phpsymfonysymfony-http-kernel

Symfony HttpKernel surequest "There is currently no session available" error

Symfony 5.3.10

PHP 8.0.8

I have a public webhook used for user activation (by clicking a link in an email).

Something like: https://mydomain.fake/user/123-5346-6787-89-789/1234678567945asd

The activation is performed by an api request, so i need to generate a subrequest inside the controller of the webhook

#[Route('/activate/{uuid}/{token}', name: 'webhook.user_settings')]
    public function index(string $uuid, string $token, Request $request, HttpKernelInterface $httpKernel): Response
    {

        $url = sprintf($request->getSchemeAndHttpHost() . "/api/user/%s/activate?token=%s",
            $uuid,
            $token
        );

        $request = Request::create($url, 'PATCH', [], [], [], [], json_encode([], \JSON_THROW_ON_ERROR));
        $request->setMethod('PATCH');
        $request->headers->set('Content-Type', 'application/merge-patch+json');

        $result = $httpKernel->handle($request, HttpKernelInterface::SUB_REQUEST);

        if ($result->getStatusCode() === Response::HTTP_OK) {
            $user = json_decode($result->getContent());
            $body = "<html><body><h2>Complimenti '" . $user->name . "', attivazione avvenuta con successo</h2></body></html>";
        } else {
            $body = "<html><body><h2>Ooops! Qualcosa è andato storto</h2></body></html>";
        }
        return new Response($body, $result->getStatusCode());
    }

It worked until today (i've tested last time some week ago but it worked fine for months)

Now the request to the api is performed, the user activated but the $result is in state 400

Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\BadRequestHttpException: "There is currently no session available."

If i call the api directly (using Postman) it works as expected.

Where am i wrong?

Solution

  • Solved by adding the session of the main request to the subrequest

    public function index(string $uuid, string $token, Request $request, HttpKernelInterface $httpKernel): Response
    {

        $url = sprintf($request->getSchemeAndHttpHost() . "/api/user/%s/activate?token=%s",
            $uuid,
            $token
        );
        $session = $request->getSession();
        $request = Request::create($url, 'PATCH', [], [], [], [], json_encode([], \JSON_THROW_ON_ERROR));
        $request->setMethod('PATCH');
        $request->headers->set('Content-Type', 'application/merge-patch+json');
        $request->setSession($session);

        $result = $httpKernel->handle($request, HttpKernelInterface::SUB_REQUEST);

        if ($result->getStatusCode() === Response::HTTP_OK) {
            $user = json_decode($result->getContent());
            $body = "<html><body><h2>Complimenti '" . $user->name . "', attivazione avvenuta con successo</h2></body></html>";
        } else {
            $body = "<html><body><h2>Ooops! Qualcosa è andato storto</h2></body></html>";
        }
        return new Response($body, $result->getStatusCode());
    }