Session fix

Prior to this change, the session was injected.
This change injects a session wrapper, so it does not inject stale
session objects at bootstrap time.

Author: johanib

library/EngineBlock/ApplicationSingleton.php

@@ -335,25 +335,6 @@ public function getClientIpAddress()
         throw new EngineBlock_Exception('Unable to determine IP address!');
     }
 
-    /**
-     * Logs exception and redirects user to feedback page
-     *
-     * @param Exception $exception
-     * @param string $feedbackUrl Url to which the user will be redirected
-     * @param array $feedbackInfo Optional feedback info in name/value format which will be shown on feedback page
-     */
-    public function handleExceptionWithFeedback(
-        Exception $exception,
-        $feedbackUrl,
-        $feedbackInfo = array()
-    )
-    {
-        $messageSuffix = '-> Redirecting to feedback page';
-        $this->reportError($exception, $messageSuffix);
-        $this->getSession()->set('feedbackInfo', array_merge($feedbackInfo, $this->getSession()->get('feedbackInfo', [])));
-        $this->getHttpResponse()->setRedirectUrl($feedbackUrl);
-    }
-
     //////////// HTTP COMMUNICATION
 
     /**

src/OpenConext/EngineBlock/Service/AuthenticationStateHelper.php

@@ -20,25 +20,24 @@
 
 use OpenConext\EngineBlockBundle\Authentication\AuthenticationStateInterface;
 use Symfony\Component\HttpFoundation\RequestStack;
-use Symfony\Component\HttpFoundation\Session\SessionInterface;
 
 class AuthenticationStateHelper implements AuthenticationStateHelperInterface
 {
     /**
-     * @var SessionInterface
+     * @var RequestStack
      */
-    private $session;
+    private $requestStack;
 
     public function __construct(RequestStack $requestStack)
     {
-        $this->session = $requestStack->getSession();
+        $this->requestStack = $requestStack;
     }
 
     /**
      * @return AuthenticationStateInterface
      */
     public function getAuthenticationState()
     {
-        return $this->session->get('authentication_state');
+        return $this->requestStack->getSession()->get('authentication_state');
     }
 }

src/OpenConext/EngineBlock/Service/ProcessingStateHelper.php

@@ -32,13 +32,18 @@ class ProcessingStateHelper implements ProcessingStateHelperInterface
     const SESSION_KEY = 'Processing';
 
     /**
-     * @var SessionInterface
+     * @var RequestStack
      */
-    private $session;
+    private $requestStack;
 
     public function __construct(RequestStack $requestStack)
     {
-        $this->session = $requestStack->getSession();
+        $this->requestStack = $requestStack;
+    }
+
+    private function session(): SessionInterface
+    {
+        return $this->requestStack->getSession();
     }
 
     /**
@@ -56,9 +61,9 @@ public function addStep(
     ) {
         // Add the additional checks to the session
         $processingStep = new ProcessingStateStep($response, $role);
-        $processing = $this->session->get(self::SESSION_KEY);
+        $processing = $this->session()->get(self::SESSION_KEY);
         $processing[$requestId][$name] = $processingStep;
-        $this->session->set(self::SESSION_KEY, $processing);
+        $this->session()->set(self::SESSION_KEY, $processing);
 
         return $processingStep;
     }
@@ -72,7 +77,7 @@ public function addStep(
      */
     public function getStepByRequestId($requestId, $name)
     {
-        $processing = $this->session->get(self::SESSION_KEY);
+        $processing = $this->session()->get(self::SESSION_KEY);
         if (empty($processing)) {
             throw new EngineBlock_Corto_Module_Services_SessionLostException('Session lost');
         }
@@ -92,7 +97,7 @@ public function getStepByRequestId($requestId, $name)
 
     public function hasStepRequestById(string $requestId, string $name): bool
     {
-        $processing = $this->session->get(self::SESSION_KEY);
+        $processing = $this->session()->get(self::SESSION_KEY);
         if (empty($processing)) {
             return false;
         }
@@ -119,11 +124,11 @@ public function updateStepResponseByRequestId(
         $name,
         EngineBlock_Saml2_ResponseAnnotationDecorator $response
     ) {
-        $processing = $this->session->get(self::SESSION_KEY);
+        $processing = $this->session()->get(self::SESSION_KEY);
         $processingStep = $this->getStepByRequestId($requestId, $name);
         $updatedProcessingStep = new ProcessingStateStep($response, $processingStep->getRole());
         $processing[$requestId][$name] = $updatedProcessingStep;
-        $this->session->set(self::SESSION_KEY, $processing);
+        $this->session()->set(self::SESSION_KEY, $processing);
 
