public function validate(SAML2_Assertion $assertion, SAML2_Assertion_Validation_Result $result) { $notValidOnOrAfterTimestamp = $assertion->getNotOnOrAfter(); if ($notValidOnOrAfterTimestamp && $notValidOnOrAfterTimestamp <= SAML2_Utilities_Temporal::getTime() - 60) { $result->addError('Received an assertion that has expired. Check clock synchronization on IdP and SP.'); } }
public function validate($token) { $data = $this->parseToken($token); // validate digest and thumbprint $assertion = new SAML2_Assertion($data['Assertion']); $certificates = $assertion->getCertificates(); $this->validateCertificateThumbprint($certificates[0]); // validate issuer if ($this->validateIssuer) { $this->validateIssuer($assertion->getIssuer()); } // validate audiences if ($this->validateAudiences) { $this->validateAudiences($assertion->getValidAudiences(), $assertion->getNotBefore(), $assertion->getNotOnOrAfter()); } return $this->getClaims($data); }