Adjust Neos.Flow Session subcontext

Bernhard Schmitt · mficzel · commit d968f3df19cb · 2025-11-07T14:54:44.000+01:00
diff --git a/Neos.Flow/Classes/Session/Aspect/LazyLoadingAspect.php b/Neos.Flow/Classes/Session/Aspect/LazyLoadingAspect.php
@@ -29,6 +29,9 @@ class LazyLoadingAspect
     #[Flow\Inject]
     protected ?LoggerInterface $logger = null;
 
+    /**
+     * @var array<string,object>
+     */
     protected array $sessionOriginalInstances = [];
 
     public function __construct(
diff --git a/Neos.Flow/Classes/Session/Aspect/SessionObjectMethodsPointcutFilter.php b/Neos.Flow/Classes/Session/Aspect/SessionObjectMethodsPointcutFilter.php
@@ -37,7 +37,7 @@ public function injectObjectManager(CompileTimeObjectManager $objectManager): vo
      * Checks if the specified class and method matches against the filter
      *
      * @param string $className Name of the class to check against
-     * @param string $methodName Name of the method to check against
+     * @param ?string $methodName Name of the method to check against
      * @param string $methodDeclaringClassName Name of the class the method was originally declared in
      * @param mixed $pointcutQueryIdentifier Some identifier for this query - must at least differ from a previous identifier. Used for circular reference detection.
      * @return bool true if the class / method match, otherwise false
@@ -79,7 +79,7 @@ public function hasRuntimeEvaluationsDefinition(): bool
     /**
      * Returns runtime evaluations for a previously matched pointcut
      *
-     * @return array Runtime evaluations
+     * @return array<mixed> Runtime evaluations
      */
     public function getRuntimeEvaluationsDefinition(): array
     {
diff --git a/Neos.Flow/Classes/Session/CookieEnabledInterface.php b/Neos.Flow/Classes/Session/CookieEnabledInterface.php
@@ -18,5 +18,8 @@ interface CookieEnabledInterface extends SessionInterface
 {
     public function getSessionCookie(): Cookie;
 
+    /**
+     * @param array<string> $tags
+     */
     public static function createFromCookieAndSessionInformation(Cookie $sessionCookie, string $storageIdentifier, int $lastActivityTimestamp, array $tags = []): SessionInterface|CookieEnabledInterface;
 }
diff --git a/Neos.Flow/Classes/Session/Data/SessionKeyValueStore.php b/Neos.Flow/Classes/Session/Data/SessionKeyValueStore.php
@@ -72,6 +72,9 @@ public function store(StorageIdentifier $storageIdentifier, string $key, mixed $
     {
         $entryIdentifier = $this->createEntryIdentifier($storageIdentifier, $key);
         $serializedValue = ($this->useIgBinary === true) ? igbinary_serialize($value) : serialize($value);
+        if (is_null($serializedValue)) {
+            throw new \Exception('Failed to serialize value', 1743874462);
+        }
         $valueHash = md5($serializedValue);
         $debounceHash = $this->writeDebounceHashes[$storageIdentifier->value][$key] ?? null;
         if ($debounceHash !== null && $debounceHash === $valueHash) {
@@ -90,7 +93,7 @@ public function remove(StorageIdentifier $storageIdentifier): int
         return $this->cache->flushByTag($storageIdentifier->value);
     }
 
-    private function createEntryIdentifier(StorageIdentifier $storageIdentifier, $key): string
+    private function createEntryIdentifier(StorageIdentifier $storageIdentifier, string $key): string
     {
         return $storageIdentifier->value . md5($key);
     }
diff --git a/Neos.Flow/Classes/Session/Data/SessionMetaDataStore.php b/Neos.Flow/Classes/Session/Data/SessionMetaDataStore.php
@@ -82,6 +82,15 @@ public function retrieve(SessionIdentifier $sessionIdentifier): ?SessionMetaData
         }
 
