chore(login) #14318 : rework redirects during authentication flow

2025-08-26 16:39:27 +02:00
4 changed files with 9 additions and 8 deletions
--- a/misc/images/hydra-sql-base/Dockerfile
+++ b/misc/images/hydra-sql-base/Dockerfile
@ -1,5 +1,5 @@
 ARG NODE_OPTIONS="--openssl-legacy-provider" \
-    PHP_PKG_VERSION="8.4.11-r0" \
+    PHP_PKG_VERSION="8.4.5-r0" \
    ENCORE_MODE="production" \
    APP_ENV="prod" \
    BASE_PATH="" \
@ -20,4 +20,4 @@ ARG NODE_OPTIONS="--openssl-legacy-provider" \
        BASE_PATH=${BASE_PATH} \
        APP_LOCALES=${APP_LOCALES}"

-FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.4-base-2025.9.1-stable.1652.6889275
+FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.4-base-2025.6.12-stable.1038.48ea3b9
--- a/misc/images/hydra-sql-standalone/Dockerfile
+++ b/misc/images/hydra-sql-standalone/Dockerfile
@ -1,5 +1,5 @@
 ARG NODE_OPTIONS="--openssl-legacy-provider" \
-    PHP_PKG_VERSION="8.4.11-r0" \
+    PHP_PKG_VERSION="8.4.5-r0" \
    ENCORE_MODE="production" \
    APP_ENV="prod" \
    BASE_PATH="" \
@ -20,5 +20,5 @@ ARG NODE_OPTIONS="--openssl-legacy-provider" \
        BASE_PATH=${BASE_PATH} \
        APP_LOCALES=${APP_LOCALES}"

-FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.4-standalone-2025.9.1-stable.1652.6889275
+FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.4-standalone-2025.6.12-stable.1038.48ea3b9
 USER www-data
--- a/src/Controller/MainController.php
+++ b/src/Controller/MainController.php
@ -20,7 +20,8 @@ class MainController extends AbstractController
    public function __construct(
        private readonly RequestStack $requestStack,
        private readonly HydraService $hydra,
-        private readonly Client $client
+        private readonly Client $client,
+        private readonly SQLLoginRequest $sqlLoginRequest
    ){
    }

@ -40,7 +41,7 @@ class MainController extends AbstractController
    }

    #[Route('/connect/login-accept', name: 'app_login_accept', methods: ['GET'])]
-    public function loginAccept(SQLLoginRequest $sqlLoginRequest): RedirectResponse
+    public function loginAccept(): RedirectResponse
    {
        $user = $this->getUser();

@ -54,7 +55,7 @@ class MainController extends AbstractController

        $subject = $user->getLogin();

-        $subjectRewriteExpression = $sqlLoginRequest->getSubjectRewriteExpression();
+        $subjectRewriteExpression = $this->sqlLoginRequest->getSubjectRewriteExpression();
        if (null != $subjectRewriteExpression) {
            $expressionLanguage = new ExpressionLanguage();

--- a/src/Hydra/HydraService.php
+++ b/src/Hydra/HydraService.php
@ -39,7 +39,7 @@ class HydraService extends AbstractController
        // si le challenge est validé par hydra, on le stocke en session pour l'utiliser par la suite et on redirige vers une route interne protégée qui va déclencher l'identification FranceConnect
        $this->requestStack->getSession()->set('challenge', $loginRequestInfo['challenge']);

-        return new RedirectResponse($this->baseUrl.'/connect/login-accept');
+        return new RedirectResponse($this->baseUrl.'/login');
    }

    public function handleConsentRequest(Request $request): RedirectResponse