Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement and Test Audience and Lifetime validations in SamlSecurityTokenHandler with New Validation Model #2925

Merged
merged 9 commits into from
Oct 22, 2024
Merged

Implement and Test Audience and Lifetime validations in SamlSecurityTokenHandler with New Validation Model #2925

merged 9 commits into from
Oct 22, 2024

Conversation

FuPingFranco
Copy link
Contributor

Implement and Test Audience and Lifetime validations in SamlSecurityTokenHandler with New Validation Model

Description

Similar to #2863 but in SamlTokenHandler.

  • Implement validateConditions method in for new SAML validation methods
  • Implement new ValidateTokenAsync method for SAML validation
  • Test Audience validation against old path.
  • Test Lifetime validation against old path.

Fixes #2885

@FuPingFranco FuPingFranco requested a review from a team as a code owner October 18, 2024 02:11
iNinja
iNinja reviewed Oct 18, 2024
View reviewed changes
Copy link
Contributor

@iNinja iNinja left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor comments should be easy to address.

Could you please double check the stack frame caching in SAML2 in case this was brought from there?

src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateToken.Internal.cs Outdated Show resolved Hide resolved
src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateToken.Internal.cs Outdated Show resolved Hide resolved
iNinja
iNinja approved these changes Oct 21, 2024
View reviewed changes
Copy link
Contributor

@iNinja iNinja left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@FuPingFranco FuPingFranco merged commit 69b15a7 into dev Oct 22, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jennyf19 jennyf19 jennyf19 approved these changes

@iNinja iNinja iNinja approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement and Test LifeTime in Saml Token Handlers Using New Token Validation Model
3 participants
@FuPingFranco @iNinja @jennyf19