         if (is_array($metaDataFromCache)) {
+            if (!is_string($metaDataFromCache['storageIdentifier'] ?? null)) {
+                throw new \Exception('Missing storageIdentifier', 1743874214);
+            }
+            if (!is_int($metaDataFromCache['lastActivityTimestamp'])) {
+                throw new \Exception('Missing lastActivityTimestamp', 1743874236);
+            }
+            if (!is_array($metaDataFromCache['tags'])) {
+                throw new \Exception('Missing tags', 1743874272);
+            }
             $metaDataFromCache = SessionMetaData::createFromSessionIdentifierStringAndOldArrayCacheFormat($sessionIdentifier->value, $metaDataFromCache);
             $this->writeDebounceCache[$metaDataFromCache->sessionIdentifier->value] = $metaDataFromCache;
             return $metaDataFromCache;
@@ -104,6 +113,15 @@ public function retrieveByTag(string $tag): \Generator
                 $this->writeDebounceCache[$sessionIdentifier] = $sessionMetaData;
                 yield $sessionIdentifier => $sessionMetaData;
             } elseif (is_array($sessionMetaData)) {
+                if (!is_string($sessionMetaData['storageIdentifier'] ?? null)) {
+                    throw new \Exception('Missing storageIdentifier', 1743874214);
+                }
+                if (!is_int($sessionMetaData['lastActivityTimestamp'])) {
+                    throw new \Exception('Missing lastActivityTimestamp', 1743874236);
+                }
+                if (!is_array($sessionMetaData['tags'])) {
+                    throw new \Exception('Missing tags', 1743874272);
+                }
                 $sessionMetaData = SessionMetaData::createFromSessionIdentifierStringAndOldArrayCacheFormat($sessionIdentifier, $sessionMetaData);
                 $this->writeDebounceCache[$sessionIdentifier] = $sessionMetaData;
                 yield $sessionIdentifier => $sessionMetaData;
@@ -125,7 +143,19 @@ public function retrieveAll(): \Generator
                 $this->writeDebounceCache[$sessionIdentifier] = $sessionMetaData;
                 yield $sessionIdentifier => $sessionMetaData;
             } elseif (is_array($sessionMetaData)) {
-                $sessionMetaData = SessionMetaData::createFromSessionIdentifierStringAndOldArrayCacheFormat($sessionIdentifier, $sessionMetaData);
+                if (!is_string($sessionMetaData['storageIdentifier'] ?? null)) {
+                    throw new \Exception('Missing storageIdentifier', 1743874214);
+                }
+                if (!is_int($sessionMetaData['lastActivityTimestamp'])) {
+                    throw new \Exception('Missing lastActivityTimestamp', 1743874236);
+                }
+                if (!is_array($sessionMetaData['tags'])) {
+                    throw new \Exception('Missing tags', 1743874272);
+                }
+                $sessionMetaData = SessionMetaData::createFromSessionIdentifierStringAndOldArrayCacheFormat(
+                    $sessionIdentifier,
+                    $sessionMetaData
+                );
                 $this->writeDebounceCache[$sessionIdentifier] = $sessionMetaData;
                 yield $sessionIdentifier => $sessionMetaData;
             }
diff --git a/Neos.Flow/Classes/Session/Session.php b/Neos.Flow/Classes/Session/Session.php
@@ -71,6 +71,9 @@ class Session implements CookieEnabledInterface
     protected ?string $sessionCookieSameSite = null;
     protected ?Cookie $sessionCookie = null;
     protected int $inactivityTimeout;
+    /**
+     * @var array<string>
+     */
     protected array $tags = [];
     protected int $now = 0;
     protected ?SessionMetaData $sessionMetaData = null;
@@ -91,7 +94,10 @@ public static function create(): self
         return new static();
     }
 
-    public static function createRemote(string $sessionIdentifier, string $storageIdentifier, ?int $lastActivityTimestamp = null, array $tags = []): self
+    /**
+     * @param array<string> $tags
+     */
+    public static function createRemote(string $sessionIdentifier, string $storageIdentifier, int $lastActivityTimestamp, array $tags = []): self
     {
         $session = new static();
         $session->sessionMetaData = new SessionMetaData(
@@ -114,6 +120,9 @@ public static function createRemoteFromSessionMetaData(SessionMetaData $sessionM
         return $session;
     }
 
+    /**
+     * @param array<string> $tags
+     */
     public static function createFromCookieAndSessionInformation(Cookie $sessionCookie, string $storageIdentifier, int $lastActivityTimestamp, array $tags = []): SessionInterface|CookieEnabledInterface
     {
         $session = new static();
@@ -127,6 +136,9 @@ public static function createFromCookieAndSessionInformation(Cookie $sessionCook
         return $session;
     }
 
+    /**
+     * @param array<string,mixed> $settings
+     */
     public function injectSettings(array $settings): void
     {
         $this->sessionCookieName = $settings['session']['name'];
@@ -141,6 +153,9 @@ public function injectSettings(array $settings): void
 
     public function getSessionCookie(): Cookie
     {
+        if (!$this->sessionCookie) {
+            throw new \Exception('Missing session cookie');
+        }
         return $this->sessionCookie;
     }
 
@@ -172,6 +187,9 @@ public function start(): void
     {
         if ($this->started === false) {
             $this->sessionMetaData = SessionMetaData::createWithTimestamp($this->now);
+            if (!$this->sessionCookiePath) {
+                throw new \Exception('Cannot start a session without a path');
+            }
             $this->sessionCookie = new Cookie($this->sessionCookieName, $this->sessionMetaData->sessionIdentifier->value, 0, $this->sessionCookieLifetime, $this->sessionCookieDomain, $this->sessionCookiePath, $this->sessionCookieSecure, $this->sessionCookieHttpOnly, $this->sessionCookieSameSite);
             $this->started = true;
 
@@ -221,6 +239,9 @@ public function canBeResumed(): bool
     public function resume(): ?int
     {
         if ($this->started === false && $this->canBeResumed()) {
+            if (!$this->sessionMetaData) {
+                throw new \Exception('Cannot resume a session without metadata');
+            }
             $this->started = true;
 
