feat: Convert many ::log calls to PSR-3 native logger with context attributes

Replace Horde::log in many places for better debug insights when using journalctl backend

Author: ralflang

src/Auth/AuthApiController.php

@@ -9,6 +9,7 @@
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 use Psr\Http\Server\RequestHandlerInterface;
+use Psr\Log\LoggerInterface;
 use Horde\Http\Response;
 use Exception;
 use RuntimeException;
@@ -55,7 +56,8 @@ public function __construct()
         } catch (Exception $e) {
             // If JWT bootstrap wasn't loaded, create service manually
             $registry = $injector->getInstance('Horde_Registry');
-            $this->authService = new AuthenticationService($registry, null);
+            $logger = $injector->getInstance(LoggerInterface::class);
+            $this->authService = new AuthenticationService($registry, $logger, null);
         }
     }
 

src/Auth/ResponsiveLoginController.php

@@ -18,6 +18,7 @@
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 use Psr\Http\Server\RequestHandlerInterface;
+use Psr\Log\LoggerInterface;
 
 /**
  * Responsive Login Controller
@@ -35,6 +36,11 @@ class ResponsiveLoginController implements RequestHandlerInterface
 {
     use HtmlResponseTrait;
     use RedirectResponseTrait;
+
+    public function __construct(
+        private readonly LoggerInterface $logger,
+    ) {}
+
     /**
      * Handle the login request
      *
@@ -503,7 +509,7 @@ private function handleLoginPost(ServerRequestInterface $request): ResponseInter
             $authService = $injector?->getInstance(AuthenticationService::class);
             if (!$authService) {
                 // Fallback: create service manually
-                $authService = new AuthenticationService($registry, null);
+                $authService = new AuthenticationService($registry, $this->logger, null);
             }
 
             // Build authentication options
@@ -519,12 +525,13 @@ private function handleLoginPost(ServerRequestInterface $request): ResponseInter
             }
 
             // DEBUG: Log what we got back
-            Horde::log('LOGIN RESULT: ' . json_encode([
+            $this->logger->debug('Login authentication result', [
                 'success' => $result['success'],
                 'has_access_token' => isset($result['access_token']),
                 'has_refresh_token' => isset($result['refresh_token']),
                 'session_id' => $result['session_id'] ?? 'NONE',
-            ]), 'DEBUG');
+                'username' => $username,
+            ]);
 
             // Authentication successful
             // If JWT tokens were generated, store refresh token in cookie and pass to JS
@@ -546,7 +553,11 @@ private function handleLoginPost(ServerRequestInterface $request): ResponseInter
                         if ($jti) {
                             // Migrate session data to JTI-based session
                             $oldSessionId = session_id();
-                            Horde::log("LOGIN: Migrating session from $oldSessionId to JTI: $jti", 'DEBUG');
+                            $this->logger->debug('Migrating session to JWT JTI', [
+                                'old_session_id' => $oldSessionId,
+                                'new_session_id' => $jti,
+                                'username' => $username,
+                            ]);
 
                             // Save current session data
                             $sessionData = $_SESSION;
@@ -561,10 +572,17 @@ private function handleLoginPost(ServerRequestInterface $request): ResponseInter
                             // Restore session data
                             $_SESSION = $sessionData;
 
-                            Horde::log("LOGIN: Session migrated to JTI: $jti", 'DEBUG');
+                            $this->logger->debug('Session migration completed', [
+                                'session_id' => $jti,
+                                'username' => $username,
+                            ]);
                         }
                     } catch (Exception $e) {
-                        Horde::log("LOGIN: Failed to extract JTI for session migration: " . $e->getMessage(), 'WARN');
+                        $this->logger->warning('Failed to extract JTI for session migration', [
+                            'exception' => $e->getMessage(),
+                            'exception_class' => get_class($e),
+                            'username' => $username,
+                        ]);
                     }
                 }
 

src/Factory/AuthenticationServiceFactory.php

@@ -8,6 +8,7 @@
 use Horde\Horde\Service\JwtService;
 use Horde\Injector\Injector;
 use Horde_Registry;
+use Psr\Log\LoggerInterface;
 use Exception;
 
