo_sqlite, mongodb
           ini-values: memory_limit=-1

docs/guides/error-provider.php

@@ -0,0 +1,119 @@
+<?php
+// ---
+// slug: error-provider
+// name: Error provider to translate exception messages
+// position: 7
+// executable: true
+// tags: design, state
+// ---
+
+// Note that we use the following configuration:
+// ```
+// api_platform:
+//    defaults:
+//            rfc_7807_compliant_errors: true
+// ```
+// To customize the API Platform response, replace the api_platform.state.error_provider with your own provider:
+namespace App\ApiResource {
+    use ApiPlatform\Metadata\ApiResource;
+    use ApiPlatform\Metadata\Get;
+    use ApiPlatform\Metadata\Operation;
+    use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
+
+    #[ApiResource(
+        operations: [
+            new Get(provider: Book::class.'::provide'),
+        ],
+    )]
+    class Book
+    {
+        public function __construct(
+            public readonly int $id = 1,
+            public readonly string $name = 'Anon',
+        ) {
+        }
+
+        public static function provide(Operation $operation, array $uriVariables = [], array $context = []): object|array|null
+        {
+            throw new BadRequestHttpException('something is not right');
+        }
+    }
+}
+
+namespace App\State {
+    use ApiPlatform\Metadata\Operation;
+    use ApiPlatform\State\ApiResource\Error;
+    use ApiPlatform\State\ProviderInterface;
+
+    // Note that we need to replace the "api_platform.state.error_provider" service, this is done later in this guide.
+    final class ErrorProvider implements ProviderInterface
+    {
+        public function provide(Operation $operation, array $uriVariables = [], array $context = []): object|array|null
+        {
+            $request = $context['request'];
+            if (!$request || !($exception = $request->attributes->get('exception'))) {
+                throw new \RuntimeException();
+            }
+
+            /** @var \ApiPlatform\Metadata\HttpOperation $operation */
+            $status = $operation->getStatus() ?? 500;
+            // You don't have to use this, you can use a Response, an array or any object (preferably a resource that API Platform can handle).
+            $error = Error::createFromException($exception, $status);
+
+            // care about hiding informations as this can be a security leak
+            if ($status >= 500) {
+                $error->setDetail('Something went wrong');
+            } else {
+                // You can handle translation here with the [Translator](https://symfony.com/doc/current/translation.html)
+                $error->setDetail(str_replace('something is not right', 'les calculs ne sont pas bons', $exception->getMessage()));
+            }
+
+            return $error;
+        }
+    }
+}
+
+// This is replacing the service, the "key" is important as this is the provider we
+// will look for when handling an exception.
+namespace App\DependencyInjection {
+    use App\State\ErrorProvider;
+    use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
+
+    function configure(ContainerConfigurator $configurator): void
+    {
+        $services = $configurator->services();
+        $services->set('api_platform.state.error_provider')
+            ->class(ErrorProvider::class)
+            ->tag('api_platform.state_provider', ['key' => 'api_platform.state.error_provider']);
+    }
+
+}
+
+
+namespace App\Tests {
+    use ApiPlatform\Playground\Test\TestGuideTrait;
+    use ApiPlatform\Symfony\Bundle\Test\ApiTestCase;
+
+    final class BookTest extends ApiTestCase
+    {
+        use TestGuideTrait;
+
+        public function testBookDoesNotExists(): void
+        {
+            static::createClient()->request('GET', '/books/1', options: ['headers' => ['accept' => 'application/ld+json']]);
+            $this->assertResponseStatusCodeSame(400);
+            $this->assertJsonContains([
+                'detail' => 'les calculs ne sont pas bons'
+            ]);
+        }
+    }
+}
+
+namespace App\Playground {
+    use Symfony\Component\HttpFoundation\Request;
+
+    function request(): Request
+    {
+        return Request::create('/books/1.jsonld', 'GET');
+    }
+}

