Fix session key matching and improve session handling in cache integration

cursoragent · cursoragent · commit 8b547e8a97fc · 2025-06-17T11:43:07.000Z
diff --git a/src/Sentry/Laravel/Features/CacheIntegration.php b/src/Sentry/Laravel/Features/CacheIntegration.php
@@ -278,23 +278,27 @@ private function isSessionKey(string $key): bool
             $request = $this->container()->make('request');
 
             // Check if the request has a session
-            if (!$request->hasSession()) {
+            if (!method_exists($request, 'hasSession') || !$request->hasSession()) {
                 return false;
             }
 
             $session = $request->session();
 
             // Don't start the session if it hasn't been started yet
-            if (!$session->isStarted()) {
+            if (!method_exists($session, 'isStarted') || !$session->isStarted()) {
                 return false;
             }
 
-            // Get the session ID and check if the cache key matches
+            // Get the session ID and check if the cache key matches exactly
             $sessionId = $session->getId();
+            
+            // Check for empty session ID
+            if (empty($sessionId)) {
+                return false;
+            }
 
-            // Check if the key equals the session ID or contains it
-            // This handles cases where the cache key might be prefixed
-            return $key === $sessionId || Str::endsWith($key, $sessionId);
+            // Check if the key equals the session ID exactly
+            return $key === $sessionId;
         } catch (\Exception $e) {
             // If anything goes wrong, we assume it's not a session key
             return false;
diff --git a/test/Sentry/Features/CacheIntegrationTest.php b/test/Sentry/Features/CacheIntegrationTest.php
@@ -58,8 +58,8 @@ public function testCacheBreadcrumbIsNotRecordedWhenDisabled(): void
     public function testCacheBreadcrumbReplacesSessionKeyWithPlaceholder(): void
     {
         // Start a session properly in the test environment
-        $this->withSession(['test' => 'value']);
-        
+        $this->ensureRequestIsBound();
+        $this->startSession();
         $sessionId = $this->app['session']->getId();
 
         // Use the session ID as a cache key
@@ -183,8 +183,8 @@ public function testCacheSpanReplacesSessionKeyWithPlaceholder(): void
         $this->markSkippedIfTracingEventsNotAvailable();
 
         // Start a session properly in the test environment
-        $this->withSession(['test' => 'value']);
-        
+        $this->ensureRequestIsBound();
+        $this->startSession();
         $sessionId = $this->app['session']->getId();
 
         $span = $this->executeAndReturnMostRecentSpan(function () use ($sessionId) {
@@ -201,17 +201,17 @@ public function testCacheSpanReplacesMultipleSessionKeysWithPlaceholder(): void
         $this->markSkippedIfTracingEventsNotAvailable();
 
         // Start a session properly in the test environment
-        $this->withSession(['test' => 'value']);
-        
+        $this->ensureRequestIsBound();
+        $this->startSession();
         $sessionId = $this->app['session']->getId();
 
         $span = $this->executeAndReturnMostRecentSpan(function () use ($sessionId) {
             Cache::get([$sessionId, 'regular-key', $sessionId . '_another']);
         });
 
         $this->assertEquals('cache.get', $span->getOp());
-        $this->assertEquals('{sessionKey}, regular-key, {sessionKey}', $span->getDescription());
-        $this->assertEquals(['{sessionKey}', 'regular-key', '{sessionKey}'], $span->getData()['cache.key']);
+        $this->assertEquals('{sessionKey}, regular-key, ' . $sessionId . '_another', $span->getDescription());
+        $this->assertEquals(['{sessionKey}', 'regular-key', $sessionId . '_another'], $span->getData()['cache.key']);
     }
 
     public function testCacheOperationDoesNotStartSessionPrematurely(): void
@@ -252,4 +252,22 @@ private function executeAndReturnMostRecentSpan(callable $callable): Span
 
         return array_pop($spans);
     }
+
+    private function ensureRequestIsBound(): void
+    {
+        // Ensure we have a request instance
+        if (!$this->app->bound('request')) {
+            $this->app->instance('request', $this->app->make(\Illuminate\Http\Request::class));
+        }
+    }
+
+    private function startSession(): void
+    {
+        // Start the session
+        $session = $this->app['session'];
+        $session->start();
+
+        // Set the session on the request
+        $this->app['request']->setLaravelSession($session);
+    }
 }
