Merge pull request #39 from simplesamlphp/tvdijen-patch-2

Fix mis-use of the StreamedResponse (0.11)

Author: tvdijen

lib/Controller/AuthProcess.php

@@ -18,7 +18,6 @@
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\HttpFoundation\StreamedResponse;
 
 /**
  * Controller class for the webauthn module.
@@ -92,8 +91,7 @@ public function setLogger(Logger $logger): void
     /**
      * @param \Symfony\Component\HttpFoundation\Request $request
      * @return (\Symfony\Component\HttpFoundation\RedirectResponse|
-     *         \SimpleSAML\HTTP\RunnableResponse|
-     *         \Symfony\Component\HttpFoundation\StreamedResponse)  A Symfony Response-object.
+     *         \SimpleSAML\HTTP\RunnableResponse) A Symfony Response-object.
      */
     public function main(Request $request): Response
     {
@@ -177,12 +175,14 @@ public function main(Request $request): Response
         $this->authState::saveState($state, 'webauthn:request');
 
         if ($debugEnabled) {
-            $response = new StreamedResponse();
-            $response->setCallback(function ($authObject, $state) {
-                echo $authObject->getDebugBuffer();
-                echo $authObject->getValidateBuffer();
-                echo "Debug mode, not continuing to " . ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination.");
-            });
+            $response = new RunnableResponse(
+                function ($authObject, $state) {
+                    echo $authObject->getDebugBuffer();
+                    echo $authObject->getValidateBuffer();
+                    echo "Debug mode, not continuing to " . ($state['FIDO2WantsRegister'] ? "credential registration page." : "destination.");
+                },
+                [$authObject, $state]
+            );
         } else {
             if ($state['FIDO2WantsRegister']) {
                 $response = new RedirectResponse(

lib/Controller/RegProcess.php

@@ -19,7 +19,6 @@
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\HttpFoundation\StreamedResponse;
 
 /**
  * Controller class for the webauthn module.
@@ -92,7 +91,7 @@ public function setLogger(Logger $logger): void
 
     /**
      * @param \Symfony\Component\HttpFoundation\Request $request
-     * @return \Symfony\Component\HttpFoundation\RedirectResponse|\SimpleSAML\HTTP\RunnableResponse|\Symfony\Component\HttpFoundation\StreamedResponse
+     * @return \Symfony\Component\HttpFoundation\RedirectResponse|\SimpleSAML\HTTP\RunnableResponse
      *   A Symfony Response-object.
      */
     public function main(Request $request): Response
@@ -196,14 +195,16 @@ public function main(Request $request): Response
 
         $id = $this->authState::saveState($state, 'webauthn:request');
         if ($debugEnabled === true) {
-            $response = new StreamedResponse();
-            $response->setCallback(function ($regObject, $id) {
-                echo $regObject->getDebugBuffer();
-                echo $regObject->getValidateBuffer();
-                echo "<form id='regform' method='POST' action='" .
-                    Module::getModuleURL('webauthn/webauthn.php?StateId=' . urlencode($id)) . "'>";
-                echo "<button type='submit'>Return to previous page.</button>";
-            });
+            $response = new RunnableResponse(
+                function ($regObject, $id) {
+                    echo $regObject->getDebugBuffer();
+                    echo $regObject->getValidateBuffer();
+                    echo "<form id='regform' method='POST' action='" .
+                        Module::getModuleURL('webauthn/webauthn.php?StateId=' . urlencode($id)) . "'>";
+                    echo "<button type='submit'>Return to previous page.</button>";
+                },
+                [$regObject, $id]
+            );
         } elseif (array_key_exists('Registration', $state)) {
             $response = new RedirectResponse(Module::getModuleURL('webauthn/webauthn.php?StateId=' . urlencode($id)));
         } else {