         return $updatedProcessingStep;
     }
@@ -135,7 +140,7 @@ public function updateStepResponseByRequestId(
      */
     public function clearStepByRequestId($requestId)
     {
-        $processing = $this->session->get(self::SESSION_KEY);
+        $processing = $this->session()->get(self::SESSION_KEY);
         if (empty($processing)) {
             throw new EngineBlock_Corto_Module_Services_SessionLostException('Session lost after consent');
         }
@@ -147,6 +152,6 @@ public function clearStepByRequestId($requestId)
 
         unset($processing[$requestId]);
 
-        $this->session->set(self::SESSION_KEY, $processing);
+        $this->session()->set(self::SESSION_KEY, $processing);
     }
 }

src/OpenConext/EngineBlockBridge/ErrorReporter.php

@@ -25,7 +25,6 @@
 use Exception;
 use Psr\Log\LoggerInterface;
 use Symfony\Component\HttpFoundation\RequestStack;
-use Symfony\Component\HttpFoundation\Session\SessionInterface;
 
 class ErrorReporter
 {
@@ -38,9 +37,9 @@ class ErrorReporter
      */
     private $engineBlockApplicationSingleton;
     /**
-     * @var SessionInterface
+     * @var RequestStack
      */
-    private $session;
+    private $requestStack;
 
     public function __construct(
         EngineBlock_ApplicationSingleton $engineBlockApplicationSingleton,
@@ -49,63 +48,64 @@ public function __construct(
     ) {
         $this->engineBlockApplicationSingleton = $engineBlockApplicationSingleton;
         $this->logger = $logger;
-        $this->session = $requestStack->getSession();
+        $this->requestStack = $requestStack;
     }
 
-    /**
-     * @param Exception $exception
-     * @param string    $messageSuffix
-     */
-    public function reportError(Exception $exception, $messageSuffix)
+    public function reportError(Exception $exception, string $messageSuffix): void
     {
-        $logContext = ['exception' => $exception];
+        $logContext = $this->buildLogContext($exception);
+        $severity   = $exception instanceof EngineBlock_Exception
+            ? $exception->getSeverity()
+            : EngineBlock_Exception::CODE_ERROR;
 
-        if ($exception instanceof EngineBlock_Exception) {
-            $severity = $exception->getSeverity();
-        } else {
-            $severity = EngineBlock_Exception::CODE_ERROR;
+        $message = $exception->getMessage() ?: 'Exception without message "' . get_class($exception) . '"';
+        if ($messageSuffix) {
+            $message .= ' | ' . $messageSuffix;
         }
 
-        // unwrap the exception stack
-        $prevException = $exception;
-        while ($prevException = $prevException->getPrevious()) {
-            if (!isset($logContext['previous_exceptions'])) {
-                $logContext['previous_exceptions'] = [];
-            }
+        $this->logger->log($severity, $message, $logContext);
 
-            $logContext['previous_exceptions'][] = (string)$prevException;
+        try {
+            $this->storeSessionFeedback($exception);
+        } finally {
+            // flush all messages in queue, something went wrong!
+            $this->engineBlockApplicationSingleton->flushLog('An error was caught');
         }
+    }
 
-        // message building
-        $message = $exception->getMessage();
-        if (empty($message)) {
-            $message = 'Exception without message "' . get_class($exception) . '"';
-        }
+    private function buildLogContext(Exception $exception): array
+    {
+        $logContext    = ['exception' => $exception];
+        $prevException = $exception;
 
-        if ($messageSuffix) {
-            $message .= ' | ' . $messageSuffix;
+        // unwrap the exception stack
+        while ($prevException = $prevException->getPrevious()) {
+            $logContext['previous_exceptions'][] = (string) $prevException;
         }
 
-        $this->logger->log($severity, $message, $logContext);
+        return $logContext;
+    }
 
-        // Store some valuable debug info in session so it can be displayed on feedback pages
-        $feedback = $this->session->get('feedbackInfo');
-        if (empty($feedback)) {
-            $feedback = [];
+    private function storeSessionFeedback(Exception $exception): void
+    {
+        // Store some valuable debug info in session so it can be displayed on feedback pages.
+        // This is only applicable to web requests; skip entirely in CLI context or when there is no active request.
+        if ($this->requestStack->getCurrentRequest() === null) {
+            return;
         }
 
