Fixing usage of session.attribute_bag: simply using request.session instead

Author: VincentChalnot

Action/RedirectUrlSetterAction.php

@@ -15,7 +15,6 @@
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\HttpFoundation\Session\Attribute\AttributeBagInterface;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 
 /**
@@ -25,17 +24,6 @@
  */
 class RedirectUrlSetterAction
 {
-    /** @var AttributeBagInterface */
-    protected $attributeBag;
-
-    /**
-     * @param AttributeBagInterface $attributeBag
-     */
-    public function __construct(AttributeBagInterface $attributeBag)
-    {
-        $this->attributeBag = $attributeBag;
-    }
-
     /**
      * @param Request $request
      *
@@ -47,7 +35,10 @@ public function __invoke(Request $request): Response
         if (!$redirectUrl) {
             throw new NotFoundHttpException('Missing redirectUrl in query');
         }
-        $this->attributeBag->set(AuthenticationSuccessHandler::SESSION_KEY, $redirectUrl);
+        $session = $request->getSession();
+        if ($session) {
+            $session->set(AuthenticationSuccessHandler::SESSION_KEY, $redirectUrl);
+        }
 
         if ($request->isXmlHttpRequest()) {
             return new JsonResponse();

Security/Http/Authentication/AuthenticationSuccessHandler.php

@@ -11,10 +11,8 @@
 namespace CleverAge\OAuthApiBundle\Security\Http\Authentication;
 
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\Session\Attribute\AttributeBagInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler;
-use Symfony\Component\Security\Http\HttpUtils;
 
 /**
  * Redirect to URL in session if any else use default Symfony behaviour
@@ -26,27 +24,14 @@ class AuthenticationSuccessHandler extends DefaultAuthenticationSuccessHandler
     /** @var string */
     public const SESSION_KEY = 'sso_redirect_url';
 
-    /** @var AttributeBagInterface */
-    protected $attributeBag;
-
-    /**
-     * @param HttpUtils             $httpUtils
-     * @param array                 $options
-     * @param AttributeBagInterface $attributeBag
-     */
-    public function __construct(HttpUtils $httpUtils, array $options = [], AttributeBagInterface $attributeBag = null)
-    {
-        parent::__construct($httpUtils, $options);
-        $this->attributeBag = $attributeBag;
-    }
-
     /**
      * {@inheritDoc}
      */
     public function onAuthenticationSuccess(Request $request, TokenInterface $token)
     {
-        if ($this->attributeBag->has(self::SESSION_KEY)) {
-            $redirectUrl = $this->attributeBag->get(self::SESSION_KEY);
+        $session = $request->getSession();
+        if ($session && $session->has(self::SESSION_KEY)) {
+            $redirectUrl = $session->get(self::SESSION_KEY);
             if ($redirectUrl) {
                 return $this->httpUtils->createRedirectResponse($request, $redirectUrl);
             }