 /**
@@ -35,6 +36,7 @@ class AuthenticationServiceFactory
     public function create(Injector $injector): AuthenticationService
     {
         $registry = $injector->getInstance('Horde_Registry');
+        $logger = $injector->getInstance(LoggerInterface::class);
 
         // Try to get JWT service (may be null if not configured)
         $jwtService = null;
@@ -46,6 +48,6 @@ public function create(Injector $injector): AuthenticationService
             // AuthenticationService will fall back to session-only mode
         }
 
-        return new AuthenticationService($registry, $jwtService);
+        return new AuthenticationService($registry, $logger, $jwtService);
     }
 }

src/Factory/LoggerFactory.php

@@ -0,0 +1,40 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Horde\Horde\Factory;
+
+use Horde\Injector\Injector;
+use Psr\Log\LoggerInterface;
+
+/**
+ * Factory for PSR-3 Logger
+ *
+ * Creates a PSR-3 compliant logger that wraps Horde_Log.
+ *
+ * Copyright 2026 The Horde Project (http://www.horde.org/)
+ *
+ * See the enclosed file LICENSE for license information (LGPL). If you
+ * did not receive this file, see http://www.horde.org/licenses/lgpl21.
+ *
+ * @category Horde
+ * @package  Horde
+ * @license  http://www.horde.org/licenses/lgpl21 LGPL 2.1
+ */
+class LoggerFactory
+{
+    /**
+     * Create PSR-3 logger instance
+     *
+     * @param Injector $injector
+     * @return LoggerInterface
+     */
+    public function create(Injector $injector): LoggerInterface
+    {
+        // Get Horde_Log_Logger instance (configured via registry)
+        $hordeLogger = $injector->getInstance('Horde_Log_Logger');
+
+        // Wrap it in PSR-3 adapter
+        return new \Horde\Log\Psr3Adapter($hordeLogger);
+    }
+}

src/Middleware/JwtSession.php

@@ -8,6 +8,7 @@
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Server\MiddlewareInterface;
 use Psr\Http\Server\RequestHandlerInterface;
+use Psr\Log\LoggerInterface;
 use Exception;
 use Horde;
 
@@ -28,13 +29,20 @@
  */
 class JwtSession implements MiddlewareInterface
 {
+    public function __construct(
+        private readonly LoggerInterface $logger,
+    ) {}
+
     public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
     {
         // Check for JWT refresh token in cookie
         $cookies = $request->getCookieParams();
         $jwtRefreshToken = $cookies['horde_jwt_refresh'] ?? null;
 
-        Horde::log("JwtSession middleware: horde_jwt_refresh cookie " . ($jwtRefreshToken ? "present" : "absent"), 'DEBUG');
+        $this->logger->debug('JWT session middleware checking refresh token', [
+            'has_cookie' => $jwtRefreshToken !== null,
+            'session_status' => session_status(),
+        ]);
 
         if ($jwtRefreshToken) {
             // Parse JWT to get JTI (without full validation - just decode)
@@ -54,13 +62,19 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
                         // Set session ID BEFORE any session is started
                         if (session_status() === PHP_SESSION_NONE) {
                             session_id($jti);
-                            Horde::log("JwtSession middleware: Set session_id to JTI: $jti", 'DEBUG');
+                            $this->logger->debug('JWT session ID set from refresh token', [
+                                'jti' => $jti,
+                                'previous_session_status' => 'none',
+                            ]);
                             // Session will be started by HordeCoreMiddleware
                         }
                     }
                 } catch (Exception $e) {
                     // Invalid JWT, ignore and let normal session handling proceed
-                    Horde::log("JwtSession middleware: Failed to parse JWT: " . $e->getMessage(), 'DEBUG');
+                    $this->logger->debug('Failed to parse JWT refresh token', [
+                        'exception' => $e->getMessage(),
+                        'exception_class' => get_class($e),
+                    ]);
                 }
             }
         }

src/Service/AuthenticationService.php

@@ -6,6 +6,7 @@
 
 use Horde\Core\Auth\Jwt\GeneratedJwt;
 use Horde_Registry;
+use Psr\Log\LoggerInterface;
 use Exception;
 use Horde;
 
