Include timezone in metadata validUntil value and use UTC time

[cascardo/ipsilon.git] / ipsilon / tools / saml2metadata.py

diff --git a/ipsilon/tools/saml2metadata.py b/ipsilon/tools/saml2metadata.py
index 99857bf..d360ccd 100755 (executable)
--- a/ipsilon/tools/saml2metadata.py
+++ b/ipsilon/tools/saml2metadata.py
@@ -29,6 +29,8 @@ SAML2_SERVICE_MAP = {
                  lasso.SAML2_METADATA_BINDING_SOAP),
     'logout-redirect': ('SingleLogoutService',
                         lasso.SAML2_METADATA_BINDING_REDIRECT),
+    'slo-soap': ('SingleLogoutService',
+                 lasso.SAML2_METADATA_BINDING_SOAP),
     'response-post': ('AssertionConsumerService',
                       lasso.SAML2_METADATA_BINDING_POST)
 }
@@ -95,11 +97,11 @@ class Metadata(object):
         elif isinstance(exp, datetime.datetime):
             d = exp
         elif isinstance(exp, datetime.timedelta):
-            d = datetime.datetime.now() + exp
+            d = datetime.datetime.utcnow() + exp
         else:
             raise TypeError('Invalid expiration date type')
 
-        self.root.set('validUntil', d.isoformat())
+        self.root.set('validUntil', d.isoformat() + 'Z')
 
     def add_cert(self, certdata, use):
         desc = mdElement(self.role, 'KeyDescriptor')