aboutsummaryrefslogtreecommitdiff
path: root/id/server/stork2-saml-engine
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2015-07-22 12:17:01 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2015-07-22 12:17:01 +0200
commitd480e4c2f897f7fdfdb73b193b3e21417baf4ead (patch)
tree52afd888a9166d401929caa3bb278f81fd596630 /id/server/stork2-saml-engine
parent0d433cb0e010a32cb9a961d119c4cbc2937d33f1 (diff)
downloadmoa-id-spss-d480e4c2f897f7fdfdb73b193b3e21417baf4ead.tar.gz
moa-id-spss-d480e4c2f897f7fdfdb73b193b3e21417baf4ead.tar.bz2
moa-id-spss-d480e4c2f897f7fdfdb73b193b3e21417baf4ead.zip
fix problem with STORK respone IssueInstant and time synchronization jitter
Diffstat (limited to 'id/server/stork2-saml-engine')
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java2
-rw-r--r--id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java2
2 files changed, 2 insertions, 2 deletions
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java
index c602ad38a..4fce4df3f 100644
--- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java
@@ -62,7 +62,7 @@ public class CustomAttributeQueryValidator implements Validator<CustomAttributeQ
* @throws ValidationException the validation exception
*/
protected void validateTime(CustomAttributeQuery query) throws ValidationException {
- if (query.getIssueInstant().isAfterNow())
+ if (query.getIssueInstant().minusMinutes(5).isAfterNow())
throw new ValidationException("Issue time is in the futue");
}
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java
index 72639c8ee..7e1242a88 100644
--- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java
+++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java
@@ -63,7 +63,7 @@ public class MultipleAssertionResponseValidator implements Validator<Response> {
* @throws ValidationException the validation exception
*/
protected void validateTime(Response response) throws ValidationException {
- if (response.getIssueInstant().isAfterNow())
+ if (response.getIssueInstant().minusMinutes(5).isAfterNow())
throw new ValidationException("Issue time is in the futue");
}