Add the session id derived id to polling requests

The polling async requests should include the correlation id based on the session id of the user that is placing them. That way we can correlate between the access logs and the application logs. See: https://www.pivotaltracker.com/story/show/188205232
OpenConext · Nov 21, 2024 · 3480d7f · 3480d7f
1 parent 9951a0f
commit 3480d7f
Show file tree

Hide file tree

Showing 15 changed files with 36 additions and 155 deletions.
diff --git a/assets/typescript/Client/StatusClient.ts b/assets/typescript/Client/StatusClient.ts
@@ -5,14 +5,23 @@ export interface PendingRequest {
 }
 
 export class StatusClient {
-  constructor(private apiUrl: string) {
-
+  constructor(
+    private apiUrl: string,
+    private correlationLoggingId: string,
+  ) {
   }
 
   /**
    * Request status form the API.
    */
   public request(callback: (status: string) => void, errorCallback: (error: unknown) => void): PendingRequest {
-    return jQuery.get(this.apiUrl, callback).fail(errorCallback);
+    let url;
+    if(this.correlationLoggingId !== ''){
+      url = this.apiUrl + (this.apiUrl.includes('?') ? '&' : '?') + 'correlation-id=' + this.correlationLoggingId;
+    }else{
+      url = this.apiUrl;
+    }
+
+    return jQuery.get(url, callback).fail(errorCallback);
   }
 }
diff --git a/assets/typescript/authentication.ts b/assets/typescript/authentication.ts
@@ -8,12 +8,12 @@ import jQuery from 'jquery';
 
 declare global {
   interface Window {
-    bootstrapAuthentication: (statusApiUrl: string, notificationApiUrl: string) => AuthenticationPageService;
+    bootstrapAuthentication: (statusApiUrl: string, notificationApiUrl: string, correlationLoggingId: string) => AuthenticationPageService;
   }
 }
 
-window.bootstrapAuthentication = (statusApiUrl: string, notificationApiUrl: string) => {
-  const statusClient = new StatusClient(statusApiUrl);
+window.bootstrapAuthentication = (statusApiUrl: string, notificationApiUrl: string, correlationLoggingId: string) => {
+  const statusClient = new StatusClient(statusApiUrl, correlationLoggingId);
   const notificationClient = new NotificationClient(notificationApiUrl);
   const pollingService = new StatusPollService(statusClient);
 

diff --git a/assets/typescript/registration.ts b/assets/typescript/registration.ts
@@ -7,12 +7,16 @@ import jQuery from 'jquery';
 
 declare global {
   interface Window {
-    bootstrapRegistration: (statusApiUrl: string, notificationApiUrl: string) => RegistrationStateMachine;
+    bootstrapRegistration: (
+      statusApiUrl: string,
+      notificationApiUrl: string,
+      correlationLoggingId: string
+    ) => RegistrationStateMachine;
   }
 }
 
-window.bootstrapRegistration = (statusApiUrl: string, finalizedUrl: string) => {
-  const statusClient = new StatusClient(statusApiUrl);
+window.bootstrapRegistration = (statusApiUrl: string, finalizedUrl: string, correlationLoggingId: string) => {
+  const statusClient = new StatusClient(statusApiUrl, correlationLoggingId);
   const pollingService = new StatusPollService(statusClient);
   const machine = new RegistrationStateMachine(
     pollingService,

diff --git a/ci/qa/phpunit.xml b/ci/qa/phpunit.xml
@@ -17,7 +17,7 @@
     <server name="KERNEL_CLASS" value="Surfnet\Tiqr\Kernel"/>
     <server name="SHELL_VERBOSITY" value="-1"/>
     <server name="SYMFONY_PHPUNIT_REMOVE" value=""/>
-    <server name="SYMFONY_PHPUNIT_VERSION" value="6.5"/>
+    <server name="SYMFONY_PHPUNIT_VERSION" value="9.6"/>
     <env name="SYMFONY_DEPRECATIONS_HELPER" value="weak"/>
   </php>
   <testsuites>

diff --git a/composer.json b/composer.json
@@ -48,7 +48,6 @@
     "khanamiryan/qrcode-detector-decoder": "^2.0",
     "league/csv": "^9.13",
     "malukenho/docheader": "^1",
-    "mockery/mockery": "^1.6",
     "overtrue/phplint": "*",
     "phpmd/phpmd": "^2.15",
     "phpstan/phpstan": "^1.10",

diff --git a/composer.lock b/composer.lock
diff --git a/dev/Command/AuthenticationCommand.php b/dev/Command/AuthenticationCommand.php
@@ -174,7 +174,6 @@ protected function decorateResult(string $text): string
     protected function readAuthenticationLinkFromFile(string $file, OutputInterface $output): string
     {
         $qrcode = new QrReader(file_get_contents($file), QrReader::SOURCE_TYPE_BLOB);
-        /** @phpstan-var mixed $link */
         $link = $qrcode->text();
 
         if (!is_string($link)) {

diff --git a/src/Controller/AuthenticationController.php b/src/Controller/AuthenticationController.php
@@ -29,6 +29,7 @@
 use Surfnet\Tiqr\Exception\UserNotFoundException;
 use Surfnet\Tiqr\Exception\UserPermanentlyBlockedException;
 use Surfnet\Tiqr\Exception\UserTemporarilyBlockedException;
+use Surfnet\Tiqr\Service\SessionCorrelationIdService;
 use Surfnet\Tiqr\Tiqr\AuthenticationRateLimitServiceInterface;
 use Surfnet\Tiqr\Tiqr\Exception\UserNotExistsException;
 use Surfnet\Tiqr\Tiqr\Response\AuthenticationResponse;
@@ -53,6 +54,7 @@ public function __construct(
         private readonly TiqrServiceInterface $tiqrService,
         private readonly TiqrUserRepositoryInterface $userRepository,
         private readonly AuthenticationRateLimitServiceInterface $authenticationRateLimitService,
+        private readonly SessionCorrelationIdService $correlationIdService,
         private readonly LoggerInterface $logger
     ) {
     }
@@ -72,7 +74,6 @@ public function __invoke(Request $request): Response
 
