diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/AuthenticationInformation.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/AuthenticationInformation.cs index 92f3c2249b..79ef8f732f 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/AuthenticationInformation.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/AuthenticationInformation.cs @@ -61,7 +61,7 @@ public Uri AuthenticationMethod } /// - /// Gets or sets the AuthenticationInstant + /// Gets or sets the AuthenticationInstant. This value should be in UTC. /// public DateTime AuthenticationInstant { get; set; } @@ -76,7 +76,7 @@ public Uri AuthenticationMethod public string DnsName { get; set; } /// - /// Gets or sets the time that the session referred to in the session index MUST be considered ended. + /// Gets or sets the time that the session referred to in the session index MUST be considered ended. This value should be in UTC. /// public DateTime? NotOnOrAfter { get; set; } diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlAuthenticationStatement.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlAuthenticationStatement.cs index bd98b85506..9819d3c286 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlAuthenticationStatement.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlAuthenticationStatement.cs @@ -74,7 +74,7 @@ public SamlAuthenticationStatement( } /// - /// Gets or sets the instant of authentication. + /// Gets or sets the instant of authentication. This value should be in UTC. /// public DateTime AuthenticationInstant { diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlConditions.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlConditions.cs index 0390a497e3..46fbb36267 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlConditions.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlConditions.cs @@ -72,12 +72,12 @@ IEnumerable conditions public ICollection Conditions { get; } /// - /// Gets or sets the earliest time instant at which the assertion is valid. + /// Gets or sets the earliest time instant at which the assertion is valid. This value should be in UTC. /// public DateTime NotBefore { get; set; } = DateTimeUtil.GetMinValue(DateTimeKind.Utc); /// - /// Gets or sets the time instant at which the assertion has expired. + /// Gets or sets the time instant at which the assertion has expired. This value should be in UTC. /// public DateTime NotOnOrAfter { get; set; } = DateTimeUtil.GetMaxValue(DateTimeKind.Utc); } diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityToken.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityToken.cs index eaa816a3ea..a0b23765b3 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityToken.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityToken.cs @@ -96,7 +96,7 @@ public override SecurityKey SigningKey } /// - /// Gets the time the token is valid from. + /// Gets the time the token is valid from. This value is always in UTC. /// public override DateTime ValidFrom { @@ -112,7 +112,7 @@ public override DateTime ValidFrom } /// - /// Gets the time the token is valid to. + /// Gets the time the token is valid to. This value is always in UTC. /// public override DateTime ValidTo { diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/AuthenticationInformation.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/AuthenticationInformation.cs index e96b62b91b..30e21536b5 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/AuthenticationInformation.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/AuthenticationInformation.cs @@ -59,7 +59,7 @@ public Uri AuthenticationMethod } /// - /// Gets or sets the AuthenticationInstant + /// Gets or sets the AuthenticationInstant. This value should be in UTC. /// public DateTime AuthenticationInstant { get; set; } @@ -69,7 +69,7 @@ public Uri AuthenticationMethod public string DnsName { get; set; } /// - /// Gets or sets the time that the session referred to in the session index MUST be considered ended. + /// Gets or sets the time that the session referred to in the session index MUST be considered ended. This value should be in UTC. /// public DateTime? NotOnOrAfter { get; set; } diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2AuthenticationStatement.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2AuthenticationStatement.cs index b86f485c17..95bb88e68f 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2AuthenticationStatement.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2AuthenticationStatement.cs @@ -73,7 +73,8 @@ public Saml2AuthenticationContext AuthenticationContext } /// - /// Gets or sets the time at which the authentication took place. [Saml2Core, 2.7.2] + /// Gets or sets the time at which the authentication took place. If the provided DateTime is not in UTC, it will + /// be converted to UTC. [Saml2Core, 2.7.2] /// /// if 'value' is null. public DateTime AuthenticationInstant @@ -95,7 +96,8 @@ public string SessionIndex /// /// Gets or sets the time instant at which the session between the principal /// identified by the subject and the SAML authority issuing this statement - /// must be considered ended. [Saml2Core, 2.7.2] + /// must be considered ended. If the provided DateTime is not in UTC, it will + /// be converted to UTC. [Saml2Core, 2.7.2] /// public DateTime? SessionNotOnOrAfter { diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2Conditions.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2Conditions.cs index aaeed54b26..9f9ba6f416 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2Conditions.