bug symfony#57372 [HttpKernel][Security] Fix accessing session for stateless request (VincentLanglet)

This PR was squashed before being merged into the 5.4 branch.

Discussion
----------

[HttpKernel][Security] Fix accessing session for stateless request

|Q|A
| ------------- | ---
| Branch?       | 5.4
| Bug fix?      | yes
| New feature?  |no
| Deprecations? |no
| Issues        | Fix #...
| License       | MIT

I'm getting some `Session was used while the request was declared stateless.` warning on my project.

When throwing an error in the `getSession` method, I found 3 places where the getSession were used without any check about the stateless state of the request.

Commits
-------

40341a1 [HttpKernel][Security] Fix accessing session for stateless request

Author: fabpot

src/Symfony/Component/HttpKernel/DataCollector/RequestDataCollector.php

@@ -66,7 +66,7 @@ public function collect(Request $request, Response $response, ?\Throwable $excep
         $sessionMetadata = [];
         $sessionAttributes = [];
         $flashes = [];
-        if ($request->hasSession()) {
+        if (!$request->attributes->getBoolean('_stateless') && $request->hasSession()) {
             $session = $request->getSession();
             if ($session->isStarted()) {
                 $sessionMetadata['Created'] = date(\DATE_RFC822, $session->getMetadataBag()->getCreated());

src/Symfony/Component/HttpKernel/EventListener/ProfilerListener.php

@@ -97,7 +97,7 @@ public function onKernelResponse(ResponseEvent $event)
             return;
         }
 
-        $session = $request->hasPreviousSession() && $request->hasSession() ? $request->getSession() : null;
+        $session = !$request->attributes->getBoolean('_stateless') && $request->hasPreviousSession() && $request->hasSession() ? $request->getSession() : null;
 
         if ($session instanceof Session) {
             $usageIndexValue = $usageIndexReference = &$session->getUsageIndex();

src/Symfony/Component/HttpKernel/Tests/EventListener/ProfilerListenerTest.php

@@ -40,8 +40,8 @@ public function testKernelTerminate()
             ->willReturn($profile);
 
         $kernel = $this->createMock(HttpKernelInterface::class);
-        $mainRequest = $this->createMock(Request::class);
-        $subRequest = $this->createMock(Request::class);
+        $mainRequest = new Request();
+        $subRequest = new Request();
         $response = $this->createMock(Response::class);
 
         $requestStack = new RequestStack();

src/Symfony/Component/Security/Http/Firewall/ContextListener.php

@@ -95,7 +95,7 @@ public function authenticate(RequestEvent $event)
         }
 
         $request = $event->getRequest();
-        $session = $request->hasPreviousSession() && $request->hasSession() ? $request->getSession() : null;
+        $session = !$request->attributes->getBoolean('_stateless') && $request->hasPreviousSession() && $request->hasSession() ? $request->getSession() : null;
 
         $request->attributes->set('_security_firewall_run', $this->sessionKey);