You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, there,
I had an issue while importing this lib for our current SAML token validation. Our current lib also check SessionNotOnOrAfter for expiration. If NotOnOrAfter or SessionNotOnOrAfter is not expired, the SAML token is valid.
Do you think this is a valid request to make the changes to the following code? If not, can we add a flag to skip the following code? So we can handle the expiration logic properly in application layer.
now := sp.Clock.Now()
if now.After(notOnOrAfter) {
return ErrInvalidValue{
Reason: ReasonExpired,
Key: NotOnOrAfterAttr,
Expected: now.Format(time.RFC3339),
Actual: subjectConfirmationData.NotOnOrAfter,
}
}
The text was updated successfully, but these errors were encountered:
Hi, there,
I had an issue while importing this lib for our current SAML token validation. Our current lib also check SessionNotOnOrAfter for expiration. If NotOnOrAfter or SessionNotOnOrAfter is not expired, the SAML token is valid.
Do you think this is a valid request to make the changes to the following code? If not, can we add a flag to skip the following code? So we can handle the expiration logic properly in application layer.
now := sp.Clock.Now()
if now.After(notOnOrAfter) {
return ErrInvalidValue{
Reason: ReasonExpired,
Key: NotOnOrAfterAttr,
Expected: now.Format(time.RFC3339),
Actual: subjectConfirmationData.NotOnOrAfter,
}
}
The text was updated successfully, but these errors were encountered: