From 48627dbec8a8b9af7ec997dee5bf8f9d07e672ac Mon Sep 17 00:00:00 2001
From: Thijs Kinkhorst <thijs@kinkhorst.com>
Date: Fri, 24 Jun 2022 11:53:51 +0000
Subject: [PATCH] Remove overzealous encoding of error parameters

Output encoding happens in the view. This prevents the encoded stuff
from ending up in other places, including log files. Also fixes
tests that were broken because of this.
---
 src/SimpleSAML/Error/AuthSource.php                       | 4 ++--
 src/SimpleSAML/Error/MetadataNotFound.php                 | 2 +-
 tests/modules/saml/src/Controller/ServiceProviderTest.php | 6 ++----
 3 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/src/SimpleSAML/Error/AuthSource.php b/src/SimpleSAML/Error/AuthSource.php
index 1de3be593..9470698e9 100644
--- a/src/SimpleSAML/Error/AuthSource.php
+++ b/src/SimpleSAML/Error/AuthSource.php
@@ -43,8 +43,8 @@ class AuthSource extends Error
         parent::__construct(
             [
                 'AUTHSOURCEERROR',
-                '%AUTHSOURCE%' => htmlspecialchars(var_export($this->authsource, true)),
-                '%REASON%' => htmlspecialchars(var_export($this->reason, true))
+                '%AUTHSOURCE%' => $this->authsource,
+                '%REASON%' => $this->reason
             ],
             $cause
         );
diff --git a/src/SimpleSAML/Error/MetadataNotFound.php b/src/SimpleSAML/Error/MetadataNotFound.php
index 0c1806760..7cde1bda2 100644
--- a/src/SimpleSAML/Error/MetadataNotFound.php
+++ b/src/SimpleSAML/Error/MetadataNotFound.php
@@ -24,7 +24,7 @@ class MetadataNotFound extends Error
         $this->includeTemplate = 'core:no_metadata.twig';
         parent::__construct([
                 'METADATANOTFOUND',
-                '%ENTITYID%' => htmlspecialchars(var_export($entityId, true))
+                '%ENTITYID%' => $entityId
         ]);
     }
 }
diff --git a/tests/modules/saml/src/Controller/ServiceProviderTest.php b/tests/modules/saml/src/Controller/ServiceProviderTest.php
index 7e5047884..5636553c5 100644
--- a/tests/modules/saml/src/Controller/ServiceProviderTest.php
+++ b/tests/modules/saml/src/Controller/ServiceProviderTest.php
@@ -299,8 +299,7 @@ class ServiceProviderTest extends TestCase
         $c = new Controller\ServiceProvider($this->config, $this->session);
 
         $this->expectException(Error\MetadataNotFound::class);
-// Breaks PHP 8.1 tests
-//        $this->expectExceptionMessage("METADATANOTFOUND('%ENTITYID%' => '\'https://engine.test.surfconext.nl/authentication/idp/metadata\'')");
+        $this->expectExceptionMessage("METADATANOTFOUND('%ENTITYID%' => 'https://engine.test.surfconext.nl/authentication/idp/metadata')");
 
         $c->assertionConsumerService('phpunit');
     }
@@ -388,8 +387,7 @@ XML;
         $c = new Controller\ServiceProvider($this->config, $this->session);
 
         $this->expectException(Error\MetadataNotFound::class);
-// Breaks PHP 8.1 tests
-//        $this->expectExceptionMessage("METADATANOTFOUND('%ENTITYID%' => '\'https://engine.test.surfconext.nl/authentication/idp/metadata\'')");
+        $this->expectExceptionMessage("METADATANOTFOUND('%ENTITYID%' => 'TheIssuer')");
 
         $c->singleLogoutService('phpunit');
     }
-- 
GitLab