fix html escaping of userInfo

pom.xml

@@ -6,16 +6,16 @@
 
     <groupId>io.curity.identityserver.plugin</groupId>
     <artifactId>identityserver.plugins.authenticators.freja-eid</artifactId>
-    <version>4.0.0</version>
+    <version>4.0.1</version>
     <packaging>jar</packaging>
 
     <name>Curity Verisec Authenticator</name>
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <project.curityVersion>6.2.0</project.curityVersion>
-        <project.slf4jVersion>1.7.25</project.slf4jVersion>
-        <kotlin.version>1.3.72</kotlin.version>
+        <project.curityVersion>6.7.3</project.curityVersion>
+        <project.slf4jVersion>1.7.30</project.slf4jVersion>
+        <kotlin.version>1.5.10</kotlin.version>
     </properties>
 
     <build>
@@ -44,7 +44,7 @@
                     </execution>
                 </executions>
                 <configuration>
-                    <jvmTarget>1.8</jvmTarget>
+                    <jvmTarget>11</jvmTarget>
                 </configuration>
             </plugin>
         </plugins>
@@ -71,7 +71,7 @@
         <dependency>
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-validator</artifactId>
-            <version>5.2.5.Final</version>
+            <version>6.2.0.CR1</version>
             <scope>provided</scope>
         </dependency>
         <dependency>

src/main/kotlin/io/curity/identityserver/plugin/frejaeid/authentication/RequestLogicHelper.kt

@@ -185,7 +185,7 @@ class RequestLogicHelper(private val config: FrejaEidAuthenticatorPluginConfig)
 
     private fun encodeAndPost(path: String, paramName: String, requestParams: Map<String, Any>) : HttpResponse
     {
-        val requestJson = _json.toJson(requestParams)
+        val requestJson = buildJsonAuthRequest(requestParams)
         val encodedRequest = Base64.getEncoder().encodeToString(requestJson.toByteArray())
         val authResultRequest = "$paramName=${encodedRequest}"
         val requestBody = _relyingPartyId?.let { "$authResultRequest&relyingPartyId=$it" } ?: authResultRequest
@@ -209,7 +209,7 @@ class RequestLogicHelper(private val config: FrejaEidAuthenticatorPluginConfig)
         config.webServiceClientFactory.create(URI.create("https://$host"))
     }
 
-    fun generateQRCodeLink(baseUrl: String, appLink: String, environment: PredefinedEnvironment): String
+    fun generateQRCodeLink(baseUrl: String, appLink: String): String
     {
         val builder = StringBuilder(baseUrl)
         builder.append(QR_CODE_GENERATE_PATH)
@@ -223,6 +223,18 @@ class RequestLogicHelper(private val config: FrejaEidAuthenticatorPluginConfig)
         return "frejaeid://bindUserToTransaction?transactionReference=$authRef"
     }
 
+    private fun buildJsonAuthRequest(postData: Map<String, Any>): String
+    {
+        return "{" + postData.map {
+            val value = when
+            {
+                it.value is String -> "\"" + it.value + "\""
+                else -> _json.toJson(it.value)
+            }
+            "\"" + it.key + "\"" + ":" + value
+        }.joinToString() + "}"
+    }
+
     fun extractAttributesFromJwt(responseData: Map<String, Any>): Attributes
     {
         val jwtParts = Objects.toString(responseData["details"]).split("\\.".toRegex(), 3).toTypedArray()

src/main/kotlin/io/curity/identityserver/plugin/frejaeid/authentication/RequestModel.kt

@@ -17,8 +17,8 @@
 package io.curity.identityserver.plugin.frejaeid.authentication
 
 import io.curity.identityserver.plugin.frejaeid.config.UserInfoType
-import org.hibernate.validator.constraints.Email
-import org.hibernate.validator.constraints.NotBlank
+import javax.validation.constraints.Email
+import javax.validation.constraints.NotBlank
 import se.curity.identityserver.sdk.web.Request
 import javax.validation.Valid
 import javax.validation.constraints.Pattern

src/main/kotlin/io/curity/identityserver/plugin/frejaeid/authentication/StartRequestHandler.kt

@@ -48,7 +48,7 @@ class StartRequestHandler(private val config: FrejaEidAuthenticatorPluginConfig,
     {
         val dataMap = HashMap<String, Any>(2)
 
-        dataMap["userInfoType"] = _userInfoType.toString().toLowerCase()
+        dataMap["userInfoType"] = _userInfoType.toString().lowercase()
 
         if (request.isGetRequest)
         {

src/main/kotlin/io/curity/identityserver/plugin/frejaeid/authentication/WaitRequestHandler.kt

@@ -82,7 +82,7 @@ class WaitRequestHandler(private val config: FrejaEidAuthenticatorPluginConfig)
 
             val cspOverride = "img-src 'self' $baseUrl;"
             val appLink = _requestLogicHelper.generateAppLink(authRef.toString())
-            val qrCode = _requestLogicHelper.generateQRCodeLink(baseUrl, appLink, config.environment)
+            val qrCode = _requestLogicHelper.generateQRCodeLink(baseUrl, appLink)
             viewData = mapOf(QR_CODE to qrCode, CSP_OVERRIDE_IMG_SRC to cspOverride, THIS_DEVICE_LINK to appLink)
         }
 
@@ -218,8 +218,8 @@ class WaitRequestHandler(private val config: FrejaEidAuthenticatorPluginConfig)
             {
                 val dataMap: HashMap<String, Any> = HashMap(2)
 
-                dataMap["userInfoType"] = config.userInfoType.toString().toLowerCase()
-                dataMap["error"] = "error.request.${status.value.toString().toLowerCase()}"
+                dataMap["userInfoType"] = config.userInfoType.toString().lowercase()
+                dataMap["error"] = "error.request.${status.value.toString().lowercase()}"
 
                 // GET request
                 if (config.userPreferencesManager.username != null)