@@ -58,11 +59,13 @@ class AuthenticationService
 {
     /**
      * @param Horde_Registry $registry Horde registry
+     * @param LoggerInterface $logger PSR-3 logger
      * @param JwtService|null $jwtService JWT service (optional, for dual-mode)
      */
     public function __construct(
         private readonly Horde_Registry $registry,
-        private readonly ?JwtService $jwtService = null
+        private readonly LoggerInterface $logger,
+        private readonly ?JwtService $jwtService = null,
     ) {}
 
     /**
@@ -108,13 +111,23 @@ public function authenticate(string $username, string $password, array $options
                 $authCredentials = array_merge($authCredentials, $options['auth_params']);
             }
 
-            Horde::log("AUTHENTICATE: Attempting auth for username=$username", 'DEBUG');
+            $this->logger->debug('Authentication attempt', [
+                'username' => $username,
+                'generate_jwt' => $generateJwt,
+                'has_jwt_service' => $this->jwtService !== null,
+            ]);
             $authResult = $auth->authenticate($username, $authCredentials);
-            Horde::log("AUTHENTICATE: Auth result=" . ($authResult ? 'true' : 'false') . " for username=$username", 'DEBUG');
+            $this->logger->debug('Authentication result', [
+                'username' => $username,
+                'success' => $authResult,
+            ]);
 
             // Check if authentication actually succeeded
             if (!$authResult) {
-                Horde::log("AUTHENTICATE: Authentication failed for username=$username", 'ERR');
+                $this->logger->error('Authentication failed', [
+                    'username' => $username,
+                    'reason' => 'auth_backend_returned_false',
+                ]);
                 return [
                     'success' => false,
                     'error' => 'Authentication failed',
@@ -125,11 +138,11 @@ public function authenticate(string $username, string $password, array $options
             $credentials = $auth->getCredential('credentials') ?: ['password' => $password];
             $userId = $username;
 
-            Horde::log("AUTHENTICATE: username=$username, generateJwt=$generateJwt, hasJwtService=" . ($this->jwtService !== null ? 'yes' : 'no'), 'DEBUG');
-
             // If JWT enabled, generate tokens
             if ($generateJwt && $this->jwtService !== null) {
-                Horde::log("AUTHENTICATE: Generating JWT tokens", 'DEBUG');
+                $this->logger->debug('Generating JWT tokens', [
+                    'username' => $username,
+                ]);
 
                 // Generate JWT tokens
                 $jwtClaims = $this->buildJwtClaims($username, $options);
@@ -152,7 +165,12 @@ public function authenticate(string $username, string $password, array $options
                     ['refresh_jti' => $jti]  // Link access token to session
                 ));
 
-                Horde::log("AUTHENTICATE: JWT tokens generated, session_id=" . session_id() . ", jti=$jti", 'DEBUG');
+                $this->logger->debug('JWT tokens generated', [
+                    'username' => $username,
+                    'session_id' => session_id(),
+                    'jti' => $jti,
+                    'access_token_expires_at' => $accessToken->expiresAt,
+                ]);
 
                 return [
                     'success' => true,

test/Unit/Factory/AuthenticationServiceFactoryTest.php

@@ -11,6 +11,7 @@
 use Horde\Horde\Service\AuthenticationService;
 use Horde\Horde\Service\JwtService;
 use Horde\Injector\Injector;
+use Psr\Log\LoggerInterface;
 use Horde_Registry;
 
