Open
Conversation
This makes two changes to the timestamp format used in assertions. First, it removes the millisecond component, per issue mx-moth#23, and secondly, it removes the timezone component, which is explicitly disallowed by the SAML spec (section 1.3.3)
Author
|
It seems like the checks are failing on an unrelated dependency issue, but please let me know if this is something in my code |
Following discussion here: simplesamlphp/xml-common#8
Author
|
I was recently informed that the |
eieste
added a commit
to eieste/flask-saml2
that referenced
this pull request
Feb 13, 2022
Correct timestamp format mx-moth#31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This makes two changes to the timestamp format used in assertions.
I originally started working on this pull request because I believed my IDP (SimpleSAMLphp) did not tolerate timezones in timestamps, but it turns out that SimpleSAMLphp is actually slightly spec non-compliant itself and requires timestamps to be formatted as having a literal Z at the end.
For now I'm going to use a fork of flask-saml2 to prop up my IDP, and PR the upstream, although this lends credence to @ianlintner-wf's suggestion of making datetimes customizable
Please let me know if you suggest any other changes.