Cleanup en improve test coverage

Author: johanib

src/OpenConext/EngineBlockFunctionalTestingBundle/Features/Context/LoggingContext.php

@@ -89,6 +89,26 @@ public function theFollowingLogMessagesShouldHaveACorrelationId(TableNode $table
         }
     }
 
+    /**
+     * @Then the log should contain multiple distinct request_ids
+     */
+    public function theLogShouldContainMultipleDistinctRequestIds(): void
+    {
+        $records = $this->readRecords();
+
+        $requestIds = array_column($records, 'extra')
+                |> (static fn($x) => array_column($x, 'request_id',))
+                |> array_unique(...);
+
+        if (count($requestIds) < 2) {
+            throw new RuntimeException(sprintf(
+                'Expected multiple distinct request_ids in the log, but found only %d: %s.',
+                count($requestIds),
+                implode(', ', $requestIds),
+            ));
+        }
+    }
+
     /**
      * @Then I dump the log records
      */

src/OpenConext/EngineBlockFunctionalTestingBundle/Features/CorrelationId.feature

@@ -19,7 +19,7 @@ Feature:
     And I give my consent
     And I pass through EngineBlock
     Then the url should match "functional-testing/CorrId-SP/acs"
-    #And I dump the log records
+    And the log should contain multiple distinct request_ids
     And the following log messages should have a correlation_id:
       | message                                                                                                   |
       | Multiple candidate IdPs: redirecting to WAYF                                                              |

tests/library/EngineBlock/Test/Saml2/AuthnRequestSessionRepositoryTest.php

@@ -90,8 +90,6 @@ public function test_store_and_find_multiple_requests(): void
         $this->assertSame($req2, $this->repo->findRequestById('_req-2'));
     }
 
-    // ── SessionNotFoundException safety ──────────────────────────────────────
-
     public function test_store_is_noop_when_no_session_available(): void
     {
         $requestStack = $this->createMock(RequestStack::class);

tests/unit/OpenConext/EngineBlock/Request/CorrelationIdFlowTest.php

@@ -24,15 +24,16 @@
 use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
 
 /**
- * Integration test: simulates the complete 4-leg SAML authentication flow and
- * verifies that a single correlation ID flows through every leg via
- * CorrelationIdService.
+ * Integration test: simulates the complete 4-leg SAML authentication flow and verifies that a single
+ * correlation ID flows through every leg via CorrelationIdService.
  *
- *   Leg 1  SSO            SP AuthnRequest  ID = A  → mint → correlation_id = CX
- *   Leg 2  ContinueToIdp  ID = A (POST)            → resolve(A) → CX
- *                         EB AuthnRequest  ID = B  → link(B, A) → B also maps to CX
- *   Leg 3  ACS            IdP Response InResponseTo=B → resolve(B) → CX
- *   Leg 4  Consent        SP request ID = A        → resolve(A) → CX
+ *   Leg 1  SSO            SP AuthnRequest  ID = A  > mint > correlation_id = CX
+ *
+ *   Leg 2  ContinueToIdp  ID = A (POST) > resolve(A) → CX
+ *                         EB AuthnRequest  ID = B  > link(B, A) > B also maps to CX
+ *
+ *   Leg 3  ACS            IdP Response InResponseTo=B > resolve(B) > CX
+ *   Leg 4  Consent        SP request ID = A        > resolve(A) > CX
  */
 class CorrelationIdFlowTest extends TestCase
 {
@@ -67,8 +68,6 @@ private function newServiceWithCurrent(CurrentCorrelationId $current): Correlati
         return new CorrelationIdService($repository, $current);
     }
 
-    // ── WAYF path ────────────────────────────────────────────────────────────
-
     public function test_wayf_flow_all_four_legs_share_the_same_correlation_id(): void
     {
         $spRequestId  = '_sp-request-A';
@@ -99,8 +98,6 @@ public function test_wayf_flow_all_four_legs_share_the_same_correlation_id(): vo
         $this->assertSame($mintedCx, $leg4Current->correlationId, 'Consent must see the same correlation ID');
     }
 
-    // ── Direct path (no WAYF) ─────────────────────────────────────────────────
-
     public function test_direct_flow_acs_and_consent_share_the_correlation_id_minted_at_sso(): void
     {
         $spRequestId  = '_sp-direct-A';
@@ -117,8 +114,6 @@ public function test_direct_flow_acs_and_consent_share_the_correlation_id_minted
         $this->assertSame($mintedCx, $ids[$spRequestId], 'Consent resolves via SP request ID');
     }
 
-    // ── Concurrent flows ──────────────────────────────────────────────────────
-
     public function test_two_concurrent_flows_have_independent_correlation_ids(): void
     {
         $this->service->mint('_sp-A1');
@@ -138,8 +133,6 @@ public function test_two_concurrent_flows_have_independent_correlation_ids(): vo
         $this->assertSame($cx2, $ids['_idp-B2']);
     }
 
-    // ── Back-button replay guard ───────────────────────────────────────────────
-
     public function test_replaying_an_sso_request_does_not_change_the_correlation_id(): void
     {
         $spRequestId = '_sp-replay-A';
@@ -152,8 +145,6 @@ public function test_replaying_an_sso_request_does_not_change_the_correlation_id
         $this->assertSame($cx, $this->session->get('CorrelationIds')[$spRequestId], 'Back-button replay must not change the correlation ID');
     }
 
-    // ── Null safety ───────────────────────────────────────────────────────────
-
     public function test_unknown_request_id_does_not_set_correlation_id(): void
     {
         $this->service->resolve('_unknown-id');