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2Conditions.cs @@ -70,7 +70,8 @@ public ICollection AudienceRestrictions } /// - /// Gets or sets the earliest time instant at which the assertion is valid. + /// Gets or sets the earliest time instant at which the assertion is valid. If the provided DateTime is not in UTC, it will + /// be converted to UTC. /// [Saml2Core, 2.5.1] /// /// if 'value' is greater or equal to . @@ -93,7 +94,8 @@ public DateTime? NotBefore } /// - /// Gets or sets the time instant at which the assertion has expired. + /// Gets or sets the time instant at which the assertion has expired. If the provided DateTime is not in UTC, it will + /// be converted to UTC. /// [Saml2Core, 2.5.1] /// /// if 'value' is less than or equal to . diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityToken.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityToken.cs index 9f3640ec9a..813e559b61 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityToken.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityToken.cs @@ -87,7 +87,7 @@ public override SecurityKey SigningKey } /// - /// Gets the time the token is valid from. + /// Gets the time the token is valid from. This value is always in UTC. /// public override DateTime ValidFrom { @@ -101,7 +101,7 @@ public override DateTime ValidFrom } /// - /// Gets the time the token is valid to. + /// Gets the time the token is valid to. This value is always in UTC. /// public override DateTime ValidTo { diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SubjectConfirmationData.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SubjectConfirmationData.cs index 0f0192f6db..bfb97d5897 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SubjectConfirmationData.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SubjectConfirmationData.cs @@ -77,7 +77,8 @@ public ICollection KeyInfos } /// - /// Gets or sets a time instant before which the subject cannot be confirmed. [Saml2Core, 2.4.1.2] + /// Gets or sets a time instant before which the subject cannot be confirmed. If the provided DateTime is not in UTC, it will + /// be converted to UTC.[Saml2Core, 2.4.1.2] /// public DateTime? NotBefore { @@ -86,7 +87,8 @@ public DateTime? NotBefore } /// - /// Gets or sets a time instant at which the subject can no longer be confirmed. [Saml2Core, 2.4.1.2] + /// Gets or sets a time instant at which the subject can no longer be confirmed. If the provided DateTime is not in UTC, it will + /// be converted to UTC. [Saml2Core, 2.4.1.2] /// public DateTime? NotOnOrAfter { diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenExpiredException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenExpiredException.cs index 882b385980..e415a04b62 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenExpiredException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenExpiredException.cs @@ -38,7 +38,7 @@ namespace Microsoft.IdentityModel.Tokens public class SecurityTokenExpiredException : SecurityTokenValidationException { /// - /// Gets or sets the Expires value that created the validation exception. + /// Gets or sets the Expires value that created the validation exception. This value is always in UTC. /// public DateTime Expires { get; set; } diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidLifetimeException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidLifetimeException.cs index 8e39294547..ac012110c8 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidLifetimeException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenInvalidLifetimeException.cs @@ -38,12 +38,12 @@ namespace Microsoft.IdentityModel.Tokens public class SecurityTokenInvalidLifetimeException : SecurityTokenValidationException { /// - /// Gets or sets the NotBefore value that created the validation exception. + /// Gets or sets the NotBefore value that created the validation exception. This value is always in UTC. /// public DateTime? NotBefore { get; set; } /// - /// Gets or sets the Expires value that created the validation exception. + /// Gets or sets the Expires value that created the validation exception. This value is always in UTC. /// public DateTime? Expires { get; set; } diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenNotYetValidException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenNotYetValidException.cs index 4ed5c79b0b..809b1a8ed8 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenNotYetValidException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenNotYetValidException.cs @@ -39,7 +39,7 @@ namespace Microsoft.IdentityModel.Tokens public class SecurityTokenNotYetValidException : SecurityTokenValidationException { /// - /// Gets or sets the NotBefore value that created the validation exception. + /// Gets or sets the NotBefore value that created the validation exception. This value is always in UTC. /// public DateTime NotBefore { get; set; } diff --git a/src/Microsoft.IdentityModel.Tokens/SecurityTokenDescriptor.cs b/src/Microsoft.IdentityModel.Tokens/SecurityTokenDescriptor.cs index 48e47a1253..b7af318d07 100644 --- a/src/Microsoft.IdentityModel.Tokens/SecurityTokenDescriptor.cs +++ b/src/Microsoft.IdentityModel.Tokens/SecurityTokenDescriptor.cs @@ -52,7 +52,7 @@ public class SecurityTokenDescriptor public EncryptingCredentials EncryptingCredentials { get; set; } /// - /// Gets or sets the value of the 'expiration' claim. + /// Gets or sets the value of the 'expiration' claim. This value should be in UTC. /// public DateTime? Expires { get; set; } @@ -62,12 +62,12 @@ public class SecurityTokenDescriptor public string Issuer { get; set; } /// - /// Gets or sets the time the security token was issued. + /// Gets or sets the time the security token was issued. This value should be in UTC. /// public DateTime? IssuedAt { get; set; } /// - /// Gets or sets the notbefore time for the security token. + /// Gets or sets the notbefore time for the security token. This value should be in UTC. /// public DateTime? NotBefore { get; set; }