Extract request id handling to dedicated class so it can be injected manually

Signed-off-by: Joas Schilling <coding@schilljs.com>

lib/base.php

@@ -160,7 +160,11 @@ class OC {
 				'SCRIPT_FILENAME' => $_SERVER['SCRIPT_FILENAME'],
 			],
 		];
-		$fakeRequest = new \OC\AppFramework\Http\Request($params, new \OC\Security\SecureRandom(), new \OC\AllConfig(new \OC\SystemConfig(self::$config)));
+		$fakeRequest = new \OC\AppFramework\Http\Request(
+			$params,
+			new \OC\AppFramework\Http\RequestId($_SERVER['UNIQUE_ID'] ?? '', new \OC\Security\SecureRandom()),
+			new \OC\AllConfig(new \OC\SystemConfig(self::$config))
+		);
 		$scriptName = $fakeRequest->getScriptName();
 		if (substr($scriptName, -1) == '/') {
 			$scriptName .= 'index.php';

lib/private/AppFramework/Http/Request.php

@@ -48,8 +48,8 @@ use OC\Security\CSRF\CsrfTokenManager;
 use OC\Security\TrustedDomainHelper;
 use OCP\IConfig;
 use OCP\IRequest;
+use OCP\IRequestId;
 use OCP\Security\ICrypto;
-use OCP\Security\ISecureRandom;
 
 /**
  * Class for accessing variables in the request.
@@ -92,12 +92,10 @@ class Request implements \ArrayAccess, \Countable, IRequest {
 		'method',
 		'requesttoken',
 	];
-	/** @var ISecureRandom */
-	protected $secureRandom;
+	/** @var RequestId */
+	protected $requestId;
 	/** @var IConfig */
 	protected $config;
-	/** @var string */
-	protected $requestId = '';
 	/** @var ICrypto */
 	protected $crypto;
 	/** @var CsrfTokenManager|null */
@@ -117,20 +115,20 @@ class Request implements \ArrayAccess, \Countable, IRequest {
 	 *        - array 'cookies' the $_COOKIE array
 	 *        - string 'method' the request method (GET, POST etc)
 	 *        - string|false 'requesttoken' the requesttoken or false when not available
-	 * @param ISecureRandom $secureRandom
+	 * @param IRequestId $requestId
 	 * @param IConfig $config
 	 * @param CsrfTokenManager|null $csrfTokenManager
 	 * @param string $stream
 	 * @see https://www.php.net/manual/en/reserved.variables.php
 	 */
 	public function __construct(array $vars,
-								ISecureRandom $secureRandom,
+								IRequestId $requestId,
 								IConfig $config,
 								CsrfTokenManager $csrfTokenManager = null,
 								string $stream = 'php://input') {
 		$this->inputStream = $stream;
 		$this->items['params'] = [];
-		$this->secureRandom = $secureRandom;
+		$this->requestId = $requestId;
 		$this->config = $config;
 		$this->csrfTokenManager = $csrfTokenManager;
 
@@ -571,16 +569,7 @@ class Request implements \ArrayAccess, \Countable, IRequest {
 	 * @return string
 	 */
 	public function getId(): string {
-		if (isset($this->server['UNIQUE_ID'])) {
-			return $this->server['UNIQUE_ID'];
-		}
-
-		if (empty($this->requestId)) {
-			$validChars = ISecureRandom::CHAR_ALPHANUMERIC;
-			$this->requestId = $this->secureRandom->generate(20, $validChars);
-		}
-
-		return $this->requestId;
+		return $this->requestId->getId();
 	}
 
