[IdP] IssueInstant date format causing failed authentication request
Question
Forge component by Rui Barbosa

Hi,

We are facing an issue with our IdP service provider using IdP forge component. While investigating today, they told us the the authentication request is coming with a wrong  IssueInstant date format ( IssueInstant="2021-09-30T07:44:56.7563262Z"), the length of the digits after seconds is too many digits, it has to be 2-3 digits only. Any idea from where we can control date format of IssueInstant.

=======

<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"                     xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"                     ID="id_t1_4baf695833df4d19820b79a103b04e6c"                     Version="2.0"                     IssueInstant="2021-09-30T07:44:56.7563262Z"                     Destination="https://www.xxx.xx/samlsso"                     AssertionConsumerServiceURL="https://outsysaxxx.xxx.xx.xx/IdP/SSO.aspx"                     >    <saml2:Issuer>https://outsysapxxx.xxx.xx.xx</saml2:Issuer> </saml2p:AuthnRequest>

=====

Regards,

Shah

Solution

HI,

We were able to solve this by editing the saml_utils.cs file:

Saml2PostBinding p = new Saml2PostBinding();

 XmlDocument xmlDoc = p.Bind(req).XmlDocument;

 // Added to match time format

xmlDoc.DocumentElement.SetAttribute("IssueInstant", req.IssueInstant.ToString("yyyy-MM-  ddTHH:mm:ss.ffZ"));

ssXmlSaml = xmlDoc.OuterXml;

ssValidation.ssSTSAMLValidation.ssSuccess = true;


Regards,

Shah

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.