feat: Add session handling in request builder

Author: Stephan Wentz

composer.json

@@ -26,7 +26,7 @@
         "phpstan/phpstan": "^1.2",
         "phpstan/phpstan-phpunit": "^1.0",
         "phpstan/phpstan-symfony": "^1.0",
-        "phpunit/phpunit": "^10.0",
+        "phpunit/phpunit": "^10.1",
         "riverline/multipart-parser": "^2.0",
         "slam/phpstan-extensions": "^6.0",
         "squizlabs/php_codesniffer": "^3.7.1",

phpunit.xml.dist

@@ -1,11 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!-- https://phpunit.readthedocs.io/en/latest/configuration.html -->
-<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.0/phpunit.xsd" backupGlobals="false" colors="true" bootstrap="vendor/autoload.php" extensionsDirectory="/usr/lib/tools/phpunit.d" cacheDirectory=".phpunit.cache">
-  <coverage>
-    <include>
-      <directory suffix=".php">src</directory>
-    </include>
-  </coverage>
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.1/phpunit.xsd" backupGlobals="false" colors="true" bootstrap="vendor/autoload.php" extensionsDirectory="/usr/lib/tools/phpunit.d" cacheDirectory=".phpunit.cache">
+  <coverage/>
   <php>
     <ini name="error_reporting" value="-1"/>
   </php>
@@ -14,4 +10,9 @@
       <directory>tests</directory>
     </testsuite>
   </testsuites>
+  <source>
+    <include>
+      <directory suffix=".php">src</directory>
+    </include>
+  </source>
 </phpunit>

src/Request/RequestBuilder.php

@@ -30,6 +30,8 @@ final class RequestBuilder
     /** @var mixed[] */
     private array $files = [];
     /** @var mixed[] */
+    private array $sessionValues = [];
+    /** @var mixed[] */
     private array $server = [];
     private string|null $content = null;
     private bool $changeHistory = true;
@@ -317,4 +319,17 @@ public function getChangeHistory(): bool
     {
         return $this->changeHistory;
     }
+
+    /** @return array<string, mixed> */
+    public function getSessionValues(): array
+    {
+        return $this->sessionValues;
+    }
+
+    public function sessionValue(string $key, mixed $value): self
+    {
+        $this->sessionValues[$key] = $value;
+
+        return $this;
+    }
 }

src/Request/RequestTrait.php

@@ -6,10 +6,11 @@
 
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\BrowserKit\AbstractBrowser;
-use Symfony\Component\BrowserKit\Cookie;
+use Symfony\Component\HttpFoundation\Cookie;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage;
+use Symfony\Component\HttpFoundation\Session\SessionInterface;
 
+use function assert;
 use function method_exists;
 use function Safe\sprintf;
 
@@ -52,42 +53,14 @@ protected static function getRequestClient(): AbstractBrowser
         ));
     }
 
-    final public function generateCsrfToken(string $tokenId): string
+    final public function generateCsrfToken(): string
     {
         $client = self::getRequestClient();
 
-        $cookie = $client->getCookieJar()->get('MOCKSESSID');
-
-        // create a new session object
-        $container = $client->getContainer();
-        $session = $container->get('session.factory')->createSession();
-
-        if ($cookie) {
-            // get the session id from the session cookie if it exists
-            $session->setId($cookie->getValue());
-            $session->start();
-        } else {
-            // or create a new session id and a session cookie
-            $session->start();
-            $session->save();
-
-            $sessionCookie = new Cookie(
-                $session->getName(),
-                $session->getId(),
-                null,
-                null,
-                'localhost',
-            );
-            $client->getCookieJar()->set($sessionCookie);
-        }
-
         $container = $client->getContainer();
         $tokenGenerator = $container->get('security.csrf.token_generator');
-        $csrfToken = $tokenGenerator->generateToken();
-        $session->set(SessionTokenStorage::SESSION_NAMESPACE . '/' . $tokenId, $csrfToken);
-        $session->save();
 
-        return $csrfToken;
+        return $tokenGenerator->generateToken();
     }
 
     final protected function build(string $method, string $uri): RequestBuilder
@@ -113,6 +86,10 @@ final protected function request(RequestBuilder $requestBuilder): Response
     {
         $client = self::getRequestClient();
 
+        if ($requestBuilder->getSessionValues()) {
+            $this->applySessionValues($requestBuilder->getSessionValues());
+        }
+
         $client->request(
             $requestBuilder->getMethod(),
             $requestBuilder->getUri(),
@@ -125,4 +102,43 @@ final protected function request(RequestBuilder $requestBuilder): Response
 
         return $client->getResponse();
     }
+
+    /** @param array<string, mixed> $sessionValues */
+    private function applySessionValues(array $sessionValues): void
+    {
+        $client = self::getRequestClient();
+        assert($client instanceof AbstractBrowser);
+
+        $cookie = $client->getCookieJar()->get('MOCKSESSID');
+
+        // create a new session object
+        $container = $client->getContainer();
+        $session = $container->get('session.factory')->createSession();
+        assert($session instanceof SessionInterface);
+
+        if ($cookie) {
+            // get the session id from the session cookie if it exists
+            $session->setId($cookie->getValue());
+            $session->start();
+        } else {
+            // or create a new session id and a session cookie
+            $session->start();
+            $session->save();
+
+            $sessionCookie = new Cookie(
+                $session->getName(),
+                $session->getId(),
+                null,
+                null,
+                'localhost',
+            );
+            $client->getCookieJar()->set($sessionCookie);
+        }
+
+        foreach ($sessionValues as $key => $value) {
+            $session->set($key, $value);
+        }
+
+        $session->save();
+    }
 }

tests/Request/RequestBuilderTest.php

@@ -356,6 +356,29 @@ public function testChangeHistoryIsReturned(): void
         $this->assertTrue($builder->getChangeHistory());
     }
 
+    public function testSessionValuesAreStored(): void
+    {
+        $builder = $this->createRequestBuilder('GET', '/users')
+            ->sessionValue('username', 'tester')
+            ->sessionValue('amount', 123)
+            ->sessionValue('price', 999.9)
+            ->sessionValue('complex', [1, 'abc', 3.5, [1, 2, 3], ['a', 'b', 'c']]);
+
+        $this->assertSame([
+            'username' => 'tester',
+            'amount' => 123,
+            'price' => 999.9,
+            'complex' => [1, 'abc', 3.5, [1, 2, 3], ['a', 'b', 'c']],
+        ], $builder->getSessionValues());
+    }
+
+    public function testSessionValuesAreReturned(): void
+    {
+        $builder = $this->createRequestBuilder('GET', '/users');
+
+        $this->assertSame([], $builder->getSessionValues());
+    }
+
     private function createRequestBuilder(string $method = 'GET', string $uri = '/foo'): RequestBuilder
     {
         return RequestBuilder::create(