+        $session  = $this->requestStack->getSession();
+        $feedback = $session->get('feedbackInfo') ?: [];
+
         if ($exception instanceof EngineBlock_Corto_Exception_HasFeedbackInfoInterface) {
             $feedback = array_merge($feedback, $exception->getFeedbackInfo());
         } elseif ($exception instanceof EngineBlock_Corto_Exception_PEPNoAccess) {
-            $this->session->set('error_authorization_policy_decision', $exception->getPolicyDecision());
+            $session->set('error_authorization_policy_decision', $exception->getPolicyDecision());
         }
 
-        $this->session->set('feedbackInfo', array_merge(
+        $session->set('feedbackInfo', array_merge(
             $feedback,
             $this->engineBlockApplicationSingleton->collectFeedbackInfo($exception)
         ));
-
-        // flush all messages in queue, something went wrong!
-        $this->engineBlockApplicationSingleton->flushLog('An error was caught');
     }
 }

src/OpenConext/EngineBlockBundle/Controller/DebugController.php

@@ -25,7 +25,6 @@
 use OpenConext\Value\Saml\EntityId;
 use OpenConext\Value\Saml\EntityType;
 use Symfony\Component\HttpFoundation\RequestStack;
-use Symfony\Component\HttpFoundation\Session\SessionInterface;
 use Symfony\Component\Routing\Attribute\Route;
 
 class DebugController implements AuthenticationLoopThrottlingController
@@ -36,16 +35,16 @@ class DebugController implements AuthenticationLoopThrottlingController
     private $engineBlockApplicationSingleton;
 
     /**
-     * @var SessionInterface
+     * @var RequestStack
      */
-    private $session;
+    private $requestStack;
 
     public function __construct(
         EngineBlock_ApplicationSingleton $engineBlockApplicationSingleton,
         RequestStack $requestStack,
     ) {
         $this->engineBlockApplicationSingleton = $engineBlockApplicationSingleton;
-        $this->session = $requestStack->getSession();
+        $this->requestStack = $requestStack;
     }
 
     #[Route(path: '/authentication/sp/debug', name: 'authentication_sp_debug', methods: ['GET', 'POST'])]
@@ -57,7 +56,7 @@ public function debugSpConnectionAction()
 
         // Authentication state needs to be registered here as the debug flow differs from the regular flow,
         // yet the procedures for both are completed when consuming the assertion in the ServiceProviderController
-        $authenticationState = $this->session->get('authentication_state');
+        $authenticationState = $this->requestStack->getSession()->get('authentication_state');
 
         $requestId = '_00000000-0000-0000-0000-000000000000';
         $authenticationState->startAuthenticationOnBehalfOf(

src/OpenConext/EngineBlockBundle/EventListener/AuthenticationStateInitializer.php

@@ -22,19 +22,18 @@
 use OpenConext\EngineBlockBundle\Authentication\AuthenticationState;
 use OpenConext\EngineBlockBundle\Controller\AuthenticationLoopThrottlingController;
 use Symfony\Component\HttpFoundation\RequestStack;
-use Symfony\Component\HttpFoundation\Session\Session;
 use Symfony\Component\HttpKernel\Event\ControllerEvent;
 
 final class AuthenticationStateInitializer
 {
     /**
-     * @var Session
+     * @var RequestStack
      */
-    private $session;
+    private $requestStack;
 
     public function __construct(RequestStack $requestStack)
     {
-        $this->session = $requestStack->getSession();
+        $this->requestStack = $requestStack;
     }
 
     public function onKernelController(ControllerEvent $event): void
@@ -48,11 +47,12 @@ public function onKernelController(ControllerEvent $event): void
             return;
         }
 
-        $authenticationState = $this->session->get('authentication_state');
+        $session = $this->requestStack->getSession();
+        $authenticationState = $session->get('authentication_state');
         if ($authenticationState === null) {
             $authenticationLoopGuard = $this->getAuthenticationLoopGuard();
 
-            $this->session->set('authentication_state', new AuthenticationState($authenticationLoopGuard));
+            $session->set('authentication_state', new AuthenticationState($authenticationLoopGuard));
         }
     }