phavekes
commented
2 days ago Note that this is not strictly a problem with tiqr itself but with GSSPs in general. The problem is present in the response from the gssp proxy to the gateway, not in the response from the tiqr IDP to the proxy.
Verified that the problem is fixed though. (Joost van Dijk - Jul 2, 2018)
This issue is imported from pivotal - Originaly created at Jun 14, 2018 by Joris Steyn
See #157880479. The NotOnOrAfter in the SubjectionConfirmation element is 8 eights after authorization, instead of 5 minutes after authorization on the assertion itself.
https://github.com/OpenConext/Stepup-gssp-bundle/pull/23 https://github.com/OpenConext/Stepup-tiqr/pull/50