             $sessionObjects = $this->sessionKeyValueStore->retrieve($this->sessionMetaData->storageIdentifier, self::FLOW_OBJECT_STORAGE_KEY);
@@ -256,7 +277,7 @@ public function resume(): ?int
      */
     public function getId(): string
     {
-        if ($this->started !== true) {
+        if ($this->started !== true || !$this->sessionMetaData) {
             throw new Exception\SessionNotStartedException('Tried to retrieve the session identifier, but the session has not been started yet.)', 1351171517);
         }
         return $this->sessionMetaData->sessionIdentifier->value;
@@ -276,6 +297,12 @@ public function renewId(): string
         if ($this->started !== true) {
             throw new Exception\SessionNotStartedException('Tried to renew the session identifier, but the session has not been started yet.', 1351182429);
         }
+        if (!$this->sessionMetaData) {
+            throw new \Exception('Missing session metadata');
+        }
+        if (!$this->sessionCookie) {
+            throw new \Exception('Missing session cookie');
+        }
         if ($this->remote === true) {
             throw new Exception\OperationNotSupportedException(sprintf('Tried to renew the session identifier on a remote session (%s).', $this->sessionMetaData->sessionIdentifier->value), 1354034230);
         }
@@ -284,6 +311,12 @@ public function renewId(): string
         $this->sessionMetaData = $this->sessionMetaData->withNewSessionIdentifier();
         $this->writeSessionMetaDataCacheEntry();
 
+        if (!$this->sessionMetaData) {
+            throw new \Exception('Missing session metadata');
+        }
+        if (!$this->sessionCookie) {
+            throw new \Exception('Missing session cookie');
+        }
         $this->sessionCookie->setValue($this->sessionMetaData->sessionIdentifier->value);
         return $this->sessionMetaData->sessionIdentifier->value;
     }
@@ -297,7 +330,7 @@ public function renewId(): string
      */
     public function getData(string $key): mixed
     {
-        if ($this->started !== true) {
+        if ($this->started !== true || !$this->sessionMetaData) {
             throw new Exception\SessionNotStartedException('Tried to get session data, but the session has not been started yet.', 1351162255);
         }
         return $this->sessionKeyValueStore->retrieve($this->sessionMetaData->storageIdentifier, $key);
@@ -312,7 +345,7 @@ public function getData(string $key): mixed
      */
     public function hasKey(string $key): bool
     {
-        if ($this->started !== true) {
+        if ($this->started !== true || !$this->sessionMetaData) {
             throw new Exception\SessionNotStartedException('Tried to check a session data entry, but the session has not been started yet.', 1352488661);
         }
         return $this->sessionKeyValueStore->has($this->sessionMetaData->storageIdentifier, $key);
@@ -332,7 +365,7 @@ public function hasKey(string $key): bool
      */
     public function putData(string $key, mixed $data): void
     {
-        if ($this->started !== true) {
+        if ($this->started !== true || !$this->sessionMetaData) {
             throw new Exception\SessionNotStartedException('Tried to create a session data entry, but the session has not been started yet.', 1351162259);
         }
         if (is_resource($data)) {
@@ -354,7 +387,7 @@ public function putData(string $key, mixed $data): void
      */
     public function getLastActivityTimestamp(): int
     {
-        if ($this->started !== true) {
+        if ($this->started !== true || !$this->sessionMetaData) {
             throw new Exception\SessionNotStartedException('Tried to retrieve the last activity timestamp of a session which has not been started yet.', 1354290378);
         }
         return $this->sessionMetaData->lastActivityTimestamp;
@@ -378,9 +411,9 @@ public function addTag(string $tag): void
             throw new Exception\SessionNotStartedException('Tried to tag a session which has not been started yet.', 1355143533);
         }
         if (!$this->sessionMetaDataStore->isValidSessionTag($tag)) {
-            throw new \InvalidArgumentException(sprintf('The tag used for tagging session %s contained invalid characters. Make sure it matches this regular expression: "%s"', $this->sessionMetaData->sessionIdentifier->value, FrontendInterface::PATTERN_TAG));
+            throw new \InvalidArgumentException(sprintf('The tag used for tagging session %s contained invalid characters. Make sure it matches this regular expression: "%s"', $this->sessionMetaData?->sessionIdentifier->value ?: '', FrontendInterface::PATTERN_TAG));
         }
-        $this->sessionMetaData = $this->sessionMetaData->withAddedTag($tag);
+        $this->sessionMetaData = $this->sessionMetaData?->withAddedTag($tag);
     }
 
     /**
@@ -396,14 +429,14 @@ public function removeTag(string $tag): void
         if ($this->started !== true) {
             throw new Exception\SessionNotStartedException('Tried to tag a session which has not been started yet.', 1355150140);
         }
-        $this->sessionMetaData = $this->sessionMetaData->withRemovedTag($tag);
+        $this->sessionMetaData = $this->sessionMetaData?->withRemovedTag($tag);
     }
 
