use of org.keycloak.dom.saml.v1.assertion.SAML11AssertionType in project keycloak by keycloak.
the class AssertionUtil method hasExpired.
/**
* Check whether the assertion has expired
*
* @param assertion
*
* @return
*
* @throws ConfigurationException
*/
public static boolean hasExpired(SAML11AssertionType assertion) throws ConfigurationException {
boolean expiry = false;
// Check for validity of assertion
SAML11ConditionsType conditionsType = assertion.getConditions();
if (conditionsType != null) {
XMLGregorianCalendar now = XMLTimeUtil.getIssueInstant();
XMLGregorianCalendar notBefore = conditionsType.getNotBefore();
XMLGregorianCalendar notOnOrAfter = conditionsType.getNotOnOrAfter();
logger.trace("Now=" + now.toXMLFormat() + " ::notBefore=" + notBefore.toXMLFormat() + " ::notOnOrAfter=" + notOnOrAfter);
expiry = !XMLTimeUtil.isValid(now, notBefore, notOnOrAfter);
if (expiry) {
logger.samlAssertionExpired(assertion.getID());
}
}
// TODO: if conditions do not exist, assume the assertion to be everlasting?
return expiry;
}
Aggregations