add clock screw to assertion time validation

2 files changed, 7 insertions, 3 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java
index 4ba93f8fe..2247ad227 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java
@@ -174,10 +174,14 @@ public class SAMLVerificationEngine {
 				for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) {
 					
 					Conditions conditions = saml2assertion.getConditions();
-					DateTime notbefore = conditions.getNotBefore();
+					DateTime notbefore = conditions.getNotBefore().minusMinutes(5);
 					DateTime notafter = conditions.getNotOnOrAfter();
 					if ( notbefore.isAfterNow() || notafter.isBeforeNow() ) {
-						Logger.warn("PVP2 Assertion is out of Date");
+						Logger.warn("PVP2 Assertion is out of Date. "
+								+ "{ Current : " + new DateTime() 
+								+ " NotBefore: " + notbefore 
+								+ " NotAfter : " + notafter
+								+ " }");
 											
 					} else {
 						validatedassertions.add(saml2assertion);
diff --git a/pom.xml b/pom.xml
index 3407bfcd9..280c1c012 100644
--- a/pom.xml
+++ b/pom.xml
@@ -12,7 +12,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

         

         <moa-commons-version>2.0.1</moa-commons-version>

-				<moa-id-version>2.1.2</moa-id-version>

+				<moa-id-version>2.1.2.1</moa-id-version>

 				<moa-id-proxy-version>2.0.0</moa-id-proxy-version>

         <moa-spss-version>2.0.3</moa-spss-version>

 				<configtool-version>1.1.4</configtool-version>