Skip to content

Propagate Symfony responses throughout the codebase (src & modules)#2645

Merged
tvdijen merged 17 commits into
simplesamlphp-3.0from
feature/symfony-responses
Jun 29, 2026
Merged

Propagate Symfony responses throughout the codebase (src & modules)#2645
tvdijen merged 17 commits into
simplesamlphp-3.0from
feature/symfony-responses

Conversation

@tvdijen

@tvdijen tvdijen commented Jun 13, 2026

Copy link
Copy Markdown
Member

This is a re-do of an older PR: a6458f5#diff-cd2cc539ac38ea3aaa66c905a882503ca5dfa6714b7b4ef51ed1f3537a9135cf (#1760)

I've been picking the changes in src/ and modules/, but I haven't come to the tests just yet.
It's hard, because the old master-branch was half-what migrated to the new saml2-lib. With this PR I'm hoping to peel Symfony responses off.

@tvdijen tvdijen force-pushed the feature/symfony-responses branch from 8ebd401 to 9714cb4 Compare June 13, 2026 17:10
@tvdijen tvdijen requested review from cicnavi and monkeyiq June 13, 2026 18:20
@tvdijen

tvdijen commented Jun 13, 2026

Copy link
Copy Markdown
Member Author

@cicnavi @monkeyiq First look?
I think it's already a huge improvement and we could for example fix #2643 with this.

@tvdijen

tvdijen commented Jun 13, 2026

Copy link
Copy Markdown
Member Author

Idea:

I have left out the migration to PSR-17 to interact with the saml2-lib (see old PR)..
We can easily re-introduce this by backporting the saml2-bindings from saml2v6 into samlv4

@tvdijen tvdijen force-pushed the feature/symfony-responses branch from 9714cb4 to a6f6c6b Compare June 13, 2026 18:31
@monkeyiq

monkeyiq commented Jun 15, 2026

Copy link
Copy Markdown
Contributor
Edit: Never mind, I see now that Template here is XHTML/Template and so is a response.

Looking at this, modules/admin/src/Controller/Config.php still falls through to the code that does

        return $this->menu->insert($t);

Which by looking at Menu should be then trying to return a Template object from Config diagnostics and main.

Looking at #1760 it doesnt seem there was a Menu.php update there to be picked still.

@monkeyiq

Copy link
Copy Markdown
Contributor

I will go back to reading and using emacs to make cross check comments before posting to avoid noise

@monkeyiq

Copy link
Copy Markdown
Contributor

I have read over most of this now. I have not checked it out and run it yet.

@monkeyiq

Copy link
Copy Markdown
Contributor

NB: This is more of a comment for a future update if we like the idea.

One thought I had was to do with getting query parameters...

$consumerURL = null;
if ($request->query->has('ConsumerURL')) {
    $consumerURL = $request->query->get('ConsumerURL');
}

Looking at the symfony source code it seems that this could be a single line. Though the temptation there is also to use the FILTER to validate things at that time as well. (https://github.com/symfony/symfony/blob/e9a41cc7483070563d0e8264842e064716319e11/src/Symfony/Component/HttpFoundation/InputBag.php#L143)

$consumerURL = $request->query->filter( 'ConsumerURL', null );

@monkeyiq monkeyiq left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only a few little things that were perhaps discovered by another set of eyes.

Comment thread modules/core/src/Auth/Process/WarnShortSSOInterval.php
Comment thread modules/core/src/Controller/Logout.php Outdated
@tvdijen

tvdijen commented Jun 16, 2026

Copy link
Copy Markdown
Member Author

Looking at the symfony source code it seems that this could be a single line.

I'm trying to not change anything in this already huge PR that is not related to passing requests/responses back and forth. Also, I would never use ->filter(.., null) because it gives a false sense that we're filtering something when we don't.. Reducing the if/has/get to a oneliner makes sense here.

