diff --git a/modules/core/lib/Auth/Process/PHP.php b/modules/core/lib/Auth/Process/PHP.php
index 7a538ec1bb3e3964371d7f8d748354039fb97d54..5c2bce08b2cff76d79c119d248951bf2a6f99abf 100644
--- a/modules/core/lib/Auth/Process/PHP.php
+++ b/modules/core/lib/Auth/Process/PHP.php
@@ -49,7 +49,7 @@ class PHP extends \SimpleSAML\Auth\ProcessingFilter
assert(is_array($request));
assert(array_key_exists('Attributes', $request));
- $function = function(/** @scrutinizer ignore-unused */ &$attributes) { eval($this->code); };
- $function($request['Attributes']);
+ $function = function(/** @scrutinizer ignore-unused */ &$attributes, &$state) { eval($this->code); };
+ $function($request['Attributes'], $request);
}
}
diff --git a/tests/modules/core/lib/Auth/Process/PHPTest.php b/tests/modules/core/lib/Auth/Process/PHPTest.php
index c7331397389ddb73748e6a2b78bab8e243ad6f03..e4af7e57c399e376a5c7f24366f7d32985c47945 100644
--- a/tests/modules/core/lib/Auth/Process/PHPTest.php
+++ b/tests/modules/core/lib/Auth/Process/PHPTest.php
@@ -111,4 +111,42 @@ class Test_Core_Auth_Process_PHP extends TestCase
);
$this->processFilter($config, $request);
}
+
+ /**
+ * Check that the entire state can be adjusted.
+ */
+ public function testStateCanBeModified()
+ {
+
+ $config = array(
+ 'code' => '
+ $attributes["orig2"] = array("value0");
+ $state["newKey"] = ["newValue"];
+ $state["Destination"]["attributes"][] = "givenName";
+ ',
+ );
+ $request = array(
+ 'Attributes' => array(
+ 'orig1' => array('value1', 'value2'),
+ 'orig2' => array('value3'),
+ 'orig3' => array('value4')
+ ),
+ 'Destination' => [
+ 'attributes' => ['eduPersonPrincipalName']
+ ],
+ );
+ $expected = array(
+ 'Attributes' => array(
+ 'orig1' => array('value1', 'value2'),
+ 'orig2' => array('value0'),
+ 'orig3' => array('value4')
+ ),
+ 'Destination' => [
+ 'attributes' => ['eduPersonPrincipalName', 'givenName']
+ ],
+ 'newKey' => ['newValue']
+ );
+
+ $this->assertEquals($expected, $this->processFilter($config, $request));
+ }
}