 
     /**
      * Returns the tags this session has been tagged with.
      *
-     * @return array The tags or an empty array if there aren't any
+     * @return array<string> The tags or an empty array if there aren't any
      * @throws Exception\SessionNotStartedException
      * @api
      */
@@ -412,7 +445,7 @@ public function getTags(): array
         if ($this->started !== true) {
             throw new Exception\SessionNotStartedException('Tried to retrieve tags from a session which has not been started yet.', 1355141501);
         }
-        return $this->sessionMetaData->tags;
+        return $this->sessionMetaData?->tags ?: [];
     }
 
     /**
@@ -428,7 +461,7 @@ public function touch(): void
 
         // Only makes sense for remote sessions because the currently active session
         // will be updated on shutdown anyway:
-        if ($this->remote === true) {
+        if ($this->remote === true && $this->sessionMetaData) {
             $this->sessionMetaData = $this->sessionMetaData->withLastActivityTimestamp($this->now);
             $this->writeSessionMetaDataCacheEntry();
         }
@@ -461,12 +494,14 @@ public function destroy(?string $reason = null): void
         }
 
         if ($this->remote !== true) {
-            $this->sessionCookie->expire();
+            $this->sessionCookie?->expire();
         }
 
-        $this->sessionMetaDataStore->remove($this->sessionMetaData);
-        $this->sessionKeyValueStore->remove($this->sessionMetaData->storageIdentifier);
-        $this->sessionMetaData = null;
+        if ($this->sessionMetaData) {
+            $this->sessionMetaDataStore->remove($this->sessionMetaData);
+            $this->sessionKeyValueStore->remove($this->sessionMetaData->storageIdentifier);
+            $this->sessionMetaData = null;
+        }
         $this->started = false;
     }
 
@@ -482,8 +517,12 @@ public function destroy(?string $reason = null): void
     public function shutdownObject(): void
     {
         if ($this->started === true && $this->remote === false) {
-            if ($this->sessionMetaDataStore->has($this->sessionMetaData->sessionIdentifier)) {
-                $this->sessionKeyValueStore->store($this->sessionMetaData->storageIdentifier, self::FLOW_OBJECT_STORAGE_KEY, $this->objectManager->getSessionInstances() ?? []);
+            if ($this->sessionMetaData && $this->sessionMetaDataStore->has($this->sessionMetaData->sessionIdentifier)) {
+                $this->sessionKeyValueStore->store(
+                    $this->sessionMetaData->storageIdentifier,
+                    self::FLOW_OBJECT_STORAGE_KEY,
+                    $this->objectManager->getSessionInstances()
+                );
                 $this->writeSessionMetaDataCacheEntry();
             }
             $this->started = false;
@@ -497,11 +536,11 @@ public function shutdownObject(): void
      */
     protected function autoExpire(): bool
     {
-        $lastActivitySecondsAgo = $this->now - $this->sessionMetaData->lastActivityTimestamp;
+        $lastActivitySecondsAgo = $this->now - ($this->sessionMetaData?->lastActivityTimestamp ?: 0);
         $expired = false;
         if ($this->inactivityTimeout !== 0 && $lastActivitySecondsAgo > $this->inactivityTimeout) {
             $this->started = true;
-            $this->destroy(sprintf('Session %s was inactive for %s seconds, more than the configured timeout of %s seconds.', $this->sessionMetaData->sessionIdentifier->value, $lastActivitySecondsAgo, $this->inactivityTimeout));
+            $this->destroy(sprintf('Session %s was inactive for %s seconds, more than the configured timeout of %s seconds.', $this->sessionMetaData?->sessionIdentifier->value ?: '', $lastActivitySecondsAgo, $this->inactivityTimeout));
             $expired = true;
         }
         return $expired;
@@ -521,6 +560,8 @@ protected function autoExpire(): bool
      */
     protected function writeSessionMetaDataCacheEntry(): void
     {
-        $this->sessionMetaDataStore->store($this->sessionMetaData);
+        if ($this->sessionMetaData) {
+            $this->sessionMetaDataStore->store($this->sessionMetaData);
+        }
     }
 }
diff --git a/Neos.Flow/Classes/Session/SessionInterface.php b/Neos.Flow/Classes/Session/SessionInterface.php
@@ -107,7 +107,7 @@ public function removeTag(string $tag): void;
     /**
      * Returns the tags this session has been tagged with.
      *
-     * @return array The tags or an empty array if there aren't any
+     * @return array<string> The tags or an empty array if there aren't any
      * @throws Exception\SessionNotStartedException
      * @api
      */
diff --git a/Neos.Flow/Classes/Session/SessionManager.php b/Neos.Flow/Classes/Session/SessionManager.php
diff --git a/Neos.Flow/Classes/Session/SessionManagerInterface.php b/Neos.Flow/Classes/Session/SessionManagerInterface.php
diff --git a/Neos.Flow/Classes/Session/TransientSession.php b/Neos.Flow/Classes/Session/TransientSession.php

Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@ public function injectObjectManager(CompileTimeObjectManager $objectManager): vo`
`37`	`37`	`* Checks if the specified class and method matches against the filter`
`38`	`38`	`*`
`39`	`39`	`* @param string $className Name of the class to check against`
`40`		`- * @param string $methodName Name of the method to check against`
	`40`	`+ * @param ?string $methodName Name of the method to check against`
`41`	`41`	`* @param string $methodDeclaringClassName Name of the class the method was originally declared in`
`42`	`42`	`* @param mixed $pointcutQueryIdentifier Some identifier for this query - must at least differ from a previous identifier. Used for circular reference detection.`
`43`	`43`	`* @return bool true if the class / method match, otherwise false`
`@@ -79,7 +79,7 @@ public function hasRuntimeEvaluationsDefinition(): bool`
`79`	`79`	`/**`
`80`	`80`	`* Returns runtime evaluations for a previously matched pointcut`
`81`	`81`	`*`
`82`		`- * @return array Runtime evaluations`
	`82`	`+ * @return array<mixed> Runtime evaluations`
`83`	`83`	`*/`
`84`	`84`	`public function getRuntimeEvaluationsDefinition(): array`
`85`	`85`	`{`
Original file line number	Diff line number	Diff line change
`@@ -18,5 +18,8 @@ interface CookieEnabledInterface extends SessionInterface`
`18`	`18`	`{`
`19`	`19`	`public function getSessionCookie(): Cookie;`
`20`	`20`
	`21`	`+ /**`
	`22`	`+ * @param array<string> $tags`
	`23`	`+ */`
`21`	`24`	`public static function createFromCookieAndSessionInformation(Cookie $sessionCookie, string $storageIdentifier, int $lastActivityTimestamp, array $tags = []): SessionInterface\|CookieEnabledInterface;`
`22`	`25`	`}`
Original file line number	Diff line number	Diff line change
`@@ -72,6 +72,9 @@ public function store(StorageIdentifier $storageIdentifier, string $key, mixed $`
`72`	`72`	`{`
`73`	`73`	`$entryIdentifier = $this->createEntryIdentifier($storageIdentifier, $key);`
`74`	`74`	`$serializedValue = ($this->useIgBinary === true) ? igbinary_serialize($value) : serialize($value);`
	`75`	`+ if (is_null($serializedValue)) {`
	`76`	`+ throw new \Exception('Failed to serialize value', 1743874462);`
	`77`	`+ }`
`75`	`78`	`$valueHash = md5($serializedValue);`
`76`	`79`	`$debounceHash = $this->writeDebounceHashes[$storageIdentifier->value][$key] ?? null;`
`77`	`80`	`if ($debounceHash !== null && $debounceHash === $valueHash) {`
`@@ -90,7 +93,7 @@ public function remove(StorageIdentifier $storageIdentifier): int`
`90`	`93`	`return $this->cache->flushByTag($storageIdentifier->value);`
`91`	`94`	`}`
`92`	`95`
`93`		`- private function createEntryIdentifier(StorageIdentifier $storageIdentifier, $key): string`
	`96`	`+ private function createEntryIdentifier(StorageIdentifier $storageIdentifier, string $key): string`
`94`	`97`	`{`
`95`	`98`	`return $storageIdentifier->value . md5($key);`
`96`	`99`	`}`
Original file line number	Diff line number	Diff line change
`@@ -71,6 +71,9 @@ class Session implements CookieEnabledInterface`
`71`	`71`	`protected ?string $sessionCookieSameSite = null;`
`72`	`72`	`protected ?Cookie $sessionCookie = null;`
`73`	`73`	`protected int $inactivityTimeout;`
	`74`	`+ /**`
	`75`	`+ * @var array<string>`
	`76`	`+ */`
`74`	`77`	`protected array $tags = [];`
`75`	`78`	`protected int $now = 0;`
`76`	`79`	`protected ?SessionMetaData $sessionMetaData = null;`
`@@ -91,7 +94,10 @@ public static function create(): self`
`91`	`94`	`return new static();`
`92`	`95`	`}`
`93`	`96`
`94`		`- public static function createRemote(string $sessionIdentifier, string $storageIdentifier, ?int $lastActivityTimestamp = null, array $tags = []): self`
	`97`	`+ /**`
	`98`	`+ * @param array<string> $tags`
	`99`	`+ */`
	`100`	`+ public static function createRemote(string $sessionIdentifier, string $storageIdentifier, int $lastActivityTimestamp, array $tags = []): self`
`95`	`101`	`{`
`96`	`102`	`$session = new static();`
`97`	`103`	`$session->sessionMetaData = new SessionMetaData(`
`@@ -114,6 +120,9 @@ public static function createRemoteFromSessionMetaData(SessionMetaData $sessionM`
`114`	`120`	`return $session;`
`115`	`121`	`}`
`116`	`122`
	`123`	`+ /**`
	`124`	`+ * @param array<string> $tags`
