Move authnRequestSession to symfony sessions#1982
Open
kayjoosten wants to merge 6 commits intofeature/issue-1971-correlation-id-loggingfrom
Open
Move authnRequestSession to symfony sessions#1982kayjoosten wants to merge 6 commits intofeature/issue-1971-correlation-id-loggingfrom
kayjoosten wants to merge 6 commits intofeature/issue-1971-correlation-id-loggingfrom
Conversation
Introduces three new components to address issue #1971: - CorrelationId: shared mutable DI service (get/set) that acts as a per-request holder for the active correlation ID - CorrelationIdRepository: Symfony service backed by the session with three operations: mint(requestId) — generate a random ID for an SP request (idempotent) link(target, src) — copy the ID to an IdP request ID resolve(requestId) — push the stored ID into CorrelationId Safely no-ops when no session is available (CLI, unit tests). - CorrelationIdProcessor: Monolog processor that stamps correlation_id on every log record from the shared CorrelationId service DI wiring: services.yml registers CorrelationId and CorrelationIdRepository (with @request_stack); logging.yml registers the Monolog processor.
Each HTTP leg resolves the correlation ID at the top of its handler so
every log entry emitted during that leg carries the correct ID:
Leg 1 SSO — mint() + resolve() in SingleSignOn (WAYF path)
mint() + link() + resolve() in ProxyServer (direct path)
Leg 2 ContinueToIdp — resolve() so debug log lines carry the ID;
ProxyServer also calls link() to associate the IdP
request ID with the SP request ID
Leg 3 ACS — resolve() via InResponseTo (IdP request ID)
Leg 4 Consent — resolve() via SP request ID in ProvideConsent and
ProcessConsent
DiContainer exposes getCorrelationIdRepository() as the bridge from
legacy Corto code to the Symfony service.
Includes a Behat feature covering the WAYF path, the direct (no-WAYF)
path, and concurrent flows; and a unit test for
AuthnRequestSessionRepository.
kayjoosten
changed the title
kayjoosten
force-pushed
the
feature/authn-request-session-symfony
branch
3 times, most recently
from
d3975cf to
e92841d
Compare
kayjoosten
force-pushed
the
feature/authn-request-session-symfony
branch
from
e92841d to
a0096cf
Compare
kayjoosten
force-pushed
the
feature/issue-1971-correlation-id-logging
branch
2 times, most recently
from
73b3503 to
7e17a65
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.