[Security] Replace BadRequestHttpException with BadCredentialsExcepti…

…on on empty username/password
symfony · Yashingle1307 · Jul 18, 2025 · Jul 18, 2025 · Jul 18, 2025 · Jul 18, 2025
commit 98d2d4c0644c7300523203d659ff49ce8e71514f
@@ -11,6 +11,7 @@
 
 namespace Symfony\Component\Security\Http\Authenticator;
 
+use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
@@ -147,7 +148,7 @@ private function getCredentials(\stdClass $data): array
             $credentials['username'] = $this->propertyAccessor->getValue($data, $this->options['username_path']);
 
             if (!\is_string($credentials['username']) || '' === $credentials['username']) {
-                throw new BadRequestHttpException(\sprintf('The key "%s" must be a non-empty string.', $this->options['username_path']));
+                throw new BadRequestHttpException('The key "username" must be a non-empty string.');
             }
         } catch (AccessException $e) {
             throw new BadRequestHttpException(\sprintf('The key "%s" must be provided.', $this->options['username_path']), $e);
@@ -158,7 +159,7 @@ private function getCredentials(\stdClass $data): array
             $this->propertyAccessor->setValue($data, $this->options['password_path'], null);
 
             if (!\is_string($credentials['password']) || '' === $credentials['password']) {
-                throw new BadRequestHttpException(\sprintf('The key "%s" must be a non-empty string.', $this->options['password_path']));
+                throw new BadRequestHttpException('The key "password" must be a non-empty string.');
             }
         } catch (AccessException $e) {
             throw new BadRequestHttpException(\sprintf('The key "%s" must be provided.', $this->options['password_path']), $e);