         $logger->info('Verifying if there is a pending authentication request from SP');
 
-        // Do have a valid sample AuthnRequest?
         if (!$this->authenticationService->authenticationRequired()) {
             $logger->error('There is no pending authentication request from SP');
 
@@ -145,7 +146,8 @@ public function __invoke(Request $request): Response
         $logger->info('Return authentication page with QR code');
 
         return $this->render('default/authentication.html.twig', [
-            'authenticateUrl' => $this->tiqrService->authenticationUrl()
+            'authenticateUrl' => $this->tiqrService->authenticationUrl(),
+            'correlationLoggingId' => $this->correlationIdService->generateCorrelationId(),
         ]);
     }
 

diff --git a/src/Controller/AuthenticationQrController.php b/src/Controller/AuthenticationQrController.php
@@ -53,7 +53,6 @@ public function __invoke(): Response
         $logger = WithContextLogger::from($this->logger, ['nameId' => $nameId, 'sari' => $sari]);
         $logger->info('Client request QR image');
 
-        // Do have a valid sample AuthnRequest?.
         if (!$this->authenticationService->authenticationRequired()) {
             $logger->error('There is no pending authentication request from SP');
 

diff --git a/src/Controller/RegistrationController.php b/src/Controller/RegistrationController.php
@@ -25,6 +25,7 @@
 use Surfnet\GsspBundle\Service\StateHandlerInterface;
 use Surfnet\Tiqr\Attribute\RequiresActiveSession;
 use Surfnet\Tiqr\Exception\NoActiveAuthenrequestException;
+use Surfnet\Tiqr\Service\SessionCorrelationIdService;
 use Surfnet\Tiqr\Tiqr\Legacy\TiqrService;
 use Surfnet\Tiqr\Tiqr\TiqrServiceInterface;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
@@ -38,6 +39,7 @@ public function __construct(
         private readonly RegistrationService $registrationService,
         private readonly StateHandlerInterface $stateHandler,
         private readonly TiqrServiceInterface $tiqrService,
+        private readonly SessionCorrelationIdService $correlationIdService,
         private readonly LoggerInterface $logger
     ) {
     }
@@ -81,6 +83,7 @@ public function registration(Request $request): Response
             'default/registration.html.twig',
             [
                 'metadataUrl' => sprintf("tiqrenroll://%s", $metadataUrl),
+                'correlationLoggingId' => $this->correlationIdService->generateCorrelationId(),
                 'enrollmentKey' => $key
             ]
         );

diff --git a/src/EventSubscriber/RequiresActiveSessionAttributeListener.php b/src/EventSubscriber/RequiresActiveSessionAttributeListener.php
@@ -44,7 +44,7 @@
      * @param array<string, string> $sessionOptions
      */
     public function __construct(
-        private LoggerInterface             $logger,
+        private LoggerInterface $logger,
         private SessionCorrelationIdService $sessionCorrelationIdService,
         private array $sessionOptions,
     ) {

diff --git a/templates/default/authentication.html.twig b/templates/default/authentication.html.twig
@@ -16,7 +16,8 @@
          */
         var authenticationPageService = window.bootstrapAuthentication(
             "{{ path('app_identity_authentication_status') | escape('js') }}",
-            "{{ path('app_identity_authentication_notification') | escape('js') }}"
+            "{{ path('app_identity_authentication_notification') | escape('js') }}",
+            "{{ correlationLoggingId }}"
         );
     </script>
 {% endblock %}

diff --git a/templates/default/registration.html.twig b/templates/default/registration.html.twig
@@ -13,7 +13,8 @@
     <script>
         var registrationStateMachine = window.bootstrapRegistration(
             "{{ path('app_identity_registration_status') | escape('js') }}",
-            "{{ path('app_identity_registration') | escape('js') }}"
+            "{{ path('app_identity_registration') | escape('js') }}",
+            "{{ correlationLoggingId }}"
         );
     </script>
 {% endblock %}

diff --git a/tests/Unit/EventSubscriber/RequiresActiveSessionAttributeListenerTest.php b/tests/Unit/EventSubscriber/RequiresActiveSessionAttributeListenerTest.php
@@ -17,7 +17,6 @@
 
 namespace Unit\EventSubscriber;
 
-use Mockery;
 use Psr\Log\LoggerInterface;
 use Psr\Log\LogLevel;
 use Surfnet\Tiqr\Attribute\RequiresActiveSession;

diff --git a/tests/Unit/EventSubscriber/SessionStateListenerTest.php b/tests/Unit/EventSubscriber/SessionStateListenerTest.php
@@ -17,7 +17,6 @@
 
 namespace Unit\EventSubscriber;
 
-use Mockery;
 use Psr\Log\LoggerInterface;
 use Psr\Log\LogLevel;
 use Surfnet\Tiqr\EventSubscriber\SessionStateListener;