Metadata validUntil/cacheDuration: Add documentation, test and minor fix.

Author: pitbulk

README.md

@@ -317,6 +317,12 @@ In addition to the required settings data (idp, sp), there is extra information
         // Set true or don't present thi parameter and you will get an AuthContext 'exact' 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'
         // Set an array with the possible auth context values: array ('urn:oasis:names:tc:SAML:2.0:ac:classes:Password', 'urn:oasis:names:tc:SAML:2.0:ac:classes:X509'),
         'requestedAuthnContext': true,
+
+        // In some environment you will need to set how long the published metadata of the Service Provider gonna be valid.
+        // is possible to not set the 2 following parameters (or set to null) and default values will be set (2 days, 1 week)
+        // Or provide the desire TimeStamp, for example PT518400S (6 days)
+        'metadataValidUntil': null,
+        'metadataCacheDuration': null,
     },
 
     // Contact information template, it is recommended to suply a

src/onelogin/saml2/metadata.py

@@ -57,7 +57,7 @@ def builder(sp, authnsign=False, wsign=False, valid_until=None, cache_duration=N
             valid_until = int(datetime.now().strftime("%s")) + OneLogin_Saml2_Metadata.TIME_VALID
         if not isinstance(valid_until, basestring):
             if isinstance(valid_until, datetime):
-                valid_until_time = valid_until
+                valid_until_time = valid_until.timetuple()
             else:
                 valid_until_time = gmtime(valid_until)
             valid_until_str = strftime(r'%Y-%m-%dT%H:%M:%SZ', valid_until_time)

tests/src/OneLogin/saml2_tests/metadata_test.py

@@ -3,8 +3,11 @@
 # Copyright (c) 2014, OneLogin, Inc.
 # All rights reserved.
 
+
 import json
 from os.path import dirname, join, exists
+from time import gmtime, strftime
+from datetime import datetime
 import unittest
 
 from onelogin.saml2.metadata import OneLogin_Saml2_Metadata
@@ -121,6 +124,21 @@ def testBuilder(self):
         self.assertNotIn('cacheDuration', metadata5)
         self.assertIn('validUntil="2014-10-01T11:04:29Z"', metadata5)
 
+        datetime_value = datetime.now()
+        metadata6 = OneLogin_Saml2_Metadata.builder(
+            sp_data, security['authnRequestsSigned'],
+            security['wantAssertionsSigned'],
+            datetime_value,
+            'P1Y',
+            contacts,
+            organization
+        )
+        self.assertIsNotNone(metadata5)
+        self.assertIn('<md:SPSSODescriptor', metadata6)
+        self.assertIn('cacheDuration="P1Y"', metadata6)
+        parsed_datetime = strftime(r'%Y-%m-%dT%H:%M:%SZ', datetime_value.timetuple())
+        self.assertIn('validUntil="%s"' % parsed_datetime, metadata6)
+
     def testSignMetadata(self):
         """
         Tests the signMetadata method of the OneLogin_Saml2_Metadata