bug #39862 [Security] Replace message data in JSON security error response (wouterj)

This PR was merged into the 4.4 branch. Discussion ---------- [Security] Replace message data in JSON security error response | Q | A | ------------- | --- | Branch? | 4.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | Fix part of #39663 | License | MIT | Doc PR | n/a The 4.4 part of #39859 Commits ------- ab2ca7145f [Security] Replace message data in JSON security error response
2021-01-17 00:09:57 +01:00 · 2021-01-17 00:09:57 +01:00 · 833a9e0a47
commit 833a9e0a47
parent 8076c2f8ba ab2ca7145f
1 changed files with 3 additions and 1 deletions
--- a/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordJsonAuthenticationListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordJsonAuthenticationListener.php
@ -191,7 +191,9 @@ class UsernamePasswordJsonAuthenticationListener extends AbstractListener implem
        }

        if (!$this->failureHandler) {
-            return new JsonResponse(['error' => $failed->getMessageKey()], 401);
+            $errorMessage = strtr($failed->getMessageKey(), $failed->getMessageData());
+
+            return new JsonResponse(['error' => $errorMessage], 401);
        }

        $response = $this->failureHandler->onAuthenticationFailure($request, $failed);