SAML: test SessionNotOnOrAfter before converting it (#77)
This commit is contained in:
parent
9d3fd0ebd0
commit
b678ab454f
@ -1024,8 +1024,16 @@ sub setAuthSessionInfo {
|
||||
$self->{sessionInfo}->{_idpConfKey} = $idpConfKey;
|
||||
|
||||
# Adapt _utime with SessionNotOnOrAfter
|
||||
my $sessionNotOnOrAfter =
|
||||
my $sessionNotOnOrAfter;
|
||||
eval {
|
||||
$sessionNotOnOrAfter =
|
||||
$assertion->AuthnStatement()->SessionNotOnOrAfter();
|
||||
};
|
||||
|
||||
if ( $@ or !$sessionNotOnOrAfter ) {
|
||||
$self->lmLog( "No SessionNotOnOrAfter value found", 'debug' );
|
||||
}
|
||||
else {
|
||||
|
||||
my $samltime = $self->samldate2timestamp($sessionNotOnOrAfter);
|
||||
my $utime = time();
|
||||
@ -1045,6 +1053,8 @@ sub setAuthSessionInfo {
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
# Establish federation (required for attribute request in UserDBSAML)
|
||||
unless ( $self->acceptSSO($login) ) {
|
||||
$self->lmLog( "Error while accepting SSO from IDP $idpConfKey",
|
||||
|
@ -1958,7 +1958,7 @@ sub timestamp2samldate {
|
||||
|
||||
## @method string samldate2timestamp(string samldate)
|
||||
# Convert SAML2 date format into timestamp
|
||||
# @param tsamldate SAML2 date format
|
||||
# @param samldate SAML2 date format
|
||||
# @return UNIX timestamp
|
||||
sub samldate2timestamp {
|
||||
my ( $self, $samldate ) = splice @_;
|
||||
|
Loading…
Reference in New Issue
Block a user