public static function getSessionFromRequest()
{
// check if we already have initialized the session
if (isset(self::$instance)) {
return self::$instance;
}
// check if we have stored a session stored with the session handler
$session = null;
try {
$session = self::getSession();
} catch (Exception $e) {
/*
* For some reason, we were unable to initialize this session. Note that this error might be temporary, and
* it's possible that we can recover from it in subsequent requests, so we should not try to create a new
* session here. Therefore, use just a transient session and throw the exception for someone else to handle
* it.
*/
SimpleSAML\Logger::error('Error loading session: ' . $e->getMessage());
self::useTransientSession();
if ($e instanceof SimpleSAML_Error_Exception) {
$cause = $e->getCause();
if ($cause instanceof Exception) {
throw $cause;
}
}
throw $e;
}
// if getSession() found it, use it
if ($session !== null) {
return self::load($session);
}
/*
* We didn't have a session loaded when we started, but we have it now. At this point, getSession() failed but
* it must have triggered the creation of a session at some point during the process (e.g. while logging an
* error message). This means we don't need to create a new session again, we can use the one that's loaded now
* instead.
*/
if (self::$instance !== null) {
return self::$instance;
}
// try to create a new session
try {
self::load(new SimpleSAML_Session());
} catch (\SimpleSAML\Error\CannotSetCookie $e) {
// can't create a regular session because we can't set cookies. Use transient.
$c = SimpleSAML_Configuration::getInstance();
self::useTransientSession();
if ($e->getCode() === \SimpleSAML\Error\CannotSetCookie::SECURE_COOKIE) {
throw new \SimpleSAML\Error\CriticalConfigurationError($e->getMessage(), null, $c->toArray());
}
SimpleSAML\Logger::error('Error creating session: ' . $e->getMessage());
}
// we must have a session now, either regular or transient
return self::$instance;
}