Merge pull request #965 from ceeram/add-previous

Include previous exception in catch and throw

CHANGELOG.md

@@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ### Added
 - Added a ScopeTrait to provide an implementation for jsonSerialize (PR #952)
+- Ability to nest exceptions (PR #965)
 
 ### Fixed
 - Fix issue where AuthorizationServer is not stateless as ResponseType could store state of a previous request (PR #960)

src/AuthorizationValidators/BearerTokenValidator.php

@@ -73,7 +73,7 @@ public function validateAuthorization(ServerRequestInterface $request)
                     throw OAuthServerException::accessDenied('Access token could not be verified');
                 }
             } catch (BadMethodCallException $exception) {
-                throw OAuthServerException::accessDenied('Access token is not signed');
+                throw OAuthServerException::accessDenied('Access token is not signed', null, $exception);
             }
 
             // Ensure access token hasn't expired
@@ -97,10 +97,10 @@ public function validateAuthorization(ServerRequestInterface $request)
                 ->withAttribute('oauth_scopes', $token->getClaim('scopes'));
         } catch (InvalidArgumentException $exception) {
             // JWT couldn't be parsed so return the request as is
-            throw OAuthServerException::accessDenied($exception->getMessage());
+            throw OAuthServerException::accessDenied($exception->getMessage(), null, $exception);
         } catch (RuntimeException $exception) {
             //JWR couldn't be parsed so return the request as is
-            throw OAuthServerException::accessDenied('Error while decoding to JSON');
+            throw OAuthServerException::accessDenied('Error while decoding to JSON', null, $exception);
         }
     }
 }

src/CryptTrait.php

@@ -41,7 +41,7 @@ protected function encrypt($unencryptedData)
 
             return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey);
         } catch (Exception $e) {
-            throw new LogicException($e->getMessage());
+            throw new LogicException($e->getMessage(), null, $e);
         }
     }
 
@@ -63,7 +63,7 @@ protected function decrypt($encryptedData)
 
             return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey);
         } catch (Exception $e) {
-            throw new LogicException($e->getMessage());
+            throw new LogicException($e->getMessage(), null, $e);
         }
     }
 

src/Exception/OAuthServerException.php

@@ -11,6 +11,7 @@
 
 use Exception;
 use Psr\Http\Message\ResponseInterface;
+use Throwable;
 
 class OAuthServerException extends Exception
 {
@@ -48,10 +49,11 @@ class OAuthServerException extends Exception
      * @param int         $httpStatusCode HTTP status code to send (default = 400)
      * @param null|string $hint           A helper hint
      * @param null|string $redirectUri    A HTTP URI to redirect the user back to
+     * @param Throwable   $previous       Previous exception
      */
-    public function __construct($message, $code, $errorType, $httpStatusCode = 400, $hint = null, $redirectUri = null)
+    public function __construct($message, $code, $errorType, $httpStatusCode = 400, $hint = null, $redirectUri = null, Throwable $previous = null)
     {
-        parent::__construct($message, $code);
+        parent::__construct($message, $code, $previous);
         $this->httpStatusCode = $httpStatusCode;
         $this->errorType = $errorType;
         $this->hint = $hint;
@@ -103,16 +105,17 @@ public static function unsupportedGrantType()
      *
      * @param string      $parameter The invalid parameter
      * @param null|string $hint
+     * @param Throwable   $previous  Previous exception
      *
      * @return static
      */
-    public static function invalidRequest($parameter, $hint = null)
+    public static function invalidRequest($parameter, $hint = null, Throwable $previous = null)
     {
         $errorMessage = 'The request is missing a required parameter, includes an invalid parameter value, ' .
             'includes a parameter more than once, or is otherwise malformed.';
         $hint = ($hint === null) ? sprintf('Check the `%s` parameter', $parameter) : $hint;
 
-        return new static($errorMessage, 3, 'invalid_request', 400, $hint);
+        return new static($errorMessage, 3, 'invalid_request', 400, $hint, null, $previous);
     }
 