 	/**

lib/private/AppFramework/Http/RequestId.php

@@ -0,0 +1,52 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2022, Joas Schilling <coding@schilljs.com>
+ *
+ * @author Joas Schilling <coding@schilljs.com>
+ *
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+namespace OC\AppFramework\Http;
+
+use OCP\IRequestId;
+use OCP\Security\ISecureRandom;
+
+class RequestId implements IRequestId {
+	protected ISecureRandom $secureRandom;
+	protected string $requestId;
+
+	public function __construct(string $uniqueId,
+								ISecureRandom $secureRandom) {
+		$this->requestId = $uniqueId;
+		$this->secureRandom = $secureRandom;
+	}
+
+	/**
+	 * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging
+	 * If `mod_unique_id` is installed this value will be taken.
+	 * @return string
+	 */
+	public function getId(): string {
+		if (empty($this->requestId)) {
+			$validChars = ISecureRandom::CHAR_ALPHANUMERIC;
+			$this->requestId = $this->secureRandom->generate(20, $validChars);
+		}
+
+		return $this->requestId;
+	}
+}

lib/private/Server.php

@@ -60,6 +60,7 @@ use OC\App\AppStore\Fetcher\AppFetcher;
 use OC\App\AppStore\Fetcher\CategoryFetcher;
 use OC\AppFramework\Bootstrap\Coordinator;
 use OC\AppFramework\Http\Request;
+use OC\AppFramework\Http\RequestId;
 use OC\AppFramework\Utility\TimeFactory;
 use OC\Authentication\Events\LoginFailed;
 use OC\Authentication\Listeners\LoginFailedListener;
@@ -202,6 +203,7 @@ use OCP\ILogger;
 use OCP\INavigationManager;
 use OCP\IPreview;
 use OCP\IRequest;
+use OCP\IRequestId;
 use OCP\ISearch;
 use OCP\IServerContainer;
 use OCP\ISession;
@@ -1031,7 +1033,7 @@ class Server extends ServerContainer implements IServerContainer {
 						: '',
 					'urlParams' => $urlParams,
 				],
-				$this->get(ISecureRandom::class),
+				$this->get(IRequestId::class),
 				$this->get(\OCP\IConfig::class),
 				$this->get(CsrfTokenManager::class),
 				$stream
@@ -1040,6 +1042,13 @@ class Server extends ServerContainer implements IServerContainer {
 		/** @deprecated 19.0.0 */
 		$this->registerDeprecatedAlias('Request', \OCP\IRequest::class);
 
+		$this->registerService(IRequestId::class, function (ContainerInterface $c): IRequestId {
+			return new RequestId(
+				$_SERVER['UNIQUE_ID'] ?? '',
+				$this->get(ISecureRandom::class)
+			);
+		});
+
 		$this->registerService(IMailer::class, function (Server $c) {
 			return new Mailer(
 				$c->get(\OCP\IConfig::class),
@@ -1207,7 +1216,7 @@ class Server extends ServerContainer implements IServerContainer {
 		$this->registerAlias(EventDispatcherInterface::class, \OC\EventDispatcher\SymfonyAdapter::class);
 
 		$this->registerService('CryptoWrapper', function (ContainerInterface $c) {
-			// FIXME: Instantiiated here due to cyclic dependency
+			// FIXME: Instantiated here due to cyclic dependency
 			$request = new Request(
 				[
 					'get' => $_GET,
@@ -1220,7 +1229,7 @@ class Server extends ServerContainer implements IServerContainer {
 						? $_SERVER['REQUEST_METHOD']
 						: null,
 				],
-				$c->get(ISecureRandom::class),
+				$c->get(IRequestId::class),
 				$c->get(\OCP\IConfig::class)
 			);
 

lib/public/IRequestId.php

@@ -0,0 +1,39 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2022, Joas Schilling <coding@schilljs.com>
+ *
+ * @author Joas Schilling <coding@schilljs.com>
+ *
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCP;
+
+/**
+ * @since 24.0.0
+ */
+interface IRequestId {
+	/**
+	 * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging
+	 * If `mod_unique_id` is installed this value will be taken.
+	 *
+	 * @return string
+	 * @since 24.0.0
+	 */
+	public function getId(): string;
+}