Resolve SessionStore::purge() not iterating over session storage when a falsey value is stored

[evansims]

Changes

Background: When a developer invokes the purge() method on whatever session handler is configured, the chosen session class is expected to clear our the local user session. Developers using the PHP native sessions handler for storage will have the PHP global $_SESSION iterated over and parsed for keys prefixed with the SDK's namespace, which are then deleted.

Bug: This PR addresses an issue in which PHP's language feature current() will return false when a falsey value is stored in the PHP native session key-store, causing the iteration check of while(current(...)) to exit early.

Fix: The key() feature functions as a suitable drop-in replacement for this check without the falsey value issue, allowing the SDK to successfully clear our a user's local session when the developer is using native PHP sessions that contain falsey values.

References

Resolves #576

Testing

No additional/new testing was necessary for these changes. Coverage remains at 100%.

Contributor Checklist

• I have read the Auth0 general contribution guidelines
• I have read the Auth0 Code of Conduct

[lbalmaceda]

current() will return false when a falsey value is stored in the PHP native session key-store, causing the iteration check of while(current(...)) to exit early.

Should this be test-covered to verify that the introduced diff fixes that?

[github-actions]

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.