setup shutdown function

resources/init.php

@@ -15,6 +15,8 @@
 use UnityWebPortal\lib\UnitySite;
 use UnityWebPortal\lib\exceptions\SSOException;
 
+register_shutdown_function(array("UnityWebPortal\lib\UnitySite", "shutdown"));
+
 session_start();
 
 $REDIS = new UnityRedis();
@@ -30,19 +32,7 @@
 $GITHUB = new UnityGithub();
 
 if (isset($_SERVER["REMOTE_USER"])) {  // Check if SSO is enabled on this page
-    try {
-        $SSO = UnitySSO::getSSO();
-    } catch (SSOException $e) {
-        $errorid = uniqid("sso-");
-        $eppn = $_SERVER["REMOTE_USER"];
-        UnitySite::errorLog("SSO Failure", "{$e} ($errorid)");
-        UnitySite::die(
-            "Invalid eppn: '$eppn'. Please contact support at "
-                . CONFIG["mail"]["support"]
-                . " (id: $errorid)",
-            true
-        );
-    }
+    $SSO = UnitySSO::getSSO();
     $_SESSION["SSO"] = $SSO;
 
     $OPERATOR = new UnityUser($SSO["user"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);

resources/lib/UnitySite.php

@@ -59,16 +59,45 @@ public static function badRequest($message)
     {
         self::headerResponseCode(400, "bad request");
         self::errorLog("bad request", $message);
+        error_clear_last();
         self::die($message);
     }
 
     public static function forbidden($message)
     {
         self::headerResponseCode(403, "forbidden");
         self::errorLog("forbidden", $message);
+        error_clear_last();
         self::die($message);
     }
 
+    // https://www.php.net/manual/en/function.register-shutdown-function.php
+    public static function shutdown()
+    {
+        if (!is_null($e = error_get_last())) {
+            self::headerResponseCode(500, "internal server error");
+            $errorid = uniqid();
+            $e["unity_error_id"] = $errorid;
+            self::errorLog("internal server error", json_encode($e));
+            echo "
+                <h1>An internal server error has occurred.</h1>
+                <p>
+                    Please notify a Unity admin at "
+                    . CONFIG["mail"]["support"]
+                    . ". Error ID: $errorid.
+                </p>
+            ";
+            // if content already printed, status code will be ignored and alert text may not be
+            // shown in the webpage in an obvious way, so make a popup
+            self::alert(
+                "An internal server error has occurred. "
+                . "Please notify a Unity admin at "
+                . CONFIG["mail"]["support"]
+                . ". Error ID: $errorid."
+            );
+        }
+    }
+
     public static function arrayGetOrBadRequest(array $array, ...$keys)
     {
         $cursor = $array;
@@ -83,6 +112,8 @@ public static function arrayGetOrBadRequest(array $array, ...$keys)
         return $cursor;
     }
 
+    // in firefox, the user can disable alert/confirm/prompt after the 2nd or 3rd popup
+    // after I disable alerts, if I quit and reopen my browser, the alerts come back
     public static function alert(string $message)
     {
         // json_encode escapes quotes

test/functional/InvalidEPPNTest.php

@@ -1,6 +1,6 @@
 <?php
 
-use UnityWebPortal\lib\exceptions\PhpUnitNoDieException;
+use UnityWebPortal\lib\exceptions\SSOException;
 use PHPUnit\Framework\TestCase;
 use PHPUnit\Framework\Attributes\DataProvider;
 
@@ -27,8 +27,7 @@ public function testInitGetSSO(string $eppn, bool $is_valid): void
             session_id(uniqid());
         }
         if (!$is_valid) {
-            $this->expectException(PhpUnitNoDieException::class);
-            $this->expectExceptionMessageMatches("/.*Invalid eppn.*/");
+            $this->expectException(SSOException::class);
         }
         try {
             $_SERVER["REMOTE_USER"] = $eppn;