Migrate saml:AuthnContext

tvdijen · tvdijen · commit d110052a9cfb · 2024-05-01T20:54:17.000+02:00
diff --git a/modules/saml/src/Controller/ServiceProvider.php b/modules/saml/src/Controller/ServiceProvider.php
@@ -409,7 +409,10 @@ public function assertionConsumerService(Request $request, string $sourceId): Re
         }
 
         $state['LogoutState'] = $logoutState;
-        $state['saml:AuthenticatingAuthority'] = $authenticatingAuthority;
+        $state['saml:AuthenticatingAuthority'] = array_map(
+            fn($authority): string => $authority->getContent(),
+            $authenticatingAuthority,
+        );
         $state['saml:AuthenticatingAuthority'][] = $issuer;
         $state['PersistentAuthData'][] = 'saml:AuthenticatingAuthority';
         $state['saml:AuthnInstant'] = $assertion->getAuthnInstant();
diff --git a/modules/saml/src/IdP/SAML2.php b/modules/saml/src/IdP/SAML2.php
@@ -1233,7 +1233,10 @@ private static function buildAssertion(
             )
         );
 
-        $sessionStart = time();
+        $systemClock = LocalizedClock::in(new DateTimeZone('Z'));
+        $now = $systemClock->now();
+
+        $sessionStart = $now;
         if (isset($state['AuthnInstant'])) {
             $a->setAuthnInstant($state['AuthnInstant']);
             $sessionStart = $state['AuthnInstant'];
@@ -1245,9 +1248,6 @@ private static function buildAssertion(
         $randomUtils = new Utils\Random();
         $a->setSessionIndex($randomUtils->generateID());
 
-        $systemClock = LocalizedClock::in(new DateTimeZone('Z'));
-        $now = $systemClock->now();
-
         // ProtcolBinding of SP's <AuthnRequest> overwrites IdP hosted metadata configuration
         $hokAssertion = null;
         if ($state['saml:Binding'] === C::BINDING_HOK_SSO) {
