This is mainly for unit/integration test purposes, but whenever we see an "interesting" SAML Response, we add it to our test suite to make sure we don't regress in supporting it.
However, because things like Conditions.IsWithinTimePeriod refer to DateTime.UtcNow, I'll need to deal with the fact that conditions are no longer valid. Right now, I handle this by passing in a large clockSkew argument.
I do wonder if you could consider an IClock Interface, with a default implementation of IClock.UtcNow => DateTIme.UtcNow but one that I could override with DI?
Our Test Suite can pass in the proper UtcNow that fits the SAML Response under test. There are other cases, e.g., Certificate Expiration, I'm not sure how feasible it is to properly cover those.
|