SAML: test SessionNotOnOrAfter before converting it (#77)

modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthSAML.pm

@@ -1024,8 +1024,16 @@ sub setAuthSessionInfo {
     $self->{sessionInfo}->{_idpConfKey} = $idpConfKey;
 
     # Adapt _utime with SessionNotOnOrAfter
-    my $sessionNotOnOrAfter =
+    my $sessionNotOnOrAfter;
+    eval {
+        $sessionNotOnOrAfter =
       $assertion->AuthnStatement()->SessionNotOnOrAfter();
+    };
+
+    if ( $@ or !$sessionNotOnOrAfter ) {
+        $self->lmLog( "No SessionNotOnOrAfter value found", 'debug' );
+    }
+    else {
 
     my $samltime = $self->samldate2timestamp($sessionNotOnOrAfter);
     my $utime    = time();
@@ -1045,6 +1053,8 @@ sub setAuthSessionInfo {
         );
     }
 
+    }
+
     # Establish federation (required for attribute request in UserDBSAML)
     unless ( $self->acceptSSO($login) ) {
         $self->lmLog( "Error while accepting SSO from IDP $idpConfKey",

modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_SAML.pm

@@ -1958,7 +1958,7 @@ sub timestamp2samldate {
 
 ## @method string samldate2timestamp(string samldate)
 # Convert SAML2 date format into timestamp
-# @param tsamldate SAML2 date format
+# @param samldate SAML2 date format
 # @return UNIX timestamp
 sub samldate2timestamp {
     my ( $self, $samldate ) = splice @_;