Skip to content
This repository has been archived by the owner on Dec 22, 2023. It is now read-only.

Commit

Permalink
BAU: Fix timezone issue
Browse files Browse the repository at this point in the history 
Verify frontend is comparing notOnOrAfter field (assertion_expiry)
against the current system clock. The clock can be in different timezone
e.g. British Summer Time (GMT+0100). According to SAML specification,
notOnOrAfter specifies the time instant at which the assertion has
expired. The time value is encoded in UTC. This commit updates verify
frontend to compare notOnOrAfter field against the system clock in UTC.
This will prevent users from getting session timeout errors.

Author: @adityapahuja
  • Loading branch information
@adityapahuja
adityapahuja committed Apr 15, 2019
1 parent c65449f commit c0087e7
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion app/controllers/further_information_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,6 @@ def submit_null_attribute
private

def expired?
!session[:assertion_expiry].nil? && Time.parse(session[:assertion_expiry]) <= Time.now
!session[:assertion_expiry].nil? && Time.parse(session[:assertion_expiry]) <= Time.now.utc
end
end

0 comments on commit c0087e7

Please sign in to comment.