Respect `mod_unique_id` and refactor `OC_Request::getRequestId`

When `mod_unique_id` is enabled the ID generated by it will be used for logging. This allows for correlation of the Apache logs and the ownCloud logs.

Testplan:

- [ ] When `mod_unique_id` is enabled the request ID equals the one generated by `mod_unique_id`.
- [ ] When `mod_unique_id` is not available the request ID is a 20 character long random string
- [ ] The generated Id is stable over the lifespan of one request

Changeset looks a little bit larger since I had to adjust every unit test using the HTTP\Request class for proper DI.

Fixes https://github.com/owncloud/core/issues/13366

6 files changed, 53 insertions, 29 deletions

diff --git a/lib/private/appframework/http/request.php b/lib/private/appframework/http/request.php
index 6012033fe52..4902671d4b8 100644
--- a/lib/private/appframework/http/request.php
+++ b/lib/private/appframework/http/request.php
@@ -25,6 +25,7 @@
 namespace OC\AppFramework\Http;
 
 use OCP\IRequest;
+use OCP\Security\ISecureRandom;
 
 /**
  * Class for accessing variables in the request.
@@ -48,24 +49,32 @@ class Request implements \ArrayAccess, \Countable, IRequest {
 		'method',
 		'requesttoken',
 	);
+	/** @var ISecureRandom */
+	protected $secureRandom;
+	/** @var string */
+	protected $requestId = '';
 
 	/**
 	 * @param array $vars An associative array with the following optional values:
-	 * @param array 'urlParams' the parameters which were matched from the URL
-	 * @param array 'get' the $_GET array
-	 * @param array|string 'post' the $_POST array or JSON string
-	 * @param array 'files' the $_FILES array
-	 * @param array 'server' the $_SERVER array
-	 * @param array 'env' the $_ENV array
-	 * @param array 'cookies' the $_COOKIE array
-	 * @param string 'method' the request method (GET, POST etc)
-	 * @param string|false 'requesttoken' the requesttoken or false when not available
+	 *        - array 'urlParams' the parameters which were matched from the URL
+	 *        - array 'get' the $_GET array
+	 *        - array|string 'post' the $_POST array or JSON string
+	 *        - array 'files' the $_FILES array
+	 *        - array 'server' the $_SERVER array
+	 *        - array 'env' the $_ENV array
+	 *        - array 'cookies' the $_COOKIE array
+	 *        - string 'method' the request method (GET, POST etc)
+	 *        - string|false 'requesttoken' the requesttoken or false when not available
+	 * @param ISecureRandom $secureRandom
+	 * @param string $stream
 	 * @see http://www.php.net/manual/en/reserved.variables.php
 	 */
-	public function __construct(array $vars=array(), $stream='php://input') {
-
+	public function __construct(array $vars=array(),
+								ISecureRandom $secureRandom,
+								$stream='php://input') {
 		$this->inputStream = $stream;
 		$this->items['params'] = array();
+		$this->secureRandom = $secureRandom;
 
