Add support for OneTimeUse assertions

### Describe the problem you'd like to have solved

Add support for the `OneTimeUse` SAML condition, as an option to signal to service-providers to only accept a specific assertion once (keyed by the `ID` in the assertion).

### Describe the ideal solution

Add a true/false flag in config for `onlyOneTimeUse`, to selectively add the condition to the assertion

## Alternatives and current work-arounds
Setting a small `lifetimeInSeconds` helps mitigate the same sort of issues that OneTimeUse does. See some examples in the [OWASP SAML Security cheatsheet](https://cheatsheetseries.owasp.org/cheatsheets/SAML_Security_Cheat_Sheet.html#validate-security-countermeasures)

PS - Should consider the importance of fixing #73 , since we use the crypto functions referenced there to create the `ID` value that is used to enforce the one-time-use condition

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add support for OneTimeUse assertions #104

Describe the problem you'd like to have solved

Describe the ideal solution

Alternatives and current work-arounds

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add support for OneTimeUse assertions #104

Description

Describe the problem you'd like to have solved

Describe the ideal solution

Alternatives and current work-arounds

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions