From d0398f249bef187a29572fcd6575ad1afb9def19 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cl=C3=A9ment=20Oudot?= <clement@oodo.net>
Date: Thu, 9 Jun 2011 15:24:15 +0000
Subject: [PATCH] Set basic conditions in SAML response (#324)

---
 .../lib/Lemonldap/NG/Portal/IssuerDBSAML.pm       | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
index aeb16ff18..575d0fbaf 100644
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
@@ -11,7 +11,7 @@ use Lemonldap::NG::Portal::Simple;
 use Lemonldap::NG::Portal::_SAML;
 our @ISA = qw(Lemonldap::NG::Portal::_SAML);
 
-our $VERSION = '1.0.0';
+our $VERSION = '1.1.0';
 
 ## @method void issuerDBInit()
 # Load and check SAML configuration
@@ -1512,6 +1512,19 @@ sub issuerForAuthUser {
             $response_assertions[0]
               ->set_subject_name_id( $login->nameIdentifier );
 
+            # Set basic conditions
+            my $oneTimeUse =
+              $self->{samlSPMetaDataOptions}->{$spConfKey}
+              ->{samlSPMetaDataOptionsOneTimeUse};
+
+            eval {
+                $response_assertions[0]
+                  ->set_basic_conditions( 60, 86400, $oneTimeUse );
+            };
+            if ($@) {
+                $self->lmLog( "Basic conditions not set: $@", 'debug' );
+            }
+
             # Create attribute statement
             if ( scalar @attributes ) {