	`125`	`+ */`
`117`	`126`	`public static function createFromCookieAndSessionInformation(Cookie $sessionCookie, string $storageIdentifier, int $lastActivityTimestamp, array $tags = []): SessionInterface\|CookieEnabledInterface`
`118`	`127`	`{`
`119`	`128`	`$session = new static();`
`@@ -127,6 +136,9 @@ public static function createFromCookieAndSessionInformation(Cookie $sessionCook`
`127`	`136`	`return $session;`
`128`	`137`	`}`
`129`	`138`
	`139`	`+ /**`
	`140`	`+ * @param array<string,mixed> $settings`
	`141`	`+ */`
`130`	`142`	`public function injectSettings(array $settings): void`
`131`	`143`	`{`
`132`	`144`	`$this->sessionCookieName = $settings['session']['name'];`
`@@ -141,6 +153,9 @@ public function injectSettings(array $settings): void`
`141`	`153`
`142`	`154`	`public function getSessionCookie(): Cookie`
`143`	`155`	`{`
	`156`	`+ if (!$this->sessionCookie) {`
	`157`	`+ throw new \Exception('Missing session cookie');`
	`158`	`+ }`
`144`	`159`	`return $this->sessionCookie;`
`145`	`160`	`}`
`146`	`161`
`@@ -172,6 +187,9 @@ public function start(): void`
`172`	`187`	`{`
`173`	`188`	`if ($this->started === false) {`
`174`	`189`	`$this->sessionMetaData = SessionMetaData::createWithTimestamp($this->now);`
	`190`	`+ if (!$this->sessionCookiePath) {`
	`191`	`+ throw new \Exception('Cannot start a session without a path');`
	`192`	`+ }`
`175`	`193`	`$this->sessionCookie = new Cookie($this->sessionCookieName, $this->sessionMetaData->sessionIdentifier->value, 0, $this->sessionCookieLifetime, $this->sessionCookieDomain, $this->sessionCookiePath, $this->sessionCookieSecure, $this->sessionCookieHttpOnly, $this->sessionCookieSameSite);`
`176`	`194`	`$this->started = true;`
`177`	`195`
`@@ -221,6 +239,9 @@ public function canBeResumed(): bool`
`221`	`239`	`public function resume(): ?int`
`222`	`240`	`{`
`223`	`241`	`if ($this->started === false && $this->canBeResumed()) {`
	`242`	`+ if (!$this->sessionMetaData) {`
	`243`	`+ throw new \Exception('Cannot resume a session without metadata');`
	`244`	`+ }`
`224`	`245`	`$this->started = true;`
`225`	`246`
`226`	`247`	`$sessionObjects = $this->sessionKeyValueStore->retrieve($this->sessionMetaData->storageIdentifier, self::FLOW_OBJECT_STORAGE_KEY);`
`@@ -256,7 +277,7 @@ public function resume(): ?int`
`256`	`277`	`*/`
`257`	`278`	`public function getId(): string`
`258`	`279`	`{`
`259`		`- if ($this->started !== true) {`
	`280`	`+ if ($this->started !== true \|\| !$this->sessionMetaData) {`
`260`	`281`	`throw new Exception\SessionNotStartedException('Tried to retrieve the session identifier, but the session has not been started yet.)', 1351171517);`
`261`	`282`	`}`
`262`	`283`	`return $this->sessionMetaData->sessionIdentifier->value;`
`@@ -276,6 +297,12 @@ public function renewId(): string`
`276`	`297`	`if ($this->started !== true) {`
`277`	`298`	`throw new Exception\SessionNotStartedException('Tried to renew the session identifier, but the session has not been started yet.', 1351182429);`
`278`	`299`	`}`
	`300`	`+ if (!$this->sessionMetaData) {`
	`301`	`+ throw new \Exception('Missing session metadata');`
	`302`	`+ }`
	`303`	`+ if (!$this->sessionCookie) {`
	`304`	`+ throw new \Exception('Missing session cookie');`
	`305`	`+ }`
`279`	`306`	`if ($this->remote === true) {`
`280`	`307`	`throw new Exception\OperationNotSupportedException(sprintf('Tried to renew the session identifier on a remote session (%s).', $this->sessionMetaData->sessionIdentifier->value), 1354034230);`
`281`	`308`	`}`
`@@ -284,6 +311,12 @@ public function renewId(): string`
`284`	`311`	`$this->sessionMetaData = $this->sessionMetaData->withNewSessionIdentifier();`
`285`	`312`	`$this->writeSessionMetaDataCacheEntry();`
`286`	`313`
	`314`	`+ if (!$this->sessionMetaData) {`
	`315`	`+ throw new \Exception('Missing session metadata');`
	`316`	`+ }`
	`317`	`+ if (!$this->sessionCookie) {`
	`318`	`+ throw new \Exception('Missing session cookie');`
	`319`	`+ }`
`287`	`320`	`$this->sessionCookie->setValue($this->sessionMetaData->sessionIdentifier->value);`
`288`	`321`	`return $this->sessionMetaData->sessionIdentifier->value;`
`289`	`322`	`}`
`@@ -297,7 +330,7 @@ public function renewId(): string`
`297`	`330`	`*/`
