Closed handnot2 closed 6 years ago
The auth response for SP initiated requests include the request ID (InResponseTo). Make this available in the esaml records. Expose the request ID in the assertion subject InResponseTo attribute. Make this available in the assertion subject record.
InResponseTo
esaml
-record(esaml_subject, { .... notonorafter = "" :: esaml:datetime(), in_response_to = "" :: string()}).
This combined with notonorafter can be used during validations. This new field will be an empty string in case of IDP initiated flows.
notonorafter
The auth response for SP initiated requests include the request ID (
InResponseTo). Make this available in theesamlrecords. Expose the request ID in the assertion subjectInResponseToattribute. Make this available in the assertion subject record.This combined with
notonoraftercan be used during validations. This new field will be an empty string in case of IDP initiated flows.