[Security] json login listener: ensure a json response is sent on bad request

Author: ogizanagi

src/Symfony/Bundle/SecurityBundle/Tests/Functional/JsonLoginTest.php

@@ -61,4 +61,15 @@ public function testCustomJsonLoginFailure()
         $this->assertSame(500, $response->getStatusCode());
         $this->assertSame(array('message' => 'Something went wrong'), json_decode($response->getContent(), true));
     }
+
+    public function testDefaultJsonLoginBadRequest()
+    {
+        $client = $this->createClient(array('test_case' => 'JsonLogin', 'root_config' => 'config.yml'));
+        $client->request('POST', '/chk', array(), array(), array('CONTENT_TYPE' => 'application/json'), 'Not a json content');
+        $response = $client->getResponse();
+
+        $this->assertSame(400, $response->getStatusCode());
+        $this->assertSame('application/json', $response->headers->get('Content-Type'));
+        $this->assertArraySubset(array('error' => array('code' => 400, 'message' => 'Bad Request')), json_decode($response->getContent(), true));
+    }
 }

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/JsonLogin/bundles.php

@@ -12,5 +12,6 @@
 return array(
     new Symfony\Bundle\SecurityBundle\SecurityBundle(),
     new Symfony\Bundle\FrameworkBundle\FrameworkBundle(),
+    new Symfony\Bundle\TwigBundle\TwigBundle(),
     new Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\JsonLoginBundle\JsonLoginBundle(),
 );

src/Symfony/Component/Security/Http/Firewall/UsernamePasswordJsonAuthenticationListener.php

@@ -122,6 +122,10 @@ public function handle(GetResponseEvent $event)
             $response = $this->onSuccess($request, $authenticatedToken);
         } catch (AuthenticationException $e) {
             $response = $this->onFailure($request, $e);
+        } catch (BadRequestHttpException $e) {
+            $request->setRequestFormat('json');
+
+            throw $e;
         }
 
         if (null === $response) {