SAML-Toolkits#201. Fix issues with SP entity_id, acs url and sls url that contains &

Author: pitbulk

lib/Saml2/AuthnRequest.php

@@ -114,6 +114,8 @@ public function __construct(OneLogin_Saml2_Settings $settings, $forceAuthn = fal
             }
         }
 
+        $sp_entity_id = htmlspecialchars($spData['entityId'], ENT_QUOTES);
+        $acs_url = htmlspecialchars($spData['assertionConsumerService']['url'], ENT_QUOTES);
         $request = <<<AUTHNREQUEST
 <samlp:AuthnRequest
     xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
@@ -124,8 +126,8 @@ public function __construct(OneLogin_Saml2_Settings $settings, $forceAuthn = fal
     IssueInstant="$issueInstant"
     Destination="{$idpData['singleSignOnService']['url']}"
     ProtocolBinding="{$spData['assertionConsumerService']['binding']}"
-    AssertionConsumerServiceURL="{$spData['assertionConsumerService']['url']}">
-    <saml:Issuer>{$spData['entityId']}</saml:Issuer>
+    AssertionConsumerServiceURL="{$acs_url}">
+    <saml:Issuer>{$sp_entity_id}</saml:Issuer>
 {$nameIdPolicyStr}
 {$requestedAuthnStr}
 </samlp:AuthnRequest>

lib/Saml2/LogoutRequest.php

@@ -90,6 +90,7 @@ public function __construct(OneLogin_Saml2_Settings $settings, $request = null,
 
             $sessionIndexStr = isset($sessionIndex) ? "<samlp:SessionIndex>{$sessionIndex}</samlp:SessionIndex>" : "";
 
+            $sp_entity_id = htmlspecialchars($spData['entityId'], ENT_QUOTES);
             $logoutRequest = <<<LOGOUTREQUEST
 <samlp:LogoutRequest
     xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
@@ -98,7 +99,7 @@ public function __construct(OneLogin_Saml2_Settings $settings, $request = null,
     Version="2.0"
     IssueInstant="{$issueInstant}"
     Destination="{$idpData['singleLogoutService']['url']}">
-    <saml:Issuer>{$spData['entityId']}</saml:Issuer>
+    <saml:Issuer>{$sp_entity_id}</saml:Issuer>
     {$nameIdObj}
     {$sessionIndexStr}
 </samlp:LogoutRequest>

lib/Saml2/LogoutResponse.php

@@ -221,6 +221,7 @@ public function build($inResponseTo)
         $this->id = OneLogin_Saml2_Utils::generateUniqueID();
         $issueInstant = OneLogin_Saml2_Utils::parseTime2SAML(time());
 
+        $sp_entity_id = htmlspecialchars($spData['entityId'], ENT_QUOTES);
         $logoutResponse = <<<LOGOUTRESPONSE
 <samlp:LogoutResponse xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                   xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
@@ -230,7 +231,7 @@ public function build($inResponseTo)
                   Destination="{$idpData['singleLogoutService']['url']}"
                   InResponseTo="{$inResponseTo}"
                   >
-    <saml:Issuer>{$spData['entityId']}</saml:Issuer>
+    <saml:Issuer>{$sp_entity_id}</saml:Issuer>
     <samlp:Status>
         <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
     </samlp:Status>

lib/Saml2/Metadata.php

@@ -38,9 +38,10 @@ public static function builder($sp, $authnsign = false, $wsign = false, $validUn
         $sls = '';
 
         if (isset($sp['singleLogoutService'])) {
+            $sls_url = htmlspecialchars($sp['singleLogoutService']['url'], ENT_QUOTES);
             $sls = <<<SLS_TEMPLATE
         <md:SingleLogoutService Binding="{$sp['singleLogoutService']['binding']}"
-                                Location="{$sp['singleLogoutService']['url']}" />
+                                Location="{$sls_url}" />
 
 SLS_TEMPLATE;
         }
@@ -127,7 +128,7 @@ public static function builder($sp, $authnsign = false, $wsign = false, $validUn
                     $reqAttrAuxStr = '>';
                     if (is_string($attribute['attributeValue'])) {
                         $attribute['attributeValue'] = array($attribute['attributeValue']);
-                    }                    
+                    }
                     foreach ($attribute['attributeValue'] as $attrValue) {
                         $reqAttrAuxStr .=<<<ATTRIBUTEVALUE
 
@@ -149,16 +150,18 @@ public static function builder($sp, $authnsign = false, $wsign = false, $validUn
 METADATA_TEMPLATE;
         }
 
+        $sp_entity_id = htmlspecialchars($sp['entityId'], ENT_QUOTES);
+        $acs_url = htmlspecialchars($sp['assertionConsumerService']['url'], ENT_QUOTES);
         $metadata = <<<METADATA_TEMPLATE
 <?xml version="1.0"?>
 <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
                      validUntil="{$validUntilTime}"
                      cacheDuration="PT{$cacheDuration}S"
-                     entityID="{$sp['entityId']}">
+                     entityID="{$sp_entity_id}">
     <md:SPSSODescriptor AuthnRequestsSigned="{$strAuthnsign}" WantAssertionsSigned="{$strWsign}" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
 {$sls}        <md:NameIDFormat>{$sp['NameIDFormat']}</md:NameIDFormat>
         <md:AssertionConsumerService Binding="{$sp['assertionConsumerService']['binding']}"
-                                     Location="{$sp['assertionConsumerService']['url']}"
+                                     Location="{$acs_url}"
                                      index="1" />
         {$strAttributeConsumingService}
     </md:SPSSODescriptor>{$strOrganization}{$strContacts}