public function validate(SAML2_Assertion $assertion, SAML2_Assertion_Validation_Result $result) { $notBeforeTimestamp = $assertion->getNotBefore(); if ($notBeforeTimestamp && $notBeforeTimestamp > SAML2_Utilities_Temporal::getTime() + 60) { $result->addError('Received an assertion that is valid in the future. Check clock synchronization on IdP and SP.'); } }
public function validate($token) { $data = $this->parseToken($token); // validate digest and thumbprint $assertion = new SAML2_Assertion($data['Assertion']); $certificates = $assertion->getCertificates(); $this->validateCertificateThumbprint($certificates[0]); // validate issuer if ($this->validateIssuer) { $this->validateIssuer($assertion->getIssuer()); } // validate audiences if ($this->validateAudiences) { $this->validateAudiences($assertion->getValidAudiences(), $assertion->getNotBefore(), $assertion->getNotOnOrAfter()); } return $this->getClaims($data); }