Can you provide a test for this functionality?

Can you provide a test for this functionality?

Here's a test for the cookie flags:
curl --silent --output /dev/null --dump-header - 'https://<serverFQDN>/' | grep set-cookie

Should return a similar output:
set-cookie: processmaker_session=eyJpdiI6IjZQNStyNGxURGRiOTk3MzFxVWdib1E9PSIsInZhbHVlIjoiOEhtWHRSMHhoUytCVWxLYm9sMzJlaTdxSVEyNG5pXC9yOUJKN3RXVDFzUVhxUnoyaU5lWHcrQmxEeVRFNzRieW0iLCJtYWMiOiIxMjRkMDYwOWM2MzVmYmUwZDJiOTQwMGVlYTg3NTQ3OWI5ZDI3MzYxMmU3NTA2OWU5ZjUxNThiMjZjODViZGFkIn0%3D; path=/;samesite=Lax; secure; httponly

To test expire_on_close , it's a manual test - login to the application, close the browser, open the browser again (with "recently closed" tab), and the session should be terminated (without the need of deleting browser cache/cookies). I've successfully tested this in the latest chromium build (got redirected to login).

@gustavo-romero since this is in your personal repository, I can not add a unit test. Please add the following to tests/Feature/SessionTest.php

Because these settings effect how the browser handles cookies, and we do not currently run browser tests, the best we can do it check that they are correctly being set in the header.

<?php

namespace Tests\Feature;

use Tests\TestCase;

class SessionTest extends TestCase
{
    public function test()
    {
        $response = $this->get('/');

        // check 'expire_on_close' => true,
        $this->assertEquals(0, $response->headers->getCookies()[0]->getExpiresTime());

        // check 'path' => '/;samesite=Lax',
        $this->assertEquals('/;samesite=Lax', $response->headers->getCookies()[0]->getPath());

        // Check 'secure' => env('SESSION_SECURE_COOKIE', true),
        $this->assertTrue($response->headers->getCookies()[0]->isSecure());
    }
}

@gustavo-romero since this is in your personal repository, I can not add a unit test. Please add the following to tests/Feature/SessionTest.php

Because these settings effect how the browser handles cookies, and we do not currently run browser tests, the best we can do it check that they are correctly being set in the header.

<?php

namespace Tests\Feature;

use Tests\TestCase;

class SessionTest extends TestCase
{
    public function test()
    {
        $response = $this->get('/');

        // check 'expire_on_close' => true,
        $this->assertEquals(0, $response->headers->getCookies()[0]->getExpiresTime());

        // check 'path' => '/;samesite=Lax',
        $this->assertEquals('/;samesite=Lax', $response->headers->getCookies()[0]->getPath());

        // Check 'secure' => env('SESSION_SECURE_COOKIE', true),
        $this->assertTrue($response->headers->getCookies()[0]->isSecure());
    }
}

Thanks @nolanpro, it's done.