Draft
Conversation
- Add SPIDAuthenticationRequestEvent with safe XML extraction - Add SPIDAuthenticationResponseEvent with safe XML extraction - Events expose raw XML and extracted fields (ID, timestamps, issuer, etc.) - All extraction methods safely return null for missing/malformed XML - Addresses issue italia#51
- Add TransactionStoreContract interface for extensible storage - Implement DatabaseTransactionStore using Eloquent model - Implement LogTransactionStore for structured JSON logging - Add SPIDTransaction model with migration stub - Support storing AuthnRequest/Response pairs with extracted fields - Enable pairing requests and responses by authn_request_id
- Add spid:prune-transactions artisan command - Support configurable retention period (default 24 months) - Respect SPID technical rules for 24-month retention - Add command tests
- Add TransactionLogListener to automatically store transactions - Listener handles both request and response events - Uses configured transaction store driver - Only active when transaction_log.enabled is true
- Register TransactionStore contract and drivers - Auto-register TransactionLogListener when enabled - Register pruning command - Publish migration stub via vendor:publish
- Fire SPIDAuthenticationRequestEvent after generating AuthnRequest - Fire SPIDAuthenticationResponseEvent when receiving Response - Add correlation support via request IDs - Maintain backward compatibility (events only fire if enabled)
- Add transaction_log config section to spid-auth.php - Support enabled, driver, retention_months options - Default: disabled, database driver, 24 months retention - Add driver-specific configuration options
- Test event XML extraction (valid, missing fields, malformed) - Test database transaction store (create, update, pairing) - Test pruning command with various scenarios - Test listener event handling - Add integration tests for full login flow - Maintain 100% test coverage
- Document SPID technical rules compliance (24-month retention) - Add setup instructions for transaction logging - Document configuration options - Add pruning command scheduling example - Include security/privacy considerations - Update README with transaction logging section
- Add TransactionLogHelper with static cache for enabled status - Reduce config() calls from 3 to 1 per request - Improve performance by avoiding repeated config cache lookups
- Create SafeXmlExtraction trait to eliminate code duplication - Remove duplicate safeXPathQuery() method from both Event classes - Improve maintainability and consistency
- Wrap storage operations in try-catch blocks - Log errors without interrupting authentication flow - Improve resilience and observability
- Use chunking (1000 records per batch) to reduce database locks - Add verbose output for batch progress - Improve scalability for large transaction tables
- Add QueuedTransactionLogListener for asynchronous processing - Support configurable queue connection - Maintain backward compatibility with synchronous listener
- Add spid:transaction-stats command for monitoring - Display transaction counts, completion rates, and IdP breakdown - Support filtering by Identity Provider
- Document that authn_request_id index is for fast correlation lookups - Improve code documentation
- Reset TransactionLogHelper cache in tests that change config - Ensure tests read fresh config values - Fix testTransactionEventsAreFiredWhenEnabled and testTransactionEventsAreNotFiredWhenDisabled
- Add tests for storeRequest() and storeResponse() methods - Test configured channel usage and default channel fallback - Test handling of malformed XML - Test exception handling and error logging
- Add tests for statistics display (total, with/without response, completion rate) - Test IdP filtering functionality - Test time range display (oldest, newest, average per day) - Test IdP breakdown when not filtered - Test empty table handling
- Test ShouldQueue interface implementation - Test handle() method for both request and response events - Test exception handling without interrupting flow - Test queue connection configuration from config
- Test isEnabled() with true/false config values - Test caching mechanism (second call uses cached value) - Test resetCache() functionality - Test default false when config is missing
- Apply yoda style comparisons (null === $var) - Add blank lines before return statements - Use single quotes instead of double quotes where appropriate - Remove unused imports - Fix PHPDoc separation - Reorder class elements and imports - Use global namespace imports (Exception instead of \Exception)
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #123 +/- ##
=============================================
- Coverage 100.00% 93.50% -6.50%
- Complexity 151 229 +78
=============================================
Files 8 19 +11
Lines 456 755 +299
=============================================
+ Hits 456 706 +250
- Misses 0 49 +49 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.