Invalid json returned on `/metadata/idp` when entity has incomplete metadata

[baszoetekouw]

Engine outputs invalid json on metadata endpoint when MDUI metadata fields are missing.

For example, a fresh devconf env has configured a Mujina Mock IdP with these metadata set:

Specifically, the MDUI logo fields logo:0:url, logo:0:width and logo:0:height are missing. This causes this call for metadata to fail:

╰─▶ curl -kv 'https://profile:secret@engine-api.dev.openconext.local/metadata/idp?entity-id=http://mock-idp'
[...]
> GET /metadata/idp?entity-id=http://mock-idp HTTP/2
> Host: engine-api.dev.openconext.local
> Authorization: Basic cHJvZmlsZTpzZWNyZXQ=
> User-Agent: curl/8.14.1
> Accept: */*
>

< HTTP/2 200
< date: Mon, 02 Feb 2026 15:10:38 GMT
< server: Apache
< x-content-type-options: nosniff
< set-cookie: main=6edd1a881886be2c430d0a72461cfb7b; path=/; secure; HttpOnly; SameSite=None
< vary: Accept-Encoding
< content-type: text/html; charset=UTF-8
<

<br />
<b>Warning</b>:  Undefined property: OpenConext\EngineBlock\Metadata\EmptyMduiElement::$height in <b>/var/www/html/src/OpenConext/EngineBlockBundle/Http/Response/JsonHelper.php</b> on line <b>75</b><br />
<br />
<b>Warning</b>:  Undefined property: OpenConext\EngineBlock\Metadata\EmptyMduiElement::$width in <b>/var/www/html/src/OpenConext/EngineBlockBundle/Http/Response/JsonHelper.php</b> on line <b>76</b><br />
<br />
<b>Warning</b>:  Undefined property: OpenConext\EngineBlock\Metadata\EmptyMduiElement::$url in <b>/var/www/html/src/OpenConext/EngineBlockBundle/Http/Response/JsonHelper.php</b> on line <b>77</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at /var/www/html/src/OpenConext/EngineBlockBundle/Http/Response/JsonHelper.php:75) in <b>/var/www/html/vendor/symfony/http-foundation/Session/SessionUtils.php</b> on line <b>52</b><br />
{"entity_id":"http:\/\/mock-idp","organization":{"en":{"name":"OpenConext DEV","display_name":null,"url":n* Connection #0 to host engine-api.dev.openconext.local left intact
ull},"nl":{"name":null,"display_name":null,"url":null},"pt":{"name":null,"display_name":null,"url":null}},"contact_persons":[],"description":{"en":"Dummy IDP","nl":"","pt":""},"display_name":{"en":null,"nl":null,"pt":null},"logo":{"height":null,"width":null,"url":null},"name":{"en":"Dummy IdP","nl":"Dummy IdP","pt":""},"shib_md_scopes":[],"single_sign_on_services":[{"binding":"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST","location":"https:\/\/mujina-idp.dev.openConext.local\/SingleSignOnService"}]}%

Instead of outputting the warnings here in the json output, it should do the following:

• output a warning in the logs, containing the entity for which metadata was requested, the (http/basic) user who requested it, and the fields that were missing
• return valid json in which the missing fields are set to null

Other issue is why Profile depends on this instead of fetching the metadata from Manage: OpenConext/OpenConext-profile#336

[thijskh]

I don't see invalid JSON in the output?

That the warnings are output to the screen are artefacts of the (configuration of) the test environment.