`298`	`331`	`public function getData(string $key): mixed`
`299`	`332`	`{`
`300`		`- if ($this->started !== true) {`
	`333`	`+ if ($this->started !== true \|\| !$this->sessionMetaData) {`
`301`	`334`	`throw new Exception\SessionNotStartedException('Tried to get session data, but the session has not been started yet.', 1351162255);`
`302`	`335`	`}`
`303`	`336`	`return $this->sessionKeyValueStore->retrieve($this->sessionMetaData->storageIdentifier, $key);`
`@@ -312,7 +345,7 @@ public function getData(string $key): mixed`
`312`	`345`	`*/`
`313`	`346`	`public function hasKey(string $key): bool`
`314`	`347`	`{`
`315`		`- if ($this->started !== true) {`
	`348`	`+ if ($this->started !== true \|\| !$this->sessionMetaData) {`
`316`	`349`	`throw new Exception\SessionNotStartedException('Tried to check a session data entry, but the session has not been started yet.', 1352488661);`
`317`	`350`	`}`
`318`	`351`	`return $this->sessionKeyValueStore->has($this->sessionMetaData->storageIdentifier, $key);`
`@@ -332,7 +365,7 @@ public function hasKey(string $key): bool`
`332`	`365`	`*/`
`333`	`366`	`public function putData(string $key, mixed $data): void`
`334`	`367`	`{`
`335`		`- if ($this->started !== true) {`
	`368`	`+ if ($this->started !== true \|\| !$this->sessionMetaData) {`
`336`	`369`	`throw new Exception\SessionNotStartedException('Tried to create a session data entry, but the session has not been started yet.', 1351162259);`
`337`	`370`	`}`
`338`	`371`	`if (is_resource($data)) {`
`@@ -354,7 +387,7 @@ public function putData(string $key, mixed $data): void`
`354`	`387`	`*/`
`355`	`388`	`public function getLastActivityTimestamp(): int`
`356`	`389`	`{`
`357`		`- if ($this->started !== true) {`
	`390`	`+ if ($this->started !== true \|\| !$this->sessionMetaData) {`
`358`	`391`	`throw new Exception\SessionNotStartedException('Tried to retrieve the last activity timestamp of a session which has not been started yet.', 1354290378);`
`359`	`392`	`}`
`360`	`393`	`return $this->sessionMetaData->lastActivityTimestamp;`
`@@ -378,9 +411,9 @@ public function addTag(string $tag): void`
`378`	`411`	`throw new Exception\SessionNotStartedException('Tried to tag a session which has not been started yet.', 1355143533);`
`379`	`412`	`}`
`380`	`413`	`if (!$this->sessionMetaDataStore->isValidSessionTag($tag)) {`
`381`		`- throw new \InvalidArgumentException(sprintf('The tag used for tagging session %s contained invalid characters. Make sure it matches this regular expression: "%s"', $this->sessionMetaData->sessionIdentifier->value, FrontendInterface::PATTERN_TAG));`
	`414`	`+ throw new \InvalidArgumentException(sprintf('The tag used for tagging session %s contained invalid characters. Make sure it matches this regular expression: "%s"', $this->sessionMetaData?->sessionIdentifier->value ?: '', FrontendInterface::PATTERN_TAG));`
`382`	`415`	`}`
`383`		`- $this->sessionMetaData = $this->sessionMetaData->withAddedTag($tag);`
	`416`	`+ $this->sessionMetaData = $this->sessionMetaData?->withAddedTag($tag);`
`384`	`417`	`}`
`385`	`418`
`386`	`419`	`/**`
`@@ -396,14 +429,14 @@ public function removeTag(string $tag): void`
`396`	`429`	`if ($this->started !== true) {`
`397`	`430`	`throw new Exception\SessionNotStartedException('Tried to tag a session which has not been started yet.', 1355150140);`
`398`	`431`	`}`
`399`		`- $this->sessionMetaData = $this->sessionMetaData->withRemovedTag($tag);`
	`432`	`+ $this->sessionMetaData = $this->sessionMetaData?->withRemovedTag($tag);`
`400`	`433`	`}`
`401`	`434`
`402`	`435`
`403`	`436`	`/**`
`404`	`437`	`* Returns the tags this session has been tagged with.`
`405`	`438`	`*`
`406`		`- * @return array The tags or an empty array if there aren't any`
	`439`	`+ * @return array<string> The tags or an empty array if there aren't any`
`407`	`440`	`* @throws Exception\SessionNotStartedException`
`408`	`441`	`* @api`
`409`	`442`	`*/`
`@@ -412,7 +445,7 @@ public function getTags(): array`
`412`	`445`	`if ($this->started !== true) {`
`413`	`446`	`throw new Exception\SessionNotStartedException('Tried to retrieve tags from a session which has not been started yet.', 1355141501);`
`414`	`447`	`}`
`415`		`- return $this->sessionMetaData->tags;`
	`448`	`+ return $this->sessionMetaData?->tags ?: [];`
