From 16422cfd77e080ba1c1f2cb8559620d0c200e0b9 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 16 Jul 2015 14:04:56 -0400
Subject: [PATCH] Include timezone in metadata validUntil value and use UTC
 time

The python datetime module doesn't append the timezone in its
isoformat() output, so add a Z indicating that the time is
UTC time. Also generate the output using utcnow() rather than
now() so the times line up.

https://fedorahosted.org/ipsilon/ticket/137

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 ipsilon/tools/saml2metadata.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ipsilon/tools/saml2metadata.py b/ipsilon/tools/saml2metadata.py
index 98e7c67..d360ccd 100755
--- a/ipsilon/tools/saml2metadata.py
+++ b/ipsilon/tools/saml2metadata.py
@@ -97,11 +97,11 @@ class Metadata(object):
         elif isinstance(exp, datetime.datetime):
             d = exp
         elif isinstance(exp, datetime.timedelta):
-            d = datetime.datetime.now() + exp
+            d = datetime.datetime.utcnow() + exp
         else:
             raise TypeError('Invalid expiration date type')
 
-        self.root.set('validUntil', d.isoformat())
+        self.root.set('validUntil', d.isoformat() + 'Z')
 
     def add_cert(self, certdata, use):
         desc = mdElement(self.role, 'KeyDescriptor')
-- 
2.20.1