docs/guides/error-resource.php

@@ -0,0 +1,107 @@
+<?php
+// ---
+// slug: error-resource
+// name: Error resource for domain exceptions
+// position: 7
+// executable: true
+// tags: design, state
+// ---
+
+// Note that we use the following configuration:
+// ```
+// api_platform:
+//    defaults:
+//            rfc_7807_compliant_errors: true
+// ```
+namespace App\ApiResource {
+    use ApiPlatform\Metadata\ErrorResource;
+    use ApiPlatform\Metadata\Exception\ProblemExceptionInterface;
+
+    // We create a `MyDomainException` marked as an `ErrorResource`
+    // It implements ProblemExceptionInterface as we want to be compatible with the [JSON Problem rfc7807](https://datatracker.ietf.org/doc/rfc7807/)
+    #[ErrorResource]
+    class MyDomainException extends \Exception implements ProblemExceptionInterface
+    {
+        public function getType(): string
+        {
+            return 'teapot';
+        }
+
+        public function getTitle(): ?string
+        {
+            return null;
+        }
+
+        public function getStatus(): ?int
+        {
+            return 418;
+        }
+
+        public function getDetail(): ?string
+        {
+            return $this->getMessage();
+        }
+
+        public function getInstance(): ?string
+        {
+            return null;
+        }
+    }
+
+    use ApiPlatform\Metadata\ApiResource;
+    use ApiPlatform\Metadata\Get;
+    use ApiPlatform\Metadata\Operation;
+
+    #[ApiResource(
+        operations: [
+            new Get(provider: Book::class.'::provide'),
+        ],
+    )]
+    class Book
+    {
+        public function __construct(
+            public readonly int $id = 1,
+            public readonly string $name = 'Anon',
+        ) {
+        }
+
+        public static function provide(Operation $operation, array $uriVariables = [], array $context = []): object|array|null
+        {
+            // We throw our domain exception
+            throw new MyDomainException('I am teapot');
+        }
+    }
+
+}
+
+namespace App\Tests {
+    use ApiPlatform\Playground\Test\TestGuideTrait;
+    use ApiPlatform\Symfony\Bundle\Test\ApiTestCase;
+
+    final class BookTest extends ApiTestCase
+    {
+        use TestGuideTrait;
+
+        public function testBookDoesNotExists(): void
+        {
+            static::createClient()->request('GET', '/books/1', options: ['headers' => ['accept' => 'application/ld+json']]);
+            // We expect the status code returned by our `getStatus` and the message inside `detail`
+            // for security reasons 500 errors will get their "detail" changed by our Error Provider
+            // you can override this by looking at the [Error Provider guide](/docs/guides/error-provider).
+            $this->assertResponseStatusCodeSame(418);
+            $this->assertJsonContains([
+                'detail' => 'I am teapot'
+            ]);
+        }
+    }
+}
+
+namespace App\Playground {
+    use Symfony\Component\HttpFoundation\Request;
+
+    function request(): Request
+    {
+        return Request::create('/books/1.jsonld', 'GET');
+    }
+}
+

features/hal/problem.feature

@@ -1,3 +1,4 @@
+@!mongodb
 Feature: Error handling valid according to RFC 7807 (application/problem+json)
   In order to be able to handle error client side
   As a client software developer
@@ -6,7 +7,7 @@ Feature: Error handling valid according to RFC 7807 (application/problem+json)
   Scenario: Get an error
     When I add "Content-Type" header equal to "application/json"
     And I add "Accept" header equal to "application/json"
-    And I send a "POST" request to "/dummies" with body:
+    And I send a "POST" request to "/dummy_problems" with body:
     """
     {}
     """
@@ -33,7 +34,7 @@ Feature: Error handling valid according to RFC 7807 (application/problem+json)
   Scenario: Get an error during deserialization of simple relation
     When I add "Content-Type" header equal to "application/json"
     And I add "Accept" header equal to "application/json"
-    And I send a "POST" request to "/dummies" with body:
+    And I send a "POST" request to "/dummy_problems" with body:
     """
     {
       "name": "Foo",

features/hal/problem_legacy.feature

@@ -0,0 +1,50 @@
+Feature: Error handling valid according to RFC 7807 (application/problem+json)
+  In order to be able to handle error client side
+  As a client software developer
+  I need to retrieve an RFC 7807 compliant serialization of errors
+
+  Scenario: Get an error
+    When I add "Content-Type" header equal to "application/json"
+    And I add "Accept" header equal to "application/json"
+    And I send a "POST" request to "/dummies" with body:
+    """
+    {}
+    """
+    Then the response status code should be 422
+    And the response should be in JSON
+    And the header "Content-Type" should be equal to "application/problem+json; charset=utf-8"
+    And the JSON should be equal to:
+    """
+    {
+      "type": "https:\/\/tools.ietf.org\/html\/rfc2616#section-10",
+      "title": "An error occurred",
+      "detail": "name: This value should not be blank.",
+      "violations": [
+        {
+          "propertyPath": "name",
+          "message": "This value should not be blank.",
+          "code": "c1051bb4-d103-4f74-8988-acbcafc7fdc3"
+        }
+      ]
+    }
+    """
+
+  Scenario: Get an error during deserialization of simple relation
+    When I add "Content-Type" header equal to "application/json"
+    And I add "Accept" header equal to "application/json"
+    And I send a "POST" request to "/dummies" with body:
+    """
+    {
+      "name": "Foo",
+      "relatedDummy": {
+        "name": "bar"
+      }
+    }
+    """
+    Then the response status code should be 400
+    And the response should be in JSON
+    And the header "Content-Type" should be equal to "application/problem+json; charset=utf-8"
+    And the JSON node "type" should be equal to "https://tools.ietf.org/html/rfc2616#section-10"
+    And the JSON node "title" should be equal to "An error occurred"
+    And the JSON node "detail" should be equal to 'Nested documents for attribute "relatedDummy" are not allowed. Use IRIs instead.'
+    And the JSON node "trace" should exist