DateTimeOffset Out Of Range protection

Author: Revsgaard

src/ITfoxtec.Identity.Saml2/Extensions/DateTimeExtensions.cs

@@ -0,0 +1,24 @@
+using System;
+
+namespace ITfoxtec.Identity.Saml2
+{
+    public static class DateTimeExtensions
+    {
+        public static DateTimeOffset ToDateTimeOffsetOutOfRangeProtected(this DateTime dateTime)
+        {
+            var utcDateTime = dateTime.ToUniversalTime();
+            if(utcDateTime <= DateTimeOffset.MinValue.UtcDateTime)
+            {
+                return DateTimeOffset.MinValue;
+            }
+            else if (utcDateTime >= DateTimeOffset.MaxValue.UtcDateTime)
+            {
+                return DateTimeOffset.MaxValue;
+            }
+            else
+            {
+                return new DateTimeOffset(dateTime);
+            }
+        }
+    }
+}

src/ITfoxtec.Identity.Saml2/Request/Saml2AuthnResponse.cs

@@ -43,12 +43,12 @@ public class Saml2AuthnResponse : Saml2Response
         /// <summary>
         /// Gets the first instant in time at which this security token is valid.
         /// </summary>
-        public DateTimeOffset SecurityTokenValidFrom { get { return Saml2SecurityToken.ValidFrom > DateTime.MinValue ? Saml2SecurityToken.ValidFrom : DateTime.UtcNow; } }
+        public DateTimeOffset SecurityTokenValidFrom { get { return Saml2SecurityToken.ValidFrom.ToDateTimeOffsetOutOfRangeProtected(); } }
 
         /// <summary>
         /// Gets the last instant in time at which this security token is valid.
         /// </summary>
-        public DateTimeOffset SecurityTokenValidTo { get { return Saml2SecurityToken.ValidTo; } }
+        public DateTimeOffset SecurityTokenValidTo { get { return Saml2SecurityToken.ValidTo.ToDateTimeOffsetOutOfRangeProtected(); } }
 
         /// <summary>
         /// Saml2 Security Token Handler.