Add quick smoketest to assert the routes don't produce an error and the status code is correct

Author: johanib

ci/qa/phpunit.sh

@@ -18,7 +18,7 @@ XDEBUG_MODE=coverage ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --
 echo -e "\nPHPUnit unit tests\n"
 XDEBUG_MODE=coverage ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=unit --coverage-clover coverage.xml
 
-echo -e "\nPHPUnit API acceptance tests\n"
+echo -e "\nPHPUnit acceptance tests\n"
 ./bin/console cache:clear --env=test --no-warmup
 APP_ENV=test XDEBUG_MODE=coverage ./vendor/bin/phpunit --configuration=./tests/phpunit.xml --testsuite=functional --coverage-clover coverage.xml
 

config/services/ci/controllers.yml

@@ -25,10 +25,6 @@ services:
         class: OpenConext\EngineBlockFunctionalTestingBundle\Controllers\FeedbackController
         arguments:
             - '@twig'
-<<<<<<< HEAD
-=======
-            - '@engineblock.compat.logger'
->>>>>>> 41926c2bd (Fix feedbackInfo session bleed-through between auth flows (#1795))
             - '@OpenConext\EngineBlock\Service\FeedbackStateHelper'
             - '@OpenConext\EngineBlockBundle\Controller\FeedbackController'
 

languages/messages.en.php

@@ -265,7 +265,7 @@
     'error_clock_issue_desc' => 'This is likely because the difference in time between %idpName% and %suiteName% it too large. Please verify that the time on the %organisationNoun% is correct.',
     'error_clock_issue_desc_no_idp_name' => 'This is likely because the difference in time between %organisationNoun% and %suiteName% it too large. Please verify that the time on the IdP is correct.',
     'error_stepup_callout_unknown' => 'Error - Unknown strong authentication failure',
-    'error_stepup_callout_unknown_desc' => 'Logging in with strong authentication has failed and we don\'t know exactly why . Please try again first by going back to the service and logging in again . If this doesn\'t work, please contact the service desk of your %organisationNoun%.',
+    'error_stepup_callout_unknown_desc' => 'Logging in with strong authentication has failed and we don\'t know exactly why. Please try again first by going back to the service and logging in again. If this doesn\'t work, please contact the service desk of your %organisationNoun%.',
     'error_stepup_callout_unmet_loa_title' => 'Error - No suitable token found',
     'error_stepup_callout_unmet_loa_desc' => 'To continue to this service, a registered token with a certain level of assurance is required. Currently, you either haven\'t registered a token at all, or the level of assurance of the token you did register is too low. See the link below for more information about the registration process.',
     'error_stepup_callout_unmet_loa_link_text' => 'Read more about the registration process.',

src/OpenConext/EngineBlockBundle/Bridge/DiContainerRuntime.php

@@ -20,10 +20,7 @@
 
 use OpenConext\EngineBlock\Service\FeedbackInfoCollectorInterface;
 use OpenConext\EngineBlock\Service\FeedbackStateHelperInterface;
-<<<<<<< HEAD
 use OpenConext\EngineBlockBundle\Service\WayfRenderer;
-=======
->>>>>>> 41926c2bd (Fix feedbackInfo session bleed-through between auth flows (#1795))
 use Twig\Environment;
 
 /**
@@ -37,7 +34,6 @@
 
     public function __construct(
         public Environment $twig,
-<<<<<<< HEAD
         public WayfRenderer $wayfRenderer,
         public FeedbackStateHelperInterface $feedbackStateHelper,
         public FeedbackInfoCollectorInterface $feedbackInfoCollector,
@@ -48,10 +44,5 @@ public function __construct(
     public function getPreferredIdpEntityIds(): array
     {
         return $this->preferredIdpEntityIds;
-=======
-        public FeedbackStateHelperInterface $feedbackStateHelper,
-        public FeedbackInfoCollectorInterface $feedbackInfoCollector,
-    ) {
->>>>>>> 41926c2bd (Fix feedbackInfo session bleed-through between auth flows (#1795))
     }
 }

src/OpenConext/EngineBlockFunctionalTestingBundle/Controllers/FeedbackController.php

@@ -58,10 +58,9 @@ public function __construct(
     public function feedbackAction(Request $request)
     {
         $key = $this->getTemplate($request);
-        $feedbackInfo = $this->getFeedbackInfo($request);
         $parameters = $this->getTemplateParameters($request);
 
-        $this->feedbackStateHelper->storeFeedbackInfo($feedbackInfo);
+        $this->feedbackStateHelper->storeFeedbackInfo($this->getFeedbackInfo($request));
 
         $template = sprintf(
             '@theme/Authentication/View/Feedback/%s.html.twig',
@@ -91,19 +90,14 @@ private function getTemplate(Request $request)
 
     /**
      * @param Request $request
-     * @return mixed|string
+     * @return array
      */
-    private function getFeedbackInfo(Request $request)
+    private function getFeedbackInfo(Request $request): array
     {
-        $default = '{
-            "requestId":"5cb4bd3879b49",
-            "ipAddress":"192.168.66.98",
-            "artCode":"31914"
-        }';
+        $default = '{"requestId":"5cb4bd3879b49","ipAddress":"192.168.66.98","artCode":"31914"}';
 
-        $feedbackInfo = $request->query->getString('feedback-info', $default);
+        $feedbackInfo = json_decode($request->query->getString('feedback-info', $default), true);
 
