feat: default http client timeout to 30s#42
Merged
Conversation
Previously no timeout was applied to the underlying Guzzle client, so Guzzle's own default (0 — wait indefinitely) was used and a slow or hung identity provider could block worker processes forever. The http_client_options block now applies a sensible default timeout of 30 seconds when none is set. Set timeout: 0 to restore the old behaviour, or override per provider. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## develop #42 +/- ##
===========================================
Coverage 100.00% 100.00%
Complexity 62 62
===========================================
Files 9 9
Lines 280 282 +2
===========================================
+ Hits 280 282 +2
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The bundle exposes
http_client_options(timeout,proxy,verify) but applied no defaults. An omittedtimeoutfell through to Guzzle's default of0— wait indefinitely — so a slow or hung identity provider could block a worker process forever. This PR adds a sensible default for the one option where it matters.Features Added
http_client_options.timeoutnow defaults to 30 seconds when unset, bounding how long an IdP call can block a worker.addDefaultsIfNotSet()on thehttp_client_optionsblock so the default still materializes when the block is omitted entirely (the manager merges it via+=).proxy(no sensible default) andverify(Guzzle already defaults to securetrue) are deliberately left unset.Files Changed
src/DependencyInjection/Configuration.php- AddaddDefaultsIfNotSet()anddefaultValue(30.0)ontimeout.tests/DependencyInjection/ConfigurationTest.php- ReplacetestHttpClientOptionsAbsentByDefaultwithtestHttpClientOptionsDefaultsApplied, asserting the default applies whileproxy/verifystay absent.README.md- Document the new default and thetimeout: 0opt-out.CHANGELOG.md- Add entry under[Unreleased].Test Plan
task test— full suite passes (79 tests).task analyze:php— PHPStan clean at max level.http_client_options; confirm the Guzzle client receivestimeout = 30.0.timeout: 0on a provider; confirm Guzzle reverts to wait-indefinitely behaviour.🤖 Generated with Claude Code