 /**
@@ -37,11 +38,16 @@ protected function setUp(): void
         // Create mock registry
         $this->registry = $this->createMock(Horde_Registry::class);
 
+        // Create mock logger
+        $logger = $this->createMock(LoggerInterface::class);
+
         // Create mock injector
         $this->injector = $this->createMock(Injector::class);
         $this->injector->method('getInstance')
-            ->with('Horde_Registry')
-            ->willReturn($this->registry);
+            ->willReturnMap([
+                ['Horde_Registry', $this->registry],
+                [LoggerInterface::class, $logger],
+            ]);
     }
 
     protected function tearDown(): void

test/Unit/Service/AuthenticationServiceJtiSessionTest.php

@@ -9,6 +9,7 @@
 use Horde\Horde\Service\JwtService;
 use Horde\Core\Auth\Jwt\GeneratedJwt;
 use Horde\Core\Auth\Jwt\VerifiedJwt;
+use Psr\Log\LoggerInterface;
 use Horde_Registry;
 use Exception;
 use Horde_Auth;
@@ -60,7 +61,7 @@ public function testRefreshTokenValidatesSession(): void
             ->willReturn($mockVerified);
 
         // Create service
-        $authService = new AuthenticationService($registry, $jwtService);
+        $authService = new AuthenticationService($registry, $this->createMock(LoggerInterface::class), $jwtService);
 
         // Try to refresh
         $result = $authService->refreshToken('fake-jwt-token');
@@ -135,7 +136,7 @@ public function testRefreshTokenValidatesJtiMatchesSessionId(): void
             ->willReturn($mockAccessToken);
 
         // Create service
-        $authService = new AuthenticationService($registry, $jwtService);
+        $authService = new AuthenticationService($registry, $this->createMock(LoggerInterface::class), $jwtService);
 
         // Try to refresh with attacker's token
         // The method will:
@@ -169,7 +170,7 @@ public function testLogoutClearsAuth(): void
             ->method('clearAuth');
 
         // Create service
-        $authService = new AuthenticationService($registry, null);
+        $authService = new AuthenticationService($registry, $this->createMock(LoggerInterface::class), null);
 
         // Logout
         $authService->logout();
@@ -247,7 +248,7 @@ public function testIssueTokensForAuthenticatedUserCreatesJtiSession(): void
             ->willReturn($mockAccessToken);
 
         // Create service
-        $authService = new AuthenticationService($registry, $jwtService);
+        $authService = new AuthenticationService($registry, $this->createMock(LoggerInterface::class), $jwtService);
 
         // Issue tokens
         $result = $authService->issueTokensForAuthenticatedUser('testuser');

test/Unit/Service/AuthenticationServiceSessionRegistryTest.php

@@ -9,6 +9,7 @@
 use Horde\Horde\Service\JwtService;
 use Horde\Core\Auth\Jwt\VerifiedJwt;
 use Horde\Core\Auth\Jwt\GeneratedJwt;
+use Psr\Log\LoggerInterface;
 use Horde_Registry;
 
 /**
@@ -69,7 +70,7 @@ public function testRefreshTokenChecksSessionRegistry(): void
             ->willReturn('testuser');
 
         // Create service
-        $authService = new AuthenticationService($registry, $jwtService);
+        $authService = new AuthenticationService($registry, $this->createMock(LoggerInterface::class), $jwtService);
 
         // Refresh token
         $result = $authService->refreshToken('fake-jwt-token');
@@ -113,7 +114,7 @@ public function testLogoutDestroysSessionRegistry(): void
             ->method('clearAuth');
 
         // Create service
-        $authService = new AuthenticationService($registry, null);
+        $authService = new AuthenticationService($registry, $this->createMock(LoggerInterface::class), null);
 
         // Logout
         $authService->logout();