-        $feedbackInfo = json_decode($feedbackInfo, true);
         if (!empty($feedbackInfo['IdentityProvider']) || !empty($feedbackInfo['IdP'])) {
             $feedbackInfo['identityProviderName'] = 'OpenConext Identities Inc';
         }

src/OpenConext/EngineBlockFunctionalTestingBundle/Features/FeedbackFooters.feature

@@ -45,9 +45,11 @@ Feature:
 
 
 
-  Scenario: The functional-testing feedback page renders correctly with feedback-info
+  Scenario: The functional-testing feedback page renders feedback details
     When I go to Engineblock URL "/functional-testing/feedback?template=session-lost&feedback-info=%7B%22requestId%22%3A%22test-abc%22%2C%22ipAddress%22%3A%221.2.3.4%22%2C%22artCode%22%3A%2231914%22%7D"
     Then I should see "your session was lost"
+     And I should see "test-abc"
+     And I should see "1.2.3.4"
 
   Scenario: The session-lost feedback route renders correctly
     When I go to Engineblock URL "/authentication/feedback/session-lost"

tests/functional/OpenConext/EngineBlockBundle/Controller/FeedbackControllerTest.php

@@ -0,0 +1,114 @@
+<?php
+
+/**
+ * Copyright 2026 SURFnet B.V.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace OpenConext\EngineBlockBundle\Tests;
+
+use PHPUnit\Framework\Attributes\Test;
+use Symfony\Component\HttpFoundation\Response;
+
+final class FeedbackControllerTest extends FunctionalWebTestCase
+{
+    #[Test]
+    public function session_lost_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/session-lost', Response::HTTP_BAD_REQUEST, 'your session was lost');
+    }
+
+    #[Test]
+    public function session_not_started_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/session-not-started', Response::HTTP_BAD_REQUEST, 'No session found');
+    }
+
+    #[Test]
+    public function unsolicited_response_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/unsolicited-response', Response::HTTP_BAD_REQUEST, 'Sign-in could not be completed');
+    }
+
+    #[Test]
+    public function invalid_acs_binding_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/invalid-acs-binding', Response::HTTP_BAD_REQUEST, 'Invalid ACS binding type');
+    }
+
+    #[Test]
+    public function received_error_status_code_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/received-error-status-code', Response::HTTP_BAD_REQUEST, 'Identity Provider error');
+    }
+
+    #[Test]
+    public function unable_to_receive_message_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/unable-to-receive-message', Response::HTTP_BAD_REQUEST, 'No message received');
+    }
+
+    #[Test]
+    public function unknown_requesterid_in_authnrequest_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/unknown_requesterid_in_authnrequest', Response::HTTP_BAD_REQUEST, 'Unknown service');
+    }
+
+    #[Test]
+    public function authentication_limit_exceeded_returns_429_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/authentication-limit-exceeded', Response::HTTP_TOO_MANY_REQUESTS, 'too many authentications in progress');
+    }
+
+    #[Test]
+    public function stepup_callout_unknown_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/stepup-callout-unknown', Response::HTTP_BAD_REQUEST, 'Unknown strong authentication failure');
+    }
+
+    #[Test]
+    public function stepup_callout_user_cancelled_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/stepup-callout-user-cancelled', Response::HTTP_BAD_REQUEST, 'Logging in cancelled');
+    }
+
+    #[Test]
+    public function invalid_acs_location_returns_400_with_expected_content(): void
+    {
+        $this->assertFeedbackPage('/authentication/feedback/invalidAcsLocation', Response::HTTP_BAD_REQUEST, 'Invalid ACS location');
+    }
+
+    #[Test]
+    public function feedback_data_from_session_is_rendered_on_the_real_route(): void
+    {
+        $client = self::createClient();
+
+        // First prime, the session, then visit the actual route
+        $client->request('GET', 'https://engine.dev.openconext.local/functional-testing/feedback?template=session-lost');
+        $client->request('GET', 'https://engine.dev.openconext.local/authentication/feedback/session-lost');
+
+        $content = $client->getResponse()->getContent();
+        $this->assertStringContainsString('feedback-info--requestid', $content);
+        $this->assertStringContainsString('feedback-info--ipaddress', $content);
+    }
+
+    private function assertFeedbackPage(string $path, int $expectedStatus, string $expectedPhrase): void
+    {
+        $client = self::createClient();
+        $client->request('GET', 'https://engine.dev.openconext.local' . $path);
+
+        $this->assertEquals($expectedStatus, $client->getResponse()->getStatusCode());
+        $this->assertStringContainsString($expectedPhrase, $client->getResponse()->getContent());
+    }
+}

tests/library/EngineBlock/Test/Corto/Module/BindingsTest.php

@@ -63,16 +63,10 @@ public function setUp(): void
 
         $engineBlock = \EngineBlock_ApplicationSingleton::getInstance();
         $engineBlock->setDiContainerRuntime(new DiContainerRuntime(
-<<<<<<< HEAD
             $this->createStub(Twig\Environment::class),
             $this->createStub(WayfRenderer::class),
             $this->createStub(FeedbackStateHelperInterface::class),
             $this->createStub(FeedbackInfoCollectorInterface::class),
-=======
-            Phake::mock(Twig\Environment::class),
-            m::mock(FeedbackStateHelperInterface::class),
-            m::mock(FeedbackInfoCollectorInterface::class),
->>>>>>> 41926c2bd (Fix feedbackInfo session bleed-through between auth flows (#1795))
         ));
 
         $this->bindings = new EngineBlock_Corto_Module_Bindings($this->proxyServer);