Merge branch 'master' of https://github.com/simplesamlphp/simplesamlphp-module-adfs

tvdijen · tvdijen · commit 8b9d9155c89a · 2022-07-09T16:13:54.000+02:00
diff --git a/src/Controller/Adfs.php b/src/Controller/Adfs.php
@@ -184,8 +184,6 @@ public function metadata(Request $request): Response
                 $metaArray['RegistrationInfo'] = $idpmeta->getArray('RegistrationInfo');
             }
 
-            $metaflat = '$metadata[' . var_export($idpentityid, true) . '] = ' . var_export($metaArray, true) . ';';
-
             $metaBuilder = new Metadata\SAMLBuilder($idpentityid);
             $metaBuilder->addSecurityTokenServiceType($metaArray);
             $metaBuilder->addOrganizationInfo($metaArray);
@@ -197,51 +195,24 @@ public function metadata(Request $request): Response
                     'contactType'  => 'technical',
                 ]));
             }
-            $output_xhtml = $request->query->get('output') === 'xhtml';
-            $metaxml = $metaBuilder->getEntityDescriptorText($output_xhtml);
-            if (!$output_xhtml) {
-                $metaxml = str_replace("\n", '', $metaxml);
-            }
+            $metaxml = $metaBuilder->getEntityDescriptorText();
 
             // sign the metadata if enabled
             $metaxml = Metadata\Signer::sign($metaxml, $idpmeta->toArray(), 'ADFS IdP');
 
-            if ($output_xhtml) {
-                $t = new Template($this->config, 'metadata.twig');
+            // make sure to export only the md:EntityDescriptor
+            $i = strpos($metaxml, '<md:EntityDescriptor');
+            $metaxml = substr($metaxml, $i ? $i : 0);
 
-                $t->data['clipboard.js'] = true;
-                $t->data['available_certs'] = $availableCerts;
-                $certdata = [];
-                foreach (array_keys($availableCerts) as $availableCert) {
-                    $certdata[$availableCert]['name'] = $availableCert;
-                    $certdata[$availableCert]['url'] = Module::getModuleURL('saml/idp/certs.php') .
-                        '/' . $availableCert;
+            // 22 = strlen('</md:EntityDescriptor>')
+            $i = strrpos($metaxml, '</md:EntityDescriptor>');
+            $metaxml = substr($metaxml, 0, $i ? $i + 22 : 0);
 
-                    $certdata[$availableCert]['comment'] = '';
-                }
-                $t->data['certdata'] = $certdata;
-                $t->data['headerString'] = Translate::noop('metadata_adfs-idp');
-                $httpUtils = new Utils\HTTP();
-                $t->data['metaurl'] = $httpUtils->getSelfURLNoQuery();
-                $t->data['metadata'] = htmlspecialchars($metaxml);
-                $t->data['metadataflat'] = htmlspecialchars($metaflat);
-
-                return $t;
-            } else {
-                // make sure to export only the md:EntityDescriptor
-                $i = strpos($metaxml, '<md:EntityDescriptor');
-                $metaxml = substr($metaxml, $i ? $i : 0);
+            $response = new Response();
+            $response->headers->set('Content-Type', 'application/samlmetadata+xml');
+            $response->setContent($metaxml);
 
-                // 22 = strlen('</md:EntityDescriptor>')
-                $i = strrpos($metaxml, '</md:EntityDescriptor>');
-                $metaxml = substr($metaxml, 0, $i ? $i + 22 : 0);
-
-                $response = new Response();
-                $response->headers->set('Content-Type', 'application/samlmetadata+xml');
-                $response->setContent($metaxml);
-
-                return $response;
-            }
+            return $response;
         } catch (Exception $exception) {
             throw new SspError\Error('METADATA', $exception);
         }
diff --git a/src/IdP/ADFS.php b/src/IdP/ADFS.php
@@ -118,6 +118,8 @@ private static function generateResponse(
                 $name,
                 'http://schemas.xmlsoap.org/claims'
             );
+            $namespace = htmlspecialchars($namespace);
+            $name = htmlspecialchars($name);
             foreach ($values as $value) {
                 if ((!isset($value)) || ($value === '')) {
                     continue;
diff --git a/tests/src/Controller/AdfsControllerTest.php b/tests/src/Controller/AdfsControllerTest.php
@@ -86,8 +86,7 @@ public function testMissingMetadataForRP(): void
         $c = new Controller\Adfs($this->config, $this->session);
 
         $this->expectException(Error\MetadataNotFound::class);
-        // This line breaks tests in PHP 8.1
-        //$this->expectExceptionMessage("METADATANOTFOUND('%ENTITYID%' => '\'urn:example-sp\'')");
+        $this->expectExceptionMessage("METADATANOTFOUND('%ENTITYID%' => 'urn:example-sp')");
 
         $c->prp($request);
     }

Original file line number	Diff line number	Diff line change
`@@ -86,8 +86,7 @@ public function testMissingMetadataForRP(): void`
`86`	`86`	`$c = new Controller\Adfs($this->config, $this->session);`
`87`	`87`
`88`	`88`	`$this->expectException(Error\MetadataNotFound::class);`
`89`		`- // This line breaks tests in PHP 8.1`
`90`		`- //$this->expectExceptionMessage("METADATANOTFOUND('%ENTITYID%' => '\'urn:example-sp\'')");`
	`89`	`+ $this->expectExceptionMessage("METADATANOTFOUND('%ENTITYID%' => 'urn:example-sp')");`
`91`	`90`
`92`	`91`	`$c->prp($request);`
`93`	`92`	`}`