`416`	`449`	`}`
`417`	`450`
`418`	`451`	`/**`
`@@ -428,7 +461,7 @@ public function touch(): void`
`428`	`461`
`429`	`462`	`// Only makes sense for remote sessions because the currently active session`
`430`	`463`	`// will be updated on shutdown anyway:`
`431`		`- if ($this->remote === true) {`
	`464`	`+ if ($this->remote === true && $this->sessionMetaData) {`
`432`	`465`	`$this->sessionMetaData = $this->sessionMetaData->withLastActivityTimestamp($this->now);`
`433`	`466`	`$this->writeSessionMetaDataCacheEntry();`
`434`	`467`	`}`
`@@ -461,12 +494,14 @@ public function destroy(?string $reason = null): void`
`461`	`494`	`}`
`462`	`495`
`463`	`496`	`if ($this->remote !== true) {`
`464`		`- $this->sessionCookie->expire();`
	`497`	`+ $this->sessionCookie?->expire();`
`465`	`498`	`}`
`466`	`499`
`467`		`- $this->sessionMetaDataStore->remove($this->sessionMetaData);`
`468`		`- $this->sessionKeyValueStore->remove($this->sessionMetaData->storageIdentifier);`
`469`		`- $this->sessionMetaData = null;`
	`500`	`+ if ($this->sessionMetaData) {`
	`501`	`+ $this->sessionMetaDataStore->remove($this->sessionMetaData);`
	`502`	`+ $this->sessionKeyValueStore->remove($this->sessionMetaData->storageIdentifier);`
	`503`	`+ $this->sessionMetaData = null;`
	`504`	`+ }`
`470`	`505`	`$this->started = false;`
`471`	`506`	`}`
`472`	`507`
`@@ -482,8 +517,12 @@ public function destroy(?string $reason = null): void`
`482`	`517`	`public function shutdownObject(): void`
`483`	`518`	`{`
`484`	`519`	`if ($this->started === true && $this->remote === false) {`
`485`		`- if ($this->sessionMetaDataStore->has($this->sessionMetaData->sessionIdentifier)) {`
`486`		`- $this->sessionKeyValueStore->store($this->sessionMetaData->storageIdentifier, self::FLOW_OBJECT_STORAGE_KEY, $this->objectManager->getSessionInstances() ?? []);`
	`520`	`+ if ($this->sessionMetaData && $this->sessionMetaDataStore->has($this->sessionMetaData->sessionIdentifier)) {`
	`521`	`+ $this->sessionKeyValueStore->store(`
	`522`	`+ $this->sessionMetaData->storageIdentifier,`
	`523`	`+ self::FLOW_OBJECT_STORAGE_KEY,`
	`524`	`+ $this->objectManager->getSessionInstances()`
	`525`	`+ );`
`487`	`526`	`$this->writeSessionMetaDataCacheEntry();`
`488`	`527`	`}`
`489`	`528`	`$this->started = false;`
`@@ -497,11 +536,11 @@ public function shutdownObject(): void`
`497`	`536`	`*/`
`498`	`537`	`protected function autoExpire(): bool`
`499`	`538`	`{`
`500`		`- $lastActivitySecondsAgo = $this->now - $this->sessionMetaData->lastActivityTimestamp;`
	`539`	`+ $lastActivitySecondsAgo = $this->now - ($this->sessionMetaData?->lastActivityTimestamp ?: 0);`
`501`	`540`	`$expired = false;`
`502`	`541`	`if ($this->inactivityTimeout !== 0 && $lastActivitySecondsAgo > $this->inactivityTimeout) {`
`503`	`542`	`$this->started = true;`
`504`		`- $this->destroy(sprintf('Session %s was inactive for %s seconds, more than the configured timeout of %s seconds.', $this->sessionMetaData->sessionIdentifier->value, $lastActivitySecondsAgo, $this->inactivityTimeout));`
	`543`	`+ $this->destroy(sprintf('Session %s was inactive for %s seconds, more than the configured timeout of %s seconds.', $this->sessionMetaData?->sessionIdentifier->value ?: '', $lastActivitySecondsAgo, $this->inactivityTimeout));`
`505`	`544`	`$expired = true;`
`506`	`545`	`}`
`507`	`546`	`return $expired;`
`@@ -521,6 +560,8 @@ protected function autoExpire(): bool`
`521`	`560`	`*/`
`522`	`561`	`protected function writeSessionMetaDataCacheEntry(): void`
`523`	`562`	`{`
`524`		`- $this->sessionMetaDataStore->store($this->sessionMetaData);`
	`563`	`+ if ($this->sessionMetaData) {`
	`564`	`+ $this->sessionMetaDataStore->store($this->sessionMetaData);`
	`565`	`+ }`
`525`	`566`	`}`
`526`	`567`	`}`
Original file line number	Diff line number	Diff line change
`@@ -107,7 +107,7 @@ public function removeTag(string $tag): void;`
`107`	`107`	`/**`
`108`	`108`	`* Returns the tags this session has been tagged with.`
`109`	`109`	`*`
`110`		`- * @return array The tags or an empty array if there aren't any`
	`110`	`+ * @return array<string> The tags or an empty array if there aren't any`
`111`	`111`	`* @throws Exception\SessionNotStartedException`
`112`	`112`	`* @api`
`113`	`113`	`*/`