@monkeyiq monkeyiq mentioned this pull request Jun 17, 2026
Comment thread modules/core/src/Auth/Source/AbstractSourceSelector.php Outdated
Comment thread modules/multiauth/src/Auth/Source/MultiAuth.php Outdated
Comment thread modules/saml/src/IdP/SAML2.php Outdated
Comment thread modules/core/src/Auth/Process/Cardinality.php Outdated
Comment thread modules/core/src/Auth/Process/CardinalitySingle.php Outdated
Comment thread modules/admin/src/Controller/Config.php Outdated
Comment thread modules/core/src/Controller/Login.php Outdated
Comment thread modules/multiauth/src/Auth/Source/MultiAuth.php Outdated
Comment thread src/SimpleSAML/XHTML/IdPDisco.php Outdated
Comment thread modules/exampleauth/src/Auth/Source/External.php Outdated
@tvdijen tvdijen force-pushed the feature/symfony-responses branch from bc3753d to 886cfab Compare June 22, 2026 21:18
@tvdijen tvdijen force-pushed the feature/symfony-responses branch 7 times, most recently from e6ce7b3 to 8073b72 Compare June 22, 2026 22:06
@tvdijen tvdijen force-pushed the feature/symfony-responses branch from 8073b72 to bf50c5e Compare June 22, 2026 22:20
@tvdijen

tvdijen commented Jun 27, 2026

Copy link
Copy Markdown
Member Author

This PR wouldn't be complete if I left out the saml2-endpoints, but they need the Binding-classes from the saml2v6-lib to properly work with Symfony responses.. Therefore I converted them and then convert the response captured by the v6 bindings back to a v4 message-object. It's not pretty, but we need small steps and this PR is already huge.

Where possible I used the Constants and the exceptions from the new lib.

@tvdijen tvdijen force-pushed the feature/symfony-responses branch from 6cc9fbe to c98d0cb Compare June 27, 2026 17:22
@tvdijen tvdijen force-pushed the feature/symfony-responses branch from ce41057 to 4614930 Compare June 27, 2026 21:59
@monkeyiq

Copy link
Copy Markdown
Contributor

It looks like IndexTest is the only code in the test suite using simplesamlphp-test-framework/src/BuiltInServer.php

There may be a symfony way to do that instead.

@tvdijen

tvdijen commented Jun 29, 2026

Copy link
Copy Markdown
Member Author

There may be a symfony way to do that instead.

Probably, yes.. Although I think what the test is doing can also be tested in the frontpage controller tests.. It's only testing redirects to specific destinations.

@tvdijen tvdijen force-pushed the feature/symfony-responses branch from 9de4416 to aeb5e68 Compare June 29, 2026 07:17
@tvdijen tvdijen force-pushed the feature/symfony-responses branch from aeb5e68 to 2f2ed4a Compare June 29, 2026 07:23
@tvdijen

tvdijen commented Jun 29, 2026

Copy link
Copy Markdown
Member Author

Something strange is going on.. ServiceProviderTest::testACSExpectedIssuerMismatchHardFails is passing locally, but failing on GH Actions

@monkeyiq

Copy link
Copy Markdown
Contributor

The issue with tests/www/IndexTest.php seemed to happen when I merged the ssp3 branch into this here 42a7252 to try to resolve those 4 conflicts that were created.

The IndexTest test runs ok on the ssp3 timeline commits https://github.com/simplesamlphp/simplesamlphp/commits/simplesamlphp-3.0/ ... cfe871c through 4f5d845

I will dig more into IndexTest tomorrow to try to resolve it. (unless it has been discovered in the meantime).

@monkeyiq

Copy link
Copy Markdown
Contributor

This also completes ok here...

$ ./vendor/bin/phpunit --display-warnings --no-coverage ./tests/modules/saml/src/Controller/ServiceProviderTest.php

@monkeyiq

Copy link
Copy Markdown
Contributor

I will be trying to get IndexTest happening again as it is currently rather than chasing other changes for the simple error/redirection testing.

@tvdijen tvdijen merged commit 665ece0 into simplesamlphp-3.0 Jun 29, 2026
22 of 34 checks passed
@tvdijen

tvdijen commented Jun 29, 2026

Copy link
Copy Markdown
Member Author

Oh crap, that wasn't supposed to happen :/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants