Closed handnot2 closed 6 years ago
The auth response for SP initiated requests include the request ID (InResponseTo). Make this available in the esaml records. Expose the request ID in the assertion subject InResponseTo attribute. Make this available in the assertion subject record.
InResponseTo
esaml
-record(esaml_subject, { .... notonorafter = "" :: esaml:datetime(), in_response_to = "" :: string()}).
This combined with notonorafter can be used during validations. This new field will be an empty string in case of IDP initiated flows.
notonorafter
The auth response for SP initiated requests include the request ID (
InResponseTo
). Make this available in theesaml
records. Expose the request ID in the assertion subjectInResponseTo
attribute. Make this available in the assertion subject record.This combined with
notonorafter
can be used during validations. This new field will be an empty string in case of IDP initiated flows.