Although this topic was already touched in #446 this issue still seems to be present, e.g.
$ curl -s -X GET -H "Authorization: Bearer $BEARER_TOKEN" -H "Content-Type: application/json" https://atlas-auth.web.cern.ch/iam/aup/ | jq .signatureValidityInDays
3650
$ curl -s -X GET -H "Authorization: Bearer $BEARER_TOKEN" -H "Content-Type: application/json" https://atlas-auth.web.cern.ch/iam/aup/signature/b41bd224-951e-47b9-8f86-c234e491d8b4 | jq .signatureTime
"2010-01-01T00:00:00.000Z"
$ voms-proxy-init -voms atlas
Enter GRID pass phrase for this identity:
Contacting voms-atlas-auth.app.cern.ch:443 [/DC=ch/DC=cern/OU=computers/CN=atlas-auth.web.cern.ch] "atlas"...
Remote VOMS server contacted succesfully.
Created proxy in /tmp/x509up_u8021.
Your proxy is valid until Tue Jan 16 13:29:13 CET 2024
AUP expiration is currently set to 10 years for our IAM instance, I used IAM API to set AUP expiration to the January 1st 2010, but I'm still able to get VOMS proxy with expired AUP.
Although this topic was already touched in #446 this issue still seems to be present, e.g.
AUP expiration is currently set to 10 years for our IAM instance, I used IAM API to set AUP expiration to the January 1st 2010, but I'm still able to get VOMS proxy with expired AUP.