 		if(!array_key_exists('method', $vars)) {
 			$vars['method'] = 'GET';
@@ -384,4 +393,23 @@ class Request implements \ArrayAccess, \Countable, IRequest {
 			// Valid token
 			return true;
 		}
-	}}
+	}
+
+	/**
+	 * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging
+	 * If `mod_unique_id` is installed this value will be taken.
+	 * @return string
+	 */
+	public function getId() {
+		if(isset($this->server['UNIQUE_ID'])) {
+			return $this->server['UNIQUE_ID'];
+		}
+
+		if(empty($this->requestId)) {
+			$this->requestId = $this->secureRandom->getLowStrengthGenerator()->generate(20);
+		}
+
+		return $this->requestId;
+	}
+
+}
diff --git a/lib/private/log/owncloud.php b/lib/private/log/owncloud.php
index c8ae61032aa..8e55bf1c695 100644
--- a/lib/private/log/owncloud.php
+++ b/lib/private/log/owncloud.php
@@ -68,7 +68,7 @@ class OC_Log_Owncloud {
 				$timezone = new DateTimeZone('UTC');
 			}
 			$time = new DateTime(null, $timezone);
-			$reqId = \OC_Request::getRequestID();
+			$reqId = \OC::$server->getRequest()->getId();
 			$remoteAddr = \OC_Request::getRemoteAddress();
 			// remove username/passwords from URLs before writing the to the log file
 			$time = $time->format($format);
diff --git a/lib/private/request.php b/lib/private/request.php
index 3bf7d94d9cf..ab011c913d9 100644
--- a/lib/private/request.php
+++ b/lib/private/request.php
@@ -13,7 +13,6 @@ class OC_Request {
 	const USER_AGENT_ANDROID_MOBILE_CHROME = '#Android.*Chrome/[.0-9]*#';
 	const USER_AGENT_FREEBOX = '#^Mozilla/5\.0$#';
 	const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)$/';
-	static protected $reqId;
 
 	/**
 	 * Returns the remote address, if the connection came from a trusted proxy and `forwarded_for_headers` has been configured
@@ -44,17 +43,6 @@ class OC_Request {
 	}
 
 	/**
-	 * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging
-	 * @return string
-	 */
-	public static function getRequestID() {
-		if(self::$reqId === null) {
-			self::$reqId = hash('md5', microtime().\OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(20));
-		}
-		return self::$reqId;
-	}
-
-	/**
 	 * Check overwrite condition
 	 * @param string $type
 	 * @return bool
diff --git a/lib/private/server.php b/lib/private/server.php
index 15c33e1905f..b023534ae21 100644
--- a/lib/private/server.php
+++ b/lib/private/server.php
@@ -10,7 +10,6 @@ use OC\Cache\UserCache;
 use OC\Diagnostics\NullQueryLogger;
 use OC\Diagnostics\EventLogger;
 use OC\Diagnostics\QueryLogger;
-use OC\Files\Config\StorageManager;
 use OC\Security\CertificateManager;
 use OC\Files\Node\Root;
 use OC\Files\View;
@@ -64,7 +63,7 @@ class Server extends SimpleContainer implements IServerContainer {
 			}
 
 			return new Request(
-				array(
+				[
 					'get' => $_GET,
 					'post' => $_POST,
 					'files' => $_FILES,
@@ -76,7 +75,9 @@ class Server extends SimpleContainer implements IServerContainer {
 						: null,
 					'urlParams' => $urlParams,
 					'requesttoken' => $requestToken,
-				), $stream
+				],
+				$this->getSecureRandom(),
+				$stream
 			);
 		});
 		$this->registerService('PreviewManager', function ($c) {
diff --git a/lib/private/template.php b/lib/private/template.php
index d407eb8384c..4fa1c867d54 100644
--- a/lib/private/template.php
+++ b/lib/private/template.php
@@ -223,7 +223,7 @@ class OC_Template extends \OC\Template\Base {
 		$content->assign('trace', $exception->getTraceAsString());
 		$content->assign('debugMode', defined('DEBUG') && DEBUG === true);
 		$content->assign('remoteAddr', OC_Request::getRemoteAddress());
-		$content->assign('requestID', OC_Request::getRequestID());
+		$content->assign('requestID', \OC::$server->getRequest()->getId());
 		$content->printPage();
 		die();
 	}
diff --git a/lib/public/irequest.php b/lib/public/irequest.php
index 988b3aebd7b..b5ea1fa95da 100644
--- a/lib/public/irequest.php
+++ b/lib/public/irequest.php
@@ -127,4 +127,11 @@ interface IRequest {
 	 * @return bool true if CSRF check passed
 	 */
 	public function passesCSRFCheck();
+
+	/**
+	 * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging
+	 * If `mod_unique_id` is installed this value will be taken.
+	 * @return string
+	 */
+	public function getId();
 }