Modularize Aphront exception handling

Summary:
Ref T1806. Ref T7173. Depends on D14047.

Currently, all exception handling is in this big messy clump in `AphrontDefaultApplicationConfiguration`.

Split it out into modular classes. This will let a future change add new classes in the Phacility cluster which intercept particular exceptions we care about and replaces the default, generic responses with more useful, tailored responses.

Test Plan:
{F777391}

- Hit a Conduit error (made a method throw).
- Hit an Ajax error (made comment preview throw).
- Hit a high security error (tried to edit TOTP).
- Hit a rate limiting error (added a bunch of email addresses).
- Hit a policy error (tried to look at something with no permission).
- Hit an arbitrary exception (made a randomc ontroller throw).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T1806, T7173

Differential Revision: https://secure.phabricator.com/D14049

src/aphront/handler/PhabricatorHighSecurityRequestExceptionHandler.php

@@ -0,0 +1,76 @@
+<?php
+
+final class PhabricatorHighSecurityRequestExceptionHandler
+  extends PhabricatorRequestExceptionHandler {
+
+  public function getRequestExceptionHandlerPriority() {
+    return 310000;
+  }
+
+  public function getRequestExceptionHandlerDescription() {
+    return pht(
+      'Handles high security exceptions which occur when a user needs '.
+      'to present MFA credentials to take an action.');
+  }
+
+  public function canHandleRequestException(
+    AphrontRequest $request,
+    Exception $ex) {
+
+    if (!$this->isPhabricatorSite($request)) {
+      return false;
+    }
+
+    return ($ex instanceof PhabricatorAuthHighSecurityRequiredException);
+  }
+
+  public function handleRequestException(
+    AphrontRequest $request,
+    Exception $ex) {
+
+    $viewer = $this->getViewer($request);
+
+    $form = id(new PhabricatorAuthSessionEngine())->renderHighSecurityForm(
+      $ex->getFactors(),
+      $ex->getFactorValidationResults(),
+      $viewer,
+      $request);
+
+    $dialog = id(new AphrontDialogView())
+      ->setUser($viewer)
+      ->setTitle(pht('Entering High Security'))
+      ->setShortTitle(pht('Security Checkpoint'))
+      ->setWidth(AphrontDialogView::WIDTH_FORM)
+      ->addHiddenInput(AphrontRequest::TYPE_HISEC, true)
+      ->setErrors(
+        array(
+          pht(
+            'You are taking an action which requires you to enter '.
+            'high security.'),
+        ))
+      ->appendParagraph(
+        pht(
+          'High security mode helps protect your account from security '.
+          'threats, like session theft or someone messing with your stuff '.
+          'while you\'re grabbing a coffee. To enter high security mode, '.
+          'confirm your credentials.'))
+      ->appendChild($form->buildLayoutView())
+      ->appendParagraph(
+        pht(
+          'Your account will remain in high security mode for a short '.
+          'period of time. When you are finished taking sensitive '.
+          'actions, you should leave high security.'))
+      ->setSubmitURI($request->getPath())
+      ->addCancelButton($ex->getCancelURI())
+      ->addSubmitButton(pht('Enter High Security'));
+
+    $request_parameters = $request->getPassthroughRequestParameters(
+      $respect_quicksand = true);
+    foreach ($request_parameters as $key => $value) {
+      $dialog->addHiddenInput($key, $value);
+    }
+
+    return $dialog;
+  }
+
+}