Step 4: ExceptionController support

2.0 version
Maintained

Step 4: ExceptionController supportΒΆ

When implementing an API it is also necessary to handle exceptions in a RESTful way, while ensuring that no security sensitive information leaks out. This bundle provides an extra controller for that job. Using this custom ExceptionController it is possible to leverage the View layer when building responses for uncaught Exceptions.

The ExceptionController can be enabled via the FOSRestBundle configuration:

1
2
3
4
5
# app/config/config.yml
fos_rest:
    exception:
        enabled: true
        exception_controller: 'Acme\DemoBundle\Controller\ExceptionController::showAction'

Note

The FOSRestBundle ExceptionController is executed before the one of the TwigBundle.

Note

FOSRestBundle defines two services for exception rendering, by default it configures fos_rest.exception.controller which only supports rendering via a serializer. In case no explicit controller is configured by the user and TwigBundle is detected it will automatically configure fos_rest.exception.twig_controller which additionally also supports rendering via Twig.

To map Exception classes to HTTP response status codes an exception map may be configured, where the keys match a fully qualified class name and the values are either an integer HTTP response status code or a string matching a class constant of the Symfony\Component\HttpFoundation\Response class:

1
2
3
4
5
6
7
8
# app/config/config.yml
fos_rest:
    exception:
        codes:
            'Symfony\Component\Routing\Exception\ResourceNotFoundException': 404
            'Doctrine\ORM\OptimisticLockException': HTTP_CONFLICT
        messages:
            'Acme\HelloBundle\Exception\MyExceptionWithASafeMessage': true

If you want to display the message from the exception in the content of the response, add the exception to the messages map as well. If not only the status code will be returned.

If you know what status code you want to return you do not have to add a mapping, you can do this in your controller:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
<?php

namespace AppBundle\Controller;

use Symfony\Component\HttpKernel\Exception\HttpException;

class UsersController extends Controller
{
    public function postUserCommentsAction($slug)
    {
        if (!$this->validate($slug)) {
            throw new HttpException(400, "New comment is not valid.");
        }
    }
}

In order to make the serialization format of exceptions customizable it is possible to use serializer normalizers.

See how to create handlers for the JMS serializer and how to create normalizers for the Symfony serializer.

That was it!

Note

If you are receiving a 500 error where you would expect a different response, the issue is likely caused by an exception inside the ExceptionController. For example a template is not found or the serializer failed. You should take a look at the logs of your app to see if an uncaught exception has been logged.

This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.