Cache RequestValidator + make ApiExceptionSubscriber exception-safe

[stixx]

Summary by CodeRabbit

• Bug Fixes

  • Improved API exception handling with a robust fallback response when error-to-problem conversion fails.

• Performance

  • Caches the OpenAPI request validator to avoid regenerating the document on repeated validations.

• Tests

  • Added tests covering the exception fallback behavior and verifying the OpenAPI generation is performed only once.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: c576f77b-e101-4aab-a9bc-4d751edf22ec

📥 Commits

Reviewing files that changed from the base of the PR and between b213b02 and f21a7a0.

📒 Files selected for processing (1)

• src/EventSubscriber/ApiExceptionSubscriber.php

🚧 Files skipped from review as they are similar to previous changes (1)

• src/EventSubscriber/ApiExceptionSubscriber.php

---

Walkthrough

This PR refactors RequestValidator to inject and reuse PSR HTTP message factories instead of inline instantiation, adds OpenAPI validator caching to avoid redundant generation, and makes ApiExceptionSubscriber resilient to normalizer failures via try/catch fallback handling that returns a generic RFC7807 error response.

Changes

PSR Factory Injection and Request Validation with Caching

Layer / File(s)	Summary
Dependency Configuration config/validators.php	Registers Psr17Factory and Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory services; wires PSR HTTP factory into RequestValidator constructor.
RequestValidator Refactoring src/Validator/RequestValidator.php	Injects HttpMessageFactoryInterface dependency and caches OpenApiRequestValidator instance. validate() creates a PSR-7 request via injected factory and delegates to cached validator from getValidator().
Exception Subscriber Resilience src/EventSubscriber/ApiExceptionSubscriber.php	Wraps response building in try/catch; delegates to buildProblemResponse() for normal handling and buildFallbackResponse() for fallback, returning 500 application/problem+json when normalizer or building throws.
Tests and Helpers tests/Unit/Validator/RequestValidatorTest.php, tests/Unit/EventSubscriber/ApiExceptionSubscriberTest.php	Updates validator tests to pass PSR HTTP factory dependency; adds testValidateOnlyGeneratesOpenApiDocumentOnce() to verify caching; adds testFallsBackToProblemJsonWhenNormalizerThrows() to verify fallback behavior; introduces createPsrHttpFactory() helper.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• stixx/openapi-command-bundle#19: Modifies ApiExceptionSubscriber exception-unwrapping logic and related test coverage.

Suggested labels

bug

Poem

🐇 In gardens of code the validators play,
PSR-crafted bridges guide requests on their way,
Cached guards stand watch so docs build once more,
If normalizers stumble, a fallback restores,
A rabbit applauds — resilience, encore! 🥕✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly reflects the two main changes: caching the RequestValidator and adding exception handling to ApiExceptionSubscriber.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch cache-validator-exception-safe

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/EventSubscriber/ApiExceptionSubscriber.php`:
- Around line 80-82: In ApiExceptionSubscriber where the JsonResponse is
constructed (the return new JsonResponse(...) call), the headers merge currently
lets $throwable->getHeaders() override 'Content-Type'; change the merge order so
the default 'Content-Type' => 'application/problem+json' takes precedence (e.g.,
merge throwable headers into the defaults rather than the other way around) to
enforce RFC7807 compliance and ensure ApiProblemException headers cannot
override Content-Type.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 48280454-6ea8-4b78-889b-a7a0b7a9119e

📥 Commits

Reviewing files that changed from the base of the PR and between 1a05ede and b213b02.

📒 Files selected for processing (5)

• config/validators.php
• src/EventSubscriber/ApiExceptionSubscriber.php
• src/Validator/RequestValidator.php
• tests/Unit/EventSubscriber/ApiExceptionSubscriberTest.php
• tests/Unit/Validator/RequestValidatorTest.php