     /**
@@ -164,52 +167,57 @@ public static function invalidCredentials()
     /**
      * Server error.
      *
-     * @param string $hint
+     * @param string    $hint
+     * @param Throwable $previous
      *
      * @return static
      *
      * @codeCoverageIgnore
      */
-    public static function serverError($hint)
+    public static function serverError($hint, Throwable $previous = null)
     {
         return new static(
             'The authorization server encountered an unexpected condition which prevented it from fulfilling'
             . ' the request: ' . $hint,
             7,
             'server_error',
-            500
+            500,
+            $previous
         );
     }
 
     /**
      * Invalid refresh token.
      *
      * @param null|string $hint
+     * @param Throwable   $previous
      *
      * @return static
      */
-    public static function invalidRefreshToken($hint = null)
+    public static function invalidRefreshToken($hint = null, Throwable $previous = null)
     {
-        return new static('The refresh token is invalid.', 8, 'invalid_request', 401, $hint);
+        return new static('The refresh token is invalid.', 8, 'invalid_request', 401, $hint, null, $previous);
     }
 
     /**
      * Access denied.
      *
      * @param null|string $hint
      * @param null|string $redirectUri
+     * @param Throwable   $previous
      *
      * @return static
      */
-    public static function accessDenied($hint = null, $redirectUri = null)
+    public static function accessDenied($hint = null, $redirectUri = null, Throwable $previous = null)
     {
         return new static(
             'The resource owner or authorization server denied the request.',
             9,
             'access_denied',
             401,
             $hint,
-            $redirectUri
+            $redirectUri,
+            $previous
         );
     }
 

src/Grant/AbstractGrant.php

@@ -511,12 +511,12 @@ protected function generateUniqueIdentifier($length = 40)
             return bin2hex(random_bytes($length));
             // @codeCoverageIgnoreStart
         } catch (TypeError $e) {
-            throw OAuthServerException::serverError('An unexpected error has occurred');
+            throw OAuthServerException::serverError('An unexpected error has occurred', $e);
         } catch (Error $e) {
-            throw OAuthServerException::serverError('An unexpected error has occurred');
+            throw OAuthServerException::serverError('An unexpected error has occurred', $e);
         } catch (Exception $e) {
             // If you get this message, the CSPRNG failed hard.
-            throw OAuthServerException::serverError('Could not generate a random string');
+            throw OAuthServerException::serverError('Could not generate a random string', $e);
         }
         // @codeCoverageIgnoreEnd
     }

src/Grant/AuthCodeGrant.php

@@ -96,7 +96,7 @@ public function respondToAccessTokenRequest(
                 $authCodePayload->user_id
             );
         } catch (LogicException $e) {
-            throw OAuthServerException::invalidRequest('code', 'Cannot decrypt the authorization code');
+            throw OAuthServerException::invalidRequest('code', 'Cannot decrypt the authorization code', $e);
         }
 
         // Validate code challenge

src/Grant/RefreshTokenGrant.php

@@ -97,7 +97,7 @@ protected function validateOldRefreshToken(ServerRequestInterface $request, $cli
         try {
             $refreshToken = $this->decrypt($encryptedRefreshToken);
         } catch (Exception $e) {
-            throw OAuthServerException::invalidRefreshToken('Cannot decrypt the refresh token');
+            throw OAuthServerException::invalidRefreshToken('Cannot decrypt the refresh token', $e);
         }
 
         $refreshTokenData = json_decode($refreshToken, true);

tests/Exception/OAuthServerExceptionTest.php

@@ -2,6 +2,7 @@
 
 namespace LeagueTests\Exception;
 
+use Exception;
 use League\OAuth2\Server\Exception\OAuthServerException;
 use PHPUnit\Framework\TestCase;
 
@@ -20,4 +21,19 @@ public function testDoesNotHaveRedirect()
 
         $this->assertFalse($exceptionWithoutRedirect->hasRedirect());
     }
+
+    public function testHasPrevious()
+    {
+        $previous = new Exception('This is the previous');
+        $exceptionWithPrevious = OAuthServerException::accessDenied(null, null, $previous);
+
+        $this->assertSame('This is the previous', $exceptionWithPrevious->getPrevious()->getMessage());
+    }
+
+    public function testDoesNotHavePrevious()
+    {
+        $exceptionWithoutPrevious = OAuthServerException::accessDenied();
+
+        $this->assertNull($exceptionWithoutPrevious->getPrevious());
+    }
 }