providers/saml: fix SessionNotOnOrAfter not being included

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-11-16 12:25:42 +01:00
parent f4db09cd59
commit b0fac9c9f1
2 changed files with 299 additions and 2 deletions

View file

@ -45,6 +45,7 @@ class AssertionProcessor:
_assertion_id: str
_valid_not_before: str
_session_not_on_or_after: str
_valid_not_on_or_after: str
def __init__(self, provider: SAMLProvider, request: HttpRequest, auth_n_request: AuthNRequest):
@ -58,6 +59,9 @@ class AssertionProcessor:
self._valid_not_before = get_time_string(
timedelta_from_string(self.provider.assertion_valid_not_before)
)
self._session_not_on_or_after = get_time_string(
timedelta_from_string(self.provider.session_valid_not_on_or_after)
)
self._valid_not_on_or_after = get_time_string(
timedelta_from_string(self.provider.assertion_valid_not_on_or_after)
)
@ -117,6 +121,7 @@ class AssertionProcessor:
auth_n_statement = Element(f"{{{NS_SAML_ASSERTION}}}AuthnStatement")
auth_n_statement.attrib["AuthnInstant"] = self._valid_not_before
auth_n_statement.attrib["SessionIndex"] = self._assertion_id
auth_n_statement.attrib["SessionNotOnOrAfter"] = self._session_not_on_or_after
auth_n_context = SubElement(auth_n_statement, f"{{{NS_SAML_ASSERTION}}}AuthnContext")
auth_n_context_class_ref = SubElement(

File diff suppressed because it is too large Load diff